diff options
| author | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-10-20 04:34:03 +0000 |
|---|---|---|
| committer | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-10-20 04:34:03 +0000 |
| commit | 0b3824c86a99354d06339b95e40515de762d65f7 (patch) | |
| tree | 133edb1fb478a97674cb63e1f89a4762053d24e2 | |
| parent | 0d3ec454de486da5cbc292f7e694ee8ab7e4fae0 (diff) | |
Apply some changes based on possible "flaws" found with flawfinder.
git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@2574 5417fbe8-f217-4b02-8779-1006273d7864
| -rw-r--r-- | lang/langcomp.c | 2 | ||||
| -rw-r--r-- | src/channels.c | 66 | ||||
| -rw-r--r-- | src/chanserv.c | 2 | ||||
| -rw-r--r-- | src/core/cs_akick.c | 5 | ||||
| -rw-r--r-- | src/core/enc_none.c | 20 | ||||
| -rw-r--r-- | src/core/ns_group.c | 4 | ||||
| -rw-r--r-- | src/core/ns_register.c | 4 | ||||
| -rw-r--r-- | src/core/os_chankill.c | 4 | ||||
| -rw-r--r-- | src/core/os_stats.c | 24 | ||||
| -rw-r--r-- | src/hostserv.c | 20 | ||||
| -rw-r--r-- | src/mail.c | 2 | ||||
| -rw-r--r-- | src/memoserv.c | 4 | ||||
| -rw-r--r-- | src/misc.c | 4 | ||||
| -rw-r--r-- | src/modulemanager.cpp | 14 | ||||
| -rw-r--r-- | src/modules/hs_request.c | 4 | ||||
| -rw-r--r-- | src/modules/os_ignore_db.c | 8 | ||||
| -rw-r--r-- | src/nickserv.c | 24 | ||||
| -rw-r--r-- | src/protocol/inspircd11.c | 6 | ||||
| -rw-r--r-- | src/protocol/inspircd12.cpp | 8 | ||||
| -rw-r--r-- | src/protocol/unreal32.c | 6 | ||||
| -rw-r--r-- | src/users.c | 35 |
21 files changed, 126 insertions, 140 deletions
diff --git a/lang/langcomp.c b/lang/langcomp.c index 2752e118e..e678a9858 100644 --- a/lang/langcomp.c +++ b/lang/langcomp.c @@ -213,7 +213,7 @@ int main(int ac, char **av) fprintf(stderr, "%s:%d: Out of memory!\n", filename, linenum); return 2; } - sprintf(strings[curstring] + i, "%s\n", line); + snprintf(strings[curstring] + i, strlen(line) + 2, "%s\n", line); } } else { if ((curstring = stringnum(line)) < 0) { diff --git a/src/channels.c b/src/channels.c index 5984065e0..3aa7c840e 100644 --- a/src/channels.c +++ b/src/channels.c @@ -364,7 +364,7 @@ char *chan_get_modes(Channel * chan, int complete, int plus) if (plus || !cmp->MinusNoArg) { chan->GetParam(cmp->Name, ¶m); - + if (!param.empty()) { value = const_cast<char *>(param.c_str()); @@ -527,7 +527,7 @@ void chan_set_modes(const char *source, Channel *chan, int ac, const char **av, alog("debug: Setting %c%c on %s for %s", (add ? '+' : '-'), mode, chan->name, user->nick); - if (add) + if (add) chan_set_user_status(chan, user, cms->Status); /* If this does +o, remove any DEOPPED flag */ else @@ -565,7 +565,7 @@ void chan_set_modes(const char *source, Channel *chan, int ac, const char **av, if (cm->Type == MODE_PARAM) { cmp = static_cast<ChannelModeParam *>(cm); - + if (add || !cmp->MinusNoArg) { if (ac == 0) @@ -1688,67 +1688,67 @@ void chan_set_correct_modes(User * user, Channel * c, int give_modes) /* No need for strn* functions for modebuf, as every possible string * will always fit in. -GD */ - strcpy(modebuf, ""); - strcpy(userbuf, ""); + strlcpy(modebuf, "", sizeof(modebuf)); + strlcpy(userbuf, "", sizeof(userbuf)); if (add_modes > 0) { strcat(modebuf, "+"); if ((add_modes & CUS_OWNER) && !(status & CUS_OWNER)) { - strcat(modebuf, &owner->ModeChar); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, &owner->ModeChar, sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } else { add_modes &= ~CUS_OWNER; } if ((add_modes & CUS_PROTECT) && !(status & CUS_PROTECT)) { - strcat(modebuf, &admin->ModeChar); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, &admin->ModeChar, sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } else { add_modes &= ~CUS_PROTECT; } if ((add_modes & CUS_OP) && !(status & CUS_OP)) { - strcat(modebuf, "o"); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, "o", sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } else { add_modes &= ~CUS_OP; } if ((add_modes & CUS_HALFOP) && !(status & CUS_HALFOP)) { - strcat(modebuf, "h"); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, "h", sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } else { add_modes &= ~CUS_HALFOP; } if ((add_modes & CUS_VOICE) && !(status & CUS_VOICE)) { - strcat(modebuf, "v"); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, "v", sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } else { add_modes &= ~CUS_VOICE; } } if (rem_modes > 0) { - strcat(modebuf, "-"); + strlcat(modebuf, "-", sizeof(modebuf)); if (rem_modes & CUS_OWNER) { - strcat(modebuf, &owner->ModeChar); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, &owner->ModeChar, sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } if (rem_modes & CUS_PROTECT) { - strcat(modebuf, &admin->ModeChar); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, &admin->ModeChar, sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } if (rem_modes & CUS_OP) { - strcat(modebuf, "o"); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, "o", sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } if (rem_modes & CUS_HALFOP) { - strcat(modebuf, "h"); - strcat(userbuf, " "); - strcat(userbuf, user->nick); + strlcat(modebuf, "h", sizeof(modebuf)); + strlcat(userbuf, " ", sizeof(userbuf)); + strlcat(userbuf, user->nick, sizeof(userbuf)); } } diff --git a/src/chanserv.c b/src/chanserv.c index a581ded69..4175b625e 100644 --- a/src/chanserv.c +++ b/src/chanserv.c @@ -1227,7 +1227,7 @@ int check_kick(User * user, const char *chan, time_t chants) if (akick->flags & AK_ISNICK) get_idealban(ci, user, mask, sizeof(mask)); else - strcpy(mask, akick->u.mask); + strlcpy(mask, akick->u.mask, sizeof(mask)); reason = akick->reason ? akick->reason : CSAutokickReason; goto kick; } diff --git a/src/core/cs_akick.c b/src/core/cs_akick.c index a9e38fbd2..ede481bcb 100644 --- a/src/core/cs_akick.c +++ b/src/core/cs_akick.c @@ -213,10 +213,9 @@ class CommandCSAKick : public Command if (!na) { split_usermask(mask, &nick, &user, &host); - char *smask = new char[strlen(nick) + strlen(user) + strlen(host) + 3]; + std::string smask = std::string(nick) + "!" + user + "@" + host; freemask = 1; - sprintf(smask, "%s!%s@%s", nick, user, host); - mask = smask; + mask = sstrdup(smask.c_str()); delete [] nick; delete [] user; delete [] host; diff --git a/src/core/enc_none.c b/src/core/enc_none.c index 7f38d8532..91784bca4 100644 --- a/src/core/enc_none.c +++ b/src/core/enc_none.c @@ -25,26 +25,25 @@ class ENone : public Module ModuleManager::Attach(I_OnCheckPassword, this); } - EventReturn OnEncrypt(const char *src,int len,char *dest,int size) + EventReturn OnEncrypt(const char *src,int len,char *dest,int size) { - if(size>=len) + if(size>=len) { memset(dest,0,size); - strncpy(dest,src,len); - dest[len] = '\0'; - return EVENT_ALLOW; + strlcpy(dest,src,len); + return EVENT_ALLOW; } return EVENT_STOP; } - EventReturn OnEncryptInPlace(char *buf, int size) + EventReturn OnEncryptInPlace(char *buf, int size) { return EVENT_ALLOW; } - EventReturn OnEncryptCheckLen(int passlen, int bufsize) + EventReturn OnEncryptCheckLen(int passlen, int bufsize) { - if(bufsize>=passlen) + if(bufsize>=passlen) { return EVENT_ALLOW; } @@ -53,13 +52,12 @@ class ENone : public Module EventReturn OnDecrypt(const char *src, char *dest, int size) { memset(dest,0,size); - strncpy(dest,src,size); - dest[size] = '\0'; + strlcpy(dest,src,size); return EVENT_ALLOW; } EventReturn OnCheckPassword(const char *plaintext, const char *password) { - if(strcmp(plaintext,password)==0) + if(strcmp(plaintext,password)==0) { return EVENT_ALLOW; } diff --git a/src/core/ns_group.c b/src/core/ns_group.c index af181e092..ec00ec69d 100644 --- a/src/core/ns_group.c +++ b/src/core/ns_group.c @@ -117,8 +117,8 @@ class CommandNSGroup : public Command if (na) { - na->last_usermask = new char[u->GetIdent().length() + u->GetDisplayedHost().length() + 2]; - sprintf(na->last_usermask, "%s@%s", u->GetIdent().c_str(), u->GetDisplayedHost().c_str()); + std::string last_usermask = u->GetIdent() + "@" + u->GetDisplayedHost(); + na->last_usermask = sstrdup(last_usermask.c_str()); na->last_realname = sstrdup(u->realname); na->time_registered = na->last_seen = time(NULL); diff --git a/src/core/ns_register.c b/src/core/ns_register.c index c3f068326..6fd8e2455 100644 --- a/src/core/ns_register.c +++ b/src/core/ns_register.c @@ -49,8 +49,8 @@ class CommandNSConfirm : public Command } else { - na->last_usermask = new char[u->GetIdent().length() + u->GetDisplayedHost().length() + 2]; - sprintf(na->last_usermask, "%s@%s", u->GetIdent().c_str(), u->GetDisplayedHost().c_str()); + std::string last_usermask = u->GetIdent() + "@" + u->GetDisplayedHost(); + na->last_usermask = sstrdup(last_usermask.c_str()); na->last_realname = sstrdup(u->realname); if (NSAddAccessOnReg) na->nc->AddAccess(create_mask(u)); diff --git a/src/core/os_chankill.c b/src/core/os_chankill.c index 42d9d061b..6eb9e9456 100644 --- a/src/core/os_chankill.c +++ b/src/core/os_chankill.c @@ -74,8 +74,8 @@ class CommandOSChanKill : public Command cunext = cu->next; if (is_oper(cu->user)) continue; - strncpy(mask, "*@", 3); /* Use *@" for the akill's, */ - strncat(mask, cu->user->host, HOSTMAX); + strlcpy(mask, "*@", sizeof(mask)); /* Use *@" for the akill's, */ + strlcat(mask, cu->user->host, sizeof(mask)); add_akill(NULL, mask, s_OperServ, expires, realreason); check_akill(cu->user->nick, cu->user->GetIdent().c_str(), cu->user->host, NULL, NULL); } diff --git a/src/core/os_stats.c b/src/core/os_stats.c index cd3d41a34..937590e57 100644 --- a/src/core/os_stats.c +++ b/src/core/os_stats.c @@ -202,34 +202,26 @@ class CommandOSStats : public Command CommandReturn DoStatsUplink(User *u) { - char buf[512]; - int buflen, i; - buf[0] = '\0'; - buflen = 511; /* How confusing, this is the amount of space left! */ + char buf[512] = ""; + int i; for (i = 0; capab_info[i].token; ++i) { if (uplink_capab & capab_info[i].flag) { - strncat(buf, " ", buflen); - --buflen; - strncat(buf, capab_info[i].token, buflen); - buflen -= strlen(capab_info[i].token); + strlcat(buf, " ", sizeof(buf)); + strlcat(buf, capab_info[i].token, sizeof(buf)); /* Special cases */ if (capab_info[i].flag == CAPAB_CHANMODE) { - strncat(buf, "=", buflen); - --buflen; - strncat(buf, ircd->chanmodes, buflen); - buflen -= strlen(ircd->chanmodes); + strlcat(buf, "=", sizeof(buf)); + strlcat(buf, ircd->chanmodes, sizeof(buf)); } if (capab_info[i].flag == CAPAB_NICKCHARS) { - strncat(buf, "=", buflen); - --buflen; + strlcat(buf, "=", sizeof(buf)); if (ircd->nickchars) { - strncat(buf, ircd->nickchars, buflen); - buflen -= strlen(ircd->nickchars); + strlcat(buf, ircd->nickchars, sizeof(buf)); } /* leave blank if it was null */ } } diff --git a/src/hostserv.c b/src/hostserv.c index 86d998ff4..243314f59 100644 --- a/src/hostserv.c +++ b/src/hostserv.c @@ -145,16 +145,16 @@ HostCore *createHostCorelist(HostCore * next, const char *nick, char *vIdent, "Unable to allocate memory to create the vHost LL, problems i sense.."); return NULL; } - strcpy(next->nick, nick); - strcpy(next->vHost, vHost); - strcpy(next->creator, creator); + strlcpy(next->nick, nick, strlen(nick) + 1); + strlcpy(next->vHost, vHost, strlen(vHost) + 1); + strlcpy(next->creator, creator, strlen(creator) + 1); if (vIdent) { if ((next->vIdent == NULL)) { ircdproto->SendGlobops(s_HostServ, "Unable to allocate memory to create the vHost LL, problems i sense.."); return NULL; } - strcpy(next->vIdent, vIdent); + strlcpy(next->vIdent, vIdent, strlen(vIdent) + 1); } else { next->vIdent = NULL; } @@ -234,16 +234,16 @@ HostCore *insertHostCore(HostCore * phead, HostCore * prev, const char *nick, "Unable to allocate memory to create the vHost LL, problems i sense.."); return NULL; } - strcpy(newCore->nick, nick); - strcpy(newCore->vHost, vHost); - strcpy(newCore->creator, creator); + strlcpy(newCore->nick, nick, strlen(nick) + 1); + strlcpy(newCore->vHost, vHost, strlen(vHost) + 1); + strlcpy(newCore->creator, creator, strlen(creator) + 1); if (vIdent) { if ((newCore->vIdent == NULL)) { ircdproto->SendGlobops(s_HostServ, "Unable to allocate memory to create the vHost LL, problems i sense.."); return NULL; } - strcpy(newCore->vIdent, vIdent); + strlcpy(newCore->vIdent, vIdent, strlen(vIdent) + 1); } else { newCore->vIdent = NULL; } @@ -529,6 +529,6 @@ void set_lastmask(User * u) if (na->last_usermask) delete [] na->last_usermask; - na->last_usermask = new char[u->GetIdent().length() + u->GetDisplayedHost().length() + 2]; - sprintf(na->last_usermask, "%s@%s", u->GetIdent().c_str(), u->GetDisplayedHost().c_str()); + std::string last_usermask = u->GetIdent() + "@" + u->GetDisplayedHost(); + na->last_usermask = sstrdup(last_usermask.c_str()); } diff --git a/src/mail.c b/src/mail.c index 5e7adb7a2..ea8ef65f6 100644 --- a/src/mail.c +++ b/src/mail.c @@ -242,7 +242,7 @@ int MailValidate(const char *email) if (!email) return 0; - strcpy(copy, email); + strlcpy(copy, email, sizeof(copy)); domain = strchr(copy, '@'); if (!domain) diff --git a/src/memoserv.c b/src/memoserv.c index 5a32cfec2..fa41aee2d 100644 --- a/src/memoserv.c +++ b/src/memoserv.c @@ -408,10 +408,10 @@ void rsend_notify(User * u, Memo * m, const char *chan) nick or channel */ if (chan) { fmt = getstring(na, MEMO_RSEND_CHAN_MEMO_TEXT); - sprintf(text, fmt, chan); + snprintf(text, sizeof(text), fmt, chan); } else { fmt = getstring(na, MEMO_RSEND_NICK_MEMO_TEXT); - sprintf(text, "%s", fmt); + snprintf(text, sizeof(text), "%s", fmt); } /* Send notification */ diff --git a/src/misc.c b/src/misc.c index 976c26ada..a84fc33d4 100644 --- a/src/misc.c +++ b/src/misc.c @@ -413,9 +413,9 @@ const char *expire_left(NickCore *nc, char *buf, int len, time_t expires) time_t now = time(NULL); if (!expires) { - strncpy(buf, getstring(nc, NO_EXPIRE), len); + strlcpy(buf, getstring(nc, NO_EXPIRE), len); } else if (expires <= now) { - strncpy(buf, getstring(nc, EXPIRES_SOON), len); + strlcpy(buf, getstring(nc, EXPIRES_SOON), len); } else { time_t diff = expires - now + 59; diff --git a/src/modulemanager.cpp b/src/modulemanager.cpp index 68609421b..35a2280a8 100644 --- a/src/modulemanager.cpp +++ b/src/modulemanager.cpp @@ -45,15 +45,11 @@ static int moduleCopyFile(const char *name, const char *output) int srcfp; #endif char input[4096]; - int len; - - strncpy(input, services_dir.c_str(), 4095); - len = strlen(input); - strncat(input, "/modules/", 4095 - len); /* Get full path with module extension */ - len = strlen(input); - strncat(input, name, 4095 - len); - len = strlen(output); - strncat(input, MODULE_EXT, 4095 - len); + + strlcpy(input, services_dir.c_str(), sizeof(input)); + strlcat(input, "/modules/", sizeof(input)); /* Get full path with module extension */ + strlcat(input, name, sizeof(input)); + strlcat(input, MODULE_EXT, sizeof(input)); #ifndef _WIN32 if ((srcfp = mkstemp(const_cast<char *>(output))) == -1) diff --git a/src/modules/hs_request.c b/src/modules/hs_request.c index 30949d9e7..b982375db 100644 --- a/src/modules/hs_request.c +++ b/src/modules/hs_request.c @@ -826,9 +826,9 @@ void req_send_memos(User *u, char *vIdent, char *vHost) return; if (vIdent) - sprintf(host, "%s@%s", vIdent, vHost); + snprintf(host, sizeof(host), "%s@%s", vIdent, vHost); else - sprintf(host, "%s", vHost); + snprintf(host, sizeof(host), "%s", vHost); if (HSRequestMemoOper == 1) { diff --git a/src/modules/os_ignore_db.c b/src/modules/os_ignore_db.c index b393e5cd1..d5487b360 100644 --- a/src/modules/os_ignore_db.c +++ b/src/modules/os_ignore_db.c @@ -478,12 +478,12 @@ void fill_db_ptr(DBFile *dbptr, int version, int core_version, dbptr->db_version = version; dbptr->core_db_version = core_version; if (!service) - strcpy(dbptr->service, service); + strlcpy(dbptr->service, service, sizeof(dbptr->service)); else - strcpy(dbptr->service, ""); + strlcpy(dbptr->service, "", sizeof(dbptr->service)); - strcpy(dbptr->filename, filename); - snprintf(dbptr->temp_name, 261, "%s.temp", filename); + strlcpy(dbptr->filename, filename, sizeof(dbptr->filename)); + snprintf(dbptr->temp_name, sizeof(dbptr->temp_name), "%s.temp", filename); return; } diff --git a/src/nickserv.c b/src/nickserv.c index 9ef0f8614..d77950512 100644 --- a/src/nickserv.c +++ b/src/nickserv.c @@ -670,9 +670,8 @@ int validate_user(User * u) na->last_seen = time(NULL); if (na->last_usermask) delete [] na->last_usermask; - na->last_usermask = new char[u->GetIdent().length() + u->GetDisplayedHost().length() + 2]; - sprintf(na->last_usermask, "%s@%s", u->GetIdent().c_str(), - u->GetDisplayedHost().c_str()); + std::string last_usermask = u->GetIdent() + "@" + u->GetDisplayedHost(); + na->last_usermask = sstrdup(last_usermask.c_str()); if (na->last_realname) delete [] na->last_realname; na->last_realname = sstrdup(u->realname); @@ -937,23 +936,24 @@ bool is_on_access(User *u, NickCore *nc) char *buf; char *buf2 = NULL; char *buf3 = NULL; + std::string tmp_buf; if (!u || !nc || nc->access.empty()) return false; - buf = new char[u->GetIdent().length() + strlen(u->host) + 2]; - sprintf(buf, "%s@%s", u->GetIdent().c_str(), u->host); + tmp_buf = u->GetIdent() + "@" + u->host; + buf = sstrdup(tmp_buf.c_str()); if (ircd->vhost) { if (u->vhost) { - buf2 = new char[u->GetIdent().length() + strlen(u->vhost) + 2]; - sprintf(buf2, "%s@%s", u->GetIdent().c_str(), u->vhost); + tmp_buf = u->GetIdent() + "@" + u->vhost; + buf2 = sstrdup(tmp_buf.c_str()); } if (!u->GetCloakedHost().empty()) { - buf3 = new char[u->GetIdent().length() + u->GetCloakedHost().length() + 2]; - sprintf(buf3, "%s@%s", u->GetIdent().c_str(), u->GetCloakedHost().c_str()); + tmp_buf = u->GetIdent() + "@" + u->GetCloakedHost(); + buf3 = sstrdup(tmp_buf.c_str()); } } @@ -980,8 +980,10 @@ bool is_on_access(User *u, NickCore *nc) delete [] buf; if (ircd->vhost) { - delete [] buf2; - delete [] buf3; + if (buf2) + delete [] buf2; + if (buf3) + delete [] buf3; } return false; } diff --git a/src/protocol/inspircd11.c b/src/protocol/inspircd11.c index 7d2044706..c6740f561 100644 --- a/src/protocol/inspircd11.c +++ b/src/protocol/inspircd11.c @@ -154,7 +154,7 @@ static char currentpass[1024]; /* PASS */ void inspircd_cmd_pass(const char *pass) { - strncpy(currentpass, pass, 1024); + strlcpy(currentpass, pass, sizeof(currentpass)); } @@ -568,8 +568,8 @@ int anope_event_fjoin(const char *source, int ac, const char **av) } } } - strncat(nicklist, prefixandnick, 513); - strncat(nicklist, " ", 513); + strlcat(nicklist, prefixandnick, sizeof(nicklist)); + strlcat(nicklist, " ", sizeof(nicklist)); delete [] curnick_real; nlen = 0; } diff --git a/src/protocol/inspircd12.cpp b/src/protocol/inspircd12.cpp index bdc6e999a..0f4d7c42f 100644 --- a/src/protocol/inspircd12.cpp +++ b/src/protocol/inspircd12.cpp @@ -159,7 +159,7 @@ static char currentpass[1024]; /* PASS */ void inspircd_cmd_pass(const char *pass) { - strncpy(currentpass, pass, 1024); + strlcpy(currentpass, pass, sizeof(currentpass)); } @@ -645,8 +645,8 @@ int anope_event_fjoin(const char *source, int ac, const char **av) // Much as I hate goto.. I can't `break 2' to get here.. XXX ugly endnick: - strncat(nicklist, prefixandnick, 513); - strncat(nicklist, " ", 513); + strlcat(nicklist, prefixandnick, sizeof(nicklist)); + strlcat(nicklist, " ", sizeof(nicklist)); delete [] curnick_real; nlen = 0; } @@ -901,7 +901,7 @@ int anope_event_uid(const char *source, int ac, const char **av) Server *s = findserver_uid(servlist, source); uint32 *ad = reinterpret_cast<uint32 *>(&addy); int ts = strtoul(av[1], NULL, 10); - + /* Check if the previously introduced user was Id'd for the nickgroup of the nick he s currently using. * If not, validate the user. ~ Viper*/ user = prev_u_intro; diff --git a/src/protocol/unreal32.c b/src/protocol/unreal32.c index 34efa0f00..5c50dc8cd 100644 --- a/src/protocol/unreal32.c +++ b/src/protocol/unreal32.c @@ -822,7 +822,7 @@ int anope_event_sethost(const char *source, int ac, const char **av) /* If a user has a custom host and a server splits and reconnects * Unreal does not send the users cloaked host to Anope.. so we do not know it. - * However, they will be +t if this is the case, so we will set their vhost + * However, they will be +t if this is the case, so we will set their vhost * to the sethost value (which really is their vhost) and clear the chost. * The chost will be request later (if needed) - Adam */ @@ -1024,7 +1024,7 @@ int anope_event_userhost(const char *source, int ac, const char **av) */ if (ac < 2 || !av[1] || !*av[1]) return MOD_CONT; - + std::string reply = av[1]; std::string user = std::string(reply.begin(), std::find(reply.begin(), reply.end(), '=')); if (user[user.length() - 1] == '*') @@ -1130,7 +1130,7 @@ bool ChannelModeFlood::IsValid(const char *value) if (*value != ':' && strtoul((*value == '*' ? value + 1 : value), &dp, 10) > 0 && *dp == ':' && *(++dp) && strtoul(dp, &end, 10) > 0 && !*end) return 1; else { /* '['<number><1 letter>[optional: '#'+1 letter],[next..]']'':'<number> */ - strncpy(xbuf, value, sizeof(xbuf)); + strlcpy(xbuf, value, sizeof(xbuf)); p2 = strchr(xbuf + 1, ']'); if (!p2) return 0; *p2 = '\0'; diff --git a/src/users.c b/src/users.c index 33dc560c4..79dc37ac6 100644 --- a/src/users.c +++ b/src/users.c @@ -30,7 +30,7 @@ time_t maxusertime; User::User(const std::string &snick, const std::string &suid) { User **list; - + if (snick.empty()) throw "what the craq, empty nick passed to constructor"; @@ -46,7 +46,7 @@ User::User(const std::string &snick, const std::string &suid) founder_chans = NULL; invalid_pw_count = timestamp = my_signon = invalid_pw_time = lastmemosend = lastnickreg = lastmail = 0; OnAccess = false; - + strscpy(this->nick, snick.c_str(), NICKMAX); this->uid = suid; list = &userlist[HASH(this->nick)]; @@ -101,7 +101,7 @@ void User::SetNewNick(const std::string &newnick) if (*list) (*list)->prev = this; *list = this; - + OnAccess = false; NickAlias *na = findnick(this->nick); if (na) @@ -143,12 +143,12 @@ void User::SetCloakedHost(const std::string &newhost) { if (newhost.empty()) throw "empty host in User::SetCloakedHost"; - + chost = newhost; if (debug) alog("debug: %s changed cloaked host to %s", this->nick, newhost.c_str()); - + this->UpdateHost(); } @@ -260,9 +260,9 @@ User::~User() if (debug >= 2) alog("debug: User::~User(): free user data"); - + delete [] this->host; - + if (this->vhost) delete [] this->vhost; @@ -377,14 +377,14 @@ void User::AutoID(const char *account) { NickCore *tnc; NickAlias *na; - - if ((tnc = findcore(account))) + + if ((tnc = findcore(account))) { this->nc = tnc; if ((na = findnick(this->nick)) && na->nc == tnc) - { + { check_memos(this); - } + } } } @@ -407,8 +407,8 @@ void User::UpdateHost() if (na->last_usermask) delete [] na->last_usermask; - na->last_usermask = new char[this->GetIdent().length() + this->GetDisplayedHost().length() + 2]; - sprintf(na->last_usermask, "%s@%s", this->GetIdent().c_str(), this->GetDisplayedHost().c_str()); + std::string last_usermask = this->GetIdent() + "@" + this->GetDisplayedHost(); + na->last_usermask = sstrdup(last_usermask.c_str()); } OnAccess = false; @@ -739,8 +739,8 @@ User *do_nick(const char *source, const char *nick, const char *username, const */ if (is_sync(findserver(servlist, server)) && checkDefCon(DEFCON_AKILL_NEW_CLIENTS) && !is_ulined(server)) { - strncpy(mask, "*@", 3); - strncat(mask, host, HOSTMAX); + strlcpy(mask, "*@", sizeof(mask)); + strlcat(mask, host, sizeof(mask)); alog("DEFCON: adding akill for %s", mask); add_akill(NULL, mask, s_OperServ, time(NULL) + DefConAKILL, @@ -876,9 +876,8 @@ User *do_nick(const char *source, const char *nick, const char *username, const if (ntmp->last_usermask) delete [] ntmp->last_usermask; - ntmp->last_usermask = new char[user->GetIdent().length() + user->GetDisplayedHost().length() + 2]; - sprintf(ntmp->last_usermask, "%s@%s", - user->GetIdent().c_str(), user->GetDisplayedHost().c_str()); + std::string last_usermask = user->GetIdent() + "@" + user->GetDisplayedHost(); + ntmp->last_usermask = sstrdup(last_usermask.c_str()); ircdproto->SetAutoIdentificationToken(user); alog("%s: %s!%s@%s automatically identified for nick %s", s_NickServ, user->nick, user->GetIdent().c_str(), user->host, user->nick); } |