r11978@Kushana: nickm | 2007-01-15 18:54:25 -0500

 Apparently, the OpenBSD linker thinks it knows C better than I do, and gets to call me names for having strcat and strcpy and sprintf in my code--whether I use them safely or not.  All right, OpenBSD.  You win... this round.


svn:r9360

ChangeLog

@@ -27,6 +27,7 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
     - Expire socks connections if they spend too long waiting for the
       handshake to finish. Previously we would let them sit around for
       days, if the connecting application didn't close them either.
+    - Stop using C functions that OpenBSD's linker doesn't like.
 
 
 Changes in version 0.1.2.6-alpha - 2007-01-09

src/common/util.c

@@ -591,9 +591,9 @@ base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
   cp = dest;
   end = src+srclen;
   while (src<end) {
-    sprintf(cp,"%02X",*(const uint8_t*)src);
+    *cp++ = "0123456789ABCDEF"[ (*(const uint8_t*)src) >> 4 ];
+    *cp++ = "0123456789ABCDEF"[ (*(const uint8_t*)src) & 0xf ];
     ++src;
-    cp += 2;
   }
   *cp = '\0';
 }

src/or/eventdns.c

@@ -373,7 +373,7 @@ debug_ntoa(u32 address)
 {
 	static char buf[32];
 	u32 a = ntohl(address);
-	sprintf(buf, "%d.%d.%d.%d",
+	snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
 			(int)(u8)((a>>24)&0xff),
 			(int)(u8)((a>>16)&0xff),
 			(int)(u8)((a>>8 )&0xff),
@@ -1515,7 +1515,7 @@ evdns_server_request_add_ptr_reply(struct evdns_server_request *req, struct in_a
 	assert(!(in && inaddr_name));
 	if (in) {
 		a = ntohl(in->s_addr);
-		sprintf(buf, "%d.%d.%d.%d.in-addr.arpa",
+		snprintf(buf, sizeof(buf), "%d.%d.%d.%d.in-addr.arpa",
 				(int)(u8)((a	)&0xff),
 				(int)(u8)((a>>8 )&0xff),
 				(int)(u8)((a>>16)&0xff),
@@ -2214,7 +2214,7 @@ int evdns_resolve_reverse(struct in_addr *in, int flags, evdns_callback_type cal
 	u32 a;
 	assert(in);
 	a = ntohl(in->s_addr);
-	sprintf(buf, "%d.%d.%d.%d.in-addr.arpa",
+	snprintf(buf, sizeof(buf), "%d.%d.%d.%d.in-addr.arpa",
 			(int)(u8)((a	)&0xff),
 			(int)(u8)((a>>8 )&0xff),
 			(int)(u8)((a>>16)&0xff),
@@ -2241,7 +2241,7 @@ int evdns_resolve_reverse_ipv6(struct in6_addr *in, int flags, evdns_callback_ty
 		*cp++ = '.';
 	}
 	assert(cp + strlen(".ip6.arpa") < buf+sizeof(buf));
-	strcpy(cp, ".ip6.arpa");
+	memcpy(cp, ".ip6.arpa", strlen(".ip6.arpa")+1);
 	log(EVDNS_LOG_DEBUG, "Resolve requested for %s (reverse)", buf);
 	req = request_new(TYPE_PTR, buf, flags, callback, ptr);
 	if (!req) return 1;

src/or/test.c

@@ -453,7 +453,7 @@ test_crypto(void)
                                         PK_PKCS1_OAEP_PADDING,1));
 
   /* Now try signing. */
-  strcpy(data1, "Ossifrage");
+  strlcpy(data1, "Ossifrage", 1024);
   test_eq(128, crypto_pk_private_sign(pk1, data2, data1, 10));
   test_eq(10, crypto_pk_public_checksig(pk1, data3, data2, 128));
   test_streq(data3, "Ossifrage");
@@ -493,8 +493,8 @@ test_crypto(void)
   crypto_free_pk_env(pk2);
 
   /* Base64 tests */
-  strcpy(data1, "Test string that contains 35 chars.");
+  strlcpy(data1, "Test string that contains 35 chars.", 1024);
-  strcat(data1, " 2nd string that contains 35 chars.");
+  strlcat(data1, " 2nd string that contains 35 chars.", 1024);
 
   i = base64_encode(data2, 1024, data1, 71);
   j = base64_decode(data3, 1024, data2, i);
@@ -513,7 +513,7 @@ test_crypto(void)
   test_eq(99, data3[DIGEST_LEN+1]);
 
   /* Base32 tests */
-  strcpy(data1, "5chrs");
+  strlcpy(data1, "5chrs", 1024);
   /* bit pattern is:  [35 63 68 72 73] ->
    *        [00110101 01100011 01101000 01110010 01110011]
    * By 5s: [00110 10101 10001 10110 10000 11100 10011 10011]
@@ -521,16 +521,16 @@ test_crypto(void)
   base32_encode(data2, 9, data1, 5);
   test_streq(data2, "gvrwq4tt");
 
-  strcpy(data1, "\xFF\xF5\x6D\x44\xAE\x0D\x5C\xC9\x62\xC4");
+  strlcpy(data1, "\xFF\xF5\x6D\x44\xAE\x0D\x5C\xC9\x62\xC4", 1024);
   base32_encode(data2, 30, data1, 10);
   test_streq(data2, "772w2rfobvomsywe");
 
   /* Base16 tests */
-  strcpy(data1, "6chrs\xff");
+  strlcpy(data1, "6chrs\xff", 1024);
   base16_encode(data2, 13, data1, 6);
   test_streq(data2, "3663687273FF");
 
-  strcpy(data1, "f0d678affc000100");
+  strlcpy(data1, "f0d678affc000100", 1024);
   i = base16_decode(data2, 8, data1, 16);
   test_eq(i,0);
   test_memeq(data2, "\xf0\xd6\x78\xaf\xfc\x00\x01\x00",8);
@@ -646,10 +646,10 @@ test_util(void)
   test_eq(t_res, (time_t)1091580502UL);
 
   /* Test tor_strstrip() */
-  strcpy(buf, "Testing 1 2 3");
+  strlcpy(buf, "Testing 1 2 3", sizeof(buf));
   test_eq(0, tor_strstrip(buf, ",!"));
   test_streq(buf, "Testing 1 2 3");
-  strcpy(buf, "!Testing 1 2 3?");
+  strlcpy(buf, "!Testing 1 2 3?", sizeof(buf));
   test_eq(5, tor_strstrip(buf, "!? "));
   test_streq(buf, "Testing123");
 
@@ -1533,28 +1533,28 @@ test_dir_format(void)
   memset(buf, 0, 2048);
   test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
 
-  strcpy(buf2, "router Magri 18.244.0.1 9000 0 0\n"
+  strlcpy(buf2, "router Magri 18.244.0.1 9000 0 0\n"
-         "platform Tor "VERSION" on ");
+          "platform Tor "VERSION" on ", sizeof(buf2));
-  strcat(buf2, get_uname());
+  strlcat(buf2, get_uname(), sizeof(buf2));
-  strcat(buf2, "\n"
+  strlcat(buf2, "\n"
-         "published 1970-01-01 00:00:00\n"
+          "published 1970-01-01 00:00:00\n"
-         "opt fingerprint ");
+          "opt fingerprint ", sizeof(buf2));
   test_assert(!crypto_pk_get_fingerprint(pk2, fingerprint, 1));
-  strcat(buf2, fingerprint);
+  strlcat(buf2, fingerprint, sizeof(buf2));
-  strcat(buf2, "\nuptime 0\n"
+  strlcat(buf2, "\nuptime 0\n"
   /* XXX the "0" above is hardcoded, but even if we made it reflect
    * uptime, that still wouldn't make it right, because the two
    * descriptors might be made on different seconds... hm. */
          "bandwidth 1000 5000 10000\n"
-         "onion-key\n");
+          "onion-key\n", sizeof(buf2));
-  strcat(buf2, pk1_str);
+  strlcat(buf2, pk1_str, sizeof(buf2));
-  strcat(buf2, "signing-key\n");
+  strlcat(buf2, "signing-key\n", sizeof(buf2));
-  strcat(buf2, pk2_str);
+  strlcat(buf2, pk2_str, sizeof(buf2));
 #ifndef USE_EVENTDNS
-  strcat(buf2, "opt eventdns 0\n");
+  strlcat(buf2, "opt eventdns 0\n", sizeof(buf2));
 #endif
-  strcat(buf2, bw_lines);
+  strlcat(buf2, bw_lines, sizeof(buf2));
-  strcat(buf2, "router-signature\n");
+  strlcat(buf2, "router-signature\n", sizeof(buf2));
   buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same
                              * twice */
 
@@ -1577,11 +1577,11 @@ test_dir_format(void)
 
 #if 0
   /* XXX Once we have exit policies, test this again. XXX */
-  strcpy(buf2, "router tor.tor.tor 9005 0 0 3000\n");
+  strlcpy(buf2, "router tor.tor.tor 9005 0 0 3000\n", sizeof(buf2));
-  strcat(buf2, pk2_str);
+  strlcat(buf2, pk2_str, sizeof(buf2));
-  strcat(buf2, "signing-key\n");
+  strlcat(buf2, "signing-key\n", sizeof(buf2));
-  strcat(buf2, pk1_str);
+  strlcat(buf2, pk1_str, sizeof(buf2));
-  strcat(buf2, "accept *:80\nreject 18.*:24\n\n");
+  strlcat(buf2, "accept *:80\nreject 18.*:24\n\n", sizeof(buf2));
   test_assert(router_dump_router_to_string(buf, 2048, &r2, pk2)>0);
   test_streq(buf, buf2);
 
@@ -1832,14 +1832,14 @@ test_rend_fns(void)
   d1->intro_points[0] = tor_strdup("tom");
   d1->intro_points[1] = tor_strdup("crow");
   d1->intro_point_extend_info[0] = tor_malloc_zero(sizeof(extend_info_t));
-  strcpy(d1->intro_point_extend_info[0]->nickname, "tom");
+  strlcpy(d1->intro_point_extend_info[0]->nickname, "tom", 4);
   d1->intro_point_extend_info[0]->addr = 1234;
   d1->intro_point_extend_info[0]->port = 4567;
   d1->intro_point_extend_info[0]->onion_key = crypto_pk_dup_key(pk1);
   memset(d1->intro_point_extend_info[0]->identity_digest, 'a', DIGEST_LEN);
 
   d1->intro_point_extend_info[1] = tor_malloc_zero(sizeof(extend_info_t));
-  strcpy(d1->intro_point_extend_info[1]->nickname, "crow");
+  strlcpy(d1->intro_point_extend_info[1]->nickname, "crow", 5);
   d1->intro_point_extend_info[1]->addr = 6060842;
   d1->intro_point_extend_info[1]->port = 8000;
   d1->intro_point_extend_info[1]->onion_key = crypto_pk_dup_key(pk2);

src/tools/tor-resolve.c

@@ -66,8 +66,8 @@ build_socks_resolve_request(char **out,
     (*out)[1] = '\xF0'; /* Command: resolve. */
     set_uint16((*out)+2, htons(0)); /* port: 0. */
     set_uint32((*out)+4, htonl(0x00000001u)); /* addr: 0.0.0.1 */
-    strcpy((*out)+8, username);
+    memcpy((*out)+8, username, strlen(username)+1);
-    strcpy((*out)+8+strlen(username)+1, hostname);
+    memcpy((*out)+8+strlen(username)+1, hostname, strlen(hostname)+1);
   } else if (version == 5) {
     int is_ip_address;
     struct in_addr in;