From 3e774d4829229f4132e3b6895b572a117f60c99d Mon Sep 17 00:00:00 2001 From: kcwu Date: Thu, 27 Mar 2008 00:53:03 +0000 Subject: - code clean up - enlarge buffer size to prevent overflow git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@4030 63ad8ddf-47c3-0310-b6dd-a9e9d9715204 --- mbbsd/admin.c | 13 +++++++------ mbbsd/friend.c | 11 ++++++----- mbbsd/gamble.c | 2 +- mbbsd/mail.c | 19 ++++++++++--------- mbbsd/vote.c | 18 +++++++++--------- 5 files changed, 33 insertions(+), 30 deletions(-) (limited to 'mbbsd') diff --git a/mbbsd/admin.c b/mbbsd/admin.c index d0efa3e1..a69776c2 100644 --- a/mbbsd/admin.c +++ b/mbbsd/admin.c @@ -22,8 +22,8 @@ m_loginmsg(void) getdata_str(23, 0, "設定進站水球:", msg, 56, DOECHO, SHM->loginmsg.last_call_in)) { SHM->loginmsg.pid=currutmp->pid; /*站長不多 就不管race condition */ - strcpy(SHM->loginmsg.last_call_in, msg); - strcpy(SHM->loginmsg.userid, cuser.userid); + strlcpy(SHM->loginmsg.last_call_in, msg, sizeof(SHM->loginmsg.last_call_in)); + strlcpy(SHM->loginmsg.userid, cuser.userid, sizeof(SHM->loginmsg.userid)); } return 0; } @@ -96,12 +96,13 @@ search_key_user(const char *passwdfile, int mode) int ch; int unum = 0; FILE *fp1 = fopen(passwdfile, "r"); - char friendfile[128]="", key[22], *keymatch; + char friendfile[PATHLEN]="", key[22], *keymatch; int keytype = 0; - char isCurrentPwd = 0; + int isCurrentPwd; - isCurrentPwd = (strcmp(passwdfile, FN_PASSWD) == 0) ? 1 : 0; assert(fp1); + + isCurrentPwd = (strcmp(passwdfile, FN_PASSWD) == 0); clear(); if (!mode) { @@ -422,7 +423,7 @@ void merge_dir(const char *dir1, const char *dir2, int isoutter) strcat(fh[pn+i].owner, "."); } qsort(fh, pn+sn, sizeof(fileheader_t), dir_cmp); - sprintf(bakdir,"%s.bak", dir1); + snprintf(bakdir, sizeof(bakdir), "%s.bak", dir1); Rename(dir1, bakdir); for(i=1; i<=pn+sn; i++ ) { diff --git a/mbbsd/friend.c b/mbbsd/friend.c index 180d0c36..16df6633 100644 --- a/mbbsd/friend.c +++ b/mbbsd/friend.c @@ -6,8 +6,8 @@ /* ------------------------------------- */ /* Ptt 其他特別名單的檔名 */ -char special_list[] = "list.0"; -char special_des[] = "ldes.0"; +static char special_list[7] = "list.0"; +static char special_des[7] = "ldes.0"; /* 特別名單的上限 */ static const unsigned int friend_max[8] = { @@ -230,7 +230,7 @@ delete_friend_from_file(const char *file, const char *string, int case_sensitiv void friend_delete(const char *uident, int type) { - char fn[STRLEN]; + char fn[PATHLEN]; setfriendfile(fn, type); delete_friend_from_file(fn, uident, 0); } @@ -289,7 +289,7 @@ friend_editdesc(const char *uident, int type) fclose(nfp); } -inline void friend_load_real(int tosort, int maxf, +static inline void friend_load_real(int tosort, int maxf, short *destn, int *destar, const char *fn) { char genbuf[PATHLEN]; @@ -307,6 +307,7 @@ inline void friend_load_real(int tosort, int maxf, else{ char *strtok_pos; tarray = (int *)malloc(sizeof(int) * maxf); + assert(tarray); --maxf; /* 因為最後一個要填 0, 所以先扣一個回來 */ while( fgets(genbuf, STRLEN, fp) && nFriends < maxf ) if( (p = strtok_r(genbuf, str_space, &strtok_pos)) && @@ -365,7 +366,7 @@ friend_water(const char *message, int type) void friend_edit(int type) { - char fpath[PATHLEN], line[STRLEN], uident[IDLEN + 1]; + char fpath[PATHLEN], line[PATHLEN], uident[IDLEN + 1]; int count, column, dirty; FILE *fp; char genbuf[PATHLEN]; diff --git a/mbbsd/gamble.c b/mbbsd/gamble.c index 2f3e2dd7..b7fe8d5a 100644 --- a/mbbsd/gamble.c +++ b/mbbsd/gamble.c @@ -140,7 +140,7 @@ ticket(int bid) { int ch, end = 0; int n, price, count; /* 購買張數、單價、選項數 */ - char path[128], fn_ticket[128]; + char path[128], fn_ticket[PATHLEN]; char betname[MAX_ITEM][MAX_ITEM_LEN]; boardheader_t *bh = NULL; diff --git a/mbbsd/mail.c b/mbbsd/mail.c index 38e19619..1f5f8f96 100644 --- a/mbbsd/mail.c +++ b/mbbsd/mail.c @@ -2,7 +2,7 @@ #include "bbs.h" static int mailkeep = 0, mailsum = 0; static int mailsumlimit = 0, mailmaxkeep = 0; -static char currmaildir[32]; +static char currmaildir[PATHLEN]; static char msg_cc[] = ANSI_COLOR(32) "[群組名單]" ANSI_RESET "\n"; static char listfile[] = "list.0"; @@ -21,13 +21,13 @@ static int showmail_mode = SHOWMAIL_NORM; int setforward(void) { - char buf[80], ip[50] = "", yn[4]; + char buf[PATHLEN], ip[50] = "", yn[4]; FILE *fp; int flIdiotSent2Self = 0; int oidlen = strlen(cuser.userid); sethomepath(buf, cuser.userid); - strcat(buf, "/.forward"); + strlcat(buf, "/.forward", sizeof(buf)); if ((fp = fopen(buf, "r"))) { fscanf(fp, "%" toSTR(sizeof(ip)) "s", ip); fclose(fp); @@ -121,7 +121,7 @@ int mail_id(const char *id, const char *title, const char *src, const char *owner) { fileheader_t mhdr; - char dst[128], dirf[128]; + char dst[PATHLEN], dirf[PATHLEN]; sethomepath(dst, id); if (stampfile(dst, &mhdr)) return 0; @@ -290,7 +290,8 @@ chkmailbox(void) static void do_hold_mail(const char *fpath, const char *receiver, const char *holder) { - char buf[80], title[128]; + char buf[PATHLEN], title[128]; + char holder_dir[PATHLEN]; fileheader_t mymail; @@ -305,11 +306,11 @@ do_hold_mail(const char *fpath, const char *receiver, const char *holder) } else strlcpy(mymail.title, save_title, sizeof(mymail.title)); - sethomedir(title, holder); + sethomedir(holder_dir, holder); unlink(buf); Copy(fpath, buf); - append_record_forward(title, &mymail, sizeof(mymail), holder); + append_record_forward(holder_dir, &mymail, sizeof(mymail), holder); } void @@ -333,7 +334,7 @@ do_send(const char *userid, const char *title) fileheader_t mhdr; char fpath[STRLEN]; char receiver[IDLEN + 1]; - char genbuf[200]; + char genbuf[PATHLEN]; int internet_mail, i; userec_t xuser; @@ -1307,7 +1308,7 @@ mail_reply(int ent, fileheader_t * fhdr, const char *direct) static int mail_edit(int ent, fileheader_t * fhdr, const char *direct) { - char genbuf[200]; + char genbuf[PATHLEN]; if (!HasUserPerm(PERM_SYSOP)) return DONOTHING; diff --git a/mbbsd/vote.c b/mbbsd/vote.c index 7562a7b8..206924c2 100644 --- a/mbbsd/vote.c +++ b/mbbsd/vote.c @@ -5,16 +5,16 @@ #define MAX_VOTE_PAGE 5 #define ITEM_PER_PAGE 30 -const char * const STR_bv_control = "control"; /* 投票日期 選項 */ -const char * const STR_bv_desc = "desc"; /* 投票目的 */ -const char * const STR_bv_ballots = "ballots"; /* 投的票 (per byte) */ -const char * const STR_bv_flags = "flags"; -const char * const STR_bv_comments = "comments"; /* 投票者的建議 */ -const char * const STR_bv_limited = "limited"; /* 私人投票 */ -const char * const STR_bv_limits = "limits"; /* 投票資格限制 */ -const char * const STR_bv_title = "vtitle"; +static const char * const STR_bv_control = "control"; /* 投票日期 選項 */ +static const char * const STR_bv_desc = "desc"; /* 投票目的 */ +static const char * const STR_bv_ballots = "ballots"; /* 投的票 (per byte) */ +static const char * const STR_bv_flags = "flags"; +static const char * const STR_bv_comments = "comments"; /* 投票者的建議 */ +static const char * const STR_bv_limited = "limited"; /* 私人投票 */ +static const char * const STR_bv_limits = "limits"; /* 投票資格限制 */ +static const char * const STR_bv_title = "vtitle"; -const char * const STR_bv_results = "results"; +static const char * const STR_bv_results = "results"; typedef struct { char control[sizeof("controlXX\0")]; -- cgit v1.2.3