diff --git a/NEWS b/NEWS index bece7d2..1a0347c 100644 --- a/NEWS +++ b/NEWS @@ -17,6 +17,7 @@ New in version 1.20 * Fix for chrony.spec on SuSE (Paul Elliot) * Fix handling of initstepslew if no servers are listed (John Hasler) * Fix install rule in Makefile if chronyd is in use (Juliusz Chroboczek) +* Replace sprintf by snprintf to remove risk of buffer overrun (John Hasler) New in version 1.19 =================== diff --git a/README b/README index 7988fd9..44649c3 100644 --- a/README +++ b/README @@ -198,6 +198,7 @@ John Hasler Changes to support 64 bit machines (i.e. those where sizeof(unsigned long) > 4) Bug fix to initstepslew directive + Fix to remove potential buffer overrun errors. Liam Hatton Advice on configuring for Linux on PPC @@ -242,6 +243,6 @@ sorry I can't identify all of you individually. Version control information =========================== -$Header: /cvs/src/chrony/README,v 1.29 2003/09/19 22:48:26 richard Exp $ +$Header: /cvs/src/chrony/README,v 1.30 2003/09/21 23:11:06 richard Exp $ vim:tw=72 diff --git a/client.c b/client.c index 04d4b44..f30b7f4 100644 --- a/client.c +++ b/client.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/client.c,v 1.66 2003/01/20 22:52:07 richard Exp $ + $Header: /cvs/src/chrony/client.c,v 1.67 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -76,7 +76,8 @@ time_to_log_form(time_t t) stm = *gmtime(&t); - sprintf(buffer, "%2d%s%02d %02d:%02d:%02d", + snprintf(buffer, sizeof(buffer), + "%2d%s%02d %02d:%02d:%02d", stm.tm_mday, months[stm.tm_mon], stm.tm_year % 100, stm.tm_hour, stm.tm_min, stm.tm_sec); @@ -94,7 +95,7 @@ UTI_IPToDottedQuad(unsigned long ip) b = (ip>>16) & 0xff; c = (ip>> 8) & 0xff; d = (ip>> 0) & 0xff; - sprintf(result, "%ld.%ld.%ld.%ld", a, b, c, d); + snprintf(result, sizeof(result), "%ld.%ld.%ld.%ld", a, b, c, d); return result; } @@ -1456,7 +1457,7 @@ process_cmd_sources(char *line) hostname_buf[25] = 0; if (no_dns) { - sprintf(hostname_buf, "%s", UTI_IPToDottedQuad(ip_addr)); + snprintf(hostname_buf, sizeof(hostname_buf), "%s", UTI_IPToDottedQuad(ip_addr)); } else { dns_lookup = DNS_IPAddress2Name(ip_addr); strncpy(hostname_buf, dns_lookup, 25); @@ -1578,7 +1579,7 @@ process_cmd_sourcestats(char *line) hostname_buf[25] = 0; if (no_dns) { - sprintf(hostname_buf, "%s", UTI_IPToDottedQuad(ip_addr)); + snprintf(hostname_buf, sizeof(hostname_buf), "%s", UTI_IPToDottedQuad(ip_addr)); } else { dns_lookup = DNS_IPAddress2Name(ip_addr); strncpy(hostname_buf, dns_lookup, 25); @@ -1918,7 +1919,8 @@ process_cmd_clients(char *line) last_cmd_hit_ago = ntohl(reply.data.client_accesses.clients[j].last_cmd_hit_ago); if (no_dns) { - sprintf(hostname_buf, "%s", UTI_IPToDottedQuad(ip)); + snprintf(hostname_buf, sizeof(hostname_buf), + "%s", UTI_IPToDottedQuad(ip)); } else { dns_lookup = DNS_IPAddress2Name(ip); hostname_buf[25] = 0; @@ -2042,7 +2044,8 @@ process_cmd_clients(char *line) last_cmd_hit_ago = ntohl(reply.data.client_accesses_by_index.clients[j].last_cmd_hit_ago); if (no_dns) { - sprintf(hostname_buf, "%s", UTI_IPToDottedQuad(ip)); + snprintf(hostname_buf, sizeof(hostname_buf), + "%s", UTI_IPToDottedQuad(ip)); } else { dns_lookup = DNS_IPAddress2Name(ip); hostname_buf[25] = 0; diff --git a/conf.c b/conf.c index d7aae3c..1b1b580 100644 --- a/conf.c +++ b/conf.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/conf.c,v 1.43 2003/09/19 22:44:06 richard Exp $ + $Header: /cvs/src/chrony/conf.c,v 1.44 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -561,8 +561,8 @@ parse_cmdport(const char *line) /* ================================================== */ -#define HOSTNAME_LEN 255 -#define SHOSTNAME_LEN "255" +#define HOSTNAME_LEN 2047 +#define SHOSTNAME_LEN "2047" static void parse_initstepslew(const char *line) @@ -650,8 +650,8 @@ parse_logchange(const char *line) /* ================================================== */ -#define BUFLEN 127 -#define SBUFLEN "127" +#define BUFLEN 2047 +#define SBUFLEN "2047" static void parse_mailonchange(const char *line) diff --git a/logging.c b/logging.c index 974c7df..3feed8d 100644 --- a/logging.c +++ b/logging.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/logging.c,v 1.13 2003/03/24 23:35:43 richard Exp $ + $Header: /cvs/src/chrony/logging.c,v 1.14 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -87,7 +87,7 @@ LOG_Line_Function(LOG_Severity severity, LOG_Facility facility, const char *form char buf[2048]; va_list other_args; va_start(other_args, format); - vsprintf(buf, format, other_args); + vsnprintf(buf, sizeof(buf), format, other_args); va_end(other_args); #ifdef WINNT if (logfile) { @@ -122,7 +122,7 @@ LOG_Fatal_Function(LOG_Facility facility, const char *format, ...) char buf[2048]; va_list other_args; va_start(other_args, format); - vsprintf(buf, format, other_args); + vsnprintf(buf, sizeof(buf), format, other_args); va_end(other_args); #ifdef WINNT diff --git a/nameserv.c b/nameserv.c index 6a4d6e9..d23abe3 100644 --- a/nameserv.c +++ b/nameserv.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/nameserv.c,v 1.13 2002/02/28 23:27:11 richard Exp $ + $Header: /cvs/src/chrony/nameserv.c,v 1.14 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -80,7 +80,7 @@ DNS_IPAddress2Name(unsigned long ip_addr) b = (ip_addr >> 16) & 0xff; c = (ip_addr >> 8) & 0xff; d = (ip_addr) & 0xff; - sprintf(buffer, "%u.%u.%u.%u", a, b, c, d); + snprintf(buffer, sizeof(buffer), "%u.%u.%u.%u", a, b, c, d); return buffer; } else { return host->h_name; diff --git a/reference.c b/reference.c index 92f0550..29e7507 100644 --- a/reference.c +++ b/reference.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/reference.c,v 1.40 2003/03/24 23:35:43 richard Exp $ + $Header: /cvs/src/chrony/reference.c,v 1.41 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -280,7 +280,7 @@ maybe_log_offset(double offset) if (do_mail_change && (abs_offset > mail_change_threshold)) { - sprintf(buffer, "%s %." S_MAX_USER_LEN "s", MAIL_PROGRAM, mail_change_user); + snprintf(buffer, sizeof(buffer), "%s %." S_MAX_USER_LEN "s", MAIL_PROGRAM, mail_change_user); p = popen(buffer, "w"); if (p) { if (gethostname(host, sizeof(host)) < 0) { diff --git a/sources.c b/sources.c index 1dae611..4671f63 100644 --- a/sources.c +++ b/sources.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/sources.c,v 1.31 2003/03/24 23:35:43 richard Exp $ + $Header: /cvs/src/chrony/sources.c,v 1.32 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -770,7 +770,7 @@ void SRC_DumpSources(void) { FILE *out; - int direc_len; + int direc_len, file_len; char *filename; unsigned int a, b, c, d; int i; @@ -778,7 +778,8 @@ SRC_DumpSources(void) direc = CNF_GetDumpDir(); direc_len = strlen(direc); - filename = MallocArray(char, direc_len+24); /* a bit of slack */ + file_len = direc_len + 24; + filename = MallocArray(char, file_len); /* a bit of slack */ if (mkdir_and_parents(direc)) { for (i=0; iref_id) >> 24; @@ -786,7 +787,7 @@ SRC_DumpSources(void) c = ((sources[i]->ref_id) >> 8) & 0xff; d = ((sources[i]->ref_id)) & 0xff; - sprintf(filename, "%s/%d.%d.%d.%d.dat", direc, a, b, c, d); + snprintf(filename, file_len-1, "%s/%d.%d.%d.%d.dat", direc, a, b, c, d); out = fopen(filename, "w"); if (!out) { LOG(LOGS_WARN, LOGF_Sources, "Could not open dump file %s", filename); @@ -811,7 +812,7 @@ SRC_ReloadSources(void) unsigned int a, b, c, d; int i; char *dumpdir; - int dumpdirlen; + int dumpdirlen, filelen; for (i=0; iref_id) >> 24; @@ -821,8 +822,9 @@ SRC_ReloadSources(void) dumpdir = CNF_GetDumpDir(); dumpdirlen = strlen(dumpdir); - filename = MallocArray(char, dumpdirlen+24); - sprintf(filename, "%s/%d.%d.%d.%d.dat", dumpdir, a, b, c, d); + filelen = dumpdirlen + 24; + filename = MallocArray(char, filelen); + snprintf(filename, filelen-1, "%s/%d.%d.%d.%d.dat", dumpdir, a, b, c, d); in = fopen(filename, "r"); if (!in) { LOG(LOGS_WARN, LOGF_Sources, "Could not open dump file %s", filename); diff --git a/util.c b/util.c index ce743c3..cdd873f 100644 --- a/util.c +++ b/util.c @@ -1,5 +1,5 @@ /* - $Header: /cvs/src/chrony/util.c,v 1.19 2003/03/24 23:35:43 richard Exp $ + $Header: /cvs/src/chrony/util.c,v 1.20 2003/09/21 23:11:06 richard Exp $ ======================================================================= @@ -232,7 +232,7 @@ UTI_TimevalToString(struct timeval *tv) stm = *gmtime((time_t *) &(tv->tv_sec)); strftime(buffer, sizeof(buffer), "%a %x %X", &stm); result = NEXT_BUFFER; - sprintf(result, "%s.%06ld", buffer, (unsigned long)(tv->tv_usec)); + snprintf(result, sizeof(buffer), "%s.%06ld", buffer, (unsigned long)(tv->tv_usec)); return result; } @@ -273,7 +273,7 @@ UTI_IPToDottedQuad(unsigned long ip) c = (ip>> 8) & 0xff; d = (ip>> 0) & 0xff; result = NEXT_BUFFER; - sprintf(result, "%ld.%ld.%ld.%ld", a, b, c, d); + snprintf(result, sizeof(result), "%ld.%ld.%ld.%ld", a, b, c, d); return result; }