diff options
author | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2002-07-21 16:18:42 +0800 |
---|---|---|
committer | in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2002-07-21 16:18:42 +0800 |
commit | 1428a82d1644166fdaa5285c67f236ac02687818 (patch) | |
tree | 276d0104ebeaef1c5ce7ab7cf8484a685669a15d /mbbsd | |
parent | 913a0db139ff6f56e26d1199e7f5ad1c6239c5ea (diff) | |
download | pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar.gz pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar.bz2 pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar.lz pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar.xz pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.tar.zst pttbbs-1428a82d1644166fdaa5285c67f236ac02687818.zip |
strcpy() -> strlcpy()
git-svn-id: http://opensvn.csie.org/pttbbs/pttbbs/trunk/pttbbs@428 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
Diffstat (limited to 'mbbsd')
-rw-r--r-- | mbbsd/admin.c | 26 | ||||
-rw-r--r-- | mbbsd/announce.c | 81 | ||||
-rw-r--r-- | mbbsd/args.c | 4 | ||||
-rw-r--r-- | mbbsd/bbcall.c | 6 | ||||
-rw-r--r-- | mbbsd/bbs.c | 82 | ||||
-rw-r--r-- | mbbsd/board.c | 4 | ||||
-rw-r--r-- | mbbsd/cache.c | 4 | ||||
-rw-r--r-- | mbbsd/cal.c | 18 | ||||
-rw-r--r-- | mbbsd/calendar.c | 4 | ||||
-rw-r--r-- | mbbsd/chat.c | 25 | ||||
-rw-r--r-- | mbbsd/chc_play.c | 16 | ||||
-rw-r--r-- | mbbsd/chicken.c | 11 | ||||
-rw-r--r-- | mbbsd/dark.c | 4 | ||||
-rw-r--r-- | mbbsd/edit.c | 24 | ||||
-rw-r--r-- | mbbsd/friend.c | 4 | ||||
-rw-r--r-- | mbbsd/gamble.c | 6 | ||||
-rw-r--r-- | mbbsd/gomo.c | 4 | ||||
-rw-r--r-- | mbbsd/indict.c | 10 | ||||
-rw-r--r-- | mbbsd/io.c | 6 | ||||
-rw-r--r-- | mbbsd/lovepaper.c | 4 | ||||
-rw-r--r-- | mbbsd/mail.c | 92 | ||||
-rw-r--r-- | mbbsd/mbbsd.c | 27 | ||||
-rw-r--r-- | mbbsd/name.c | 4 | ||||
-rw-r--r-- | mbbsd/page.c | 4 | ||||
-rw-r--r-- | mbbsd/read.c | 20 | ||||
-rw-r--r-- | mbbsd/record.c | 20 | ||||
-rw-r--r-- | mbbsd/register.c | 6 | ||||
-rw-r--r-- | mbbsd/screen.c | 4 | ||||
-rw-r--r-- | mbbsd/syspost.c | 18 | ||||
-rw-r--r-- | mbbsd/talk.c | 51 | ||||
-rw-r--r-- | mbbsd/topsong.c | 6 | ||||
-rw-r--r-- | mbbsd/user.c | 48 | ||||
-rw-r--r-- | mbbsd/vote.c | 92 | ||||
-rw-r--r-- | mbbsd/voteboard.c | 8 |
34 files changed, 382 insertions, 361 deletions
diff --git a/mbbsd/admin.c b/mbbsd/admin.c index ffe594dc..f6d13042 100644 --- a/mbbsd/admin.c +++ b/mbbsd/admin.c @@ -1,4 +1,4 @@ -/* $Id: admin.c,v 1.25 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: admin.c,v 1.26 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" /* ¨Ï¥ÎªÌºÞ²z */ @@ -275,7 +275,7 @@ m_mod_board(char *bname) if (genbuf[0] != 'y' || !bname[0]) outs(MSG_DEL_CANCEL); else { - strcpy(bname, bh.brdname); + strlcpy(bname, bh.brdname, sizeof(bname)); sprintf(genbuf, "/bin/tar zcvf tmp/board_%s.tgz boards/%c/%s man/boards/%c/%s >/dev/null 2>&1;" "/bin/rm -fr boards/%c/%s man/boards/%c/%s", @@ -301,7 +301,7 @@ m_mod_board(char *bname) move(3, 0); outs("¿ù»~! ªO¦W¹p¦P"); } else if (!invalid_brdname(genbuf)) { - strcpy(newbh.brdname, genbuf); + strlcpy(newbh.brdname, genbuf, sizeof(newbh.brdname)); break; } } @@ -320,11 +320,11 @@ m_mod_board(char *bname) getdata_str(14, 0, "¬ÝªO¥DÃD¡G", genbuf, BTLEN + 1, DOECHO, bh.title + 7); if (genbuf[0]) - strcpy(newbh.title + 7, genbuf); + strlcpy(newbh.title + 7, genbuf, sizeof(newbh.title) - 7); if (getdata_str(15, 0, "·sªO¥D¦W³æ¡G", genbuf, IDLEN * 3 + 3, DOECHO, bh.BM)) { trim(genbuf); - strcpy(newbh.BM, genbuf); + strlcpy(newbh.BM, genbuf, sizeof(newbh.BM)); } if (HAS_PERM(PERM_SYSOP)) { move(1, 0); @@ -559,7 +559,7 @@ m_newbrd(int recover) getdata(8, 0, "¬ÝªO¥DÃD¡G", genbuf, BTLEN + 1, DOECHO); if (genbuf[0]) - strcpy(newboard.title + 7, genbuf); + strlcpy(newboard.title + 7, genbuf, sizeof(newboard.title) - 7); setbpath(genbuf, newboard.brdname); if (recover) { @@ -777,7 +777,7 @@ scan_register_form(char *regfile, int automode, int neednum) *ptr = '\0'; for (n = 0; field[n]; n++) { if (strcmp(genbuf, field[n]) == 0) { - strcpy(fdata[n], ptr + 2); + strlcpy(fdata[n], ptr + 2, sizeof(fdata[n])); if ((ptr = (char *)strchr(fdata[n], '\n'))) *ptr = '\0'; } @@ -876,13 +876,13 @@ scan_register_form(char *regfile, int automode, int neednum) FILE *fp; i = buf[0] - '0'; - strcpy(buf, reason[i]); + strlcpy(buf, reason[i], sizeof(buf)); sprintf(genbuf, "[°h¦^ì¦]] ½Ð%s", buf); sethomepath(buf1, muser.userid); stampfile(buf1, &mhdr); - strcpy(mhdr.owner, cuser.userid); - strncpy(mhdr.title, "[µù¥U¥¢±Ñ]", TTLEN); + strlcpy(mhdr.owner, cuser.userid, sizeof(mhdr.owner)); + strlcpy(mhdr.title, "[µù¥U¥¢±Ñ]", TTLEN); mhdr.filemode = 0; sethomedir(title, muser.userid); if (append_record(title, &mhdr, sizeof(mhdr)) != -1) { @@ -915,9 +915,9 @@ scan_register_form(char *regfile, int automode, int neednum) prints("¥H¤U¨Ï¥ÎªÌ¸ê®Æ¤w¸g§ó·s:\n"); mail_muser(muser, "[µù¥U¦¨¥\\Åo]", "etc/registered"); muser.userlevel |= (PERM_LOGINOK | PERM_POST); - strcpy(muser.realname, fdata[2]); - strcpy(muser.address, fdata[4]); - strcpy(muser.email, fdata[6]); + strlcpy(muser.realname, fdata[2], sizeof(muser.realname)); + strlcpy(muser.address, fdata[4], sizeof(muser.address)); + strlcpy(muser.email, fdata[6], sizeof(muser.email)); sprintf(genbuf, "%s:%s:%s", fdata[5], fdata[3], uid); strncpy(muser.justify, genbuf, REGLEN); sethomefile(buf, muser.userid, "justify"); diff --git a/mbbsd/announce.c b/mbbsd/announce.c index 3e8700bf..889c986d 100644 --- a/mbbsd/announce.c +++ b/mbbsd/announce.c @@ -1,4 +1,4 @@ -/* $Id: announce.c,v 1.13 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: announce.c,v 1.14 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" static void @@ -510,7 +510,7 @@ AnnounceSelect() completeboard_permission, completeboard_getname); if (*buf) - strcpy(xboard, buf); + strlcpy(xboard, buf, sizeof(xboard)); if (*xboard && (bp = getbcache(getbnum(xboard)))) { setapath(fpath, xboard); setutmpmode(ANNOUNCE); @@ -621,14 +621,14 @@ gem(char *maintitle, item_t * path, int update) char newpath[PATHLEN]; fileheader_t item; - strcpy(newpath, paste_path); + strlcpy(newpath, paste_path, sizeof(newpath)); if (mode == (char)0xbc) { stampfile(newpath, &item); unlink(newpath); Link(fname, newpath); } else stampdir(newpath, &item); - strcpy(item.owner, cuser.userid); + strlcpy(item.owner, cuser.userid, sizeof(item.owner)); sprintf(item.title, "%s%.72s", (currutmp->pager > 1) ? "" : (mode == (char)0xbc) ? "¡º " : "¡» ", @@ -682,7 +682,7 @@ gem(char *maintitle, item_t * path, int update) int more_result; go_proxy(fname, node, update); - strcpy(vetitle, title); + strlcpy(vetitle, title, sizeof(vetitle)); while ((more_result = more(fname, YEA))) { if (more_result == 1) { if (--me.now < 0) { @@ -700,7 +700,7 @@ gem(char *maintitle, item_t * path, int update) if (node->title[1] != (char)0xbc) break; go_proxy(fname, node, update); - strcpy(vetitle, title); + strlcpy(vetitle, title, sizeof(vetitle)); } } else if (mode == (char)0xbd) { gem(title, node, update); @@ -719,8 +719,8 @@ a_forward(char *path, fileheader_t * pitem, int mode) { fileheader_t fhdr; - strcpy(fhdr.filename, pitem->filename); - strcpy(fhdr.title, pitem->title); + strlcpy(fhdr.filename, pitem->filename, sizeof(fhdr.filename)); + strlcpy(fhdr.title, pitem->title, sizeof(fhdr.title)); switch (doforward(path, &fhdr, mode)) { case 0: outmsg(msg_fwd_ok); @@ -749,7 +749,9 @@ a_additem(menu_t * pm, fileheader_t * myheader) (p_lines / 2) : (pm->now % p_lines)); } /* Ptt */ - strcpy(pm->header[pm->now - pm->page].filename, myheader->filename); + strlcpy(pm->header[pm->now - pm->page].filename, + myheader->filename, + sizeof(pm->header[pm->now - pm->page].filename)); } #define ADDITEM 0 @@ -771,21 +773,21 @@ a_newitem(menu_t * pm, int mode) fileheader_t item; int d; - strcpy(fpath, pm->path); + strlcpy(fpath, pm->path, sizeof(fpath)); switch (mode) { case ADDITEM: stampfile(fpath, &item); - strcpy(item.title, "¡º "); /* A1BA */ + strlcpy(item.title, "¡º ", sizeof(item.title)); /* A1BA */ break; case ADDGROUP: stampdir(fpath, &item); - strcpy(item.title, "¡» "); /* A1BB */ + strlcpy(item.title, "¡» ", sizeof(item.title)); /* A1BB */ break; case ADDGOPHER: bzero(&item, sizeof(item)); - strcpy(item.title, "¡ó "); /* A1BB */ + strlcpy(item.title, "¡ó ", sizeof(item.title)); /* A1BB */ if (!getdata(b_lines - 2, 1, "¿é¤JURL¦ì§}¡G", item.filename + 2, 61, DOECHO)) return; @@ -821,10 +823,10 @@ a_newitem(menu_t * pm, int mode) break; } if (dashf(lpath)) { - strcpy(item.title, "¡¸ "); /* A1B3 */ + strlcpy(item.title, "¡¸ ", sizeof(item.title)); /* A1B3 */ break; } else if (dashd(lpath)) { - strcpy(item.title, "¡¹ "); /* A1B4 */ + strlcpy(item.title, "¡¹ ", sizeof(item.title)); /* A1B4 */ break; } if (!HAS_PERM(PERM_BBSADM) && d == 1) @@ -863,12 +865,12 @@ a_newitem(menu_t * pm, int mode) } break; case ADDGOPHER: - strcpy(item.date, "70"); + strlcpy(item.date, "70", sizeof(item.date)); strncpy(item.filename, "H.", 2); break; } - strcpy(item.owner, cuser.userid); + strlcpy(item.owner, cuser.userid, sizeof(item.owner)); a_additem(pm, &item); } @@ -897,7 +899,7 @@ a_pasteitem(menu_t * pm, int mode) } else ans[0] = 'y'; if (ans[0] == 'y') { - strcpy(newpath, pm->path); + strlcpy(newpath, pm->path, sizeof(newpath)); if (*copyowner) { char *fname = strrchr(copyfile, '/'); @@ -909,7 +911,7 @@ a_pasteitem(menu_t * pm, int mode) if (access(pm->path, X_OK | R_OK | W_OK)) mkdir(pm->path, 0755); memset(&item, 0, sizeof(fileheader_t)); - strcpy(item.filename, fname + 1); + strlcpy(item.filename, fname + 1, sizeof(item.filename)); memcpy(copytitle, "¡·", 2); if (HAS_PERM(PERM_BBSADM)) Link(copyfile, newpath); @@ -931,8 +933,9 @@ a_pasteitem(menu_t * pm, int mode) igetch(); return; } - strcpy(item.owner, *copyowner ? copyowner : cuser.userid); - strcpy(item.title, copytitle); + strlcpy(item.owner, *copyowner ? copyowner : cuser.userid, + sizeof(item.owner)); + strlcpy(item.title, copytitle, sizeof(item.title)); if (!*copyowner) system(buf); a_additem(pm, &item); @@ -1122,8 +1125,10 @@ a_delete(menu_t * pm) setbpath(buf, "deleted"); stampfile(buf, &backup); - strcpy(backup.owner, cuser.userid); - strcpy(backup.title, pm->header[pm->now - pm->page].title + 2); + strlcpy(backup.owner, cuser.userid, sizeof(backup.owner)); + strlcpy(backup.title, + pm->header[pm->now - pm->page].title + 2, + sizeof(backup.title)); sprintf(cmd, "mv -f %s %s", fpath, buf); system(cmd); @@ -1143,8 +1148,10 @@ a_delete(menu_t * pm) sprintf(cmd, "rm -rf %s;/bin/mv -f %s %s", buf, fpath, buf); system(cmd); - strcpy(backup.owner, cuser.userid); - strcpy(backup.title, pm->header[pm->now - pm->page].title + 2); + strlcpy(backup.owner, cuser.userid, sizeof(backup.owner)); + strlcpy(backup.title, + pm->header[pm->now - pm->page].title + 2, + sizeof(backup.title)); setapath(buf, "deleted"); setadir(buf, buf); append_record(buf, &backup, sizeof(backup)); @@ -1166,9 +1173,9 @@ a_newtitle(menu_t * pm) fileheader_t item; memcpy(&item, &pm->header[pm->now - pm->page], FHSZ); - strcpy(buf, item.title + 3); + strlcpy(buf, item.title + 3, sizeof(buf)); if (getdata_buf(b_lines - 1, 1, "·s¼ÐÃD¡G", buf, 60, DOECHO)) { - strcpy(item.title + 3, buf); + strlcpy(item.title + 3, buf, sizeof(item.title) - 3); setadir(buf, pm->path); substitute_record(buf, &item, FHSZ, pm->now + 1); } @@ -1283,7 +1290,7 @@ a_menu(char *maintitle, char *path, int lastlevel) Fexit = 0; me.header = (fileheader_t *) calloc(p_lines, FHSZ); me.path = path; - strcpy(me.mtitle, maintitle); + strlcpy(me.mtitle, maintitle, sizeof(me.mtitle)); setadir(fname, me.path); me.num = get_num_records(fname, FHSZ); @@ -1392,12 +1399,16 @@ a_menu(char *maintitle, char *path, int lastlevel) char fpath[200]; fileheader_t fhdr; - strcpy(fpath, path); + strlcpy(fpath, path, sizeof(fpath)); stampfile(fpath, &fhdr); unlink(fpath); Rename(fname, fpath); - strcpy(me.header[me.now - me.page].filename, fhdr.filename); - strcpy(me.header[me.now - me.page].owner, cuser.userid); + strlcpy(me.header[me.now - me.page].filename, + fhdr.filename, + sizeof(me.header[me.now - me.page].filename)); + strlcpy(me.header[me.now - me.page].owner, + cuser.userid, + sizeof(me.header[me.now - me.page].owner)); setadir(fpath, path); substitute_record(fpath, me.header + me.now - me.page, sizeof(fhdr), me.now + 1); @@ -1427,8 +1438,9 @@ a_menu(char *maintitle, char *path, int lastlevel) sprintf(fname, "%s/%s", path, fhdr->filename); if (*fhdr->filename == 'H' && fhdr->filename[1] == '.') { item_t item; - strcpy(item.X.G.server, fhdr->filename + 2); - strcpy(item.X.G.path, "1/"); + strlcpy(item.X.G.server, fhdr->filename + 2, + sizeof(item.X.G.server)); + strlcpy(item.X.G.path, "1/", sizeof(item.X.G.path)); item.X.G.port = 70; gem(fhdr->title, &item, (ch == 'R') ? 1 : 0); } else if (dashf(fname)) { @@ -1447,7 +1459,8 @@ a_menu(char *maintitle, char *path, int lastlevel) "½T©wnÂI³oººq¶Ü?[y/N]", ans, sizeof(ans), LCECHO); if (ans[0] == 'y') { - strcpy(trans_buffer, fname); + strlcpy(trans_buffer, + fname, sizeof(trans_buffer)); Fexit = 1; if (currstat == OSONG) { log_file(FN_USSONG, fhdr->title); diff --git a/mbbsd/args.c b/mbbsd/args.c index 60e1de32..57e6798b 100644 --- a/mbbsd/args.c +++ b/mbbsd/args.c @@ -1,4 +1,4 @@ -/* $Id: args.c,v 1.3 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: args.c,v 1.4 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #ifdef HAVE_SETPROCTITLE @@ -49,7 +49,7 @@ do_setproctitle(const char *cmdline) if (i > LastArgv - Argv[0] - 2) { i = LastArgv - Argv[0] - 2; } - strcpy(Argv[0], buf); + strlcpy(Argv[0], buf, sizeof(Argv[0]); p = &Argv[0][i]; while (p < LastArgv) *p++ = '\0'; diff --git a/mbbsd/bbcall.c b/mbbsd/bbcall.c index 2c369be4..dfc6320c 100644 --- a/mbbsd/bbcall.c +++ b/mbbsd/bbcall.c @@ -1,4 +1,4 @@ -/* $Id: bbcall.c,v 1.5 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: bbcall.c,v 1.6 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define SERVER_0941 "www.chips.com.tw" @@ -183,10 +183,10 @@ static void hcall0941() { getdata(9,0, "\033[1;37m¦pªG§An°¨¤W°e½Ð«ö '1' " "¦pªGn©w®É°e½Ð«ö '2': \033[m", ans, sizeof(ans), LCECHO); if(ans[0] != '1') { - strcpy(TIME,"DELAY"); + strlcpy(TIME, "DELAY", sizeof(TIME)); Gettime(0, &year, &month, &day, &hour, &min); } else - strcpy(TIME,"NOW"); + strlcpy(TIME, "NOW", sizeof(TIME)); sprintf(trn,"PAGER_NO=%s&TRAN_MSG=%s&MSG_TYPE=NUMERIC&%s=1" "&year=19%02d&month=%02d&day=%02d&hour=%02d&min=%02d", PAGER_NO, TRAN_MSG, TIME,year,month,day,hour,min); diff --git a/mbbsd/bbs.c b/mbbsd/bbs.c index f3eaf143..46222bed 100644 --- a/mbbsd/bbs.c +++ b/mbbsd/bbs.c @@ -1,4 +1,4 @@ -/* $Id: bbs.c,v 1.63 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: bbs.c,v 1.64 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" static void @@ -9,7 +9,7 @@ mail_by_link(char *owner, char *title, char *path) sprintf(genbuf, BBSHOME "/home/%c/%s", cuser.userid[0], cuser.userid); stampfile(genbuf, &mymail); - strcpy(mymail.owner, owner); + strlcpy(mymail.owner, owner, sizeof(mymail.owner)); sprintf(mymail.title, title); unlink(genbuf); Link(path, genbuf); @@ -158,7 +158,7 @@ readdoent(int num, fileheader_t * ent) color = '3', mark = "R:"; if (title[47]) - strcpy(title + 44, " ¡K"); /* §â¦h¾lªº string ¬å±¼ */ + strlcpy(title + 44, " ¡K", sizeof(title) - 44); /* §â¦h¾lªº string ¬å±¼ */ if (!strncmp(title, "[¤½§i]", 6)) special = 1; @@ -271,7 +271,7 @@ do_select(int ent, fileheader_t * fhdr, char *direct) bh = getbcache(i); if (!Ben_Perm(bh)) return FULLUPDATE; - strcpy(bname, bh->brdname); + strlcpy(bname, bh->brdname, sizeof(bname)); currbid = i; setbpath(bpath, bname); @@ -331,7 +331,7 @@ cancelpost(fileheader_t * fh, int by_BM) if ((ptr = strrchr(genbuf, ')'))) *ptr = '\0'; if ((ptr = (char *)strchr(genbuf, '('))) - strcpy(nick, ptr + 1); + strlcpy(nick, ptr + 1, sizeof(nick)); break; } } @@ -361,7 +361,7 @@ do_reply_title(int row, char *title) if (strncasecmp(title, str_reply, 4)) sprintf(save_title, "Re: %s", title); else - strcpy(save_title, title); + strlcpy(save_title, title, sizeof(save_title)); save_title[TTLEN - 1] = '\0'; sprintf(genbuf, "±Ä¥Îì¼ÐÃD¡m%.60s¡n¶Ü?[Y] ", save_title); getdata(row, 0, genbuf, genbuf2, 4, LCECHO); @@ -381,8 +381,8 @@ do_unanonymous_post(char *fpath) stampfile(genbuf, &mhdr); unlink(genbuf); Link(fpath, genbuf); - strcpy(mhdr.owner, cuser.userid); - strcpy(mhdr.title, save_title); + strlcpy(mhdr.owner, cuser.userid, sizeof(mhdr.owner)); + strlcpy(mhdr.title, save_title, sizeof(mhdr.title)); mhdr.filemode = 0; setbdir(title, "UnAnonymous"); append_record(title, &mhdr, sizeof(mhdr)); @@ -496,8 +496,8 @@ do_general() /* ¿ú */ aborted = (aborted > MAX_POST_MONEY * 2) ? MAX_POST_MONEY : aborted / 2; postfile.money = aborted; - strcpy(postfile.owner, owner); - strcpy(postfile.title, save_title); + strlcpy(postfile.owner, owner, sizeof(postfile.owner)); + strlcpy(postfile.title, save_title, sizeof(postfile.title)); if (islocal) /* local save */ postfile.filemode = FILE_LOCAL; @@ -528,8 +528,8 @@ do_general() strcat(abspath, fpath); symlink(abspath, genbuf); } - strcpy(postfile.owner, owner); - strcpy(postfile.title, save_title); + strlcpy(postfile.owner, owner, sizeof(postfile.owner)); + strlcpy(postfile.title, save_title, sizeof(postfile.title)); postfile.filemode = FILE_LOCAL; setbdir(genbuf, ALLPOST); if (append_record(genbuf, &postfile, sizeof(postfile)) != -1) { @@ -569,8 +569,8 @@ do_general() unlink(genbuf); Link(fpath, genbuf); - strcpy(postfile.owner, cuser.userid); - strcpy(postfile.title, save_title); + strlcpy(postfile.owner, cuser.userid, sizeof(postfile.owner)); + strlcpy(postfile.title, save_title, sizeof(postfile.title)); postfile.filemode = FILE_BOTH; /* both-reply flag */ sethomedir(genbuf, quote_user); if (append_record(genbuf, &postfile, sizeof(postfile)) == -1) @@ -615,8 +615,8 @@ do_generalboardreply(fileheader_t * fhdr) case 'b': curredit = EDIT_BOTH; default: - strcpy(currtitle, fhdr->title); - strcpy(quote_user, fhdr->owner); + strlcpy(currtitle, fhdr->title, sizeof(currtitle)); + strlcpy(quote_user, fhdr->owner, sizeof(quote_user)); do_post(); } *quote_file = 0; @@ -712,7 +712,7 @@ edit_post(int ent, fileheader_t * fhdr, char *direct) setutmpmode(REEDIT); setdirpath(genbuf, direct, fhdr->filename); local_article = fhdr->filemode & FILE_LOCAL; - strcpy(save_title, fhdr->title); + strlcpy(save_title, fhdr->title, sizeof(save_title)); /* rocker.011018: ³o¸Ì¬O¤£¬O¸ÓÀˬd¤@¤Uקï¤å³¹«áªºmoney©M즳ªº¤ñ¸û? */ if (vedit(genbuf, 0, NULL) != -1) { @@ -734,13 +734,13 @@ edit_post(int ent, fileheader_t * fhdr, char *direct) /* ¦A³o¸Ìncheck¤@¤Uì¨Óªºdir¸Ì±¬O¤£¬O¦³³Q¤H°Ê¹L... */ if (!strcmp(hdr.filename, fhdr->filename)) { - strcpy(hdr.filename, postfile.filename); - strcpy(hdr.title, save_title); + strlcpy(hdr.filename, postfile.filename, sizeof(hdr.filename)); + strlcpy(hdr.title, save_title, sizeof(hdr.title)); substitute_record(fpath0, &hdr, sizeof(hdr), num); } } - strcpy(fhdr->filename, postfile.filename); - strcpy(fhdr->title, save_title); + strlcpy(fhdr->filename, postfile.filename, sizeof(fhdr->filename)); + strlcpy(fhdr->title, save_title, sizeof(fhdr->title)); brc_addlist(postfile.filename); substitute_record(direct, fhdr, sizeof(*fhdr), ent); /* rocker.011018: ¶¶«K§ó·s¤@¤Ucache */ @@ -801,13 +801,13 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) if (ent) sprintf(xtitle, "[Âà¿ý]%.66s", fhdr->title); else - strcpy(xtitle, fhdr->title); + strlcpy(xtitle, fhdr->title, sizeof(xtitle)); sprintf(genbuf, "±Ä¥Îì¼ÐÃD¡m%.60s¡n¶Ü?[Y] ", xtitle); getdata(2, 0, genbuf, genbuf2, 4, LCECHO); if (genbuf2[0] == 'n' || genbuf2[0] == 'N') { if (getdata_str(2, 0, "¼ÐÃD¡G", genbuf, TTLEN, DOECHO, xtitle)) - strcpy(xtitle, genbuf); + strlcpy(xtitle, genbuf, sizeof(xtitle)); } getdata(2, 0, "(S)¦sÀÉ (L)¯¸¤º (Q)¨ú®ø¡H[Q] ", genbuf, 3, LCECHO); if (genbuf[0] == 'l' || genbuf[0] == 's') { @@ -817,10 +817,10 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) setbpath(xfpath, xboard); stampfile(xfpath, &xfile); if (author) - strcpy(xfile.owner, fhdr->owner); + strlcpy(xfile.owner, fhdr->owner, sizeof(xfile.owner)); else - strcpy(xfile.owner, cuser.userid); - strcpy(xfile.title, xtitle); + strlcpy(xfile.owner, cuser.userid, sizeof(xfile.owner)); + strlcpy(xfile.title, xtitle, sizeof(xfile.title)); if (genbuf[0] == 'l') { xfile.filemode = FILE_LOCAL; } @@ -828,11 +828,11 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) //if (ent) { xptr = fopen(xfpath, "w"); - strcpy(save_title, xfile.title); - strcpy(xfpath, currboard); - strcpy(currboard, xboard); + strlcpy(save_title, xfile.title, sizeof(save_title)); + strlcpy(xfpath, currboard, sizeof(xfpath)); + strlcpy(currboard, xboard, sizeof(currboard)); write_header(xptr); - strcpy(currboard, xfpath); + strlcpy(currboard, xfpath, sizeof(currboard)); fprintf(xptr, "¡° [¥»¤åÂà¿ý¦Û %s ¬ÝªO]\n\n", currboard); @@ -888,7 +888,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) case 7: case 8: if ((currmode & MODE_POST)) { - strcpy(quote_file, genbuf); + strlcpy(quote_file, genbuf, sizeof(quote_file)); do_reply(fhdr); *quote_file = 0; } @@ -959,7 +959,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) case 'R': case 'Y': if ((currmode & MODE_POST)) { - strcpy(quote_file, genbuf); + strlcpy(quote_file, genbuf, sizeof(quote_file)); do_reply(fhdr); *quote_file = 0; } @@ -1108,8 +1108,8 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) char title[TTLEN + 1]; setbfile(fpath, currboard, fhdr->filename); - strcpy(title, "¡º "); - strncpy(title + 3, fhdr->title, TTLEN - 3); + strlcpy(title, "¡º ", sizeof(title)); + strlcpy(title + 3, fhdr->title, TTLEN - 3); title[TTLEN] = '\0'; a_copyitem(fpath, title, 0, 1); b_man(); @@ -1123,13 +1123,13 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) if (currmode & MODE_BOARD || !strcmp(cuser.userid, fhdr->owner)) { if (getdata(b_lines - 1, 0, "¼ÐÃD¡G", genbuf, TTLEN, DOECHO)) { - strcpy(tmpfhdr.title, genbuf); + strlcpy(tmpfhdr.title, genbuf, sizeof(tmpfhdr.title)); dirty++; } } if (HAS_PERM(PERM_SYSOP)) { if (getdata(b_lines - 1, 0, "§@ªÌ¡G", genbuf, IDLEN + 2, DOECHO)) { - strcpy(tmpfhdr.owner, genbuf); + strlcpy(tmpfhdr.owner, genbuf, sizeof(tmpfhdr.owner)); dirty++; } if (getdata(b_lines - 1, 0, "¤é´Á¡G", genbuf, 6, DOECHO)) { @@ -1285,7 +1285,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) if (i > inum2) break; now = getindex(genbuf, rsfh.filename, size); - strcpy(currfile, rsfh.filename); + strlcpy(currfile, rsfh.filename, sizeof(currfile)); delete_file(genbuf, sizeof(fileheader_t), now, cmpfilename); i++; @@ -1327,7 +1327,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) getdata(1, 0, msg_del_ny, genbuf, 3, LCECHO); if (genbuf[0] == 'y' || genbuf[0] == 'Y') { - strcpy(currfile, fhdr->filename); + strlcpy(currfile, fhdr->filename, sizeof(currfile)); setbfile(genbuf, currboard, fhdr->filename); if (!delete_file(direct, sizeof(fileheader_t), ent, cmpfilename)) { @@ -1491,7 +1491,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) case 'Y': case 'R': if (currmode & MODE_POST) { - strcpy(quote_file, genbuf); + strlcpy(quote_file, genbuf, sizeof(quote_file)); do_reply(fptr); *quote_file = 0; } @@ -1620,7 +1620,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) if (!genbuf[0]) return 0; strip_ansi(genbuf, genbuf, 0); - strcpy(bp->title + 7, genbuf); + strlcpy(bp->title + 7, genbuf, sizeof(bp->title) - 7); substitute_record(fn_board, bp, sizeof(boardheader_t), currbid); log_usies("SetBoard", currboard); return FULLUPDATE; @@ -1706,7 +1706,7 @@ cross_post(int ent, fileheader_t * fhdr, char *direct) memcpy(&digest, fhdr, sizeof(digest)); digest.filename[0] = 'G'; - strcpy(buf, direct); + strlcpy(buf, direct, sizeof(buf)); ptr = strrchr(buf, '/') + 1; ptr[0] = '\0'; sprintf(genbuf, "%s%s", buf, digest.filename); diff --git a/mbbsd/board.c b/mbbsd/board.c index 4626adb5..859c8c8b 100644 --- a/mbbsd/board.c +++ b/mbbsd/board.c @@ -1,4 +1,4 @@ -/* $Id: board.c,v 1.40 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: board.c,v 1.41 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define BRC_STRLEN 15 /* Length of board name */ #define BRC_MAXSIZE 24576 @@ -113,7 +113,7 @@ brc_initial(char *boardname) return brc_num; } brc_update(); - strcpy(currboard, boardname); + strlcpy(currboard, boardname, sizeof(currboard)); currbid = getbnum(currboard); currbrdattr = bcache[currbid - 1].brdattr; read_brc_buf(); diff --git a/mbbsd/cache.c b/mbbsd/cache.c index 5f97c503..ba0701a8 100644 --- a/mbbsd/cache.c +++ b/mbbsd/cache.c @@ -1,4 +1,4 @@ -/* $Id: cache.c,v 1.41 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: cache.c,v 1.42 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #ifndef __FreeBSD__ @@ -154,7 +154,7 @@ add_to_uhash(int n, char *id) { int *p, h = StringHash(id); int times; - strcpy(SHM->userid[n], id); + strlcpy(SHM->userid[n], id, sizeof(SHM->userid[n])); p = &(SHM->hash_head[h]); diff --git a/mbbsd/cal.c b/mbbsd/cal.c index cd2c0d48..f423f8e3 100644 --- a/mbbsd/cal.c +++ b/mbbsd/cal.c @@ -1,4 +1,4 @@ -/* $Id: cal.c,v 1.16 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: cal.c,v 1.17 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" /* ¨¾°ô Multi play */ @@ -93,7 +93,7 @@ osong(char *defaultid) fileheader_t mail; int nsongs; - strcpy(buf, Cdatedate(&now)); + strlcpy(buf, Cdatedate(&now), sizeof(buf)); lockreturn0(OSONG, LOCK_MULTI); @@ -130,7 +130,7 @@ osong(char *defaultid) destid, sizeof(destid), DOECHO); } } else - strcpy(destid, defaultid); + strlcpy(destid, defaultid, sizeof(destid)); /* Heat:ÂIºqªÌ°Î¦W¥\¯à */ getdata(14, 0, "n°Î¦W¶Ü?[y/n]:", ano, sizeof(ano), DOECHO); @@ -155,7 +155,7 @@ osong(char *defaultid) unlockutmpmode(); return 0; } - strcpy(filename, OSONGPATH); + strlcpy(filename, OSONGPATH, sizeof(filename)); stampfile(filename, &mail); @@ -166,7 +166,7 @@ osong(char *defaultid) unlockutmpmode(); return 0; } - strcpy(mail.owner, "ÂIºq¾÷"); + strlcpy(mail.owner, "ÂIºq¾÷", sizeof(mail.owner)); sprintf(mail.title, "¡º %s ÂIµ¹ %s ", (ano[0] == 'y') ? "°Î¦WªÌ" : cuser.userid, destid); while (fgets(buf, 200, fp)) { @@ -183,17 +183,17 @@ osong(char *defaultid) while ((po = strstr(buf, "<~Src~>"))) { po[0] = 0; sprintf(genbuf, "%s%s%s", buf, (ano[0] == 'y') ? "°Î¦WªÌ" : cuser.userid, po + 7); - strcpy(buf, genbuf); + strlcpy(buf, genbuf, sizeof(buf)); } while ((po = strstr(buf, "<~Des~>"))) { po[0] = 0; sprintf(genbuf, "%s%s%s", buf, destid, po + 7); - strcpy(buf, genbuf); + strlcpy(buf, genbuf, sizeof(buf)); } while ((po = strstr(buf, "<~Say~>"))) { po[0] = 0; sprintf(genbuf, "%s%s%s", buf, say, po + 7); - strcpy(buf, genbuf); + strlcpy(buf, genbuf, sizeof(buf)); } fputs(buf, fp1); } @@ -346,7 +346,7 @@ mail_redenvelop(char *from, char *to, int money, char mode) ,from, ctime(&now), to, money); fclose(fp); sprintf(fhdr.title, "©Û°]¶iÄ_"); - strcpy(fhdr.owner, from); + strlcpy(fhdr.owner, from, sizeof(fhdr.owner)); if (mode == 'y') vedit(genbuf, NA, NULL); diff --git a/mbbsd/calendar.c b/mbbsd/calendar.c index a3d7943c..13a8ed16 100644 --- a/mbbsd/calendar.c +++ b/mbbsd/calendar.c @@ -1,4 +1,4 @@ -/* $Id: calendar.c,v 1.4 2002/07/05 17:10:26 in2 Exp $ */ +/* $Id: calendar.c,v 1.5 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" typedef struct event_t { @@ -230,7 +230,7 @@ GenerateCalendar(char **buf, int y, int m, int today, event_t * e) e = e->next; } if (today == first_day + i - 1) { - strcpy(attr1, "\33[1;37;42m"); + strlcpy(attr1, "\33[1;37;42m", sizeof(attr1)); attr2 = CALENDAR_COLOR; } p += sprintf(p, "%s%2d%s", attr1, i, attr2); diff --git a/mbbsd/chat.c b/mbbsd/chat.c index 5dd2d768..5f709bb2 100644 --- a/mbbsd/chat.c +++ b/mbbsd/chat.c @@ -1,4 +1,4 @@ -/* $Id: chat.c,v 1.6 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: chat.c,v 1.7 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" static int chatline, stop_line; @@ -106,8 +106,8 @@ chat_recv(int fd, char *chatid) } if (c > 0) { - strcpy(genbuf, bptr); - strcpy(buf, genbuf); + strlcpy(genbuf, bptr, sizeof(genbuf)); + strlcpy(buf, genbuf, sizeof(buf)); bufstart = len - 1; } else bufstart = 0; @@ -319,7 +319,7 @@ select_address() else buf[0] -= '1'; if (buf[0] >= 0 && buf[0] < c) - strcpy(trans_buffer, iptab[(int)buf[0]]); + strlcpy(trans_buffer, iptab[(int)buf[0]], sizeof(trans_buffer)); } else { outs("¥»¯¸¨S¦³µn°O¥ô¦ó¦X®æ¯ù¼Ó"); pressanykey(); @@ -417,11 +417,11 @@ t_chat() setutmpmode(CHATING); currutmp->in_chat = YEA; - strcpy(currutmp->chatid, chatid); + strlcpy(currutmp->chatid, chatid, sizeof(currutmp->chatid)); clear(); chatline = 2; - strcpy(inbuf, chatid); + strlcpy(inbuf, chatid, sizeof(inbuf)); stop_line = t_lines - 3; move(stop_line, 0); @@ -432,7 +432,7 @@ t_chat() memset(inbuf, 0, 80); sethomepath(fpath, cuser.userid); - strcpy(fpath, tempnam(fpath, "chat_")); + strlcpy(fpath, tempnam(fpath, "chat_"), sizeof(fpath)); flog = fopen(fpath, "w"); while (chatting) { @@ -445,7 +445,7 @@ t_chat() case KEY_UP: cmdpos++; cmdpos %= MAXLASTCMD; - strcpy(inbuf, lastcmd[cmdpos]); + strlcpy(inbuf, lastcmd[cmdpos], sizeof(inbuf)); move(b_lines - 1, chatid_len); clrtoeol(); outs(inbuf); @@ -498,8 +498,9 @@ t_chat() break; for (cmdpos = MAXLASTCMD - 1; cmdpos; cmdpos--) - strcpy(lastcmd[cmdpos], lastcmd[cmdpos - 1]); - strcpy(lastcmd[0], inbuf); + strlcpy(lastcmd[cmdpos], + lastcmd[cmdpos - 1], sizeof(lastcmd[cmdpos])); + strlcpy(lastcmd[0], inbuf, sizeof(lastcmd[0])); inbuf[0] = '\0'; currchar = 0; @@ -593,8 +594,8 @@ t_chat() sethomepath(genbuf, cuser.userid); stampfile(genbuf, &mymail); mymail.filemode = FILE_READ | FILE_HOLD; - strcpy(mymail.owner, "[³Æ.§Ñ.¿ý]"); - strcpy(mymail.title, "·|ij\033[1;33m°O¿ý\033[m"); + strlcpy(mymail.owner, "[³Æ.§Ñ.¿ý]", sizeof(mymail.owner)); + strlcpy(mymail.title, "·|ij\033[1;33m°O¿ý\033[m", sizeof(mymail.title)); sethomedir(title, cuser.userid); append_record(title, &mymail, sizeof(mymail)); Rename(fpath, genbuf); diff --git a/mbbsd/chc_play.c b/mbbsd/chc_play.c index de093052..53c0ceff 100644 --- a/mbbsd/chc_play.c +++ b/mbbsd/chc_play.c @@ -1,4 +1,4 @@ -/* $Id: chc_play.c,v 1.4 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: chc_play.c,v 1.5 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" typedef int (*play_func_t) (int, board_t, board_t); @@ -52,7 +52,7 @@ hisplay(int s, board_t board, board_t tmpbrd) } else { if (chc_from.r == -1) { chc_hepass = 1; - strcpy(chc_warnmsg, "\033[1;33mn¨D©M§½!\033[m"); + strlcpy(chc_warnmsg, "\033[1;33mn¨D©M§½!\033[m", sizeof(chc_warnmsg)); chc_drawline(board, WARN_ROW); } else { chc_from.r = 9 - chc_from.r, chc_from.c = 8 - chc_from.c; @@ -130,7 +130,7 @@ myplay(int s, board_t board, board_t tmpbrd) chc_ipass = 1; chc_from.r = -1; chc_sendmove(s); - strcpy(chc_warnmsg, "\033[1;33mn¨D©M´Ñ!\033[m"); + strlcpy(chc_warnmsg, "\033[1;33mn¨D©M´Ñ!\033[m", sizeof(chc_warnmsg)); chc_drawline(board, WARN_ROW); bell(); break; @@ -160,7 +160,7 @@ myplay(int s, board_t board, board_t tmpbrd) chc_drawline(board, LTR(chc_to.r)); endturn = 1; } else { - strcpy(chc_warnmsg, "\033[1;33m¤£¥i¥H¤ý¨£¤ý\033[m"); + strlcpy(chc_warnmsg, "\033[1;33m¤£¥i¥H¤ý¨£¤ý\033[m", sizeof(chc_warnmsg)); bell(); chc_drawline(board, WARN_ROW); } @@ -190,7 +190,7 @@ mainloop(int s, board_t board) chc_firststep = 0; chc_drawline(board, TURN_ROW); if (chc_ischeck(board, chc_turn)) { - strcpy(chc_warnmsg, "\033[1;31m±Nx!\033[m"); + strlcpy(chc_warnmsg, "\033[1;31m±Nx!\033[m", sizeof(chc_warnmsg)); bell(); } else chc_warnmsg[0] = 0; @@ -199,13 +199,13 @@ mainloop(int s, board_t board) } if (endgame == 1) { - strcpy(chc_warnmsg, "¹ï¤è»{¿é¤F!"); + strlcpy(chc_warnmsg, "¹ï¤è»{¿é¤F!", sizeof(chc_warnmsg)); cuser.chc_win++; } else if (endgame == 2) { - strcpy(chc_warnmsg, "§A»{¿é¤F!"); + strlcpy(chc_warnmsg, "§A»{¿é¤F!", sizeof(chc_warnmsg)); cuser.chc_lose++; } else { - strcpy(chc_warnmsg, "©M´Ñ"); + strlcpy(chc_warnmsg, "©M´Ñ", sizeof(chc_warnmsg)); cuser.chc_tie++; } cuser.chc_lose--; diff --git a/mbbsd/chicken.c b/mbbsd/chicken.c index 6b43ee33..f9420a43 100644 --- a/mbbsd/chicken.c +++ b/mbbsd/chicken.c @@ -1,4 +1,4 @@ -/* $Id: chicken.c,v 1.6 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: chicken.c,v 1.7 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define NUM_KINDS 13 /* ¦³¦h¤ÖºØ°Êª« */ @@ -707,7 +707,7 @@ ch_changename() cuser.userid, mychicken->name, chicken_type[(int)mychicken->type], newname, ctime(&now)); - strcpy(mychicken->name, newname); + strlcpy(mychicken->name, newname, sizeof(mychicken->name)); log_file(CHICKENLOG, buf); } } @@ -830,7 +830,7 @@ recover_chicken(chicken_t * thechicken) igetch(); return 0; } - strcpy(thechicken->name, "[¾ß¦^¨Óªº]"); + strlcpy(thechicken->name, "[¾ß¦^¨Óªº]", sizeof(thechicken->name)); thechicken->hp = thechicken->hp_max; thechicken->sick = 0; thechicken->satis = 2; @@ -890,7 +890,8 @@ chickenpk(int fd) lockreturn0(CHICKEN, LOCK_MULTI); - strcpy(mateid, currutmp->mateid); /* §â¹ï¤âªºid¥Îlocal buffer°O¦í */ + strlcpy(mateid, currutmp->mateid, sizeof(mateid)); + /* §â¹ï¤âªºid¥Îlocal buffer°O¦í */ getuser(mateid); memcpy(&ouser, &xuser, sizeof(userec_t)); @@ -990,7 +991,7 @@ chickenpk(int fd) } if (deadtype(ochicken)) { strtok(data, "\n"); - strcpy(buf, data); + strlcpy(buf, data, sizeof(buf)); sprintf(data, "d%s , %s ³Q %s ¥´¦º¤F\n", buf + 1, ochicken->name, mychicken->name); } diff --git a/mbbsd/dark.c b/mbbsd/dark.c index 19e17444..f464bf11 100644 --- a/mbbsd/dark.c +++ b/mbbsd/dark.c @@ -1,4 +1,4 @@ -/* $Id: dark.c,v 1.5 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: dark.c,v 1.6 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define RED 1 @@ -154,7 +154,7 @@ draw_line(sint y, sint f) *buf = 0; *tmp = 0; - strcpy(buf, "\033[43;30m"); + strlcpy(buf, "\033[43;30m", sizeof(buf)); for (i = 0; i < 8; i++) { if (brd[y][i].die == 1) sprintf(tmp, "¢x "); diff --git a/mbbsd/edit.c b/mbbsd/edit.c index c210ba8f..d7680380 100644 --- a/mbbsd/edit.c +++ b/mbbsd/edit.c @@ -1,4 +1,4 @@ -/* $Id: edit.c,v 1.12 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: edit.c,v 1.13 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" typedef struct textline_t { struct textline_t *prev; @@ -767,7 +767,7 @@ write_header(FILE * fp) int number; /* post number */ } postlog; - strcpy(postlog.author, cuser.userid); + strlcpy(postlog.author, cuser.userid, sizeof(postlog.author)); ifuseanony = 0; #ifdef HAVE_ANONYMOUS if (currbrdattr & BRD_ANONYMOUS) { @@ -779,8 +779,8 @@ write_header(FILE * fp) getdata(3, 0, "½Ð¿é¤J§A·Q¥ÎªºID¡A¤]¥iª½±µ«ö[Enter]¨Ï¥ÎìID¡G", real_name, sizeof(real_name), DOECHO); if (!real_name[0] && defanony) { - strcpy(real_name, "Anonymous"); - strcpy(postlog.author, real_name); + strlcpy(real_name, "Anonymous", sizeof(real_name)); + strlcpy(postlog.author, real_name, sizeof(postlog.author)); ifuseanony = 1; } else { if (!strcmp("r", real_name) || (!defanony && !real_name[0])) @@ -792,7 +792,7 @@ write_header(FILE * fp) } } #endif - strcpy(postlog.board, currboard); + strlcpy(postlog.board, currboard, sizeof(postlog.board)); ptr = save_title; if (!strncmp(ptr, str_reply, 4)) ptr += 4; @@ -929,9 +929,9 @@ write_file(char *fpath, int saveheader, int *islocal) case 't': move(3, 0); prints("¼ÐÃD¡G%s", save_title); - strcpy(ans, save_title); + strlcpy(ans, save_title, sizeof(ans)); if (getdata_buf(4, 0, "·s¼ÐÃD¡G", ans, sizeof(ans), DOECHO)) - strcpy(save_title, ans); + strlcpy(save_title, ans, sizeof(save_title)); return KEEP_EDITING; case 's': if (!HAS_PERM(PERM_LOGINOK)) { @@ -1429,10 +1429,10 @@ block_del(int hide) char buf[WRAPMARGIN + 2]; if (currpnt > blockpnt) { - strcpy(buf, begin->data + blockpnt); + strlcpy(buf, begin->data + blockpnt, sizeof(buf)); buf[currpnt - blockpnt] = 0; } else { - strcpy(buf, begin->data + currpnt); + strlcpy(buf, begin->data + currpnt, sizeof(buf)); buf[blockpnt - currpnt] = 0; } fputs(buf, fp); @@ -1454,7 +1454,7 @@ block_del(int hide) min = currpnt; max = blockpnt; } - strcpy(begin->data + min, begin->data + max); + strlcpy(begin->data + min, begin->data + max, sizeof(begin->data) - min); begin->len -= max - min; currpnt = min; } else { @@ -1780,7 +1780,7 @@ vedit(char *fpath, int saveheader, int *islocal) char *tmp, *apos = ans; int fg, bg; - strcpy(color, "\033["); + strlcpy(color, "\033[", sizeof(color)); if (isdigit(*apos)) { sprintf(color, "%s%c", color, *(apos++)); if (*apos) @@ -1933,7 +1933,7 @@ vedit(char *fpath, int saveheader, int *islocal) if (strcmp(line, currline->data)) { char buf[WRAPMARGIN]; - strcpy(buf, currline->data); + strlcpy(buf, currline->data, sizeof(buf)); strcpy(currline->data, line); strcpy(line, buf); currline->len = strlen(currline->data); diff --git a/mbbsd/friend.c b/mbbsd/friend.c index 81abf097..2753282c 100644 --- a/mbbsd/friend.c +++ b/mbbsd/friend.c @@ -1,4 +1,4 @@ -/* $Id: friend.c,v 1.9 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: friend.c,v 1.10 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" /* ------------------------------------- */ @@ -93,7 +93,7 @@ friend_add(char *uident, int type) char t_uident[IDLEN + 1]; /* Thor: avoid uident run away when get data */ - strcpy(t_uident, uident); + strlcpy(t_uident, uident, sizeof(t_uident)); if (type != FRIEND_ALOHA && type != FRIEND_POST) getdata(2, 0, friend_desc[type], buf, sizeof(buf), DOECHO); diff --git a/mbbsd/gamble.c b/mbbsd/gamble.c index 5a93c275..1fa62e13 100644 --- a/mbbsd/gamble.c +++ b/mbbsd/gamble.c @@ -1,4 +1,4 @@ -/* $Id: gamble.c,v 1.25 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: gamble.c,v 1.26 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #ifndef _BBS_UTIL_C_ @@ -33,8 +33,8 @@ post_msg(char *bname, char *title, char *msg, char *author) fclose(fp); /* ±NÀÉ®×¥[¤J¦Cªí */ - strcpy(fhdr.title, title); - strcpy(fhdr.owner, author); + strlcpy(fhdr.title, title, sizeof(fhdr.title)); + strlcpy(fhdr.owner, author, sizeof(fhdr.owner)); setbdir(genbuf, bname); if (append_record(genbuf, &fhdr, sizeof(fhdr)) != -1) if ((bid = getbnum(bname)) > 0) diff --git a/mbbsd/gomo.c b/mbbsd/gomo.c index 1eb6ca77..49a1694a 100644 --- a/mbbsd/gomo.c +++ b/mbbsd/gomo.c @@ -1,4 +1,4 @@ -/* $Id: gomo.c,v 1.6 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: gomo.c,v 1.7 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" static char *chess[] = {"¡´", "¡³"}; @@ -72,7 +72,7 @@ HO_log(char *user) stampfile(buf1, &mymail); mymail.filemode = FILE_READ | FILE_HOLD; - strcpy(mymail.owner, "[³Æ.§Ñ.¿ý]"); + strlcpy(mymail.owner, "[³Æ.§Ñ.¿ý]", sizeof(mymail.owner)); sprintf(mymail.title, "\033[37;41m´ÑÃÐ\033[m %s VS %s", cuser.userid, user); sethomedir(title, cuser.userid); diff --git a/mbbsd/indict.c b/mbbsd/indict.c index 5a575211..6e44c612 100644 --- a/mbbsd/indict.c +++ b/mbbsd/indict.c @@ -1,4 +1,4 @@ -/* $Id: indict.c,v 1.5 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: indict.c,v 1.6 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define REFER "etc/dicts" @@ -58,8 +58,8 @@ choose_dict(void) cho[0] = (cho[0] + 1) * 10 + (cho[1] - '1'); if (cho[0] >= 0 && cho[0] < c) { - strcpy(dict, buf[(int)cho[0]]); - strcpy(database, data[(int)cho[0]]); + strlcpy(dict, buf[(int)cho[0]], sizeof(dict)); + strlcpy(database, data[(int)cho[0]], sizeof(database)); return 1; } else return 0; @@ -96,7 +96,7 @@ use_dict() sprintf(buf, "\033[45m ¡´\033[1;44;33m" " %-14s\033[3;45m ¡´ ", dict); - strcpy(&buf[100], "\033[m\n"); + strlcpy(&buf[100], "\033[m\n", sizeof(buf) - 100); for (;;) { move(0, 0); sprintf(lang, " ½Ð¿é¤JÃöÁä¦r¦ê(%s) ©Î«ü¥O(h,t,a)\n", dict); @@ -106,7 +106,7 @@ use_dict() outs(lang); getdata(2, 0, ":", word, 18, DOECHO); outs("¸ê®Æ·j´M¤¤½ÐµyÔ...."); - strcpy(word, lower(word)); + strlcpy(word, lower(word), sizeof(word)); if (word[0] == 0) return 0; clear(); @@ -1,4 +1,4 @@ -/* $Id: io.c,v 1.18 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: io.c,v 1.19 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #if defined(linux) @@ -463,7 +463,7 @@ oldgetdata(int line, int col, char *prompt, char *buf, int len, int echo) if (clen > 1) for (cmdpos = MAXLASTCMD - 1; cmdpos; cmdpos--) { - strcpy(lastcmd[cmdpos], lastcmd[cmdpos - 1]); + strlcpy(lastcmd[cmdpos], lastcmd[cmdpos - 1], sizeof(lastcmd[cmdpos])); strncpy(lastcmd[0], buf, len); } if (echo) @@ -474,7 +474,7 @@ oldgetdata(int line, int col, char *prompt, char *buf, int len, int echo) buf[0] = ch | 32; #ifdef SUPPORT_GB if (echo == DOECHO && current_font_type == TYPE_GB) { - strcpy(buf, hc_convert_str(buf, HC_GBtoBIG, HC_DO_SINGLE)); + strlcpy(buf, hc_convert_str(buf, HC_GBtoBIG, HC_DO_SINGLE), sizeof(buf)); } #endif return clen; diff --git a/mbbsd/lovepaper.c b/mbbsd/lovepaper.c index c2f4459c..1bd4a125 100644 --- a/mbbsd/lovepaper.c +++ b/mbbsd/lovepaper.c @@ -1,4 +1,4 @@ -/* $Id: lovepaper.c,v 1.7 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: lovepaper.c,v 1.8 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define DATA "etc/lovepaper.dat" @@ -95,7 +95,7 @@ x_love() stampfile(buf1, &mhdr); Rename(path, buf1); strncpy(mhdr.title, save_title, TTLEN); - strcpy(mhdr.owner, cuser.userid); + strlcpy(mhdr.owner, cuser.userid, sizeof(mhdr.owner)); sethomedir(path, receiver); if (append_record(path, &mhdr, sizeof(mhdr)) == -1) return -1; diff --git a/mbbsd/mail.c b/mbbsd/mail.c index 7c88cd1b..f8b1ebe3 100644 --- a/mbbsd/mail.c +++ b/mbbsd/mail.c @@ -1,4 +1,4 @@ -/* $Id: mail.c,v 1.19 2002/07/20 08:51:00 in2 Exp $ */ +/* $Id: mail.c,v 1.20 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" char currmaildir[32]; static char msg_cc[] = "\033[32m[¸s²Õ¦W³æ]\033[m\n"; @@ -92,7 +92,7 @@ mail_id(char *id, char *title, char *filename, char *owner) sethomepath(genbuf, id); if (stampfile(genbuf, &mhdr)) return 0; - strcpy(mhdr.owner, owner); + strlcpy(mhdr.owner, owner, sizeof(mhdr.owner)); strncpy(mhdr.title, title, TTLEN); mhdr.filemode = 0; Link(filename, genbuf); @@ -196,12 +196,12 @@ do_hold_mail(char *fpath, char *receiver, char *holder) stampfile(buf, &mymail); mymail.filemode = FILE_READ | FILE_HOLD; - strcpy(mymail.owner, "[³Æ.§Ñ.¿ý]"); + strlcpy(mymail.owner, "[³Æ.§Ñ.¿ý]", sizeof(mymail.owner)); if (receiver) { sprintf(title, "(%s) %s", receiver, save_title); strncpy(mymail.title, title, TTLEN); } else - strcpy(mymail.title, save_title); + strlcpy(mymail.title, save_title, sizeof(mymail.title)); sethomedir(title, holder); @@ -282,10 +282,10 @@ do_send(char *userid, char *title) unlink(fpath); return res; } else { - strcpy(receiver, userid); + strlcpy(receiver, userid, sizeof(receiver)); sethomepath(genbuf, userid); stampfile(genbuf, &mhdr); - strcpy(mhdr.owner, cuser.userid); + strlcpy(mhdr.owner, cuser.userid, sizeof(mhdr.owner)); strncpy(mhdr.title, save_title, TTLEN); if (vedit(genbuf, YEA, NULL) == -1) { unlink(genbuf); @@ -520,8 +520,8 @@ multi_send(char *title) unlink(genbuf); Link(fpath, genbuf); - strcpy(mymail.owner, cuser.userid); - strcpy(mymail.title, save_title); + strlcpy(mymail.owner, cuser.userid, sizeof(mymail.owner)); + strlcpy(mymail.title, save_title, sizeof(mymail.title)); mymail.filemode |= FILE_MULTI; /* multi-send flag */ sethomedir(genbuf, p->word); if (append_record(genbuf, &mymail, sizeof(mymail)) == -1) @@ -543,7 +543,7 @@ multi_reply(int ent, fileheader_t * fhdr, char *direct) return mail_reply(ent, fhdr, direct); stand_title("¸s²Õ¦^«H"); - strcpy(quote_user, fhdr->owner); + strlcpy(quote_user, fhdr->owner, sizeof(quote_user)); setuserfile(quote_file, fhdr->filename); multi_send(fhdr->title); return 0; @@ -603,8 +603,8 @@ mail_all() unlink(fpath); strcpy(fpath, genbuf); - strcpy(mymail.owner, cuser.userid); /* ¯¸ªø ID */ - strcpy(mymail.title, save_title); + strlcpy(mymail.owner, cuser.userid, sizeof(mymail.owner)); /* ¯¸ªø ID */ + strlcpy(mymail.title, save_title, sizeof(mymail.title)); sethomedir(genbuf, cuser.userid); if (append_record(genbuf, &mymail, sizeof(mymail)) == -1) @@ -622,8 +622,8 @@ mail_all() unlink(genbuf); Link(fpath, genbuf); - strcpy(mymail.owner, cuser.userid); - strcpy(mymail.title, save_title); + strlcpy(mymail.owner, cuser.userid, sizeof(mymail.owner)); + strlcpy(mymail.title, save_title, sizeof(mymail.title)); /* mymail.filemode |= FILE_MARKED; Ptt ¤½§i§ï¦¨¤£·|mark */ sethomedir(genbuf, userid); if (append_record(genbuf, &mymail, sizeof(mymail)) == -1) @@ -658,7 +658,7 @@ m_forward(int ent, fileheader_t * fhdr, char *direct) if (uid[0] == '\0') return FULLUPDATE; - strcpy(quote_user, fhdr->owner); + strlcpy(quote_user, fhdr->owner, sizeof(quote_user)); setuserfile(quote_file, fhdr->filename); sprintf(save_title, "%.64s (fwd)", fhdr->title); move(1, 0); @@ -862,7 +862,7 @@ mail_del(int ent, fileheader_t * fhdr, char *direct) getdata(1, 0, msg_del_ny, genbuf, 3, LCECHO); if (genbuf[0] == 'y') { - strcpy(currfile, fhdr->filename); + strlcpy(currfile, fhdr->filename, sizeof(currfile)); if (!delete_file(direct, sizeof(*fhdr), ent, cmpfilename)) { setdirpath(genbuf, direct, fhdr->filename); unlink(genbuf); @@ -987,7 +987,7 @@ mail_reply(int ent, fileheader_t * fhdr, char *direct) setbfile(quote_file, currboard, fhdr->filename); /* find the author */ - strcpy(quote_user, fhdr->owner); + strlcpy(quote_user, fhdr->owner, sizeof(quote_user)); if (strchr(quote_user, '.')) { genbuf[0] = '\0'; if ((fp = fopen(quote_file, "r"))) { @@ -996,14 +996,14 @@ mail_reply(int ent, fileheader_t * fhdr, char *direct) } t = strtok(genbuf, str_space); if (!strcmp(t, str_author1) || !strcmp(t, str_author2)) - strcpy(uid, strtok(NULL, str_space)); + strlcpy(uid, strtok(NULL, str_space), sizeof(uid)); else { outs("¿ù»~: §ä¤£¨ì§@ªÌ¡C"); pressanykey(); return FULLUPDATE; } } else - strcpy(uid, quote_user); + strlcpy(uid, quote_user, sizeof(uid)); /* make the title */ do_reply_title(3, fhdr->title); @@ -1137,13 +1137,13 @@ mail_cross_post(int ent, fileheader_t * fhdr, char *direct) if (ent) sprintf(xtitle, "[Âà¿ý]%.66s", fhdr->title); else - strcpy(xtitle, fhdr->title); + strlcpy(xtitle, fhdr->title, sizeof(xtitle)); sprintf(genbuf, "±Ä¥Îì¼ÐÃD¡m%.60s¡n¶Ü?[Y] ", xtitle); getdata(2, 0, genbuf, genbuf2, sizeof(genbuf2), LCECHO); if (*genbuf2 == 'n') if (getdata(2, 0, "¼ÐÃD¡G", genbuf, TTLEN, DOECHO)) - strcpy(xtitle, genbuf); + strlcpy(xtitle, genbuf, sizeof(xtitle)); getdata(2, 0, "(S)¦sÀÉ (L)¯¸¤º (Q)¨ú®ø¡H[Q] ", genbuf, 3, LCECHO); if (genbuf[0] == 'l' || genbuf[0] == 's') { @@ -1153,10 +1153,10 @@ mail_cross_post(int ent, fileheader_t * fhdr, char *direct) setbpath(xfpath, xboard); stampfile(xfpath, &xfile); if (author) - strcpy(xfile.owner, fhdr->owner); + strlcpy(xfile.owner, fhdr->owner, sizeof(xfile.owner)); else - strcpy(xfile.owner, cuser.userid); - strcpy(xfile.title, xtitle); + strlcpy(xfile.owner, cuser.userid, sizeof(xfile.owner)); + strlcpy(xfile.title, xtitle, sizeof(xfile.title)); if (genbuf[0] == 'l') { xfile.filemode = FILE_LOCAL; } @@ -1164,11 +1164,11 @@ mail_cross_post(int ent, fileheader_t * fhdr, char *direct) if (ent) { xptr = fopen(xfpath, "w"); - strcpy(save_title, xfile.title); - strcpy(xfpath, currboard); - strcpy(currboard, xboard); + strlcpy(save_title, xfile.title, sizeof(save_title)); + strlcpy(xfpath, currboard, sizeof(xfpath)); + strlcpy(currboard, xboard, sizeof(currboard)); write_header(xptr); - strcpy(currboard, xfpath); + strlcpy(currboard, xfpath, sizeof(currboard)); fprintf(xptr, "¡° [¥»¤åÂà¿ý¦Û %s «H½c]\n\n", cuser.userid); @@ -1222,7 +1222,7 @@ mail_cite(int ent, fileheader_t * fhdr, char *direct) boardheader_t *bp; setuserfile(fpath, fhdr->filename); - strcpy(title, "¡º "); + strlcpy(title, "¡º ", sizeof(title)); strncpy(title + 3, fhdr->title, TTLEN - 3); title[TTLEN] = '\0'; a_copyitem(fpath, title, 0, 1); @@ -1241,7 +1241,7 @@ mail_cite(int ent, fileheader_t * fhdr, char *direct) completeboard_permission, completeboard_getname); if (*buf) - strcpy(xboard, buf); + strlcpy(xboard, buf, sizeof(xboard)); if (*xboard && (bp = getbcache(getbnum(xboard)))) { setapath(fpath, xboard); setutmpmode(ANNOUNCE); @@ -1265,7 +1265,7 @@ mail_save(int ent, fileheader_t * fhdr, char *direct) if (HAS_PERM(PERM_MAILLIMIT)) { setuserfile(fpath, fhdr->filename); - strcpy(title, "¡º "); + strlcpy(title, "¡º ", sizeof(title)); strncpy(title + 3, fhdr->title, TTLEN - 3); title[TTLEN] = '\0'; a_copyitem(fpath, title, fhdr->owner, 1); @@ -1289,7 +1289,7 @@ mail_waterball(int ent, fileheader_t * fhdr, char *direct) return 1; } if (!address[0]) - strcpy(address, cuser.email); + strlcpy(address, cuser.email, sizeof(address)); move(b_lines - 8, 0); outs("¤ô²y¾ã²zµ{¦¡:\n" "¨t²Î±N·|«ö·Ó©M¤£¦P¤H¥áªº¤ô²y¦U¦Û¿W¥ß\n" @@ -1307,7 +1307,7 @@ mail_waterball(int ent, fileheader_t * fhdr, char *direct) if (!address[0]) { getdata(b_lines - 5, 0, "½Ð¿é¤J¶l¥ó¦a§}¡G", fname, 60, DOECHO); if (fname[0] && strchr(fname, '.')) { - strcpy(address, fname); + strlcpy(address, fname, sizeof(address)); } else { vmsg("¨ú®ø³B²z"); return 1; @@ -1395,10 +1395,10 @@ send_inner_mail(char *fpath, char *title, char *receiver) sethomepath(genbuf, receiver); stampfile(genbuf, &mymail); if (!strcmp(receiver, cuser.userid)) { - strcpy(mymail.owner, "[" BBSNAME "]"); + strlcpy(mymail.owner, "[" BBSNAME "]", sizeof(mymail.owner)); mymail.filemode = FILE_READ; } else - strcpy(mymail.owner, cuser.userid); + strlcpy(mymail.owner, cuser.userid, sizeof(mymail.owner)); strncpy(mymail.title, title, TTLEN); unlink(genbuf); Link(fpath, genbuf); @@ -1438,7 +1438,7 @@ bbs_sendmail(char *fpath, char *title, char *receiver) memcpy(hacker, receiver, len); hacker[len] = '\0'; } else - strcpy(hacker, receiver); + strlcpy(hacker, receiver, sizeof(hacker)); return send_inner_mail(fpath, title, hacker); } /* setup the hostname and username */ @@ -1507,13 +1507,13 @@ bsmtp(char *fpath, char *title, char *rcpt, int method) memcpy(hacker, rcpt, len); hacker[len] = '\0'; } else - strcpy(hacker, rcpt); + strlcpy(hacker, rcpt, sizeof(hacker)); return send_inner_mail(fpath, title, hacker); } chrono = now; if (method != MQ_JUSTIFY) { /* »{ÃÒ«H */ /* stamp the queue file */ - strcpy(buf, "out/"); + strlcpy(buf, "out/", sizeof(buf)); for (;;) { sprintf(buf + 4, "M.%ld.A", ++chrono); if (!dashf(buf)) { @@ -1524,15 +1524,15 @@ bsmtp(char *fpath, char *title, char *rcpt, int method) fpath = buf; - strcpy(mqueue.filepath, fpath); - strcpy(mqueue.subject, title); + strlcpy(mqueue.filepath, fpath, sizeof(mqueue.filepath)); + strlcpy(mqueue.subject, title, sizeof(mqueue.subject)); } /* setup mail queue */ mqueue.mailtime = chrono; mqueue.method = method; - strcpy(mqueue.sender, cuser.userid); - strcpy(mqueue.username, cuser.username); - strcpy(mqueue.rcpt, rcpt); + strlcpy(mqueue.sender, cuser.userid, sizeof(mqueue.sender)); + strlcpy(mqueue.username, cuser.username, sizeof(mqueue.username)); + strlcpy(mqueue.rcpt, rcpt, sizeof(mqueue.rcpt)); if (do_append("out/.DIR", (fileheader_t *) & mqueue, sizeof(mqueue)) < 0) return 0; return chrono; @@ -1548,7 +1548,7 @@ doforward(char *direct, fileheader_t * fh, int mode) char genbuf[200]; if (!address[0]) - strcpy(address, cuser.email); + strlcpy(address, cuser.email, sizeof(address)); if (address[0]) { sprintf(genbuf, "½T©wÂà±Hµ¹ [%s] ¶Ü(Y/N/Q)¡H[Y] ", address); @@ -1566,7 +1566,7 @@ doforward(char *direct, fileheader_t * fh, int mode) getdata(b_lines - 1, 0, "½Ð¿é¤JÂà±H¦a§}¡G", fname, 60, DOECHO); if (fname[0]) { if (strchr(fname, '.')) - strcpy(address, fname); + strlcpy(address, fname, sizeof(address)); else sprintf(address, "%s.bbs@%s", fname, MYHOSTNAME); } else { @@ -1603,7 +1603,7 @@ doforward(char *direct, fileheader_t * fh, int mode) "/usr/bin/uuencode %s.tgz > %s", cuser.userid[0], cuser.userid, cuser.userid, direct); system(fname); - strcpy(fname, direct); + strlcpy(fname, direct, sizeof(fname)); } else if (mode == 'U') { char tmp_buf[128]; @@ -1675,7 +1675,7 @@ mail_justify(userec_t muser) sethomepath(buf1, muser.userid); stampfile(buf1, &mhdr); unlink(buf1); - strcpy(mhdr.owner, cuser.userid); + strlcpy(mhdr.owner, cuser.userid, sizeof(mhdr.owner)); strncpy(mhdr.title, "[¼f®Ö³q¹L]", TTLEN); mhdr.filemode = 0; diff --git a/mbbsd/mbbsd.c b/mbbsd/mbbsd.c index c9736e1b..954cac82 100644 --- a/mbbsd/mbbsd.c +++ b/mbbsd/mbbsd.c @@ -1,4 +1,4 @@ -/* $Id: mbbsd.c,v 1.40 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: mbbsd.c,v 1.41 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define SOCKET_QLEN 4 @@ -100,8 +100,9 @@ chkload(char *buf) (i > MAX_CPULOAD ? "¡A°ªt²ü¶q¡A½Ðµy«á¦A¨Ó " "(½Ð§Q¥Îport 3000~3010³s½u)" : "")); #ifdef INSCREEN - strcpy(buf, (i > MAX_CPULOAD ? BANNER - "°ªt²ü¶q¡A½Ðµy«á¦A¨Ó(½Ð§Q¥Îport 3000~3010³s½u)" : "")); + strlcpy(buf, (i > MAX_CPULOAD ? BANNER + "°ªt²ü¶q¡A½Ðµy«á¦A¨Ó(½Ð§Q¥Îport 3000~3010³s½u)" : ""), + sizeof(buf)); #else sprintf(buf, BANNER "%s\r\n", (i > MAX_CPULOAD ? "°ªt²ü¶q¡A½Ðµy«á¦A¨Ó(½Ð§Q¥Îport 3000~3010³s½u)" : "")); @@ -591,7 +592,7 @@ add_distinct(char *fname, char *line) char tmpname[100]; FILE *fptmp; - strcpy(tmpname, fname); + strlcpy(tmpname, fname, sizeof(tmpname)); strcat(tmpname, "_tmp"); if (!(fptmp = fopen(tmpname, "w"))) { fclose(fp); @@ -637,7 +638,7 @@ del_distinct(char *fname, char *line) char tmpname[100]; FILE *fptmp; - strcpy(tmpname, fname); + strlcpy(tmpname, fname, sizeof(tmpname)); strcat(tmpname, "_tmp"); if (!(fptmp = fopen(tmpname, "w"))) { fclose(fp); @@ -718,10 +719,10 @@ setup_utmp(int mode) uinfo.userlevel = cuser.userlevel; uinfo.sex = cuser.sex % 8; uinfo.lastact = time(NULL); - strcpy(uinfo.userid, cuser.userid); - strcpy(uinfo.realname, cuser.realname); - strcpy(uinfo.username, cuser.username); - strncpy(uinfo.from, fromhost, 23); + strlcpy(uinfo.userid, cuser.userid, sizeof(uinfo.userid)); + strlcpy(uinfo.realname, cuser.realname, sizeof(uinfo.realname)); + strlcpy(uinfo.username, cuser.username, sizeof(uinfo.username)); + strlcpy(uinfo.from, fromhost, sizeof(uinfo.from)); uinfo.five_win = cuser.five_win; uinfo.five_lose = cuser.five_lose; uinfo.five_tie = cuser.five_tie; @@ -734,7 +735,7 @@ setup_utmp(int mode) #ifndef FAST_LOGIN setuserfile(buf, "remoteuser"); - strcpy(remotebuf, fromhost); + strlcpy(remotebuf, fromhost, sizeof(remotebuf)); strcat(remotebuf, ctime(&now)); remotebuf[strlen(remotebuf) - 1] = 0; add_distinct(buf, remotebuf); @@ -766,7 +767,7 @@ user_login() resolve_fcache(); resolve_boards(); memset(&water[0], 0, sizeof(water_t) * 6); - strcpy(water[0].userid, " ¥þ³¡ "); + strlcpy(water[0].userid, " ¥þ³¡ ", sizeof(water[0].userid)); /* ªì©l¤Æ uinfo¡Bflag¡Bmode */ setup_utmp(LOGIN); mysrand(); /* ªì©l¤Æ: random number ¼W¥[user¸ò®É¶¡ªº®t²§ */ @@ -1115,7 +1116,7 @@ getremotename(struct sockaddr_in * from, char *rhost, char *rname) */ if ((cp = (char *)strchr(user, '\r'))) *cp = 0; - strcpy(rname, user); + strlcpy(rname, user, sizeof(rname)); } } alarm(0); @@ -1199,7 +1200,7 @@ shell_login(int argc, char *argv[], char *envp[]) if (argc > 1) { strcpy(fromhost, argv[1]); if (argc > 3) - strcpy(remoteusername, argv[3]); + strlcpy(remoteusername, argv[3], sizeof(remoteusername)); } close(2); /* don't close fd 1, at least init_tty need it */ diff --git a/mbbsd/name.c b/mbbsd/name.c index d87d8175..949afaf2 100644 --- a/mbbsd/name.c +++ b/mbbsd/name.c @@ -1,4 +1,4 @@ -/* $Id: name.c,v 1.10 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: name.c,v 1.11 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" static word_t *current = NULL; @@ -37,7 +37,7 @@ UserSubArray(char cwbuf[][IDLEN + 1], char cwlist[][IDLEN + 1], for (n = 0; n < cwnum; n++) { ch = cwlist[n][pos]; if (ch == key || ch == key2) - strcpy(cwbuf[num++], cwlist[n]); + strlcpy(cwbuf[num++], cwlist[n], sizeof(cwbuf[num])); } return num; } diff --git a/mbbsd/page.c b/mbbsd/page.c index 6e8489e2..a3e11466 100644 --- a/mbbsd/page.c +++ b/mbbsd/page.c @@ -1,4 +1,4 @@ -/* $Id: page.c,v 1.6 2002/07/05 17:10:27 in2 Exp $ */ +/* $Id: page.c,v 1.7 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define hpressanykey(a) {move(22, 0); prints(a); pressanykey();} @@ -101,7 +101,7 @@ main_railway() break; sethomepath(genbuf, cuser.userid); stampfile(genbuf, &mhdr); - strcpy(mhdr.owner, "Ptt·j´M¾¹"); + strlcpy(mhdr.owner, "Ptt·j´M¾¹", sizeof(mhdr.owner)); strncpy(mhdr.title, "¤õ¨®®É¨è·j´Mµ²ªG", TTLEN); sprintf(command, "echo \"from-station=%s&to-station=%s" diff --git a/mbbsd/read.c b/mbbsd/read.c index 3d661479..4ef38169 100644 --- a/mbbsd/read.c +++ b/mbbsd/read.c @@ -1,4 +1,4 @@ -/* $Id: read.c,v 1.8 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: read.c,v 1.9 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define MAXPATHLEN 256 @@ -342,9 +342,9 @@ thread(keeploc_t * locmem, int stype) query = (stype & RS_TITLE) ? t_ans : a_ans; if (!*query && query == a_ans) { if (*currowner) - strcpy(a_ans, currowner); + strlcpy(a_ans, currowner, sizeof(a_ans)); else if (*currauthor) - strcpy(a_ans, currauthor); + strlcpy(a_ans, currauthor, sizeof(a_ans)); } sprintf(s_pmt, "%s·j´M%s [%s] ", (stype & RS_FORWARD) ? "©¹«á" : "©¹«e", (stype & RS_TITLE) ? "¼ÐÃD" : "§@ªÌ", query); @@ -464,7 +464,7 @@ select_read(keeploc_t * locmem, int sr_mode) if (sr_mode == RS_TITLE) query = subject(headers[locmem->crs_ln - locmem->top_ln].title); else if (sr_mode == RS_NEWPOST) { - strcpy(buf3, "Re: "); + strlcpy(buf3, "Re: ", sizeof(buf3)); query = buf3; } else { char buff[80]; @@ -535,7 +535,7 @@ select_read(keeploc_t * locmem, int sr_mode) close(fd); if (st.st_size) { currmode |= MODE_SELECT; - strcpy(currdirect, fpath); + strlcpy(currdirect, fpath, sizeof(currdirect)); } } return st.st_size; @@ -672,7 +672,9 @@ i_read_key(onekey_t * rcmdlist, keeploc_t * locmem, int ch, int bid) int id; userec_t muser; - strcpy(currauthor, headers[locmem->crs_ln - locmem->top_ln].owner); + strlcpy(currauthor, + headers[locmem->crs_ln - locmem->top_ln].owner, + sizeof(currauthor)); stand_title("¨Ï¥ÎªÌ³]©w"); move(1, 0); if ((id = getuser(headers[locmem->crs_ln - locmem->top_ln].owner))) { @@ -738,11 +740,11 @@ void i_read(int cmdmode, char *direct, void (*dotitle) (), void (*doe int hit_thread0 = hit_thread; fileheader_t *headers0 = headers; - strcpy(currdirect0, currdirect); + strlcpy(currdirect0, currdirect, sizeof(currdirect0)); #define FHSZ sizeof(fileheader_t) //Ptt:³o à äheaders ¥ i ¥ H ° w ¹ ï¬ÝªO ª º³Ì«á60 ½ g ° µcache headers = (fileheader_t *) calloc(p_lines, FHSZ); - strcpy(currdirect, direct); + strlcpy(currdirect, direct, sizeof(currdirect)); mode = NEWDIRECT; /* rocker.011018: ¥[¤J·sªºtag¾÷¨î */ @@ -923,6 +925,6 @@ return_i_read: last_line = last_line0; hit_thread = hit_thread0; headers = headers0; - strcpy(currdirect, currdirect0); + strlcpy(currdirect, currdirect0, sizeof(currdirect)); return; } diff --git a/mbbsd/record.c b/mbbsd/record.c index bc50cbe1..79dd1801 100644 --- a/mbbsd/record.c +++ b/mbbsd/record.c @@ -1,4 +1,4 @@ -/* $Id: record.c,v 1.7 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: record.c,v 1.8 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #undef HAVE_MMAP @@ -41,7 +41,7 @@ get_sum_records(char *fpath, int size) if (!(fp = fopen(fpath, "r"))) return -1; - strcpy(buf, fpath); + strlcpy(buf, fpath, sizeof(buf)); p = strrchr(buf, '/') + 1; while (fread(&fhdr, size, 1, fp) == 1) { @@ -237,7 +237,7 @@ delete_range(char *fpath, int id1, int id2) return -1; } count = 1; - strcpy(fullpath, fpath); + strlcpy(fullpath, fpath, sizeof(fullpath)); t = strrchr(fullpath, '/') + 1; while (read(fdr, &fhdr, sizeof(fileheader_t)) == sizeof(fileheader_t)) { @@ -306,12 +306,12 @@ int delete_files(char *dirname, int (*filecheck) (), int record){ fileheader_t delfh; char deletedDIR[] = "boards/d/deleted/.DIR"; - strcpy(deleted, "boards/d/deleted"); + strlcpy(deleted, "boards/d/deleted", sizeof(deleted)); if (!(fp = fopen(dirname, "r"))) return ans; - strcpy(tmpfname, dirname); + strlcpy(tmpfname, dirname, sizeof(tmpfname)); strcat(tmpfname, "_tmp"); if (!(fptmp = fopen(tmpfname, "w"))) { @@ -325,8 +325,8 @@ int delete_files(char *dirname, int (*filecheck) (), int record){ if (record) { deleted[14] = '\0'; stampfile(deleted, &delfh); - strcpy(delfh.owner, fhdr.owner); - strcpy(delfh.title, fhdr.title); + strlcpy(delfh.owner, fhdr.owner, sizeof(delfh.owner)); + strlcpy(delfh.title, fhdr.title, sizeof(delfh.title)); Link(genbuf, deleted); append_record(deletedDIR, &delfh, sizeof(delfh)); } @@ -442,7 +442,7 @@ stampfile(char *fpath, fileheader_t * fh) } while ((fp = open(fpath, O_CREAT | O_EXCL | O_WRONLY, 0644)) == -1); close(fp); memset(fh, 0, sizeof(fileheader_t)); - strcpy(fh->filename, ip); + strlcpy(fh->filename, ip, sizeof(fh->filename)); ptime = localtime(&dtime); sprintf(fh->date, "%2d/%02d", ptime->tm_mon + 1, ptime->tm_mday); return 0; @@ -464,7 +464,7 @@ stampdir(char *fpath, fileheader_t * fh) sprintf(ip, "D%lX", ++dtime & 07777); } while (mkdir(fpath, 0755) == -1); memset(fh, 0, sizeof(fileheader_t)); - strcpy(fh->filename, ip); + strlcpy(fh->filename, ip, sizeof(fh->filename)); ptime = localtime(&dtime); sprintf(fh->date, "%2d/%02d", ptime->tm_mon + 1, ptime->tm_mday); } @@ -485,7 +485,7 @@ stamplink(char *fpath, fileheader_t * fh) sprintf(ip, "S%lX", ++dtime); } while (symlink("temp", fpath) == -1); memset(fh, 0, sizeof(fileheader_t)); - strcpy(fh->filename, ip); + strlcpy(fh->filename, ip, sizeof(fh->filename)); ptime = localtime(&dtime); sprintf(fh->date, "%2d/%02d", ptime->tm_mon + 1, ptime->tm_mday); } diff --git a/mbbsd/register.c b/mbbsd/register.c index f2b50a9b..3cb92cab 100644 --- a/mbbsd/register.c +++ b/mbbsd/register.c @@ -1,4 +1,4 @@ -/* $Id: register.c,v 1.6 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: register.c,v 1.7 2002/07/21 08:18:41 in2 Exp $ */ #define _XOPEN_SOURCE #include "bbs.h" @@ -24,7 +24,7 @@ genpasswd(char *pw) c += 6; saltc[i] = c; } - strcpy(pwbuf, pw); + strlcpy(pwbuf, pw, sizeof(pwbuf)); return crypt(pwbuf, saltc); } return ""; @@ -177,7 +177,7 @@ getnewuserid() sprintf(genbuf, "uid %d", i); log_usies("APPLY", genbuf); - strcpy(zerorec.userid, str_new); + strlcpy(zerorec.userid, str_new, sizeof(zerorec.userid)); zerorec.lastlogin = clock; passwd_update(i, &zerorec); setuserid(i, zerorec.userid); diff --git a/mbbsd/screen.c b/mbbsd/screen.c index 12901158..a5cbea77 100644 --- a/mbbsd/screen.c +++ b/mbbsd/screen.c @@ -1,4 +1,4 @@ -/* $Id: screen.c,v 1.4 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: screen.c,v 1.5 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #ifdef SUPPORT_GB @@ -336,7 +336,7 @@ parsecolor(char *buf) } val = (char *)strtok(NULL, ";"); } - strcpy(buf, data); + strlcpy(buf, data, sizeof(buf)); } #define NORMAL (00) diff --git a/mbbsd/syspost.c b/mbbsd/syspost.c index 15caf482..6439a735 100644 --- a/mbbsd/syspost.c +++ b/mbbsd/syspost.c @@ -1,4 +1,4 @@ -/* $Id: syspost.c,v 1.12 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: syspost.c,v 1.13 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" void @@ -9,7 +9,7 @@ post_change_perm(int oldperm, int newperm, char *sysopid, char *userid) char genbuf[200], reason[30]; int i, flag = 0; - strcpy(genbuf, "boards/S/Security"); + strlcpy(genbuf, "boards/S/Security", sizeof(genbuf)); stampfile(genbuf, &fhdr); if (!(fp = fopen(genbuf, "w"))) return; @@ -38,7 +38,7 @@ post_change_perm(int oldperm, int newperm, char *sysopid, char *userid) sprintf(fhdr.title, "[¤½¦w³ø§i] ¯¸ªø%sקï%sÅv³ø§i", cuser.userid, userid); - strcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]"); + strlcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]", sizeof(fhdr.owner)); append_record("boards/S/Security/.DIR", &fhdr, sizeof(fhdr)); } } @@ -49,7 +49,7 @@ post_violatelaw(char *crime, char *police, char *reason, char *result) char genbuf[200]; fileheader_t fhdr; FILE *fp; - strcpy(genbuf, "boards/S/Security"); + strlcpy(genbuf, "boards/S/Security", sizeof(genbuf)); stampfile(genbuf, &fhdr); if (!(fp = fopen(genbuf, "w"))) return; @@ -61,10 +61,10 @@ post_violatelaw(char *crime, char *police, char *reason, char *result) crime, ctime(&now), police, crime, reason, result); fclose(fp); sprintf(fhdr.title, "[³ø§i] %-20s ¹Hªk§P¨M³ø§i", crime); - strcpy(fhdr.owner, "[Pttªk°|]"); + strlcpy(fhdr.owner, "[Pttªk°|]", sizeof(fhdr.owner)); append_record("boards/S/Security/.DIR", &fhdr, sizeof(fhdr)); - strcpy(genbuf, "boards/V/ViolateLaw"); + strlcpy(genbuf, "boards/V/ViolateLaw", sizeof(genbuf)); stampfile(genbuf, &fhdr); if (!(fp = fopen(genbuf, "w"))) return; @@ -76,7 +76,7 @@ post_violatelaw(char *crime, char *police, char *reason, char *result) crime, ctime(&now), police, crime, reason, result); fclose(fp); sprintf(fhdr.title, "[³ø§i] %-20s ¹Hªk§P¨M³ø§i", crime); - strcpy(fhdr.owner, "[Pttªk°|]"); + strlcpy(fhdr.owner, "[Pttªk°|]", sizeof(fhdr.owner)); append_record("boards/V/ViolateLaw/.DIR", &fhdr, sizeof(fhdr)); @@ -100,7 +100,7 @@ give_money_post(char *userid, int money) time_t now = time(0); char genbuf[200]; - strcpy(genbuf, "boards/S/Security"); + strlcpy(genbuf, "boards/S/Security", sizeof(genbuf)); stampfile(genbuf, &fhdr); if (!(fp = fopen(genbuf, "w"))) return; @@ -115,6 +115,6 @@ give_money_post(char *userid, int money) fclose(fp); sprintf(fhdr.title, "[¤½¦w³ø§i] ¯¸ªø%s¨Ï¥Î¬õ¥]¾÷³ø§i", cuser.userid); - strcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]"); + strlcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]", sizeof(fhdr.owner)); append_record("boards/S/Security/.DIR", &fhdr, sizeof(fhdr)); } diff --git a/mbbsd/talk.c b/mbbsd/talk.c index 5f62d642..c0fdbb12 100644 --- a/mbbsd/talk.c +++ b/mbbsd/talk.c @@ -1,4 +1,4 @@ -/* $Id: talk.c,v 1.78 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: talk.c,v 1.79 2002/07/21 08:18:41 in2 Exp $ */ #include "bbs.h" #define QCAST int (*)(const void *, const void *) @@ -32,7 +32,7 @@ typedef struct pickup_t { /* °O¿ý friend ªº user number */ // #define PICKUP_WAYS 7 //Ãö±¼¤k¤hÀu¥ý -#define PICKUP_WAYS 6 +//#define PICKUP_WAYS 6 static char *fcolor[11] = { "", "\033[36m", "\033[32m", "\033[1;32m", @@ -562,7 +562,7 @@ my_write(pid_t pid, char *prompt, char *id, int flag, userinfo_t * puin) struct tm *ptime; userinfo_t *uin; uin = (puin != NULL) ? puin : (userinfo_t *) search_ulist_pid(pid); - strcpy(destid, id); + strlcpy(destid, id, sizeof(destid)); if (!uin && !(flag == 0 && water_which->count > 0)) { outmsg("\033[1;33;41mÁV¿|! ¹ï¤è¤w¸¨¶]¤F(¤£¦b¯¸¤W)! \033[37m~>_<~\033[m"); @@ -595,11 +595,11 @@ my_write(pid_t pid, char *prompt, char *id, int flag, userinfo_t * puin) i = (water_which->top - watermode + MAX_REVIEW) % MAX_REVIEW; uin = (userinfo_t *) search_ulist_pid(water_which->msg[i].pid); - strcpy(destid, water_which->msg[i].userid); + strlcpy(destid, water_which->msg[i].userid, sizeof(destid)); } } else { /* pre-edit ªº¤ô²y */ - strcpy(msg, prompt); + strlcpy(msg, prompt, sizeof(msg)); len = strlen(msg); } @@ -660,8 +660,10 @@ my_write(pid_t pid, char *prompt, char *id, int flag, userinfo_t * puin) uin->pager = 2; uin->msgs[uin->msgcount].pid = currpid; - strcpy(uin->msgs[uin->msgcount].userid, cuser.userid); - strcpy(uin->msgs[uin->msgcount++].last_call_in, msg); + strlcpy(uin->msgs[uin->msgcount].userid, cuser.userid, + sizeof(uin->msgs[uin->msgcount].userid)); + strlcpy(uin->msgs[uin->msgcount++].last_call_in, msg, + sizeof(uin->msgs[uin->msgcount++].last_call_in)); uin->pager = pager0; } else if (flag != 2) outmsg("\033[1;33;41mÁV¿|! ¹ï¤è¤£¦æ¤F! (¦¬¨ì¤Ó¦h¤ô²y) \033[37m@_@\033[m"); @@ -793,8 +795,8 @@ t_display(void) stampfile(buf, &mymail); mymail.filemode = FILE_READ | FILE_HOLD; - strcpy(mymail.owner, "[³Æ.§Ñ.¿ý]"); - strcpy(mymail.title, "¼ö½u°O¿ý"); + strlcpy(mymail.owner, "[³Æ.§Ñ.¿ý]", sizeof(mymail.owner)); + strlcpy(mymail.title, "¼ö½u°O¿ý", sizeof(mymail.title)); sethomedir(title, cuser.userid); Rename(genbuf, buf); append_record(title, &mymail, sizeof(mymail)); @@ -963,7 +965,7 @@ do_talk(int fd) ptime = localtime(&now); sethomepath(fpath, cuser.userid); - strcpy(fpath, tempnam(fpath, "talk_")); + strlcpy(fpath, tempnam(fpath, "talk_"), sizeof(fpath)); flog = fopen(fpath, "w"); setuserfile(genbuf, fn_talklog); @@ -1074,7 +1076,7 @@ do_talk(int fd) sethomepath(genbuf, cuser.userid); stampfile(genbuf, &mymail); mymail.filemode = FILE_READ | FILE_HOLD; - strcpy(mymail.owner, "[³Æ.§Ñ.¿ý]"); + strlcpy(mymail.owner, "[³Æ.§Ñ.¿ý]", sizeof(mymail.owner)); sprintf(mymail.title, "¹ï¸Ü°O¿ý \033[1;36m(%s)\033[m", getuserid(currutmp->destuid)); sethomedir(title, cuser.userid); @@ -1101,7 +1103,7 @@ my_talk(userinfo_t * uin, int fri_stat) unsigned char mode0 = currutmp->mode; ch = uin->mode; - strcpy(currauthor, uin->userid); + strlcpy(currauthor, uin->userid, sizeof(currauthor)); if (ch == EDITING || ch == TALK || ch == CHATING || ch == PAGE || ch == MAILALL || ch == MONITOR || ch == M_FIVE || ch == CHC || @@ -1164,8 +1166,8 @@ my_talk(userinfo_t * uin, int fri_stat) uin->turn = 1; currutmp->turn = 0; - strcpy(uin->mateid, currutmp->userid); - strcpy(currutmp->mateid, uin->userid); + strlcpy(uin->mateid, currutmp->userid, sizeof(uin->mateid)); + strlcpy(currutmp->mateid, uin->userid, sizeof(currutmp->mateid)); sock = socket(AF_INET, SOCK_STREAM, 0); if (sock < 0) { @@ -1412,7 +1414,7 @@ friend_descript(char *uident) } fclose(fp); if (desc && flag) - strcpy(desc_buf, desc); + strlcpy(desc_buf, desc, sizeof(desc_buf)); else return space_buf; @@ -1668,7 +1670,7 @@ draw_pickup(int drawall, pickup_t * pickup, int pickup_way, #ifdef SHOW_IDLE_TIME idletime = (now - uentp->lastact); if (idletime > 86400) - strcpy(idlestr, " -----"); + strlcpy(idlestr, " -----", sizeof(idlestr)); else if (idletime >= 3600) sprintf(idlestr, "%3dh%02d", idletime / 3600, (idletime / 60) % 60); @@ -1676,7 +1678,7 @@ draw_pickup(int drawall, pickup_t * pickup, int pickup_way, sprintf(idlestr, "%3d'%02d", idletime / 60, idletime % 60); else - strcpy(idlestr, " "); + strlcpy(idlestr, " ", sizeof(idlestr)); #endif if ((uentp->userlevel & PERM_VIOLATELAW)) @@ -1859,7 +1861,7 @@ userlist(void) sprintf(buf, "¥N¸¹ [%s]¡G", currutmp->userid); if (!getdata(1, 0, buf, currutmp->userid, sizeof(buf), DOECHO)) - strcpy(currutmp->userid, cuser.userid); + strlcpy(currutmp->userid, cuser.userid, sizeof(currutmp->userid)); redrawall = redraw = 1; } break; @@ -2085,7 +2087,7 @@ userlist(void) if (HAS_PERM(PERM_ACCOUNTS)) { int id; userec_t muser; - strcpy(currauthor, uentp->userid); + strlcpy(currauthor, uentp->userid, sizeof(currauthor)); stand_title("¨Ï¥ÎªÌ³]©w"); move(1, 0); if ((id = getuser(uentp->userid)) > 0) { @@ -2209,7 +2211,7 @@ userlist(void) break; case 'q': - strcpy(currauthor, uentp->userid); + strlcpy(currauthor, uentp->userid, sizeof(currauthor)); my_query(uentp->userid); setutmpmode(LUSERS); redrawall = redraw = 1; @@ -2447,8 +2449,9 @@ talkreply(void) getuser(uip->userid); currutmp->msgs[0].pid = uip->pid; - strcpy(currutmp->msgs[0].userid, uip->userid); - strcpy(currutmp->msgs[0].last_call_in, "©I¥s¡B©I¥s¡AÅ¥¨ì½Ð¦^µª (Ctrl-R)"); + strlcpy(currutmp->msgs[0].userid, uip->userid, sizeof(currutmp->msgs[0].userid)); + strlcpy(currutmp->msgs[0].last_call_in, "©I¥s¡B©I¥s¡AÅ¥¨ì½Ð¦^µª (Ctrl-R)", + sizeof(currutmp->msgs[0].last_call_in)); prints("¹ï¤è¨Ó¦Û [%s]¡A¦@¤W¯¸ %d ¦¸¡A¤å³¹ %d ½g\n", uip->from, xuser.numlogins, xuser.numposts); showplans(uip->userid); @@ -2464,7 +2467,7 @@ talkreply(void) return; } currutmp->msgcount = 0; - strcpy(save_page_requestor, page_requestor); + strlcpy(save_page_requestor, page_requestor, sizeof(save_page_requestor)); memset(page_requestor, 0, sizeof(page_requestor)); if (!(h = gethostbyname("localhost"))) { perror("gethostbyname"); @@ -2484,7 +2487,7 @@ talkreply(void) write(a, buf, 1); if (buf[0] == 'f' || buf[0] == 'F') { if (!getdata(b_lines, 0, "¤£¯àªºì¦]¡G", genbuf, 60, DOECHO)) - strcpy(genbuf, "¤£§i¶D§A«¨ !! ^o^"); + strlcpy(genbuf, "¤£§i¶D§A«¨ !! ^o^", sizeof(genbuf)); write(a, genbuf, 60); } uip->destuip = currutmp - &SHM->uinfo[0]; diff --git a/mbbsd/topsong.c b/mbbsd/topsong.c index 9d5fd475..277ef85f 100644 --- a/mbbsd/topsong.c +++ b/mbbsd/topsong.c @@ -1,4 +1,4 @@ -/* $Id: topsong.c,v 1.3 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: topsong.c,v 1.4 2002/07/21 08:18:42 in2 Exp $ */ #include "bbs.h" #define MAX_SONGS 300 @@ -60,8 +60,8 @@ sortsong() for (n = 0; n < MAX_SONGS && songs[n].name[0]; n++) if (!strcmp(songs[n].cname, cbuf)) break; - strcpy(songs[n].name, buf); - strcpy(songs[n].cname, cbuf); + strlcpy(songs[n].name, buf, sizeof(songs[n].name)); + strlcpy(songs[n].cname, cbuf, sizeof(songs[n].cname)); songs[n].count++; totalcount++; } diff --git a/mbbsd/user.c b/mbbsd/user.c index ed45b306..97c9690d 100644 --- a/mbbsd/user.c +++ b/mbbsd/user.c @@ -1,4 +1,4 @@ -/* $Id: user.c,v 1.29 2002/07/07 14:36:21 in2 Exp $ */ +/* $Id: user.c,v 1.30 2002/07/21 08:18:42 in2 Exp $ */ #include "bbs.h" static char *sex[8] = { @@ -75,7 +75,7 @@ user_display(userec_t * u, int real) u->numlogins, u->numposts); if (real) { - strcpy(genbuf, "bTCPRp#@XWBA#VSM0123456789ABCDEF"); + strlcpy(genbuf, "bTCPRp#@XWBA#VSM0123456789ABCDEF", sizeof(genbuf)); for (diff = 0; diff < 32; diff++) if (!(u->userlevel & (1 << diff))) genbuf[diff] = '-'; @@ -135,7 +135,7 @@ mail_violatelaw(char *crime, char *police, char *reason, char *result) ctime(&now), police, crime, reason, result); fclose(fp); sprintf(fhdr.title, "[³ø§i] ¹Hªk§P¨M³ø§i"); - strcpy(fhdr.owner, "[Pttªk°|]"); + strlcpy(fhdr.owner, "[Pttªk°|]", sizeof(fhdr.owner)); sprintf(genbuf, "home/%c/%s/.DIR", crime[0], crime); append_record(genbuf, &fhdr, sizeof(fhdr)); } @@ -253,7 +253,7 @@ uinfo_query(userec_t * u, int real, int unum) getdata_str(i++, 0, "¹q¤l«H½c[ÅÜ°Ên«·s»{ÃÒ]¡G", buf, 50, DOECHO, x.email); if (strcmp(buf, x.email) && strchr(buf, '@')) { - strcpy(x.email, buf); + strlcpy(x.email, buf, sizeof(x.email)); mail_changed = 1 - real; } sprintf(genbuf, "%i", (u->sex + 1) % 8); @@ -445,14 +445,14 @@ uinfo_query(userec_t * u, int real, int unum) outs("¿ù»~! ¤w¸g¦³¦P¼Ë ID ªº¨Ï¥ÎªÌ"); fail++; } else - strcpy(x.userid, genbuf); + strlcpy(x.userid, genbuf, sizeof(x.userid)); } break; case '6': if (x.mychicken.name[0]) x.mychicken.name[0] = 0; else - strcpy(x.mychicken.name, "[¦º]"); + strlcpy(x.mychicken.name, "[¦º]", sizeof(x.mychicken.name)); break; default: return; @@ -501,7 +501,7 @@ uinfo_query(userec_t * u, int real, int unum) setumoney(unum, x.money); passwd_update(unum, &x); if (money_change) { - strcpy(genbuf, "boards/S/Security"); + strlcpy(genbuf, "boards/S/Security", sizeof(genbuf)); stampfile(genbuf, &fhdr); if (!(fp = fopen(genbuf, "w"))) return; @@ -523,7 +523,7 @@ uinfo_query(userec_t * u, int real, int unum) fclose(fp); sprintf(fhdr.title, "[¤½¦w³ø§i] ¯¸ªø%sקï%s¿ú³ø§i", cuser.userid, x.userid); - strcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]"); + strlcpy(fhdr.owner, "[¨t²Î¦w¥þ§½]", sizeof(fhdr.owner)); append_record("boards/S/Security/.DIR", &fhdr, sizeof(fhdr)); } } @@ -535,8 +535,8 @@ u_info() move(2, 0); user_display(&cuser, 0); uinfo_query(&cuser, 0, usernum); - strcpy(currutmp->realname, cuser.realname); - strcpy(currutmp->username, cuser.username); + strlcpy(currutmp->realname, cuser.realname, sizeof(currutmp->realname)); + strlcpy(currutmp->username, cuser.username, sizeof(currutmp->username)); return 0; } @@ -728,7 +728,7 @@ getfield(int line, char *info, char *desc, char *buf, int len) outs(genbuf); sprintf(prompt, "%s¡G", desc); if (getdata_str(line + 1, 2, prompt, genbuf, len, DOECHO, buf)) - strcpy(buf, genbuf); + strlcpy(buf, genbuf, sizeof(buf)); move(line, 2); prints("%s¡G%s", desc, buf); clrtoeol(); @@ -753,7 +753,7 @@ ispersonalid(char *inid) char *lst = "ABCDEFGHJKLMNPQRSTUVWXYZIO", id[20]; int i, j, cksum; - strcpy(id, inid); + strlcpy(id, inid, sizeof(id)); i = cksum = 0; if (!isalpha(id[0]) && (strlen(id) != 10)) return 0; @@ -907,15 +907,15 @@ toregister(char *email, char *genbuf, char *phone, char *career, sethomefile(buf, cuser.userid, "justify"); } sprintf(buf, "±z¦b " BBSNAME " ªº»{ÃÒ½X: %s", getregcode(genbuf)); - strcpy(tmp, cuser.userid); - strcpy(cuser.userid, "SYSOP"); + strlcpy(tmp, cuser.userid, sizeof(tmp)); + strlcpy(cuser.userid, "SYSOP", sizeof(cuser.userid)); #ifdef HAVEMOBILE if (strcmp(email, "m") == 0 || strcmp(email, "M") == 0) mobile_message(mobile, buf); else #endif bsmtp("etc/registermail", buf, email, 0); - strcpy(cuser.userid, tmp); + strlcpy(cuser.userid, tmp, sizeof(cuser.userid)); outs("\n\n\n§Ú̧Y±N±H¥X»{ÃÒ«H (±zÀ³¸Ó·|¦b 10 ¤ÀÄÁ¤º¦¬¨ì)\n" "¦¬¨ì«á±z¥i¥H¸ò¾Ú»{ÃÒ«H¼ÐÃDªº»{ÃÒ½X\n" "¿é¤J¨ì (U)ser -> (R)egister «á´N¥i¥H§¹¦¨µù¥U"); @@ -952,10 +952,10 @@ u_register(void) } fclose(fn); } - strcpy(ident, cuser.ident); - strcpy(rname, cuser.realname); - strcpy(addr, cuser.address); - strcpy(email, cuser.email); + strlcpy(ident, cuser.ident, sizeof(ident)); + strlcpy(rname, cuser.realname, sizeof(rname)); + strlcpy(addr, cuser.address, sizeof(addr)); + strlcpy(email, cuser.email, sizeof(email)); sprintf(mobile, "0%09d", cuser.mobile); if (cuser.month == 0 && cuser.day && cuser.year == 0) birthday[0] = 0; @@ -1115,10 +1115,10 @@ u_register(void) if (ans[0] == 'y') break; } - strcpy(cuser.ident, ident); - strcpy(cuser.realname, rname); - strcpy(cuser.address, addr); - strcpy(cuser.email, email); + strlcpy(cuser.ident, ident, sizeof(cuser.ident)); + strlcpy(cuser.realname, rname, sizeof(cuser.realname)); + strlcpy(cuser.address, addr, sizeof(cuser.address)); + strlcpy(cuser.email, email, sizeof(cuser.email)); cuser.mobile = atoi(mobile); cuser.sex = (sex_is[0] - '1') % 8; cuser.month = mon; @@ -1184,7 +1184,7 @@ u_list_CB(userec_t * uentp) clrtobot(); } level = uentp->userlevel; - strcpy(permstr, "----"); + strlcpy(permstr, "----", sizeof(permstr)); if (level & PERM_SYSOP) permstr[0] = 'S'; else if (level & PERM_ACCOUNTS) diff --git a/mbbsd/vote.c b/mbbsd/vote.c index e54bc7a2..8f51ee3a 100644 --- a/mbbsd/vote.c +++ b/mbbsd/vote.c @@ -1,4 +1,4 @@ -/* $Id: vote.c,v 1.10 2002/07/05 17:10:28 in2 Exp $ */ +/* $Id: vote.c,v 1.11 2002/07/21 08:18:42 in2 Exp $ */ #include "bbs.h" static int total; @@ -135,14 +135,14 @@ vote_report(char *bname, char *fname, char *fpath) /* append record to .DIR */ memset(&header, 0, sizeof(fileheader_t)); - strcpy(header.owner, "[°¨¸ô±´¤l]"); + strlcpy(header.owner, "[°¨¸ô±´¤l]", sizeof(header.owner)); sprintf(header.title, "[%s] ¬ÝªO ¿ï±¡³ø¾É", bname); { register struct tm *ptime = localtime(&dtime); sprintf(header.date, "%2d/%02d", ptime->tm_mon + 1, ptime->tm_mday); } - strcpy(header.filename, ip); + strlcpy(header.filename, ip, sizeof(header.filename)); strcpy(ip, ".DIR"); if ((fd = open(fpath, O_WRONLY | O_CREAT, 0644)) >= 0) { @@ -188,13 +188,13 @@ b_result_one(boardheader_t * fh, int ind) sprintf(STR_new_limited, "%s%d", STR_bv_limited, ind); sprintf(STR_new_title, "%s%d", STR_bv_title, ind); } else { - strcpy(STR_new_ballots, STR_bv_ballots); - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_desc, STR_bv_desc); - strcpy(STR_new_flags, STR_bv_flags); - strcpy(STR_new_comments, STR_bv_comments); - strcpy(STR_new_limited, STR_bv_limited); - strcpy(STR_new_title, STR_bv_title); + strlcpy(STR_new_ballots, STR_bv_ballots, sizeof(STR_new_ballots)); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_desc, STR_bv_desc, sizeof(STR_new_desc)); + strlcpy(STR_new_flags, STR_bv_flags, sizeof(STR_new_flags)); + strlcpy(STR_new_comments, STR_bv_comments, sizeof(STR_new_comments)); + strlcpy(STR_new_limited, STR_bv_limited, sizeof(STR_new_limited)); + strlcpy(STR_new_title, STR_bv_title, sizeof(STR_new_title)); } bname = fh->brdname; @@ -289,7 +289,7 @@ b_result(boardheader_t * fh) if (i) sprintf(STR_new_control, "%s%d", STR_bv_control, i); else - strcpy(STR_new_control, STR_bv_control); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); setbfile(buf, fh->brdname, STR_new_control); cfp = fopen(buf, "r"); @@ -375,13 +375,13 @@ vote_view(char *bname, int index) sprintf(STR_new_limited, "%s%d", STR_bv_limited, index); sprintf(STR_new_title, "%s%d", STR_bv_title, index); } else { - strcpy(STR_new_ballots, STR_bv_ballots); - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_desc, STR_bv_desc); - strcpy(STR_new_flags, STR_bv_flags); - strcpy(STR_new_comments, STR_bv_comments); - strcpy(STR_new_limited, STR_bv_limited); - strcpy(STR_new_title, STR_bv_title); + strlcpy(STR_new_ballots, STR_bv_ballots, sizeof(STR_new_ballots)); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_desc, STR_bv_desc, sizeof(STR_new_desc)); + strlcpy(STR_new_flags, STR_bv_flags, sizeof(STR_new_flags)); + strlcpy(STR_new_comments, STR_bv_comments, sizeof(STR_new_comments)); + strlcpy(STR_new_limited, STR_bv_limited, sizeof(STR_new_limited)); + strlcpy(STR_new_title, STR_bv_title, sizeof(STR_new_title)); } setbfile(buf, bname, STR_new_ballots); @@ -475,8 +475,8 @@ vote_view_all(char *bname) char buf[STRLEN], genbuf[STRLEN]; char inbuf[80]; - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_title, STR_bv_title); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_title, STR_bv_title, sizeof(STR_new_title)); setbfile(buf, bname, STR_new_control); move(0, 0); if ((fp = fopen(buf, "r"))) { @@ -488,7 +488,7 @@ vote_view_all(char *bname) if ((xfp = fopen(buf, "r"))) fgets(inbuf, sizeof(inbuf), xfp); else - strcpy(inbuf, "µL¼ÐÃD"); + strlcpy(inbuf, "µL¼ÐÃD", sizeof(inbuf)); prints("%s\n", inbuf); fclose(xfp); } @@ -505,7 +505,7 @@ vote_view_all(char *bname) if ((xfp = fopen(buf, "r"))) fgets(inbuf, sizeof(inbuf), xfp); else - strcpy(inbuf, "µL¼ÐÃD"); + strlcpy(inbuf, "µL¼ÐÃD", sizeof(inbuf)); prints("%s\n", inbuf); fclose(xfp); } @@ -523,7 +523,7 @@ vote_view_all(char *bname) if (genbuf[0] != '0') sprintf(STR_new_control, "%s%d", STR_bv_control, atoi(genbuf)); else - strcpy(STR_new_control, STR_bv_control); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); setbfile(buf, bname, STR_new_control); @@ -604,7 +604,7 @@ vote_maintain(char *bname) } else if (genbuf[0] != 'm' || fhp->bvote >= 20) return FULLUPDATE; } - strcpy(STR_new_control, STR_bv_control); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); setbfile(buf, bname, STR_new_control); x = 0; while (x < 20 && (fp = fopen(buf, "r")) != NULL) { @@ -626,13 +626,13 @@ vote_maintain(char *bname) sprintf(STR_new_limited, "%s%d", STR_bv_limited, x); sprintf(STR_new_title, "%s%d", STR_bv_title, x); } else { - strcpy(STR_new_ballots, STR_bv_ballots); - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_desc, STR_bv_desc); - strcpy(STR_new_flags, STR_bv_flags); - strcpy(STR_new_comments, STR_bv_comments); - strcpy(STR_new_limited, STR_bv_limited); - strcpy(STR_new_title, STR_bv_title); + strlcpy(STR_new_ballots, STR_bv_ballots, sizeof(STR_new_ballots)); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_desc, STR_bv_desc, sizeof(STR_new_desc)); + strlcpy(STR_new_flags, STR_bv_flags, sizeof(STR_new_flags)); + strlcpy(STR_new_comments, STR_bv_comments, sizeof(STR_new_comments)); + strlcpy(STR_new_limited, STR_bv_limited, sizeof(STR_new_limited)); + strlcpy(STR_new_title, STR_bv_title, sizeof(STR_new_title)); } clear(); move(0, 0); @@ -640,7 +640,7 @@ vote_maintain(char *bname) setbfile(buf, bname, STR_new_title); getdata(4, 0, "½Ð¿é¤J§ë²¼¦WºÙ:", inbuf, 50, LCECHO); if (inbuf[0] == '\0') - strcpy(inbuf, "¤£ª¾¦Wªº"); + strlcpy(inbuf, "¤£ª¾¦Wªº", sizeof(inbuf)); fp = fopen(buf, "w"); fprintf(fp, "%s", inbuf); fclose(fp); @@ -704,7 +704,7 @@ vote_maintain(char *bname) getdata(t_lines - 3, 0, buf, inbuf, 3, DOECHO); if (atoi(inbuf) <= 0 || atoi(inbuf) > num) - strcpy(inbuf, "1"); + strlcpy(inbuf, "1", sizeof(inbuf)); rewind(fp); fprintf(fp, "%2d\n", MAX(1, atoi(inbuf))); @@ -736,7 +736,7 @@ vote_flag(char *bname, int index, char val) if (index) sprintf(STR_new_flags, "%s%d", STR_bv_flags, index); else - strcpy(STR_new_flags, STR_bv_flags); + strlcpy(STR_new_flags, STR_bv_flags, sizeof(STR_new_flags)); num = usernum - 1; setbfile(buf, bname, STR_new_flags); @@ -791,12 +791,12 @@ user_vote_one(char *bname, int ind) sprintf(STR_new_comments, "%s%d", STR_bv_comments, ind); sprintf(STR_new_limited, "%s%d", STR_bv_limited, ind); } else { - strcpy(STR_new_ballots, STR_bv_ballots); - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_desc, STR_bv_desc); - strcpy(STR_new_flags, STR_bv_flags); - strcpy(STR_new_comments, STR_bv_comments); - strcpy(STR_new_limited, STR_bv_limited); + strlcpy(STR_new_ballots, STR_bv_ballots, sizeof(STR_new_ballots)); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_desc, STR_bv_desc, sizeof(STR_new_desc)); + strlcpy(STR_new_flags, STR_bv_flags, sizeof(STR_new_flags)); + strlcpy(STR_new_comments, STR_bv_comments, sizeof(STR_new_comments)); + strlcpy(STR_new_limited, STR_bv_limited, sizeof(STR_new_limited)); } setbfile(buf, bname, STR_new_control); @@ -892,7 +892,7 @@ user_vote_one(char *bname, int ind) char buf[3], mycomments[3][74], b_comments[80]; for (i = 0; i < 3; i++) - strcpy(mycomments[i], "\n"); + strlcpy(mycomments[i], "\n", sizeof(mycomments[i])); flock(fd, LOCK_EX); for (count = 0; count < 31; count++) { @@ -972,8 +972,8 @@ user_vote(char *bname) pressanykey(); return FULLUPDATE; } - strcpy(STR_new_control, STR_bv_control); - strcpy(STR_new_title, STR_bv_title); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); + strlcpy(STR_new_title, STR_bv_title, sizeof(STR_new_title)); setbfile(buf, bname, STR_new_control); move(0, 0); if ((fp = fopen(buf, "r"))) { @@ -985,7 +985,7 @@ user_vote(char *bname) if ((xfp = fopen(buf, "r"))) fgets(inbuf, sizeof(inbuf), xfp); else - strcpy(inbuf, "µL¼ÐÃD"); + strlcpy(inbuf, "µL¼ÐÃD", sizeof(inbuf)); prints("%s\n", inbuf); fclose(xfp); } @@ -1002,7 +1002,7 @@ user_vote(char *bname) if ((xfp = fopen(buf, "r"))) fgets(inbuf, sizeof(inbuf), xfp); else - strcpy(inbuf, "µL¼ÐÃD"); + strlcpy(inbuf, "µL¼ÐÃD", sizeof(inbuf)); prints("%s\n", inbuf); fclose(xfp); } @@ -1021,7 +1021,7 @@ user_vote(char *bname) if (genbuf[0] != '0') sprintf(STR_new_control, "%s%d", STR_bv_control, atoi(genbuf)); else - strcpy(STR_new_control, STR_bv_control); + strlcpy(STR_new_control, STR_bv_control, sizeof(STR_new_control)); setbfile(buf, bname, STR_new_control); diff --git a/mbbsd/voteboard.c b/mbbsd/voteboard.c index d3df2540..1aa05ee9 100644 --- a/mbbsd/voteboard.c +++ b/mbbsd/voteboard.c @@ -1,4 +1,4 @@ -/* $Id: voteboard.c,v 1.10 2002/07/20 15:33:46 in2 Exp $ */ +/* $Id: voteboard.c,v 1.11 2002/07/21 08:18:42 in2 Exp $ */ #include "bbs.h" #define VOTEBOARD "NewBoard" @@ -61,7 +61,7 @@ do_voteboardreply(fileheader_t * fhdr) fclose(fp); return; } - strcpy(reason, genbuf + 19); + strlcpy(reason, genbuf + 19, sizeof(reason)); } } fclose(fp); @@ -420,8 +420,8 @@ do_voteboard() "®É¶¡: ", ctime(&now)); fprintf(fp, "%s\n", genbuf); fclose(fp); - strcpy(votefile.owner, cuser.userid); - strcpy(votefile.title, title); + strlcpy(votefile.owner, cuser.userid, sizeof(votefile.owner)); + strlcpy(votefile.title, title, sizeof(votefile.title)); setbdir(genbuf, currboard); if (append_record(genbuf, &votefile, sizeof(votefile)) != -1) setbtotal(currbid); |