Changed strcpy() calls into strlcpy() calls, just to be extra safe.

c9bce0b8 · Wayne Davison · deee574b · c9bce0b8 · c9bce0b8 · c9bce0b8
Commit c9bce0b8 authored Oct 13, 2006 by Wayne Davison
Showing with 15 additions and 12 deletions

permstring.c lib/permstring.c +1 -1

pool_alloc.c lib/pool_alloc.c +1 -1

log.c log.c +4 -4

options.c options.c +6 -3

progress.c progress.c +1 -1

tls.c tls.c +2 -2

No files found.
--- a/lib/permstring.c
+++ b/lib/permstring.c
@@ -30,7 +30,7 @@ void permstring(char *perms, mode_t mode)
 	static const char *perm_map = "rwxrwxrwx";
 	int i;
-	strcpy(perms, "----------");
+	strlcpy(perms, "----------", 11);
 	for (i = 0; i < 9; i++) {
 		if (mode & (1 << i))

--- a/lib/pool_alloc.c
+++ b/lib/pool_alloc.c
@@ -272,7 +272,7 @@ pool_stats(alloc_pool_t p, int fd, int summarize)
 	if (pool->live)
 		FDEXTSTAT(pool->live);
-	strcpy(buf, "   FREE    BOUND\n");
+	strlcpy(buf, "   FREE    BOUND\n", sizeof buf);
 	write(fd, buf, strlen(buf));
 	for (cur = pool->free; cur; cur = cur->next)

--- a/log.c
+++ b/log.c
@@ -394,7 +394,7 @@ void rsyserr(enum logcode code, int errcode, const char *format, ...)
 	char buf[BIGPATHBUFLEN];
 	size_t len;
-	strcpy(buf, RSYNC_NAME ": ");
+	strlcpy(buf, RSYNC_NAME ": ", sizeof buf);
 	len = (sizeof RSYNC_NAME ": ") - 1;
 	va_start(ap, format);
@@ -544,15 +544,15 @@ static void log_formatted(enum logcode code, char *format, char *op,
 		case 'L':
 			if (hlink && *hlink) {
 				n = hlink;
-				strcpy(buf2, " => ");
+				strlcpy(buf2, " => ", sizeof buf2);
 			} else if (S_ISLNK(file->mode) && file->u.link) {
 				n = file->u.link;
-				strcpy(buf2, " -> ");
+				strlcpy(buf2, " -> ", sizeof buf2);
 			} else {
 				n = "";
 				if (!fmt[1])
 					break;
-				strcpy(buf2, "    ");
+				strlcpy(buf2, "    ", sizeof buf2);
 			}
 			strlcat(fmt, "s", sizeof fmt);
 			snprintf(buf2 + 4, sizeof buf2 - 4, fmt, n);

--- a/options.c
+++ b/options.c
@@ -613,8 +613,9 @@ static char err_buf[200];
 void option_error(void)
 {
 	if (!err_buf[0]) {
-		strcpy(err_buf, "Error parsing options: "
+		strlcpy(err_buf, "Error parsing options: option may "
-		    "option may be supported on client but not on server?\n");
+			"be supported on client but not on server?\n",
+			sizeof err_buf);
 	}
 	rprintf(FERROR, RSYNC_NAME ": %s", err_buf);
@@ -832,7 +833,9 @@ int parse_arguments(int *argc, const char ***argv, int frommain)
 		case OPT_DAEMON:
 			if (am_daemon) {
-				strcpy(err_buf, "Attempt to hack rsync thwarted!\n");
+				strlcpy(err_buf,
+					"Attempt to hack rsync thwarted!\n",
+					sizeof err_buf);
 				return 0;
 			}
 			poptFreeContext(pc);

--- a/progress.c
+++ b/progress.c
@@ -104,7 +104,7 @@ static void rprint_progress(OFF_T ofs, OFF_T size, struct timeval *now,
 			stats.num_files - stats.current_file_index - 1,
 			stats.num_files);
 	} else
-		strcpy(eol, "\r");
+		strlcpy(eol, "\r", sizeof eol);
 	rprintf(FCLIENT, "%12s %3d%% %7.2f%s %4d:%02d:%02d%s",
 		human_num(ofs), pct, rate, units,
 		remain_h, remain_m, remain_s, eol);

--- a/tls.c
+++ b/tls.c
@@ -74,7 +74,7 @@ static void list_file(const char *fname)
 		buf.st_mode &= ~0777;
 		buf.st_mtime = (time_t)0;
 		buf.st_uid = buf.st_gid = 0;
-		strcpy(linkbuf, " -> ");
+		strlcpy(linkbuf, " -> ", sizeof linkbuf);
 		/* const-cast required for silly UNICOS headers */
 		len = readlink((char *) fname, linkbuf+4, sizeof(linkbuf) - 4);
 		if (len == -1)
@@ -99,7 +99,7 @@ static void list_file(const char *fname)
 			(int)mt->tm_min,
 			(int)mt->tm_sec);
 	} else {
-		strcpy(datebuf, "                   ");
+		strlcpy(datebuf, "                   ", sizeof datebuf);
 	}
 	/* TODO: Perhaps escape special characters in fname? */