From 931b038b27b4101d9c492443fbb05c4a88265f65 Mon Sep 17 00:00:00 2001 From: Mukund Sivaraman Date: Fri, 2 Oct 2009 15:21:42 +0530 Subject: Use safer string functions --- src/reqs.c | 3 +-- src/transparent-proxy.c | 20 ++++++++++++++------ 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/src/reqs.c b/src/reqs.c index 5bbdd56..307341f 100644 --- a/src/reqs.c +++ b/src/reqs.c @@ -669,7 +669,6 @@ BAD_REQUEST_ERROR: safefree (url); free_request_struct (request); return NULL; - #endif } @@ -1000,7 +999,7 @@ write_via_header (int fd, hashmap_t hashofheaders, if (config.via_proxy_name) { strlcpy (hostname, config.via_proxy_name, sizeof (hostname)); } else if (gethostname (hostname, sizeof (hostname)) < 0) { - strcpy (hostname, "unknown"); + strlcpy (hostname, "unknown", 512); } /* diff --git a/src/transparent-proxy.c b/src/transparent-proxy.c index 96ae54b..907f51d 100644 --- a/src/transparent-proxy.c +++ b/src/transparent-proxy.c @@ -31,6 +31,7 @@ #include "html-error.h" #include "log.h" #include "reqs.h" +#include "text.h" /* * Build a URL from parts. @@ -59,6 +60,7 @@ do_transparent_proxy (struct conn_s *connptr, hashmap_t hashofheaders, { socklen_t length; char *data; + size_t ulen = strlen (url); length = hashmap_entry_by_key (hashofheaders, "host", (void **) &data); if (length <= 0) { @@ -75,11 +77,15 @@ do_transparent_proxy (struct conn_s *connptr, hashmap_t hashofheaders, "url", url, NULL); return 0; } + request->host = (char *) safemalloc (17); - strcpy (request->host, inet_ntoa (dest_addr.sin_addr)); + strlcpy (request->host, inet_ntoa (dest_addr.sin_addr), 17); + request->port = ntohs (dest_addr.sin_port); - request->path = (char *) safemalloc (strlen (url) + 1); - strcpy (request->path, url); + + request->path = (char *) safemalloc (ulen + 1); + strlcpy (request->path, url, ulen + 1); + safefree (url); build_url (&url, request->host, request->port, request->path); log_message (LOG_INFO, @@ -89,11 +95,13 @@ do_transparent_proxy (struct conn_s *connptr, hashmap_t hashofheaders, request->host = (char *) safemalloc (length + 1); if (sscanf (data, "%[^:]:%hu", request->host, &request->port) != 2) { - strcpy (request->host, data); + strlcpy (request->host, data, length + 1); request->port = HTTP_PORT; } - request->path = (char *) safemalloc (strlen (url) + 1); - strcpy (request->path, url); + + request->path = (char *) safemalloc (ulen + 1); + strlcpy (request->path, url, ulen + 1); + safefree (url); build_url (&url, request->host, request->port, request->path); log_message (LOG_INFO, -- cgit v1.2.3