More strcpy / snprintf as part of rgagnon's audit (bug #2004)

git-svn-id: http://svn.digium.com/svn/asterisk/trunk@3410 f38db490-d61c-443f-a65b-d21fe96a405b
2004-07-09 10:08:09 +00:00 · 2004-07-09 10:08:09 +00:00 · 6d161f1588
parent a2741a5731
commit 6d161f1588
8 changed files with 32 additions and 27 deletions
--- a/app.c
+++ b/app.c
@ -157,7 +157,7 @@ int ast_app_has_voicemail(const char *mailbox)
 	if (ast_strlen_zero(mailbox))
 		return 0;
 	if (strchr(mailbox, ',')) {
-		strncpy(tmp, mailbox, sizeof(tmp));
+		strncpy(tmp, mailbox, sizeof(tmp) - 1);
 		mb = tmp;
 		ret = 0;
 		while((cur = strsep(&mb, ","))) {
@ -207,7 +207,7 @@ int ast_app_messagecount(const char *mailbox, int *newmsgs, int *oldmsgs)
 		return 0;
 	if (strchr(mailbox, ',')) {
 		int tmpnew, tmpold;
-		strncpy(tmp, mailbox, sizeof(tmp));
+		strncpy(tmp, mailbox, sizeof(tmp) - 1);
 		mb = tmp;
 		ret = 0;
 		while((cur = strsep(&mb, ", "))) {
--- a/asterisk.c
+++ b/asterisk.c
@ -943,10 +943,10 @@ static char *cli_prompt(EditLine *el)
 					case 'C': /* color */
 						t++;
 						if (sscanf(t, "%d;%d%n", &fgcolor, &bgcolor, &i) == 2) {
-							strncat(p, term_color_code(term_code, fgcolor, bgcolor, sizeof(term_code)),sizeof(prompt) - strlen(prompt));
+							strncat(p, term_color_code(term_code, fgcolor, bgcolor, sizeof(term_code)),sizeof(prompt) - strlen(prompt) - 1);
 							t += i - 1;
 						} else if (sscanf(t, "%d%n", &fgcolor, &i) == 1) {
-							strncat(p, term_color_code(term_code, fgcolor, 0, sizeof(term_code)),sizeof(prompt) - strlen(prompt));
+							strncat(p, term_color_code(term_code, fgcolor, 0, sizeof(term_code)),sizeof(prompt) - strlen(prompt) - 1);
 							t += i - 1;
 						}

@ -966,9 +966,9 @@ static char *cli_prompt(EditLine *el)
 						break;
 					case 'h': /* hostname */
 						if (!gethostname(hostname, sizeof(hostname) - 1)) {
-							strncat(p, hostname, sizeof(prompt) - strlen(prompt));
+							strncat(p, hostname, sizeof(prompt) - strlen(prompt) - 1);
 						} else {
-							strncat(p, "localhost", sizeof(prompt) - strlen(prompt));
+							strncat(p, "localhost", sizeof(prompt) - strlen(prompt) - 1);
 						}
 						break;
 					case 'H': /* short hostname */
@ -979,9 +979,9 @@ static char *cli_prompt(EditLine *el)
 									break;
 								}
 							}
-							strncat(p, hostname, sizeof(prompt) - strlen(prompt));
+							strncat(p, hostname, sizeof(prompt) - strlen(prompt) - 1);
 						} else {
-							strncat(p, "localhost", sizeof(prompt) - strlen(prompt));
+							strncat(p, "localhost", sizeof(prompt) - strlen(prompt) - 1);
 						}
 						break;
 #ifdef linux
@ -1023,13 +1023,13 @@ static char *cli_prompt(EditLine *el)
 						break;
 					case '#': /* process console or remote? */
 						if (! option_remote) {
-							strncat(p, "#", sizeof(prompt) - strlen(prompt));
+							strncat(p, "#", sizeof(prompt) - strlen(prompt) - 1);
 						} else {
-							strncat(p, ">", sizeof(prompt) - strlen(prompt));
+							strncat(p, ">", sizeof(prompt) - strlen(prompt) - 1);
 						}
 						break;
 					case '%': /* literal % */
-						strncat(p, "%", sizeof(prompt) - strlen(prompt));
+						strncat(p, "%", sizeof(prompt) - strlen(prompt) - 1);
 						break;
 					case '\0': /* % is last character - prevent bug */
 						t--;
@ -1462,14 +1462,14 @@ static void ast_readconfig(void) {
 		    strncpy((char *)ast_config_AST_SPOOL_DIR,v->value,sizeof(ast_config_AST_SPOOL_DIR)-1);
 		} else if (!strcasecmp(v->name, "astvarlibdir")) {
 		    strncpy((char *)ast_config_AST_VAR_DIR,v->value,sizeof(ast_config_AST_VAR_DIR)-1);
-		    snprintf((char *)ast_config_AST_DB,sizeof(ast_config_AST_DB)-1,"%s/%s",v->value,"astdb");    
+		    snprintf((char *)ast_config_AST_DB,sizeof(ast_config_AST_DB),"%s/%s",v->value,"astdb");    
 		} else if (!strcasecmp(v->name, "astlogdir")) {
 		    strncpy((char *)ast_config_AST_LOG_DIR,v->value,sizeof(ast_config_AST_LOG_DIR)-1);
 		} else if (!strcasecmp(v->name, "astagidir")) {
 		    strncpy((char *)ast_config_AST_AGI_DIR,v->value,sizeof(ast_config_AST_AGI_DIR)-1);
 		} else if (!strcasecmp(v->name, "astrundir")) {
-		    snprintf((char *)ast_config_AST_PID,sizeof(ast_config_AST_PID)-1,"%s/%s",v->value,"asterisk.pid");    
-		    snprintf((char *)ast_config_AST_SOCKET,sizeof(ast_config_AST_SOCKET)-1,"%s/%s",v->value,"asterisk.ctl");    
+		    snprintf((char *)ast_config_AST_PID,sizeof(ast_config_AST_PID),"%s/%s",v->value,"asterisk.pid");    
+		    snprintf((char *)ast_config_AST_SOCKET,sizeof(ast_config_AST_SOCKET),"%s/%s",v->value,"asterisk.ctl");    
 		    strncpy((char *)ast_config_AST_RUN_DIR,v->value,sizeof(ast_config_AST_RUN_DIR)-1);
 		} else if (!strcasecmp(v->name, "astmoddir")) {
 		    strncpy((char *)ast_config_AST_MODULE_DIR,v->value,sizeof(ast_config_AST_MODULE_DIR)-1);
@ -1564,7 +1564,7 @@ int main(int argc, char *argv[])
 			xarg = optarg;
 			break;
 		case 'C':
-			strncpy((char *)ast_config_AST_CONFIG_FILE,optarg,sizeof(ast_config_AST_CONFIG_FILE));
+			strncpy((char *)ast_config_AST_CONFIG_FILE,optarg,sizeof(ast_config_AST_CONFIG_FILE) - 1);
 			option_overrideconfig++;
 			break;
 		case 'i':
--- a/callerid.c
+++ b/callerid.c
@ -242,8 +242,8 @@ int callerid_feed(struct callerid_state *cid, unsigned char *ubuf, int len, int
 					break;
 				}
 		
-				strcpy(cid->number, "");
-				strcpy(cid->name, "");
+				cid->number[0] = '\0';
+				cid->name[0] = '\0';
 				/* If we get this far we're fine.  */
 				if (cid->type == 0x80) {
 					/* MDMF */
--- a/cdr.c
+++ b/cdr.c
@ -431,7 +431,7 @@ int ast_cdr_update(struct ast_channel *c)
 			if (c->callerid && !ast_strlen_zero(c->callerid))
 				strncpy(cdr->clid, c->callerid, sizeof(cdr->clid) - 1);
 			else
-				strcpy(cdr->clid, "");
+				cdr->clid[0] = '\0';
 			name = NULL;
 			num = NULL;
 			ast_callerid_parse(tmp, &name, &num);
--- a/channel.c
+++ b/channel.c
@ -2143,7 +2143,7 @@ int ast_channel_masquerade(struct ast_channel *original, struct ast_channel *clo
 void ast_change_name(struct ast_channel *chan, char *newname)
 {
 	char tmp[256];
-	strncpy(tmp, chan->name, 256);
+	strncpy(tmp, chan->name, sizeof(tmp) - 1);
 	strncpy(chan->name, newname, sizeof(chan->name) - 1);
 	manager_event(EVENT_FLAG_CALL, "Rename", "Oldname: %s\r\nNewname: %s\r\nUniqueid: %s\r\n", tmp, chan->name, chan->uniqueid);
 }
--- a/channels/chan_zap.c
+++ b/channels/chan_zap.c
@ -611,6 +611,9 @@ static int hangup_pri2cause(int cause)
 		case PRI_CAUSE_UNALLOCATED:
 		case PRI_CAUSE_NUMBER_CHANGED:
 			return AST_CAUSE_UNALLOCATED;
+		case PRI_CAUSE_NO_USER_RESPONSE:
+		case PRI_CAUSE_NO_ANSWER:
+			return AST_CAUSE_NO_ANSWER;
 		default:
 			return AST_CAUSE_FAILURE;
 	}
--- a/config.c
+++ b/config.c
@ -319,7 +319,7 @@ struct ast_variable *ast_variable_append_modify(struct ast_config *config, char
 		if (!cat)
 			return NULL;
 		memset(cat, 0, sizeof(struct ast_category));
-		strncpy(cat->name, category, sizeof(cat->name));
+		strncpy(cat->name, category, sizeof(cat->name) - 1);
 		if (config->root) {
 			/* Put us at the end */
 			pcat = config->root;
@ -646,7 +646,7 @@ int ast_save(char *configfile, struct ast_config *cfg, char *generator)
 {
 	FILE *f;
 	char fn[256];
-	char date[256];
+	char date[256]="";
 	time_t t;
 	struct ast_variable *var;
 	struct ast_category *cat;
@ -657,7 +657,7 @@ int ast_save(char *configfile, struct ast_config *cfg, char *generator)
 		snprintf(fn, sizeof(fn), "%s/%s", AST_CONFIG_DIR, configfile);
 	}
 	time(&t);
-	strncpy(date, ctime(&t), sizeof(date));
+	strncpy(date, ctime(&t), sizeof(date) - 1);
 	if ((f = fopen(fn, "w"))) {
 		if ((option_verbose > 1) && !option_debug)
 			ast_verbose(  VERBOSE_PREFIX_2 "Saving '%s': ", fn);
@ -974,7 +974,7 @@ struct ast_category *ast_new_category(char *name)
 	category = malloc(sizeof(struct ast_category));
 	if (category) {
 		memset(category,0,sizeof(struct ast_category));
-		strncpy(category->name,name,sizeof(category->name));
+		strncpy(category->name,name,sizeof(category->name) - 1);
 	}
 	return category;
 }
@ -1082,7 +1082,8 @@ int read_ast_cust_config(void)
 					if (strcmp(v->name,config_conf_file) && strcmp(v->name,"asterisk.conf")) {
 						if (!(test = get_ast_cust_config_keyword(v->name))) {
 							ast_log(LOG_NOTICE,"Binding: %s to %s\n",v->name,v->value);
-							strncpy(ptr->keywords[ptr->keycount],v->name,sizeof(ptr->keywords[ptr->keycount]));
+							strncpy(ptr->keywords[ptr->keycount],v->name,sizeof(ptr->keywords[ptr->keycount]) - 1);
+							ptr->keywords[ptr->keycount][sizeof(ptr->keywords[ptr->keycount])-1] = '\0';
 							ptr->keycount++;
 						}
 					} else {
--- a/db.c
+++ b/db.c
@ -84,7 +84,7 @@ int ast_db_deltree(const char *family, const char *keytree)
 	} else if (keytree)
 		return -1;
 	else
-		strcpy(prefix, "");
+		prefix[0] = '\0';
 	
 	ast_mutex_lock(&dblock);
 	if (dbinit()) 
@ -169,6 +169,7 @@ int ast_db_get(const char *family, const char *keys, char *value, int valuelen)
 			((char *)data.data)[data.size - 1] = '\0';
 			/* Make sure that we don't write too much to the dst pointer or we don't read too much from the source pointer */
 			strncpy(value, data.data, (valuelen > data.size) ? data.size : valuelen);
+			value[valuelen - 1] = '\0';
 		} else {
 			ast_log(LOG_NOTICE, "Strange, empty value for /%s/%s\n", family, keys);
 		}
@ -275,7 +276,7 @@ static int database_show(int fd, int argc, char *argv[])
 		snprintf(prefix, sizeof(prefix), "/%s", argv[2]);
 	} else if (argc == 2) {
 		/* Neither */
-		strcpy(prefix, "");
+		prefix[0] = '\0';
 	} else
 		return RESULT_SHOWUSAGE;
 	ast_mutex_lock(&dblock);
@ -324,7 +325,7 @@ struct ast_db_entry *ast_db_gettree(const char *family, const char *keytree)
 			/* Family only */
 			snprintf(prefix, sizeof(prefix), "/%s", family);
 	} else
-		strcpy(prefix, "");
+		prefix[0] = '\0';
 	ast_mutex_lock(&dblock);
 	if (dbinit()) {
 		ast_mutex_unlock(&dblock);