1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
The gentoo people submitted this patch. I'm not applying it as it makes
the code harder to understand with no major gain and without being a
fully correct fix.
diff -Nru whois-4.6.6.orig/whois.c whois-4.6.6/whois.c
--- whois-4.6.6.orig/whois.c 2003-06-15 12:36:52.000000000 -0400
+++ whois-4.6.6/whois.c 2003-08-11 02:15:30.000000000 -0400
@@ -73,12 +73,12 @@
/* RIPE flags */
if (strchr(ripeflags, ch)) {
for (p = fstring; *p; p++);
- sprintf(p--, "-%c ", ch);
+ snprintf(p--, sizeof(fstring), "-%c ", ch);
continue;
}
if (strchr(ripeflagsp, ch)) {
for (p = fstring; *p; p++);
- sprintf(p--, "-%c %s ", ch, optarg);
+ snprintf(p--, sizeof(fstring), "-%c %s ", ch, optarg);
if (ch == 't' || ch == 'v' || ch == 'q')
nopar = 1;
continue;
@@ -132,10 +132,10 @@
while (1) {
qslen += strlen(*argv) + 1 + 1;
qstring = realloc(qstring, qslen);
- strcat(qstring, *argv++);
+ strncat(qstring, *argv++, qslen-1);
if (argc == 1)
break;
- strcat(qstring, " ");
+ strncat(qstring, " ", qslen);
argc--;
}
}
@@ -401,10 +401,13 @@
{
char *buf;
int i, isripe = 0;
+ int buflen = 0;
/* +10 for CORE; +2 for \r\n; +1 for NULL */
- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4
- + 10 + 2 + 1);
+ buflen = (strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 10 + 2 + 1);
+
+ buf = malloc(buflen);
+
*buf = '\0';
for (i = 0; ripe_servers[i]; i++)
if (strcmp(server, ripe_servers[i]) == 0) {
@@ -426,23 +429,23 @@
if (*flags) {
if (!isripe && strcmp(server, "whois.corenic.net") != 0)
puts(_("Warning: RIPE flags used with a traditional server."));
- strcat(buf, flags);
+ strncat(buf, flags, buflen);
}
/* FIXME: /e is not applied to .JP ASN */
if (!isripe && (strcmp(server, "whois.nic.mil") == 0 ||
strcmp(server, "whois.nic.ad.jp") == 0) &&
strncasecmp(query, "AS", 2) == 0 && isasciidigit(query[2]))
- sprintf(buf, "AS %s", query + 2); /* fix query for DDN */
+ snprintf(buf, buflen, "AS %s", query + 2); /* fix query for DDN */
else if (!isripe && strcmp(server, "whois.corenic.net") == 0)
- sprintf(buf, "--machine %s", query); /* machine readable output */
+ snprintf(buf, buflen, "--machine %s", query); /* machine readable output */
else if (!isripe && strcmp(server, "whois.nic.ad.jp") == 0) {
char *lang = getenv("LANG"); /* not a perfect check, but... */
if (!lang || (strncmp(lang, "ja", 2) != 0))
- sprintf(buf, "%s/e", query); /* ask for english text */
+ snprintf(buf, buflen, "%s/e", query); /* ask for english text */
else
- strcat(buf, query);
+ strncat(buf, query, buflen);
} else
- strcat(buf, query);
+ strncat(buf, query, buflen);
return buf;
}
@@ -485,7 +488,7 @@
if (verb)
printf(_("Detected referral to %s on %s.\n"), nq, nh);
- strcat(nq, "\r\n");
+ strncat(nq, "\r\n", sizeof(nq));
fd = openconn(nh, np);
do_query(fd, nq);
continue;
|
