[eggheads-patches] PATCH: morestrncpy.patch

Peter 'Rattacresh' Backes rtc at rhrk.uni-kl.de
Fri Oct 15 16:24:41 CST 1999


* several funcs could write 1 byte behind reserved buffer 
(check_chanlist, sub_lang), causing not reproducible SIGSEGVs/SIGILLs 
during the telnet ident procedure.
* fixed some unterminated strncpys
* cleaned up DIRLEN/UHOSTLEN messup
* seen.c typo could cause weird effects.


-- Peter 'Rattacresh' Backes, rtc at rhrk.uni-kl.de

-------------- next part --------------
diff -urN eggdrop1.3.29/doc/UPDATES1.3 eggdrop1.3.29+morestrncpy/doc/UPDATES1.3
--- eggdrop1.3.29/doc/UPDATES1.3	Fri Oct 15 21:13:36 1999
+++ eggdrop1.3.29+morestrncpy/doc/UPDATES1.3	Fri Oct 15 21:24:02 1999
@@ -4,6 +4,9 @@
 
 1.3.29
 Foundby   Fixedby   What....
+          rtc       fixed typo in seen.c
+          rtc       fixed several one-byte-buffer-overruns
+          rtc       more fixes for strncpys without termination
           Cybah	    strncpy() being used on buffers without terminating them.
 Tothwolf  Fabian    stopped userfile parsing funcs from messing with ~ and `
           rtc       language files were being installed twice
diff -urN eggdrop1.3.29/src/chanprog.c eggdrop1.3.29+morestrncpy/src/chanprog.c
--- eggdrop1.3.29/src/chanprog.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/chanprog.c	Fri Oct 15 20:50:55 1999
@@ -101,9 +101,9 @@
   memberlist *m;
   struct chanset_t *chan;
 
-  strncpy(buf, host, UHOSTLEN);
-  buf[UHOSTLEN - 1] = 0;	/* why is this case sanely done, when there
-				 * are so many others? */
+  strncpy(buf, host, UHOSTMAX);
+  buf[UHOSTMAX] = 0;	/* why is this case sanely done, when there
+			 * are so many others? */
   uhost = buf;
   nick = splitnick(&uhost);
   for (chan = chanset; chan; chan = chan->next) {
diff -urN eggdrop1.3.29/src/cmds.c eggdrop1.3.29+morestrncpy/src/cmds.c
--- eggdrop1.3.29/src/cmds.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/cmds.c	Fri Oct 15 20:50:55 1999
@@ -840,7 +840,7 @@
   char oldnick[HANDLEN + 1], newnick[HANDLEN + 1];
   int i;
 
-  strncpy(newnick, newsplit(&par), sizeof(newnick));
+  strncpy(newnick, newsplit(&par), HANDLEN);
   newnick[HANDLEN] = 0;
 
   if (!newnick[0]) {
@@ -859,7 +859,8 @@
   } else if (!strcasecmp(newnick, botnetnick)) {
     dprintf(idx, "Hey!  That's MY name!\n");
   } else {
-    strncpy(oldnick, dcc[idx].nick, sizeof(oldnick));
+    strncpy(oldnick, dcc[idx].nick, HANDLEN);
+    oldnick[HANDLEN] = 0;
     if (change_handle(u, newnick)) {
       putlog(LOG_CMDS, "*", "#%s# nick %s", oldnick, newnick);
       dprintf(idx, "Okay, changed.\n");
@@ -923,8 +924,8 @@
   }
   handle = newsplit(&par);
   addr = newsplit(&par);
-  if (strlen(addr) > UHOSTLEN)
-    addr[UHOSTLEN] = 0;
+  if (strlen(addr) > UHOSTMAX)
+    addr[UHOSTMAX] = 0;
   u1 = get_user_by_handle(userlist, handle);
   if (!u1 || !(u1->flags & USER_BOT)) {
     dprintf(idx, "Useful only for tandem bots.\n");
@@ -2211,7 +2212,7 @@
 static void cmd_pls_ignore(struct userrec *u, int idx, char *par)
 {
   char *who;
-  char s[UHOSTLEN + 1];
+  char s[UHOSTLEN];
 
   if (!par[0]) {
     dprintf(idx, "Usage: +ignore <hostmask> [comment]\n");
@@ -2223,8 +2224,8 @@
     par = "requested";
   else if (strlen(par) > 65)
     par[65] = 0;
-  if (strlen(who) > UHOSTLEN - 4)
-    who[UHOSTLEN - 4] = 0;
+  if (strlen(who) > UHOSTMAX - 4)
+    who[UHOSTMAX - 4] = 0;
   /* fix missing ! or @ BEFORE continuing - sounds familiar */
   if (!strchr(who, '!')) {
     if (!strchr(who, '@'))
@@ -2246,14 +2247,14 @@
 
 static void cmd_mns_ignore(struct userrec *u, int idx, char *par)
 {
-  char buf[UHOSTLEN + 1];
+  char buf[UHOSTLEN];
 
   if (!par[0]) {
     dprintf(idx, "Usage: -ignore <hostmask | ignore #>\n");
     return;
   }
-  strncpy(buf, par, UHOSTLEN);
-  buf[UHOSTLEN] = 0;
+  strncpy(buf, par, UHOSTMAX);
+  buf[UHOSTMAX] = 0;
   if (delignore(buf)) {
     putlog(LOG_CMDS, "*", "#%s# -ignore %s", dcc[idx].nick, buf);
     dprintf(idx, "No longer ignoring: %s\n", buf);
diff -urN eggdrop1.3.29/src/dcc.c eggdrop1.3.29+morestrncpy/src/dcc.c
--- eggdrop1.3.29/src/dcc.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/dcc.c	Fri Oct 15 20:50:55 1999
@@ -1054,7 +1054,7 @@
   unsigned long ip;
   unsigned short port;
   int j = 0, sock;
-  char s[UHOSTLEN + 1], s2[UHOSTLEN + 20];
+  char s[UHOSTLEN], s2[UHOSTLEN + 20];
 
   context;
   if (dcc_total + 1 > max_dcc) {
@@ -1113,8 +1113,8 @@
   dcc[i].port = port;
   dcc[i].timeval = now;
   dcc[i].u.ident_sock = dcc[idx].sock;
-  strncpy(dcc[i].host, s, UHOSTLEN - 1);
-  dcc[i].host[UHOSTLEN - 1] = 0;
+  strncpy(dcc[i].host, s, UHOSTMAX);
+  dcc[i].host[UHOSTMAX] = 0;
   strcpy(dcc[i].nick, "*");
   sock = open_telnet(s, 113);
   putlog(LOG_MISC, "*", DCC_TELCONN, s, port);
@@ -1800,6 +1800,7 @@
     if ((dcc[i].type == &DCC_IDENTWAIT) &&
 	(dcc[i].sock == dcc[idx].u.ident_sock)) {
       simple_sprintf(buf1, "%s@%s", uid, dcc[idx].host);
+      putlog (LOG_MISC, "*", "%s", buf1);
       dcc_telnet_got_ident(i, buf1);
     }
   idx = findanyidx(sock);
@@ -1863,8 +1864,8 @@
     lostdcc(i);
     return;
   }
-  strncpy(dcc[i].host, host, UHOSTLEN);
-  dcc[i].host[UHOSTLEN] = 0;
+  strncpy(dcc[i].host, host, UHOSTMAX);
+  dcc[i].host[UHOSTMAX] = 0;
   simple_sprintf(x, "telnet!%s", dcc[i].host);
   if (protect_telnet && !make_userfile) {
     struct userrec *u;
diff -urN eggdrop1.3.29/src/eggdrop.h eggdrop1.3.29+morestrncpy/src/eggdrop.h
--- eggdrop1.3.29/src/eggdrop.h	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/eggdrop.h	Fri Oct 15 20:50:55 1999
@@ -34,8 +34,8 @@
 
 #define HANDLEN		9	/* valid values 9->NICKMAX */
 #define NICKMAX       15	/* valid values HANDLEN->32 */
-#define UHOSTLEN     161	/* reasonable, i think? */
-#define DIRLEN       256	/* paranoia */
+#define UHOSTMAX     160        /* reasonable, i think? */
+#define DIRMAX       256	/* paranoia */
 #define MAX_LOG_LINE 767	/* for misc.c/putlog() <cybah> */
 
 /* language stuff */
@@ -50,6 +50,8 @@
 /***********************************************************************/
 
 #define NICKLEN         NICKMAX + 1
+#define UHOSTLEN        UHOSTMAX + 1
+#define DIRLEN          DIRMAX + 1
 #define NOTENAMELEN     ((HANDLEN * 2) + 1)
 
 /* have to use a weird way to make the compiler error out cos not all
@@ -207,7 +209,7 @@
   unsigned int port;
   struct userrec *user;
   char nick[NICKLEN];
-  char host[UHOSTLEN + 1];	/* extra safety char ;) */
+  char host[UHOSTLEN];
   struct dcc_table *type;
   time_t timeval;		/* use for any timing stuff 
 				 * - this is used for timeout checking */
diff -urN eggdrop1.3.29/src/main.c eggdrop1.3.29+morestrncpy/src/main.c
--- eggdrop1.3.29/src/main.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/main.c	Fri Oct 15 20:50:55 1999
@@ -329,8 +329,15 @@
 static void got_ill(int z)
 {
   check_tcl_event("sigill");
+  write_debug();
   putlog(LOG_MISC, "*", "* Context: %s/%d [%s]", cx_file[cx_ptr],
 	 cx_line[cx_ptr], (cx_note[cx_ptr][0]) ? cx_note[cx_ptr] : "");
+  fatal ("GOT ILL SIGNAL -- CRASHING!", 1);
+#ifdef SA_RESETHAND
+  kill(getpid(), SIGILL);
+#else
+  exit(1);
+#endif
 }
 
 static void do_arg(char *s)
diff -urN eggdrop1.3.29/src/misc.c eggdrop1.3.29+morestrncpy/src/misc.c
--- eggdrop1.3.29/src/misc.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/misc.c	Fri Oct 15 20:52:40 1999
@@ -238,6 +238,7 @@
       while (*f != '.')
 	f--;
       strncpy(nw, q, f - q);
+      /* No need to nw[f-q]=0 here. */
       nw += (f - q);
       strcpy(nw, ".*");
     } else {			/* normal host >= 3 parts */
@@ -1225,7 +1226,8 @@
   get_user_flagrec(dcc[idx].user, &fr, dcc[idx].u.chat->con_chan);
   help_subst(NULL, NULL, 0,
 	     (dcc[idx].status & STAT_TELNET) ? 0 : HELP_IRC, NULL);
-  strncpy(s, text, 1024);
+  strncpy(s, text, 1023);
+  s[1023] = 0;
   if (s[strlen(s) - 1] == '\n')
     s[strlen(s) - 1] = 0;
   if (!s[0])
diff -urN eggdrop1.3.29/src/mod/blowfish.mod/blowfish.c eggdrop1.3.29+morestrncpy/src/mod/blowfish.mod/blowfish.c
--- eggdrop1.3.29/src/mod/blowfish.mod/blowfish.c	Fri Oct 15 21:13:37 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/blowfish.mod/blowfish.c	Fri Oct 15 20:50:55 1999
@@ -195,6 +195,7 @@
   bf_S = box[bx].S;
   box[bx].keybytes = keybytes;
   strncpy(box[bx].key, key, keybytes);
+  box[bx].key[keybytes] = 0;
   box[bx].lastuse = now;
   /* robey: reset blowfish boxes to initial state */
   /* (i guess normally it just keeps scrambling them, but here it's
diff -urN eggdrop1.3.29/src/mod/channels.mod/cmdschan.c eggdrop1.3.29+morestrncpy/src/mod/channels.mod/cmdschan.c
--- eggdrop1.3.29/src/mod/channels.mod/cmdschan.c	Fri Oct 15 21:13:37 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/channels.mod/cmdschan.c	Fri Oct 15 20:50:55 1999
@@ -24,7 +24,7 @@
 
 static void cmd_pls_ban(struct userrec *u, int idx, char *par)
 {
-  char *chname, *who, s[UHOSTLEN + 1], s1[UHOSTLEN + 1], *p;
+  char *chname, *who, s[UHOSTLEN], s1[UHOSTLEN], *p;
   struct chanset_t *chan = 0;
   int bogus = 0;
   module_entry *me;
@@ -101,8 +101,8 @@
       par = "requested";
     else if (strlen(par) > 65)
       par[65] = 0;
-    if (strlen(who) > UHOSTLEN - 4)
-      who[UHOSTLEN - 4] = 0;
+    if (strlen(who) > UHOSTMAX - 4)
+      who[UHOSTMAX - 4] = 0;
     /* fix missing ! or @ BEFORE checking against myself */
     if (!strchr(who, '!')) {
       if (!strchr(who, '@'))
@@ -166,7 +166,7 @@
 
 static void cmd_pls_exempt (struct userrec * u, int idx, char * par)
 {
-  char * chname, * who, s[UHOSTLEN + 1], s1[UHOSTLEN + 1], *p;
+  char * chname, * who, s[UHOSTLEN], s1[UHOSTLEN], *p;
   struct chanset_t *chan = 0;
   int bogus = 0;
   module_entry * me;   
@@ -245,8 +245,8 @@
       par = "requested";
     else if (strlen(par) > 65)
       par[65] = 0;
-    if (strlen(who) > UHOSTLEN - 4)
-      who[UHOSTLEN - 4] = 0;
+    if (strlen(who) > UHOSTMAX - 4)
+      who[UHOSTMAX - 4] = 0;
     /* fix missing ! or @ BEFORE checking against myself */
     if (!strchr(who, '!')) {
       if (!strchr(who, '@')) 
@@ -306,7 +306,7 @@
 
 static void cmd_pls_invite (struct userrec * u, int idx, char * par)
 {
-  char * chname, * who, s[UHOSTLEN + 1], s1[UHOSTLEN + 1], *p;
+  char * chname, * who, s[UHOSTLEN], s1[UHOSTLEN], *p;
   struct chanset_t *chan = 0;
   int bogus = 0;
   module_entry * me;   
@@ -387,8 +387,8 @@
       par = "requested";
     else if (strlen(par) > 65)
       par[65] = 0;
-    if (strlen(who) > UHOSTLEN - 4)
-      who[UHOSTLEN - 4] = 0;
+    if (strlen(who) > UHOSTMAX - 4)
+      who[UHOSTMAX - 4] = 0;
     /* fix missing ! or @ BEFORE checking against myself */
     if (!strchr(who, '!')) {
       if (!strchr(who, '@')) 
@@ -450,7 +450,7 @@
 {
   int i = 0, j;
   struct chanset_t *chan = 0;
-  char s[UHOSTLEN + 1], *ban, *chname;
+  char s[UHOSTLEN], *ban, *chname;
   masklist *b;
 
   if (!par[0]) {
@@ -469,8 +469,8 @@
     if (!((glob_op(user) && !chan_deop(user)) || chan_op(user)))
       return;
   }
-  strncpy(s, ban, UHOSTLEN);
-  s[UHOSTLEN] = 0;
+  strncpy(s, ban, UHOSTMAX);
+  s[UHOSTMAX] = 0;
   i = u_delban(NULL, s, (u->flags & USER_MASTER));
   if (i > 0) {
     putlog(LOG_CMDS, "*", "#%s# -ban %s", dcc[idx].nick, s);
@@ -539,7 +539,7 @@
 {
   int i = 0, j;
   struct chanset_t *chan = 0;
-  char s[UHOSTLEN + 1], *exempt, *chname;
+  char s[UHOSTLEN], *exempt, *chname;
   masklist *e;
   if (!use_exempts) {
     dprintf(idx, "This command can only be used on IRCnet.\n");
@@ -561,8 +561,8 @@
     if (!((glob_op(user) && !chan_deop(user)) || chan_op(user)))
       return;
   }
-  strncpy(s,exempt, UHOSTLEN);
-  s[UHOSTLEN] = 0;
+  strncpy(s,exempt, UHOSTMAX);
+  s[UHOSTMAX] = 0;
   i = u_delexempt(NULL,s,(u->flags & USER_MASTER));
   if (i > 0) {
     putlog(LOG_CMDS, "*", "#%s# -exempt %s", dcc[idx].nick, s);
@@ -631,7 +631,7 @@
 {
   int i = 0, j;
   struct chanset_t *chan = 0;
-  char s[UHOSTLEN + 1], *invite, *chname;
+  char s[UHOSTLEN], *invite, *chname;
   masklist *inv;
   
   if (!use_invites) {
@@ -654,8 +654,8 @@
     if (!((glob_op(user) && !chan_deop(user)) || chan_op(user)))
       return;
   }
-  strncpy(s,invite, UHOSTLEN);
-  s[UHOSTLEN] = 0;
+  strncpy(s,invite, UHOSTMAX);
+  s[UHOSTMAX] = 0;
   i = u_delinvite(NULL,s,(u->flags & USER_MASTER));
   if (i > 0) {
     putlog(LOG_CMDS, "*", "#%s# -invite %s", dcc[idx].nick, s);
@@ -902,10 +902,10 @@
 {
   int i, j;
   struct chanset_t *chan;
-  char s[UHOSTLEN + 1], * stick_type;
+  char s[UHOSTLEN], * stick_type;
   stick_type=newsplit(&par);
-  strncpy(s, par, UHOSTLEN);
-  s[UHOSTLEN] = 0;
+  strncpy(s, par, UHOSTMAX);
+  s[UHOSTMAX] = 0;
        
     /* now deal with exemptions */
   if (!strcasecmp(stick_type,"exempt")) {
@@ -963,8 +963,8 @@
     return;
   }
   if (strcasecmp(stick_type,"ban")) {
-    strncpy(s, stick_type, UHOSTLEN);
-    s[UHOSTLEN] = 0;    
+    strncpy(s, stick_type, UHOSTMAX);
+    s[UHOSTMAX] = 0;    
   }
   i = u_setsticky_ban(NULL, s,
 		      (dcc[idx].user->flags & USER_MASTER) ? yn : -1);
diff -urN eggdrop1.3.29/src/mod/channels.mod/tclchan.c eggdrop1.3.29+morestrncpy/src/mod/channels.mod/tclchan.c
--- eggdrop1.3.29/src/mod/channels.mod/tclchan.c	Fri Oct 15 21:13:37 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/channels.mod/tclchan.c	Fri Oct 15 20:50:55 1999
@@ -508,8 +508,8 @@
       return TCL_ERROR;
     }
   }
-  strncpy(ban, argv[1], UHOSTLEN - 1);
-  ban[UHOSTLEN - 1] = 0;
+  strncpy(ban, argv[1], UHOSTMAX);
+  ban[UHOSTMAX] = 0;
   strncpy(from, argv[2], HANDLEN);
   from[HANDLEN] = 0;
   strncpy(cmt, argv[3], 65);
@@ -591,8 +591,8 @@
       return TCL_ERROR;
     }
   }
-  strncpy(exempt, argv[1], UHOSTLEN - 1);
-  exempt[UHOSTLEN - 1] = 0;
+  strncpy(exempt, argv[1], UHOSTMAX);
+  exempt[UHOSTMAX] = 0;
   strncpy(from, argv[2], HANDLEN);
   from[HANDLEN] = 0;
   strncpy(cmt, argv[3], 65);
@@ -674,8 +674,8 @@
       return TCL_ERROR;
     }
   }
-  strncpy(invite, argv[1], UHOSTLEN - 1);
-  invite[UHOSTLEN - 1] = 0;
+  strncpy(invite, argv[1], UHOSTMAX);
+  invite[UHOSTMAX] = 0;
   strncpy(from, argv[2], HANDLEN);
   from[HANDLEN] = 0;
   strncpy(cmt, argv[3], 65);
diff -urN eggdrop1.3.29/src/mod/filesys.mod/files.c eggdrop1.3.29+morestrncpy/src/mod/filesys.mod/files.c
--- eggdrop1.3.29/src/mod/filesys.mod/files.c	Fri Oct 15 21:13:38 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/filesys.mod/files.c	Fri Oct 15 20:50:55 1999
@@ -141,8 +141,8 @@
   long i = 0;
 
   context;
-  strncpy(real, current, DIRLEN);
-  real[DIRLEN] = 0;
+  strncpy(real, current, DIRMAX);
+  real[DIRMAX] = 0;
   strcpy(new, change);
   if (!new[0])
     return 1;			/* no change? */
@@ -166,8 +166,8 @@
       if (p == NULL) {
 	/* can't go back from here? */
 	if (!real[0]) {
-	  strncpy(real, current, DIRLEN);
-	  real[DIRLEN] = 0;
+	  strncpy(real, current, DIRMAX);
+	  real[DIRMAX] = 0;
 	  return 0;
 	}
 	real[0] = 0;
@@ -178,22 +178,22 @@
       f = filedb_open(real, 0);
       if (f == NULL) {
 	/* non-existent starting point! */
-	strncpy(real, current, DIRLEN);
-	real[DIRLEN] = 0;
+	strncpy(real, current, DIRMAX);
+	real[DIRMAX] = 0;
 	return 0;
       }
       ret = findmatch(f, elem, &i, &fdb);
       filedb_close(f);
       if (!ret) {
 	/* non-existent */
-	strncpy(real, current, DIRLEN);
-	real[DIRLEN] = 0;
+	strncpy(real, current, DIRMAX);
+	real[DIRMAX] = 0;
 	return 0;
       }
       if (!(fdb.stat & FILE_DIR) || fdb.sharelink[0]) {
 	/* not a dir */
-	strncpy(real, current, DIRLEN);
-	real[DIRLEN] = 0;
+	strncpy(real, current, DIRMAX);
+	real[DIRMAX] = 0;
 	return 0;
       }
       if (idx >= 0)
@@ -204,8 +204,8 @@
 
       break_down_flags(fdb.flags_req, &req, NULL);
       if (!flagrec_ok(&req, &user)) {
-	strncpy(real, current, DIRLEN);
-	real[DIRLEN] = 0;
+	strncpy(real, current, DIRMAX);
+	real[DIRMAX] = 0;
 	return 0;
       }
       strcpy(s, real);
@@ -213,8 +213,8 @@
 	if (s[strlen(s) - 1] != '/')
 	  strcat(s, "/");
       sprintf(work, "%s%s", s, elem);
-      strncpy(real, work, DIRLEN);
-      real[DIRLEN] = 0;
+      strncpy(real, work, DIRMAX);
+      real[DIRMAX] = 0;
       sprintf(s, "%s%s", dccdir, real);
     }
     p = strchr(new, '/');
@@ -291,7 +291,7 @@
 
 static void cmd_chdir(int idx, char *msg)
 {
-  char s[DIRLEN + 1];
+  char s[DIRLEN];
 
   if (!msg[0]) {
     dprintf(idx, "%s: cd <new-dir>\n", USAGE);
@@ -312,7 +312,7 @@
 
 static void files_ls(int idx, char *par, int showall)
 {
-  char *p, s[DIRLEN + 1], destdir[DIRLEN + 1], mask[81];
+  char *p, s[DIRLEN], destdir[DIRLEN], mask[81];
   FILE *f;
 
   context;
@@ -321,8 +321,8 @@
     p = strrchr(par, '/');
     if (p != NULL) {
       *p = 0;
-      strncpy(s, par, DIRLEN);
-      s[DIRLEN - 1] = 0;
+      strncpy(s, par, DIRMAX);
+      s[DIRMAX] = 0;
       strncpy(mask, p + 1, 80);
       mask[80] = 0;
       if (!resolve_dir(dcc[idx].u.file->dir, s, destdir, idx)) {
@@ -365,7 +365,7 @@
 static void cmd_get(int idx, char *par)
 {
   int ok = 0, ok2 = 1, i;
-  char *p, *what, destdir[DIRLEN + 1], s[DIRLEN + 1];
+  char *p, *what, destdir[DIRLEN], s[DIRLEN];
   filedb fdb;
   FILE *f;
   long where = 0;
@@ -631,7 +631,7 @@
 /* link a file from another bot */
 static void cmd_ln(int idx, char *par)
 {
-  char *share, newpath[DIRLEN + 1], newfn[81], *p;
+  char *share, newpath[DIRLEN], newfn[81], *p;
   FILE *f;
   filedb fdb;
   long where = 0;
@@ -976,8 +976,8 @@
 
 static void cmd_mv_cp(int idx, char *par, int copy)
 {
-  char *p, *fn, oldpath[DIRLEN + 1], s[161], s1[161], newfn[161];
-  char newpath[DIRLEN + 1];
+  char *p, *fn, oldpath[DIRLEN], s[161], s1[161], newfn[161];
+  char newpath[DIRLEN];
   int ok, only_first, skip_this, ret, ret2;
   FILE *f, *g;
   filedb fdb, z;
@@ -1245,7 +1245,7 @@
 static int files_get(int idx, char *fn, char *nick)
 {
   int i;
-  char *p, what[512], destdir[DIRLEN + 1], s[256];
+  char *p, what[512], destdir[DIRLEN], s[256];
   filedb fdb;
   FILE *f;
   long where = 0;
@@ -1316,7 +1316,7 @@
 
 static void files_setpwd(int idx, char *where)
 {
-  char s[DIRLEN + 1];
+  char s[DIRLEN];
 
   if (!resolve_dir(dcc[idx].u.file->dir, where, s, idx))
     return;
diff -urN eggdrop1.3.29/src/mod/irc.mod/chan.c eggdrop1.3.29+morestrncpy/src/mod/irc.mod/chan.c
--- eggdrop1.3.29/src/mod/irc.mod/chan.c	Fri Oct 15 21:13:38 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/irc.mod/chan.c	Fri Oct 15 20:50:55 1999
@@ -1231,6 +1231,7 @@
   }
   putlog(LOG_MISC, "*", "%s!%s invited me to %s", nick, from, msg);
   strncpy(last_invchan, msg, 299);
+  last_invchan[299] = 0;
   last_invtime = now;
   chan = findchan(msg);
   if (chan && (channel_pending(chan) || channel_active(chan)))
diff -urN eggdrop1.3.29/src/mod/seen.mod/seen.c eggdrop1.3.29+morestrncpy/src/mod/seen.mod/seen.c
--- eggdrop1.3.29/src/mod/seen.mod/seen.c	Fri Oct 15 21:13:38 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/seen.mod/seen.c	Fri Oct 15 20:58:28 1999
@@ -545,7 +545,7 @@
 	if (xk->key && !strcasecmp(xk->key, field)) {
 	  if (xk->data[0] == '{' && xk->data[strlen(xk->data) - 1] == '}' &&
 	      strlen(xk->data) > 2) {
-	    strncpy(fixit, &xk->data[1], strlen(xk->data - 9));
+	    strncpy(fixit, &xk->data[1], strlen(xk->data) - 2);
 	    fixit[strlen(xk->data) - 2] = 0;
 	    return fixit;
 	  } else {
diff -urN eggdrop1.3.29/src/mod/server.mod/server.c eggdrop1.3.29+morestrncpy/src/mod/server.mod/server.c
--- eggdrop1.3.29/src/mod/server.mod/server.c	Fri Oct 15 21:13:39 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/server.mod/server.c	Fri Oct 15 20:50:55 1999
@@ -509,6 +509,7 @@
   if (strchr(altnick, '?')) {
     if (!raltnick[0]) {
       strncpy(raltnick, altnick, NICKMAX);
+      raltnick[NICKMAX] = 0;
       rand_nick(raltnick);
     }
     return raltnick;
diff -urN eggdrop1.3.29/src/mod/server.mod/servmsg.c eggdrop1.3.29+morestrncpy/src/mod/server.mod/servmsg.c
--- eggdrop1.3.29/src/mod/server.mod/servmsg.c	Fri Oct 15 21:13:39 1999
+++ eggdrop1.3.29+morestrncpy/src/mod/server.mod/servmsg.c	Fri Oct 15 20:50:55 1999
@@ -1044,7 +1044,7 @@
 /* works a little differently now... async i/o is your friend */
 static void connect_server(void)
 {
-  char s[121], pass[121], botserver[UHOSTLEN + 1];
+  char s[121], pass[121], botserver[UHOSTLEN];
   static int oldserv = -1;
   int servidx, botserverport;
 
@@ -1084,8 +1084,8 @@
       dcc[servidx].sock = serv;
       dcc[servidx].port = botserverport;
       strcpy(dcc[servidx].nick, "(server)");
-      strncpy(dcc[servidx].host, botserver, UHOSTLEN);
-      dcc[servidx].host[UHOSTLEN] = 0;
+      strncpy(dcc[servidx].host, botserver, UHOSTMAX);
+      dcc[servidx].host[UHOSTMAX] = 0;
       dcc[servidx].timeval = now;
       SERVER_SOCKET.timeout_val = &server_timeout;
       strcpy(botname, origbotname);
diff -urN eggdrop1.3.29/src/net.c eggdrop1.3.29+morestrncpy/src/net.c
--- eggdrop1.3.29/src/net.c	Fri Oct 15 21:13:40 1999
+++ eggdrop1.3.29+morestrncpy/src/net.c	Fri Oct 15 20:50:55 1999
@@ -957,7 +957,12 @@
    * where the routines providing our data currently lose interest. I'm
    * using the n-variant in case someone changes that... */
   strncpy(hostname, extracthostname(from), 256);
+  hostname[256] = 0;
+  /* But if they are changed one day, this might crash 
+   * without [256] = 0; ++rtc
+   */
   strncpy(dnsname, hostnamefromip(my_htonl(ip)), 256);
+  dnsname[256] = 0;
   if (!strcasecmp(hostname, dnsname)) {
     putlog(LOG_DEBUG, "*", "DNS information for submitted IP checks out.");
     return 1;
diff -urN eggdrop1.3.29/src/tcldcc.c eggdrop1.3.29+morestrncpy/src/tcldcc.c
--- eggdrop1.3.29/src/tcldcc.c	Fri Oct 15 21:13:41 1999
+++ eggdrop1.3.29+morestrncpy/src/tcldcc.c	Fri Oct 15 20:50:55 1999
@@ -250,8 +250,8 @@
     return TCL_ERROR;
   }
   strncpy(msg, argv[2], 400);
-
   msg[400] = 0;
+
   chanout_but(-1, chan, "*** %s\n", argv[2]);
   botnet_send_chan(-1, botnetnick, NULL, chan, argv[2]);
   check_tcl_bcst(botnetnick, chan, argv[2]);
@@ -536,8 +536,8 @@
     return TCL_ERROR;
   }
   strncpy(msg, argv[2], 400);
-
   msg[400] = 0;
+
   botnet_send_zapf(i, botnetnick, argv[1], msg);
   return TCL_OK;
 }
@@ -886,8 +886,8 @@
   dcc[i].sock = sock;
   dcc[i].port = atoi(argv[2]);
   strcpy(dcc[i].nick, "*");
-  strncpy(dcc[i].host, argv[1], UHOSTLEN);
-  dcc[i].host[UHOSTLEN] = 0;
+  strncpy(dcc[i].host, argv[1], UHOSTMAX);
+  dcc[i].host[UHOSTMAX] = 0;
   sprintf(s, "%d", sock);
   Tcl_AppendResult(irp, s, NULL);
   return TCL_OK;
@@ -964,8 +964,8 @@
       dcc_total--;
       return TCL_ERROR;
     }
-    strncpy(dcc[idx].host, argv[3], UHOSTLEN - 1);
-    dcc[idx].host[UHOSTLEN - 1] = 0;
+    strncpy(dcc[idx].host, argv[3], UHOSTMAX);
+    dcc[idx].host[UHOSTMAX] = 0;
     sprintf(s, "%d", port);
     Tcl_AppendResult(irp, s, NULL);
     return TCL_OK;
@@ -985,8 +985,8 @@
     return TCL_ERROR;
   }
   if (argc == 4) {
-    strncpy(dcc[idx].host, argv[3], UHOSTLEN - 1);
-    dcc[idx].host[UHOSTLEN - 1] = 0;
+    strncpy(dcc[idx].host, argv[3], UHOSTMAX);
+    dcc[idx].host[UHOSTMAX] = 0;
   } else
     strcpy(dcc[idx].host, "*");
   sprintf(s, "%d", port);
diff -urN eggdrop1.3.29/src/tcluser.c eggdrop1.3.29+morestrncpy/src/tcluser.c
--- eggdrop1.3.29/src/tcluser.c	Fri Oct 15 21:13:41 1999
+++ eggdrop1.3.29+morestrncpy/src/tcluser.c	Fri Oct 15 20:50:55 1999
@@ -423,8 +423,8 @@
 
   context;
   BADARGS(4, 5, " hostmask creator comment ?lifetime?");
-  strncpy(ign, argv[1], UHOSTLEN - 1);
-  ign[UHOSTLEN - 1] = 0;
+  strncpy(ign, argv[1], UHOSTMAX);
+  ign[UHOSTMAX] = 0;
   strncpy(from, argv[2], HANDLEN);
   from[HANDLEN] = 0;
   strncpy(cmt, argv[3], 65);


More information about the Patches mailing list