From 757c34ee4bc36b2b3dd808af8cd26b55d7b963a4 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Tue, 1 Nov 2005 17:50:57 +0000 Subject: [PATCH] s/sprintf/snprintf/ --- servers/slapd/bconfig.c | 201 +++++++++++++++++++++++++++++----------- servers/slapd/config.c | 37 ++++---- 2 files changed, 166 insertions(+), 72 deletions(-) diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index 4a58d10545..634e3ff962 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -721,8 +721,14 @@ config_generic(ConfigArgs *c) { int i; for ( i=0; c->be->be_limits[i]; i++ ) { - bv.bv_len = sprintf( buf, SLAP_X_ORDERED_FMT, i ); - bv.bv_val = buf+bv.bv_len; + bv.bv_len = snprintf( buf, sizeof( buf ), SLAP_X_ORDERED_FMT, i ); + if ( bv.bv_len >= sizeof( buf ) ) { + ber_bvarray_free_x( c->rvalue_vals, NULL ); + c->rvalue_vals = NULL; + rc = 1; + break; + } + bv.bv_val = buf + bv.bv_len; limits_unparse( c->be->be_limits[i], &bv ); bv.bv_len += bv.bv_val - buf; bv.bv_val = buf; @@ -807,7 +813,13 @@ config_generic(ConfigArgs *c) { char *src, *dst, ibuf[11]; struct berval bv, abv; for (i=0, a=c->be->be_acl; a; i++,a=a->acl_next) { - abv.bv_len = sprintf( ibuf, SLAP_X_ORDERED_FMT, i ); + abv.bv_len = snprintf( ibuf, sizeof( ibuf ), SLAP_X_ORDERED_FMT, i ); + if ( abv.bv_len >= sizeof( ibuf ) ) { + ber_bvarray_free_x( c->rvalue_vals, NULL ); + c->rvalue_vals = NULL; + i = 0; + break; + } acl_unparse( a, &bv ); abv.bv_val = ch_malloc( abv.bv_len + bv.bv_len + 1 ); AC_MEMCPY( abv.bv_val, ibuf, abv.bv_len ); @@ -863,8 +875,14 @@ config_generic(ConfigArgs *c) { for (i=0; !BER_BVISNULL(&mp->mp_loads[i]); i++) { struct berval bv; bv.bv_val = c->log; - bv.bv_len = sprintf( bv.bv_val, SLAP_X_ORDERED_FMT "%s", i, + bv.bv_len = snprintf( bv.bv_val, sizeof( c->log ), + SLAP_X_ORDERED_FMT "%s", i, mp->mp_loads[i].bv_val ); + if ( bv.bv_len >= sizeof( c->log ) ) { + ber_bvarray_free_x( c->rvalue_vals, NULL ); + c->rvalue_vals = NULL; + break; + } value_add_one( &c->rvalue_vals, &bv ); } } @@ -896,11 +914,18 @@ config_generic(ConfigArgs *c) { idx.bv_val = ibuf; for ( i=0; !BER_BVISNULL( &authz_rewrites[i] ); i++ ) { - idx.bv_len = sprintf( idx.bv_val, SLAP_X_ORDERED_FMT, i ); + idx.bv_len = snprintf( idx.bv_val, sizeof( ibuf ), SLAP_X_ORDERED_FMT, i ); + if ( idx.bv_len >= sizeof( ibuf ) ) { + ber_bvarray_free_x( c->rvalue_vals, NULL ); + c->rvalue_vals = NULL; + break; + } bv.bv_len = idx.bv_len + authz_rewrites[i].bv_len; bv.bv_val = ch_malloc( bv.bv_len + 1 ); - strcpy( bv.bv_val, idx.bv_val ); - strcpy( bv.bv_val+idx.bv_len, authz_rewrites[i].bv_val ); + AC_MEMCPY( bv.bv_val, idx.bv_val, idx.bv_len ); + AC_MEMCPY( &bv.bv_val[ idx.bv_len ], + authz_rewrites[i].bv_val, + authz_rewrites[i].bv_len + 1 ); ber_bvarray_add( &c->rvalue_vals, &bv ); } } @@ -932,7 +957,7 @@ config_generic(ConfigArgs *c) { case CFG_MODLOAD: case CFG_AZREGEXP: case CFG_REWRITE: - sprintf(c->log, "change requires slapd restart"); + snprintf(c->log, sizeof( c->log ), "change requires slapd restart"); break; case CFG_SALT: @@ -998,7 +1023,7 @@ config_generic(ConfigArgs *c) { switch(c->type) { case CFG_BACKEND: if(!(c->bi = backend_info(c->argv[1]))) { - sprintf( c->msg, "<%s> failed init", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> failed init", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n", c->log, c->msg, c->argv[1] ); return(1); @@ -1016,7 +1041,7 @@ config_generic(ConfigArgs *c) { } else { c->be = backend_db_init(c->argv[1]); if ( !c->be ) { - sprintf( c->msg, "<%s> failed init", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> failed init", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n", c->log, c->msg, c->argv[1] ); return(1); @@ -1059,7 +1084,7 @@ config_generic(ConfigArgs *c) { case CFG_AZPOLICY: ch_free(c->value_string); if (slap_sasl_setpolicy( c->argv[1] )) { - sprintf( c->msg, "<%s> unable to parse value", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse value", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[1] ); return(1); @@ -1153,7 +1178,7 @@ config_generic(ConfigArgs *c) { case CFG_ROOTDSE: if(read_root_dse_file(c->argv[1])) { - sprintf( c->msg, "<%s> could not read file", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> could not read file", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[1] ); return(1); @@ -1175,7 +1200,7 @@ config_generic(ConfigArgs *c) { case CFG_LASTMOD: if(SLAP_NOLASTMODCMD(c->be)) { - sprintf( c->msg, "<%s> not available for %s database", + snprintf( c->msg, sizeof( c->msg ), "<%s> not available for %s database", c->argv[0], c->be->bd_info->bi_type ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); @@ -1189,7 +1214,7 @@ config_generic(ConfigArgs *c) { case CFG_SSTR_IF_MAX: if (c->value_int < index_substr_if_minlen) { - sprintf( c->msg, "<%s> invalid value", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%d)\n", c->log, c->msg, c->value_int ); return(1); @@ -1199,7 +1224,7 @@ config_generic(ConfigArgs *c) { case CFG_SSTR_IF_MIN: if (c->value_int > index_substr_if_maxlen) { - sprintf( c->msg, "<%s> invalid value", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%d)\n", c->log, c->msg, c->value_int ); return(1); @@ -1216,7 +1241,7 @@ config_generic(ConfigArgs *c) { modcur = c->private; /* This should never fail */ if ( module_path( modcur->mp_path.bv_val )) { - sprintf( c->msg, "<%s> module path no longer valid", + snprintf( c->msg, sizeof( c->msg ), "<%s> module path no longer valid", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, modcur->mp_path.bv_val ); @@ -1406,14 +1431,14 @@ config_passwd_hash(ConfigArgs *c) { } for(i = 1; i < c->argc; i++) { if(!lutil_passwd_scheme(c->argv[i])) { - sprintf( c->msg, "<%s> scheme not available", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> scheme not available", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, c->argv[i]); } else { ldap_charray_add(&default_passwd_hash, c->argv[i]); } if(!default_passwd_hash) { - sprintf( c->msg, "<%s> no valid hashes found", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> no valid hashes found", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return(1); @@ -1476,7 +1501,7 @@ config_sizelimit(ConfigArgs *c) { if(!strncasecmp(c->argv[i], "size", 4)) { rc = limits_parse_one(c->argv[i], lim); if ( rc ) { - sprintf( c->msg, "<%s> unable to parse value", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse value", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return(1); @@ -1487,7 +1512,7 @@ config_sizelimit(ConfigArgs *c) { } else { lim->lms_s_soft = strtol(c->argv[i], &next, 0); if(next == c->argv[i]) { - sprintf( c->msg, "<%s> unable to parse limit", c->argv[0]); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse limit", c->argv[0]); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return(1); @@ -1533,7 +1558,7 @@ config_timelimit(ConfigArgs *c) { if(!strncasecmp(c->argv[i], "time", 4)) { rc = limits_parse_one(c->argv[i], lim); if ( rc ) { - sprintf( c->msg, "<%s> unable to parse value", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse value", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return(1); @@ -1544,7 +1569,7 @@ config_timelimit(ConfigArgs *c) { } else { lim->lms_t_soft = strtol(c->argv[i], &next, 0); if(next == c->argv[i]) { - sprintf( c->msg, "<%s> unable to parse limit", c->argv[0]); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse limit", c->argv[0]); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return(1); @@ -1708,7 +1733,7 @@ config_suffix(ConfigArgs *c) #ifdef SLAPD_MONITOR_DN if(!strcasecmp(c->argv[1], SLAPD_MONITOR_DN)) { - sprintf( c->msg, "<%s> DN is reserved for monitoring slapd", + snprintf( c->msg, sizeof( c->msg ), "<%s> DN is reserved for monitoring slapd", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, SLAPD_MONITOR_DN); @@ -1737,7 +1762,7 @@ config_suffix(ConfigArgs *c) type = oi->oi_orig->bi_type; } - sprintf( c->msg, "<%s> namingContext \"%s\" already served by " + snprintf( c->msg, sizeof( c->msg ), "<%s> namingContext \"%s\" already served by " "a preceding %s database serving namingContext", c->argv[0], pdn.bv_val, type ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", @@ -1801,7 +1826,7 @@ config_rootpw(ConfigArgs *c) { tbe = select_backend(&c->be->be_rootndn, 0, 0); if(tbe != c->be) { - sprintf( c->msg, "<%s> can only be set when rootdn is under suffix", + snprintf( c->msg, sizeof( c->msg ), "<%s> can only be set when rootdn is under suffix", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0); @@ -1850,7 +1875,7 @@ config_restrict(ConfigArgs *c) { } i = verbs_to_mask( c->argc, c->argv, restrictable_ops, &restrictops ); if ( i ) { - sprintf( c->msg, "<%s> unknown operation", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown operation", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[i]); return(1); @@ -1885,7 +1910,7 @@ config_allows(ConfigArgs *c) { } i = verbs_to_mask(c->argc, c->argv, allowable_ops, &allows); if ( i ) { - sprintf( c->msg, "<%s> unknown feature", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown feature", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[i]); return(1); @@ -1919,7 +1944,7 @@ config_disallows(ConfigArgs *c) { } i = verbs_to_mask(c->argc, c->argv, disallowable_ops, &disallows); if ( i ) { - sprintf( c->msg, "<%s> unknown feature", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown feature", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[i]); return(1); @@ -1953,7 +1978,7 @@ config_requires(ConfigArgs *c) { } i = verbs_to_mask(c->argc, c->argv, requires_ops, &requires); if ( i ) { - sprintf( c->msg, "<%s> unknown feature", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown feature", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[i]); return(1); @@ -2021,6 +2046,43 @@ slap_loglevel_register( slap_mask_t m, struct berval *s ) return rc; } +int +slap_loglevel_get( struct berval *s, int *l ) +{ + int rc; + unsigned long i; + slap_mask_t m; + + if ( loglevel_ops == NULL ) { + loglevel_init(); + } + + for ( m = 0, i = 1; !BER_BVISNULL( &loglevel_ops[ i ].word ); i++ ) { + m |= loglevel_ops[ i ].mask; + } + + m = ~m; + + for ( i = 1; i <= ( 1 << ( sizeof( int ) * 8 - 1 ) ) && !( m & i ); i <<= 1 ) + ; + + if ( !( m & i ) ) { + return -1; + } + + rc = slap_verbmasks_append( &loglevel_ops, i, s, loglevel_ignore ); + + if ( rc != 0 ) { + Debug( LDAP_DEBUG_ANY, "slap_loglevel_register(%lu, \"%s\") failed\n", + i, s->bv_val, 0 ); + + } else { + *l = i; + } + + return rc; +} + int str2loglevel( const char *s, int *l ) { @@ -2032,7 +2094,7 @@ str2loglevel( const char *s, int *l ) i = verb_to_mask( s, loglevel_ops ); - if ( BER_BVISNULL( &loglevel_ops[ i ].word) ) { + if ( BER_BVISNULL( &loglevel_ops[ i ].word ) ) { return -1; } @@ -2111,14 +2173,14 @@ config_loglevel(ConfigArgs *c) { if ( isdigit( c->argv[i][0] ) || c->argv[i][0] == '-' ) { level = strtol( c->argv[i], &next, 10 ); if ( next == NULL || next[0] != '\0' ) { - sprintf( c->msg, "<%s> unable to parse level", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse level", c->argv[0] ); Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return( 1 ); } } else { if ( str2loglevel( c->argv[i], &level ) ) { - sprintf( c->msg, "<%s> unknown level", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown level", c->argv[0] ); Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return( 1 ); @@ -2155,7 +2217,7 @@ config_referral(ConfigArgs *c) { return 0; } if(validate_global_referral(c->argv[1])) { - sprintf( c->msg, "<%s> invalid URL", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid URL", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, c->argv[1]); return(1); @@ -2197,7 +2259,13 @@ config_security(ConfigArgs *c) { tgt = (slap_ssf_t *)((char *)set + sec_keys[i].off); if ( *tgt ) { rc = 0; - bv.bv_len = sprintf( numbuf, "%u", *tgt ); + bv.bv_len = snprintf( numbuf, sizeof( numbuf ), "%u", *tgt ); + if ( bv.bv_len >= sizeof( numbuf ) ) { + ber_bvarray_free_x( c->rvalue_vals, NULL ); + c->rvalue_vals = NULL; + rc = 1; + break; + } bv.bv_len += sec_keys[i].key.bv_len; bv.bv_val = ch_malloc( bv.bv_len + 1); next = lutil_strcopy( bv.bv_val, sec_keys[i].key.bv_val ); @@ -2219,7 +2287,7 @@ config_security(ConfigArgs *c) { } } if ( !tgt ) { - sprintf( c->msg, "<%s> unknown factor", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown factor", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s %s\n", c->log, c->msg, c->argv[i]); return(1); @@ -2227,7 +2295,7 @@ config_security(ConfigArgs *c) { *tgt = strtol(src, &next, 10); if(next == NULL || next[0] != '\0' ) { - sprintf( c->msg, "<%s> unable to parse factor", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to parse factor", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, c->argv[i]); return(1); @@ -2256,7 +2324,13 @@ replica_unparse( struct slap_replica_info *ri, int i, struct berval *bv ) struct berval bc = BER_BVNULL; char numbuf[32]; - len = sprintf(numbuf, SLAP_X_ORDERED_FMT, i ); + BER_BVZERO( bv ); + + len = snprintf(numbuf, sizeof( numbuf ), SLAP_X_ORDERED_FMT, i ); + if ( len >= sizeof( numbuf ) ) { + /* FIXME: how can indicate error? */ + return; + } len += strlen( ri->ri_uri ) + STRLENOF("uri="); if ( ri->ri_nsuffix ) { @@ -2302,7 +2376,7 @@ replica_unparse( struct slap_replica_info *ri, int i, struct berval *bv ) static int config_replica(ConfigArgs *c) { - int i, nr = -1, len; + int i, nr = -1; char *replicahost, *replicauri; LDAPURLDesc *ludp; @@ -2331,22 +2405,24 @@ config_replica(ConfigArgs *c) { for(i = 1; i < c->argc; i++) { if(!strncasecmp(c->argv[i], "host=", STRLENOF("host="))) { + ber_len_t len; + replicahost = c->argv[i] + STRLENOF("host="); - len = strlen( replicahost ); - replicauri = ch_malloc( len + STRLENOF("ldap://") + 1 ); - sprintf( replicauri, "ldap://%s", replicahost ); + len = strlen( replicahost ) + STRLENOF("ldap://"); + replicauri = ch_malloc( len + 1 ); + snprintf( replicauri, len + 1, "ldap://%s", replicahost ); replicahost = replicauri + STRLENOF( "ldap://"); nr = add_replica_info(c->be, replicauri, replicahost); break; } else if(!strncasecmp(c->argv[i], "uri=", STRLENOF("uri="))) { if(ldap_url_parse(c->argv[i] + STRLENOF("uri="), &ludp) != LDAP_SUCCESS) { - sprintf( c->msg, "<%s> invalid uri", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid uri", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return(1); } if(!ludp->lud_host) { ldap_free_urldesc(ludp); - sprintf( c->msg, "<%s> invalid uri - missing hostname", + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid uri - missing hostname", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return(1); @@ -2361,11 +2437,11 @@ config_replica(ConfigArgs *c) { } } if(i == c->argc) { - sprintf( c->msg, "<%s> missing host or uri", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> missing host or uri", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0 ); return(1); } else if(nr == -1) { - sprintf( c->msg, "<%s> unable to add replica", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unable to add replica", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, replicauri ); return(1); } else { @@ -2403,7 +2479,7 @@ config_replica(ConfigArgs *c) { continue; } if(add_replica_attrs(c->be, nr, arg + 1, exclude)) { - sprintf( c->msg, "<%s> unknown attribute", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> unknown attribute", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n", c->log, c->msg, arg + 1); return(1); @@ -2433,7 +2509,7 @@ config_updatedn(ConfigArgs *c) { return 0; } if(SLAP_SHADOW(c->be)) { - sprintf( c->msg, "<%s> database already shadowed", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> database already shadowed", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0); return(1); @@ -2474,7 +2550,7 @@ config_updateref(ConfigArgs *c) { return 0; } if(!SLAP_SHADOW(c->be)) { - sprintf( c->msg, "<%s> must appear after syncrepl or updatedn", + snprintf( c->msg, sizeof( c->msg ), "<%s> must appear after syncrepl or updatedn", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s\n", c->log, c->msg, 0); @@ -2482,7 +2558,7 @@ config_updateref(ConfigArgs *c) { } if(validate_global_referral(c->argv[1])) { - sprintf( c->msg, "<%s> invalid URL", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid URL", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, c->argv[1]); return(1); @@ -3020,7 +3096,7 @@ check_vals( ConfigTable *ct, ConfigArgs *ca, void *ptr, int isAttr ) sort = 1; rc = ordered_value_sort( a, 1 ); if ( rc ) { - sprintf(ca->msg, "ordered_value_sort failed on attr %s\n", + snprintf(ca->msg, sizeof( ca->msg ), "ordered_value_sort failed on attr %s\n", ad->ad_cname.bv_val ); return rc; } @@ -3110,7 +3186,10 @@ check_name_index( CfEntryInfo *parent, ConfigType ce_type, Entry *e, if (!a ) return LDAP_NAMING_VIOLATION; ival.bv_val = ibuf; - ival.bv_len = sprintf( ibuf, SLAP_X_ORDERED_FMT, nsibs ); + ival.bv_len = snprintf( ibuf, sizeof( ibuf ), SLAP_X_ORDERED_FMT, nsibs ); + if ( ival.bv_len >= sizeof( ibuf ) ) { + return LDAP_NAMING_VIOLATION; + } newrdn.bv_len = rdn.bv_len + ival.bv_len; newrdn.bv_val = ch_malloc( newrdn.bv_len+1 ); @@ -3413,7 +3492,7 @@ ok: } } if ( rc ) { - sprintf( ca->msg, "<%s> failed startup", ca->argv[0] ); + snprintf( ca->msg, sizeof( ca->msg ), "<%s> failed startup", ca->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n", ca->log, ca->msg, ca->argv[1] ); rc = LDAP_OTHER; @@ -4046,7 +4125,11 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent, ptr = strchr( bv.bv_val, '.' ); if ( ptr ) bv.bv_len = ptr - bv.bv_val; - c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=" SLAP_X_ORDERED_FMT, c->depth); + c->value_dn.bv_len = snprintf(c->value_dn.bv_val, sizeof( c->log ), "cn=" SLAP_X_ORDERED_FMT, c->depth); + if ( c->value_dn.bv_len >= sizeof( c->log ) ) { + /* FIXME: how can indicate error? */ + return; + } strncpy( c->value_dn.bv_val + c->value_dn.bv_len, bv.bv_val, bv.bv_len ); c->value_dn.bv_len += bv.bv_len; @@ -4072,7 +4155,11 @@ config_build_includes( ConfigArgs *c, CfEntryInfo *ceparent, for (i=0; cf; cf=cf->c_sibs, i++) { c->value_dn.bv_val = c->log; - c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=include" SLAP_X_ORDERED_FMT, i); + c->value_dn.bv_len = snprintf(c->value_dn.bv_val, sizeof( c->log ), "cn=include" SLAP_X_ORDERED_FMT, i); + if ( c->value_dn.bv_len >= sizeof( c->log ) ) { + /* FIXME: how can indicate error? */ + return; + } c->private = cf; e = config_build_entry( op, rs, ceparent, c, &c->value_dn, &CFOC_INCLUDE, NULL ); @@ -4096,7 +4183,11 @@ config_build_modules( ConfigArgs *c, CfEntryInfo *ceparent, if ( BER_BVISNULL( &mp->mp_path ) && !mp->mp_loads ) continue; c->value_dn.bv_val = c->log; - c->value_dn.bv_len = sprintf(c->value_dn.bv_val, "cn=module" SLAP_X_ORDERED_FMT, i); + c->value_dn.bv_len = snprintf(c->value_dn.bv_val, sizeof( c->log ), "cn=module" SLAP_X_ORDERED_FMT, i); + if ( c->value_dn.bv_len >= sizeof( c->log ) ) { + /* FIXME: how can indicate error? */ + return; + } c->private = mp; config_build_entry( op, rs, ceparent, c, &c->value_dn, &CFOC_MODULE, NULL ); diff --git a/servers/slapd/config.c b/servers/slapd/config.c index b462046dd7..26d20f5ee0 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -131,7 +131,7 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { c->argv[1] = ""; } if(Conf->min_args && (c->argc < Conf->min_args)) { - sprintf( c->msg, "<%s> missing <%s> argument", + snprintf( c->msg, sizeof( c->msg ), "<%s> missing <%s> argument", c->argv[0], Conf->what ); Debug(LDAP_DEBUG_CONFIG, "%s: keyword %s\n", c->log, c->msg, 0 ); return(ARG_BAD_CONF); @@ -139,7 +139,7 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { if(Conf->max_args && (c->argc > Conf->max_args)) { char *ignored = " ignored"; - sprintf( c->msg, "<%s> extra cruft after <%s>", + snprintf( c->msg, sizeof( c->msg ), "<%s> extra cruft after <%s>", c->argv[0], Conf->what ); #ifdef LDAP_DEVEL @@ -152,34 +152,34 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { #endif /* LDAP_DEVEL */ } if((arg_type & ARG_DB) && !c->be) { - sprintf( c->msg, "<%s> only allowed within database declaration", + snprintf( c->msg, sizeof( c->msg ), "<%s> only allowed within database declaration", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: keyword %s\n", c->log, c->msg, 0); return(ARG_BAD_CONF); } if((arg_type & ARG_PRE_BI) && c->bi) { - sprintf( c->msg, "<%s> must occur before any backend %sdeclaration", + snprintf( c->msg, sizeof( c->msg ), "<%s> must occur before any backend %sdeclaration", c->argv[0], (arg_type & ARG_PRE_DB) ? "or database " : "" ); Debug(LDAP_DEBUG_CONFIG, "%s: keyword %s\n", c->log, c->msg, 0 ); return(ARG_BAD_CONF); } if((arg_type & ARG_PRE_DB) && c->be && c->be != frontendDB) { - sprintf( c->msg, "<%s> must occur before any database declaration", + snprintf( c->msg, sizeof( c->msg ), "<%s> must occur before any database declaration", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: keyword %s\n", c->log, c->msg, 0); return(ARG_BAD_CONF); } if((arg_type & ARG_PAREN) && *c->argv[1] != '(' /*')'*/) { - sprintf( c->msg, "<%s> old format not supported", c->argv[0] ); + snprintf( c->msg, sizeof( c->msg ), "<%s> old format not supported", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0); return(ARG_BAD_CONF); } if((arg_type & ARGS_POINTER) && !Conf->arg_item && !(arg_type & ARG_OFFSET)) { - sprintf( c->msg, "<%s> invalid config_table, arg_item is NULL", + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid config_table, arg_item is NULL", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0); @@ -204,7 +204,7 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { !strcasecmp(c->argv[1], "false")) { iarg = 0; } else { - sprintf( c->msg, "<%s> invalid value, ignored", + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value, ignored", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 ); @@ -215,7 +215,7 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { j = (arg_type & ARG_NONZERO) ? 1 : 0; if(iarg < j && larg < j && barg < j ) { larg = larg ? larg : (barg ? barg : iarg); - sprintf( c->msg, "<%s> invalid value, ignored", + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value, ignored", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: %s\n", c->log, c->msg, 0 ); @@ -238,7 +238,7 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { ber_str2bv( c->argv[1], 0, 0, &bv ); rc = dnPrettyNormal( NULL, &bv, &c->value_dn, &c->value_ndn, NULL ); if ( rc != LDAP_SUCCESS ) { - sprintf( c->msg, "<%s> invalid DN %d (%s)", + snprintf( c->msg, sizeof( c->msg ), "<%s> invalid DN %d (%s)", c->argv[0], rc, ldap_err2string( rc )); Debug(LDAP_DEBUG_CONFIG, "%s: %s\n" , c->log, c->msg, 0); return(ARG_BAD_CONF); @@ -265,7 +265,7 @@ int config_set_vals(ConfigTable *Conf, ConfigArgs *c) { #endif if(rc) { if ( !c->msg[0] ) { - sprintf( c->msg, "<%s> handler exited with %d", + snprintf( c->msg, sizeof( c->msg ), "<%s> handler exited with %d", c->argv[0], rc ); Debug(LDAP_DEBUG_CONFIG, "%s: %s!\n", c->log, c->msg, 0 ); @@ -280,7 +280,7 @@ int config_set_vals(ConfigTable *Conf, ConfigArgs *c) { else if (c->bi) ptr = c->bi->bi_private; else { - sprintf( c->msg, "<%s> offset is missing base pointer", + snprintf( c->msg, sizeof( c->msg ), "<%s> offset is missing base pointer", c->argv[0] ); Debug(LDAP_DEBUG_CONFIG, "%s: %s!\n", c->log, c->msg, 0); @@ -393,10 +393,10 @@ config_get_vals(ConfigTable *cf, ConfigArgs *c) if ( cf->arg_type & ARGS_POINTER) { bv.bv_val = c->log; switch(cf->arg_type & ARGS_POINTER) { - case ARG_INT: bv.bv_len = sprintf(bv.bv_val, "%d", c->value_int); break; - case ARG_LONG: bv.bv_len = sprintf(bv.bv_val, "%ld", c->value_long); break; - case ARG_BER_LEN_T: bv.bv_len = sprintf(bv.bv_val, "%ld", c->value_ber_t); break; - case ARG_ON_OFF: bv.bv_len = sprintf(bv.bv_val, "%s", + case ARG_INT: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%d", c->value_int); break; + case ARG_LONG: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%ld", c->value_long); break; + case ARG_BER_LEN_T: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%ld", c->value_ber_t); break; + case ARG_ON_OFF: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%s", c->value_int ? "TRUE" : "FALSE"); break; case ARG_STRING: if ( c->value_string && c->value_string[0]) { @@ -413,6 +413,9 @@ config_get_vals(ConfigTable *cf, ConfigArgs *c) } break; } + if (bv.bv_val == c->log && bv.bv_len >= sizeof( c->log ) ) { + return 1; + } if (( cf->arg_type & ARGS_POINTER ) == ARG_STRING ) ber_bvarray_add(&c->rvalue_vals, &bv); else @@ -1385,7 +1388,7 @@ int config_generic_wrapper( Backend *be, const char *fname, int lineno, c.argc = argc; c.argv = argv; c.valx = -1; - sprintf( c.log, "%s: line %d", fname, lineno ); + snprintf( c.log, sizeof( c.log ), "%s: line %d", fname, lineno ); rc = SLAP_CONF_UNKNOWN; ct = config_find_keyword( be->be_cf_ocs->co_table, &c ); -- 2.39.5