ports/devel/cscope/files/patch-CVE-2004-2541
Marcus Alves Grando bab2e5b4ff - Add security fix patches
- Bump PORTREVISION

Security:	CVE-2004-2541
Obtained from:	Debian (partially)
2006-05-23 15:00:54 +00:00

262 lines
8.3 KiB
Text

--- src/build.c
+++ src/build.c
@@ -215,7 +215,7 @@
(void) strcpy(newdir, "$HOME");
}
else if (strncmp(currentdir, home, strlen(home)) == 0) {
- (void) sprintf(newdir, "$HOME%s", currentdir + strlen(home));
+ (void) snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
}
/* sort the source file names (needed for rebuilding) */
qsort(srcfiles, (unsigned) nsrcfiles, sizeof(char *), compare);
@@ -443,7 +443,7 @@
}
(void) fstat(fileno(postings), &statstruct);
(void) fclose(postings);
- (void) sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
+ (void) snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
if ((postings = mypopen(sortcommand, "r")) == NULL) {
(void) fprintf(stderr, "cscope: cannot open pipe to sort command\n");
cannotindex();
--- src/command.c
+++ src/command.c
@@ -718,7 +718,7 @@
/* make sure it can be changed */
if (access(newfile, WRITE) != 0) {
- (void) sprintf(msg, "Cannot write to file %s", newfile);
+ (void) snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile);
postmsg(msg);
anymarked = NO;
break;
--- src/dir.c
+++ src/dir.c
@@ -138,7 +138,7 @@
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- (void) sprintf(path, "%.*s/%s",
+ (void) snprintf(path, sizeof(path), "%.*s/%s",
PATHLEN - 2 - dir_len,
srcdirs[i], dir);
addsrcdir(path);
@@ -206,7 +206,7 @@
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- (void) sprintf(path, "%.*s/%s",
+ (void) snprintf(path, sizeof(path), "%.*s/%s",
PATHLEN - 2 - dir_len,
srcdirs[i], dir);
addincdir(dir, path);
@@ -474,8 +474,6 @@
DIR *dirfile;
int adir_len = strlen(adir);
- /* FIXME: no guards against adir_len > PATHLEN, yet */
-
if ((dirfile = opendir(adir)) != NULL) {
struct dirent *entry;
char path[PATHLEN + 1];
@@ -486,7 +484,7 @@
&& (strcmp("..",entry->d_name) != 0)) {
struct stat buf;
- sprintf(path,"%s/%.*s", adir,
+ snprintf(path, sizeof(path), "%s/%.*s", adir,
PATHLEN - 2 - adir_len,
entry->d_name);
@@ -603,14 +601,14 @@
for (i = 0; i < nincdirs; ++i) {
/* don't include the file from two directories */
- (void) sprintf(name, "%.*s/%s",
+ (void) snprintf(name, sizeof(name), "%.*s/%s",
PATHLEN - 2 - file_len, incnames[i],
file);
if (infilelist(name) == YES) {
break;
}
/* make sure it exists and is readable */
- (void) sprintf(path, "%.*s/%s",
+ (void) snprintf(path, sizeof(path), "%.*s/%s",
PATHLEN - 2 - file_len, incdirs[i],
file);
if (access(compath(path), READ) == 0) {
@@ -654,7 +652,7 @@
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- (void) sprintf(path, "%.*s/%s",
+ (void) snprintf(path, sizeof(path), "%.*s/%s",
PATHLEN - 2 - file_len, srcdirs[i],
file);
if (access(compath(path), READ) == 0) {
--- src/display.c
+++ src/display.c
@@ -473,24 +473,24 @@
/* see if it is empty */
if ((c = getc(refsfound)) == EOF) {
if (findresult != NULL) {
- (void) sprintf(lastmsg, "Egrep %s in this pattern: %s",
+ (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s",
findresult, pattern);
}
else if (rc == NOTSYMBOL) {
- (void) sprintf(lastmsg, "This is not a C symbol: %s",
+ (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s",
pattern);
}
else if (rc == REGCMPERROR) {
- (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s",
+ (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s",
pattern);
}
else if (funcexist == NO) {
- (void) sprintf(lastmsg, "Function definition does not exist: %s",
+ (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s",
pattern);
}
else {
- (void) sprintf(lastmsg, "Could not find the %s: %s",
+ (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s",
fields[field].text2, pattern);
}
return(NO);
@@ -555,17 +555,17 @@
move(MSGLINE, 0);
clrtoeol();
addstr(what);
- sprintf(msg, "%ld", current);
+ snprintf(msg, sizeof(msg), "%ld", current);
move(MSGLINE, (COLS / 2) - (strlen(msg) / 2));
addstr(msg);
- sprintf(msg, "%ld", max);
+ snprintf(msg, sizeof(msg), "%ld", max);
move(MSGLINE, COLS - strlen(msg));
addstr(msg);
refresh();
}
else if (verbosemode == YES)
{
- sprintf(msg, "> %s %ld of %ld", what, current, max);
+ snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max);
}
start = now;
@@ -603,7 +603,7 @@
s = sys_errlist[errno];
}
#endif
- (void) sprintf(msg, "%s: %s", text, s);
+ (void) snprintf(msg, sizeof(msg), "%s: %s", text, s);
postmsg(msg);
}
--- src/edit.c
+++ src/edit.c
@@ -105,9 +105,9 @@
char *s;
file = filepath(file);
- (void) sprintf(msg, "%s +%s %s", mybasename(editor), linenum, file);
+ (void) snprintf(msg, sizeof(msg), "%s +%s %s", mybasename(editor), linenum, file);
postmsg(msg);
- (void) sprintf(plusnum, lineflag, linenum);
+ (void) snprintf(plusnum, sizeof(plusnum), lineflag, linenum);
/* if this is the more or page commands */
if (strcmp(s = mybasename(editor), "more") == 0 || strcmp(s, "page") == 0) {
@@ -132,7 +132,7 @@
static char path[PATHLEN + 1];
if (prependpath != NULL && *file != '/') {
- (void) sprintf(path, "%s/%s", prependpath, file);
+ (void) snprintf(path, sizeof(path), "%s/%s", prependpath, file);
file = path;
}
return(file);
--- src/exec.c
+++ src/exec.c
@@ -124,7 +124,7 @@
/* execute the program or shell script */
(void) execvp(a, args); /* returns only on failure */
- (void) sprintf(msg, "\nCannot exec %s", a);
+ (void) snprintf(msg, sizeof(msg), "\nCannot exec %s", a);
perror(msg); /* display the reason */
askforreturn(); /* wait until the user sees the message */
myexit(1); /* exit the child */
--- src/find.c
+++ src/find.c
@@ -666,7 +666,7 @@
/* must be an exact match */
/* note: regcomp doesn't recognize ^*keypad$ as a syntax error
unless it is given as a single arg */
- (void) sprintf(buf, "^%s$", s);
+ (void) snprintf(buf, sizeof(buf), "^%s$", s);
if (regcomp (&regexp, buf, REG_EXTENDED | REG_NOSUB) != 0) {
return(REGCMPERROR);
}
--- src/main.c
+++ src/main.c
@@ -352,12 +374,12 @@
* used instead of failing to open a non-existant database in
* the home directory
*/
- (void) sprintf(path, "%s/%s", home, reffile);
+ (void) snprintf(path, sizeof(path), "%s/%s", home, reffile);
if (isuptodate == NO || access(path, READ) == 0) {
reffile = stralloc(path);
- (void) sprintf(path, "%s/%s", home, invname);
+ (void) snprintf(path, sizeof(path), "%s/%s", home, invname);
invname = stralloc(path);
- (void) sprintf(path, "%s/%s", home, invpost);
+ (void) snprintf(path, sizeof(path), "%s/%s", home, invpost);
invpost = stralloc(path);
}
}
@@ -692,7 +714,7 @@
#else
char *msg = mymalloc(50+strlen(file));
- (void) sprintf(msg, "Removed file %s because write failed", file);
+ (void) snprintf(msg, sizeof(msg), "Removed file %s because write failed", file);
#endif
myperror(msg); /* display the reason */
--- src/vpaccess.c
+++ src/vpaccess.c
@@ -49,7 +49,7 @@
if ((returncode = access(path, amode)) == -1 && path[0] != '/') {
vpinit(NULL);
for (i = 1; i < vpndirs; i++) {
- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
if ((returncode = access(buf, amode)) != -1) {
break;
}
--- src/vpfopen.c
+++ src/vpfopen.c
@@ -53,7 +53,7 @@
) {
vpinit(NULL);
for (i = 1; i < vpndirs; i++) {
- (void) sprintf(buf, "%s/%s", vpdirs[i], filename);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], filename);
if ((returncode = myfopen(buf, type)) != NULL) {
break;
}
--- src/vpopen.c
+++ src/vpopen.c
@@ -52,7 +52,7 @@
oflag == OPENFLAG_READ) {
vpinit(NULL);
for (i = 1; i < vpndirs; i++) {
- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
if ((returncode = myopen(buf, oflag, 0666)) != -1) {
break;
}