From d420ac2c7d4ba9d99ff2c257a3ad71ecc6d876e2 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 27 Dec 2003 14:40:17 +0000
Subject: Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of
 strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better
 track of buffer lengths. This is part of a large change submitted by Markus
 Friedl <markus@openbsd.org>

---
 crypto/conf/conf_def.c | 6 +++---
 crypto/conf/conf_mod.c | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'crypto/conf')

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 52a87aa76c..0451be0153 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -235,7 +235,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-	strcpy(section,"default");
+	BUF_strlcpy(section,"default",10);
 
 	if (_CONF_new_data(conf) == 0)
 		{
@@ -392,7 +392,7 @@ again:
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
-			strcpy(v->name,pname);
+			BUF_strlcpy(v->name,pname,strlen(pname)+1);
 			if (!str_copy(conf,psection,&(v->value),start)) goto err;
 
 			if (strcmp(psection,section) != 0)
@@ -447,7 +447,7 @@ err:
 	if (buff != NULL) BUF_MEM_free(buff);
 	if (section != NULL) OPENSSL_free(section);
 	if (line != NULL) *line=eline;
-	sprintf(btmp,"%ld",eline);
+	BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
 	ERR_add_error_data(2,"line ",btmp);
 	if ((h != conf->data) && (conf->data != NULL))
 		{
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 8ceab6a21f..d45adea851 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -232,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
 			{
 			char rcode[DECIMAL_SIZE(ret)+1];
 			CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
-			sprintf(rcode, "%-8d", ret);
+			BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
 			ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
 			}
 		}
@@ -561,11 +561,11 @@ char *CONF_get1_default_config_file(void)
 
 	if (!file)
 		return NULL;
-	strcpy(file,X509_get_default_cert_area());
+	BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
 #ifndef OPENSSL_SYS_VMS
-	strcat(file,"/");
+	BUF_strlcat(file,"/",len + 1);
 #endif
-	strcat(file,OPENSSL_CONF);
+	BUF_strlcat(file,OPENSSL_CONF,len + 1);
 
 	return file;
 	}
-- 
cgit v1.2.3