Commit 9c6e01f1 authored by rswindell's avatar rswindell

Address several Coverity-reported issues, mainly using SAFECAT() to address

buffer overrun concerns.
parent 9ee55149
......@@ -75,10 +75,6 @@ void sbbs_t::multinodechat(int channel)
putnodedat(cfg.node_num,&thisnode);
}
bprintf(text[WelcomeToChannelN],channel,cfg.chan[channel-1]->name);
if(gurubuf) {
free(gurubuf);
gurubuf=NULL;
}
if(cfg.chan[channel-1]->misc&CHAN_GURU && cfg.chan[channel-1]->guru<cfg.total_gurus
&& chk_ar(cfg.guru[cfg.chan[channel-1]->guru]->ar,&useron,&client)) {
sprintf(str,"%s%s.dat",cfg.ctrl_dir,cfg.guru[cfg.chan[channel-1]->guru]->code);
......@@ -186,7 +182,7 @@ void sbbs_t::multinodechat(int channel)
bputs(text[MultiChatCommandPrompt]);
strcpy(str,"ACELWQ?*");
if(SYSOP)
strcat(str,"0");
SAFECAT(str,"0");
i=getkeys(str,cfg.total_chans);
if(i&0x80000000L) { /* change channel */
savch=(char)(i&~0x80000000L);
......@@ -363,7 +359,7 @@ void sbbs_t::multinodechat(int channel)
? text[AnonUserChatHandle]
: useron.handle
,cfg.node_num,'*',line);
strcat(buf,crlf);
SAFECAT(buf,crlf);
if(useron.chat&CHAT_ECHO)
bputs(buf);
putnmsg(&cfg,j,buf);
......@@ -430,10 +426,10 @@ void sbbs_t::multinodechat(int channel)
: useron.handle
,cfg.node_num,':',nulstr);
sprintf(tmp,"%*s",(int)bstrlen(str),nulstr);
strcat(pgraph,tmp);
SAFECAT(pgraph,tmp);
}
strcat(pgraph,line);
strcat(pgraph,crlf);
SAFECAT(pgraph,line);
SAFECAT(pgraph,crlf);
if(!wordwrap[0])
break;
j++;
......@@ -498,7 +494,7 @@ void sbbs_t::multinodechat(int channel)
,thisnode.misc&NODE_ANON
? text[UNKNOWN_USER] : useron.alias
,"you");
strcat(buf,crlf);
SAFECAT(buf,crlf);
putnmsg(&cfg,usr[j],buf);
}
......@@ -508,7 +504,7 @@ void sbbs_t::multinodechat(int channel)
,thisnode.misc&NODE_ANON
? text[UNKNOWN_USER] : useron.alias
,str);
strcat(buf,crlf);
SAFECAT(buf,crlf);
for(i=0;i<usrs;i++) {
if(i==j)
......@@ -549,6 +545,8 @@ void sbbs_t::multinodechat(int channel)
break;
}
lncntr=0;
if(gurubuf != NULL)
free(gurubuf);
}
/****************************************************************************/
......@@ -1349,7 +1347,7 @@ int sbbs_t::getnodetopage(int all, int telegram)
}
}
if(telegram) {
strcpy(lastnodemsguser,str);
SAFECOPY(lastnodemsguser,str);
return(j);
}
bputs(text[UserNotFound]);
......@@ -1439,11 +1437,11 @@ void sbbs_t::nodemsg()
if(!getstr(line,70,K_WRAP|K_MSG))
break;
sprintf(str,"%4s%s\r\n",nulstr,line);
strcat(buf,str);
SAFECAT(buf,str);
if(line[0]) {
if(i)
strcat(logbuf," ");
strcat(logbuf,line);
SAFECAT(logbuf," ");
SAFECAT(logbuf,line);
}
i++;
}
......@@ -1637,6 +1635,7 @@ void sbbs_t::guruchat(char* line, char* gurubuf, int gurunum, char* last_answer)
if(answers==100)
while(*ptr && *ptr!='(' && ptr<gurubuf+len)
ptr++;
i=0;
/* Try to not repeat yourself */
for(j=0;j<answers;j++) {
i=sbbs_random(answers);
......@@ -1650,113 +1649,125 @@ void sbbs_t::guruchat(char* line, char* gurubuf, int gurunum, char* last_answer)
theanswer[k]=0;
switch(toupper(answer[i][j])) {
case 'A':
if(sys_status&SS_USERON)
strcat(theanswer,useron.alias);
else
strcat(theanswer,text[UNKNOWN_USER]);
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.alias);
} else {
SAFECAT(theanswer,text[UNKNOWN_USER]);
}
break;
case 'B':
if(sys_status&SS_USERON)
strcat(theanswer,useron.birth);
else
strcat(theanswer,"00/00/00");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.birth);
} else {
SAFECAT(theanswer,"00/00/00");
}
break;
case 'C':
if(sys_status&SS_USERON)
strcat(theanswer,useron.comp);
else
strcat(theanswer,"PC Jr.");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.comp);
} else {
SAFECAT(theanswer,"PC Jr.");
}
break;
case 'D':
if(sys_status&SS_USERON)
strcat(theanswer,ultoac(useron.dlb,tmp));
else
strcat(theanswer,"0");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,ultoac(useron.dlb,tmp));
} else {
SAFECAT(theanswer,"0");
}
break;
case 'G':
strcat(theanswer,cfg.guru[gurunum]->name);
SAFECAT(theanswer,cfg.guru[gurunum]->name);
break;
case 'H':
hu=1;
break;
case 'I':
strcat(theanswer,cfg.sys_id);
SAFECAT(theanswer,cfg.sys_id);
break;
case 'J':
sprintf(tmp,"%u",tm.tm_mday);
break;
case 'L':
if(sys_status&SS_USERON)
strcat(theanswer,ultoa(useron.level,tmp,10));
else
strcat(theanswer,"0");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,ultoa(useron.level,tmp,10));
} else {
SAFECAT(theanswer,"0");
}
break;
case 'M':
strcat(theanswer,month[tm.tm_mon]);
SAFECAT(theanswer,month[tm.tm_mon]);
break;
case 'N': /* Note */
if(sys_status&SS_USERON)
strcat(theanswer,useron.note);
else
strcat(theanswer,text[UNKNOWN_USER]);
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.note);
} else {
SAFECAT(theanswer,text[UNKNOWN_USER]);
}
break;
case 'O':
strcat(theanswer,cfg.sys_op);
SAFECAT(theanswer,cfg.sys_op);
break;
case 'P':
if(sys_status&SS_USERON)
strcat(theanswer,useron.phone);
else
strcat(theanswer,"000-000-0000");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.phone);
} else {
SAFECAT(theanswer,"000-000-0000");
}
break;
case 'Q':
sys_status&=~SS_GURUCHAT;
break;
case 'R':
if(sys_status&SS_USERON)
strcat(theanswer,useron.name);
else
strcat(theanswer,text[UNKNOWN_USER]);
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.name);
} else {
SAFECAT(theanswer,text[UNKNOWN_USER]);
}
break;
case 'S':
strcat(theanswer,cfg.sys_name);
SAFECAT(theanswer,cfg.sys_name);
break;
case 'T':
sprintf(tmp,"%u:%02u",tm.tm_hour>12 ? tm.tm_hour-12
: tm.tm_hour,tm.tm_min);
strcat(theanswer,tmp);
SAFECAT(theanswer,tmp);
break;
case 'U':
if(sys_status&SS_USERON)
strcat(theanswer,ultoac(useron.ulb,tmp));
else
strcat(theanswer,"0");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,ultoac(useron.ulb,tmp));
} else {
SAFECAT(theanswer,"0");
}
break;
case 'W':
strcat(theanswer,weekday[tm.tm_wday]);
SAFECAT(theanswer,weekday[tm.tm_wday]);
break;
case 'Y': /* Current year */
sprintf(tmp,"%u",1900+tm.tm_year);
strcat(theanswer,tmp);
SAFECAT(theanswer,tmp);
break;
case 'Z':
if(sys_status&SS_USERON)
strcat(theanswer,useron.zipcode);
else
strcat(theanswer,"90210");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,useron.zipcode);
} else {
SAFECAT(theanswer,"90210");
}
break;
case '$': /* Credits */
if(sys_status&SS_USERON)
strcat(theanswer,ultoac(useron.cdt,tmp));
else
strcat(theanswer,"0");
if(sys_status&SS_USERON) {
SAFECAT(theanswer,ultoac(useron.cdt,tmp));
} else {
SAFECAT(theanswer,"0");
}
break;
case '#':
if(sys_status&SS_USERON)
strcat(theanswer,ultoa(getage(&cfg,useron.birth)
if(sys_status&SS_USERON) {
SAFECAT(theanswer,ultoa(getage(&cfg,useron.birth)
,tmp,10));
else
strcat(theanswer,"0");
} else {
SAFECAT(theanswer,"0");
}
break;
case '!':
mistakes=!mistakes;
......@@ -1814,7 +1825,7 @@ void sbbs_t::guruchat(char* line, char* gurubuf, int gurunum, char* last_answer)
errormsg(WHERE,ERR_OPEN,str,O_WRONLY|O_CREAT|O_APPEND);
else {
xpDateTime_to_isoDateTimeStr(xpDateTime_now(), "-", " ", ":", 0, str, sizeof(str)-3);
strcat(str,"\r\n");
SAFECAT(str,"\r\n");
write(file,str,strlen(str));
if(action==NODE_MCHT) {
sprintf(str,"[Multi] ");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment