summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorBoris Popov <bp@FreeBSD.org>1999-09-27 08:35:51 +0000
committerBoris Popov <bp@FreeBSD.org>1999-09-27 08:35:51 +0000
commit009a8bb4a440ba52d6a7ab3de825e5000fd14369 (patch)
tree04cbf0bf2fcbab59174dec79c5437b4046bcb12e /net
parentChange the maintainer's email address, bp has a @FreeBSD.org account now. (diff)
Buffer overflow fixes for version 0.99pl17. Original patches for pl15
was submitted by Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL> to securityfocus.com.
Notes
Notes: svn path=/head/; revision=22000
Diffstat (limited to 'net')
-rw-r--r--net/mars_nwe/Makefile1
-rw-r--r--net/mars_nwe/files/patch-aa848
-rw-r--r--net/mars_nwe/pkg-plist1
3 files changed, 850 insertions, 0 deletions
diff --git a/net/mars_nwe/Makefile b/net/mars_nwe/Makefile
index 1614f5700f0f..3398bc7d2820 100644
--- a/net/mars_nwe/Makefile
+++ b/net/mars_nwe/Makefile
@@ -23,6 +23,7 @@ do-build:
do-install:
@(cd ${WRKSRC} && ./mk.li install)
+ @${INSTALL_DATA} ${WRKSRC}/examples/nw.ini ${PREFIX}/etc/nwserv.conf.example
@${ECHO} "You'll need to create a startup file to load MARS_NWE Server when booting."
@${ECHO} "Create a nwserv.sh in ${PREFIX}/etc/rc.d directory and modify"
@${ECHO} "${PREFIX}/etc/nwserv.conf manually before you loading server."
diff --git a/net/mars_nwe/files/patch-aa b/net/mars_nwe/files/patch-aa
index dfa341892806..a3de13578157 100644
--- a/net/mars_nwe/files/patch-aa
+++ b/net/mars_nwe/files/patch-aa
@@ -1,3 +1,851 @@
+Index: connect.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/connect.c,v
+retrieving revision 1.1.1.4
+retrieving revision 1.5
+diff -u -r1.1.1.4 -r1.5
+--- connect.c 1999/06/04 09:37:54 1.1.1.4
++++ connect.c 1999/09/27 07:51:48 1.5
+@@ -115,13 +115,13 @@
+ strcpy(unixname, "Z/Z/Z/Z"); /* */
+ return(unixname);
+ }
+- strcpy(unixname, (char*)nw_volumes[volume].unixname); /* first UNIXNAME VOLUME */
++ strncpy(unixname, (char*)nw_volumes[volume].unixname, sizeof(unixname)-1); /* first UNIXNAME VOLUME */
+
+ p = pp = unixname+strlen(unixname);
+- strcpy(p, (char*)nwpath->path); /* now the path */
++ strncpy(p, (char*)nwpath->path, (sizeof(unixname)-strlen(unixname)-1)); /* now the path */
+ p += strlen((char*)nwpath->path);
+ if ( (!(modus & 1)) && nwpath->fn[0])
+- strcpy(p, (char*)nwpath->fn); /* and now fn */
++ strncpy(p, (char*)nwpath->fn, (sizeof(unixname)-strlen(unixname)-1)); /* and now fn */
+ else if ((modus & 2) && (*(p-1) == '/')) {
+ if (p > unixname+1) *(--p) = '\0';
+ else {
+@@ -178,7 +178,7 @@
+
+ /* init dir_handle */
+ dh=&(dir_handles[rethandle-1]);
+- strcpy(dh->unixname, build_unix_name(nwpath, 0));
++ strncpy(dh->unixname, build_unix_name(nwpath, 0), sizeof(dh->unixname)-1);
+ dh->kpath = dh->unixname + strlen(dh->unixname);
+ if (dh->f) {
+ closedir(dh->f);
+@@ -394,8 +394,8 @@
+ char volname[100];
+ if (p->volume < 0 || p->volume >= used_nw_volumes) {
+ sprintf(volname, "<%d=NOT-OK>", (int)p->volume);
+- } else strcpy(volname, (char*)nw_volumes[p->volume].sysname);
+- sprintf(nwpathname, "%s:%s%s", volname, p->path, p->fn);
++ } else strncpy(volname, (char*)nw_volumes[p->volume].sysname, sizeof(volname)-1);
++ snprintf(nwpathname, sizeof(nwpathname), "%s:%s%s", volname, p->path, p->fn);
+ return(nwpathname);
+ }
+
+@@ -522,10 +522,10 @@
+ fs->attrib = attrib;
+ if (volume < 0 || volume >= used_nw_volumes) return(-1); /* something wrong */
+ else soptions = nw_volumes[volume].options;
+- strcpy((char*)entry, (char*)nwpath->fn);
++ strncpy((char*)entry, (char*)nwpath->fn, sizeof(entry)-1);
+
+ nwpath->fn[0] = '\0';
+- strcpy(xkpath, build_unix_name(nwpath, 1|2));
++ strncpy(xkpath, build_unix_name(nwpath, 1|2), sizeof(xkpath)-1);
+
+ XDPRINTF((5,0,"func_search_entry attrib=0x%x path:%s:, xkpath:%s:, entry:%s:",
+ attrib, nwpath->path, xkpath, entry));
+@@ -554,12 +554,12 @@
+ || fn_dos_match(dname, entry, soptions)));
+ if (okflag) {
+ *kpath = '\0';
+- strcpy(kpath, (char*)name);
++ strncpy(kpath, (char*)name, sizeof((xkpath)-strlen(xkpath)-1));
+ if (!s_stat(xkpath, &(fs->statb), NULL)) {
+ okflag = ( ( ( (fs->statb.st_mode & S_IFMT) == S_IFDIR) && (attrib & 0x10))
+ || ( ( (fs->statb.st_mode & S_IFMT) != S_IFDIR) && !(attrib & 0x10)));
+ if (okflag){
+- strcpy((char*)nwpath->fn, (char*)dname);
++ strncpy((char*)nwpath->fn, (char*)dname, sizeof(nwpath->fn));
+ XDPRINTF((5,0,"FOUND=:%s: attrib=0x%x", nwpath->fn, fs->statb.st_mode));
+ result = (*fs_func)(nwpath, fs);
+ if (result < 0) break;
+@@ -592,9 +592,9 @@
+ int akt_sequence=0;
+ if (volume < 0 || volume >= used_nw_volumes) return(-0x98); /* something wrong */
+ else soptions = nw_volumes[volume].options;
+- strcpy((char*)entry, (char*)nwpath->fn);
++ strncpy((char*)entry, (char*)nwpath->fn, sizeof(entry)-1);
+ nwpath->fn[0] = '\0';
+- strcpy(xkpath, build_unix_name(nwpath, 1|2));
++ strncpy(xkpath, build_unix_name(nwpath, 1|2), sizeof(xkpath)-1);
+ XDPRINTF((5,0,"get_dir_entry attrib=0x%x path:%s:, xkpath:%s:, entry:%s:",
+ attrib, nwpath->path, xkpath, entry));
+
+@@ -632,7 +632,7 @@
+ || fn_dos_match(dname, entry, soptions)))) ? 0 : -0xff;
+ if (!okflag) {
+ *kpath = '\0';
+- strcpy(kpath, (char*)name);
++ strncpy(kpath, (char*)name, sizeof(xkpath)-strlen(xkpath)-1);
+ if (!s_stat(xkpath, statb, NULL)) {
+ okflag = (( ( ( (statb->st_mode & S_IFMT) == S_IFDIR) && (attrib & 0x10))
+ || ( ( (statb->st_mode & S_IFMT) != S_IFDIR) && !(attrib & 0x10))))
+@@ -641,7 +641,7 @@
+ if (soptions & VOL_OPTION_IS_PIPE) {
+ statb->st_size = 0x70000000|(statb->st_mtime&0xfffffff);
+ }
+- strcpy((char*)nwpath->fn, (char*)dname);
++ strncpy((char*)nwpath->fn, (char*)dname, sizeof(nwpath->fn)-1);
+ XDPRINTF((5,0,"FOUND=:%s: attrib=0x%x", nwpath->fn, statb->st_mode));
+ break; /* ready */
+ }
+@@ -682,7 +682,8 @@
+ int *sequence,
+ int attrib,
+ char *unixname,
+- struct stat *statb)
++ struct stat *statb,
++ int len)
+
+ /* returns 1 if OK and 0 if not OK */
+ {
+@@ -728,7 +729,7 @@
+ || fn_dos_match(dname, entry, dh->vol_options)));
+
+ if (okflag) {
+- strcpy(dh->kpath, (char*)name);
++ strncpy(dh->kpath, (char*)name, sizeof(dh->unixname)-1);
+ XDPRINTF((5,0,"get_dh_entry Name=%s unixname=%s",
+ name, dh->unixname));
+
+@@ -737,8 +738,8 @@
+ || (((statb->st_mode & S_IFMT) != S_IFDIR) && !(attrib & 0x10)));
+ if (okflag){
+ if (unixname)
+- strcpy(unixname, dh->unixname);
+- strcpy((char*)search, (char*)dname);
++ strncpy(unixname, dh->unixname, sizeof(unixname)-1);
++ strncpy((char*)search, (char*)dname, len-1);
+ break; /* ready */
+ }
+ } else okflag = 0;
+@@ -758,7 +759,8 @@
+ uint8 *fn,
+ int *has_wild,
+ uint8 *data,
+- int len)
++ int len,
++ int lenn)
+
+ /* is called from build_path */
+ {
+@@ -790,10 +792,10 @@
+ *p1 = '\0';
+ if (fn != NULL) { /* if with filename */
+ if (p != NULL){ /* exist directory-path */
+- strcpy((char*)fn, (char*)p);
++ strncpy((char*)fn, (char*)p, lenn-1);
+ *p = '\0';
+ } else { /* only filename */
+- strcpy((char*)fn, (char*)path);
++ strncpy((char*)fn, (char*)path, lenn-1);
+ *path= '\0';
+ }
+ }
+@@ -816,7 +818,7 @@
+ (only_dir) ? (uint8)NULL
+ : path->fn,
+ &(path->has_wild),
+- data, len);
++ data, len, sizeof(path->fn));
+
+ path->volume = -1;
+ if (only_dir) path->fn[0] = '\0';
+@@ -879,7 +881,7 @@
+ uint8 *ppp=nwpath->path;
+ int completition=0;
+
+- strcpy((char*)searchpath, (char*)ppp); /* save path */
++ strncpy((char*)searchpath, (char*)ppp, sizeof(searchpath)-1); /* save path */
+
+ if (nwpath->volume > -1) { /* absolute path */
+ *ppp= '\0';
+@@ -892,7 +894,7 @@
+ *ppp = '\0';
+ } else { /* get path from dir_handle */
+ NW_VOL *v = &nw_volumes[nwpath->volume];
+- strcpy((char*)ppp, (char*)dirs[dir_handle].path);
++ strncpy((char*)ppp, (char*)dirs[dir_handle].path, sizeof(nwpath->path)-1);
+ if (v->options & VOL_OPTION_IGNCASE)
+ ppp += strlen(ppp);
+ }
+@@ -974,9 +976,9 @@
+ int pathlen = strlen(nwpath->path);
+ int fnlen = strlen(nwpath->fn);
+ memcpy(unixname, v->unixname, v->unixnamlen);
+- strcpy(pp, nwpath->path);
++ strncpy(pp, nwpath->path, sizeof(unixname)-v->unixnamlen-1);
+ if (fnlen)
+- strcpy(pp+pathlen, nwpath->fn);
++ strncpy(pp+pathlen, nwpath->fn, sizeof(unixname)-v->unixnamlen-pathlen-1);
+ dos2unixcharset(pp);
+ pp += offset;
+ pathlen -= offset;
+@@ -1008,7 +1010,7 @@
+ }
+
+ int conn_get_full_path(int dirhandle, uint8 *data, int len,
+- uint8 *fullpath)
++ uint8 *fullpath, int lenn)
+ /* returns path in form VOLUME:PATH */
+ {
+ NW_PATH nwpath;
+@@ -1023,7 +1025,7 @@
+ nw_volumes[nwpath.volume].sysname, p);
+ if (nwpath.fn[0]) {
+ if (*p) fullpath[len++]='/';
+- strcpy(fullpath+len, nwpath.fn);
++ strncpy(fullpath+len, nwpath.fn, lenn-len-1);
+ }
+ result=len+strlen(nwpath.fn);
+ }
+@@ -1046,7 +1048,7 @@
+ completition = build_dir_name(&nwpath, &stbuff, dirhandle);
+ if (completition > -1) {
+ if (unixname)
+- strcpy(unixname, build_unix_name(&nwpath, 0));
++ strncpy(unixname, build_unix_name(&nwpath, 0), 299);
+ completition=nwpath.volume;
+ }
+ XDPRINTF((5, 0, "conn_get_kpl_unxname: completition=0x%x", completition));
+@@ -1149,7 +1151,7 @@
+ static int do_delete_file(NW_PATH *nwpath, FUNC_SEARCH *fs)
+ {
+ char unname[256];
+- strcpy(unname, build_unix_name(nwpath, 0));
++ strncpy(unname, build_unix_name(nwpath, 0), sizeof(unname)-1);
+ XDPRINTF((5,0,"DELETE FILE unname:%s:", unname));
+ return(nw_unlink_node(nwpath->volume, unname, &(fs->statb)));
+ }
+@@ -1362,12 +1364,12 @@
+
+ if (completition > -1) {
+ char qfn[256];
+- strcpy(qfn, build_unix_name(&quellpath,0));
++ strncpy(qfn, build_unix_name(&quellpath,0), sizeof(qfn)-1);
+ completition=conn_get_kpl_path(&zielpath, &zstbuff, zdirhandle, z, zlen, 0);
+ if (completition > -1) {
+ char zpath[256];
+ completition=0;
+- strcpy(zpath, build_unix_name(&zielpath, 1));
++ strncpy(zpath, build_unix_name(&zielpath, 1), sizeof(zpath)-1);
+ if (stat(qfn, &qstbuff) ||
+ tru_eff_rights_exists(quellpath.volume, qfn, &qstbuff,
+ TRUSTEE_W|TRUSTEE_M|TRUSTEE_R))
+@@ -1378,7 +1380,7 @@
+ }
+ if (!completition){
+ char unziel[256];
+- strcpy(unziel, build_unix_name(&zielpath,0));
++ strncpy(unziel, build_unix_name(&zielpath,0), sizeof(unziel)-1);
+
+ seteuid(0);
+ if (entry8_flags & 0x4) /* new: 20-Nov-96 */
+@@ -1407,7 +1409,7 @@
+ NW_FILE_INFO *f=(NW_FILE_INFO*)fs->ubuf;
+ int voloptions = get_volume_options(nwpath->volume);
+ struct stat statb;
+- strcpy(unname, build_unix_name(nwpath, 0));
++ strncpy(unname, build_unix_name(nwpath, 0), sizeof(unname)-1);
+ if (!stat(unname, &statb)) {
+ if (S_ISFIFO(statb.st_mode) || (voloptions&VOL_OPTION_IS_PIPE))
+ return(0); /* do nothing but report OK */
+@@ -1492,7 +1494,7 @@
+ }
+ if (completition < 0) return(completition);
+ voloptions=get_volume_options(nwpath.volume);
+- strcpy(unname, build_unix_name(&nwpath, 2));
++ strncpy(unname, build_unix_name(&nwpath, 2), sizeof(unname)-1);
+ XDPRINTF((5,0,"set file attrib 0x%x, unname:%s:", newattrib, unname));
+
+ if (!s_stat(unname, &stbuff, &stb)){
+@@ -1558,7 +1560,7 @@
+ struct stat stb;
+ uint8 path[260];
+ uint8 *p=path+strlen(unname);
+- strcpy(path, unname);
++ strncpy(path, unname, sizeof(path));
+ while (p > path && *p != '/') --p;
+ if (p > path) {
+ *p='\0';
+@@ -1667,7 +1669,7 @@
+ dir_handle, data, len, (mode) ? 0 : 1 );
+ if (completition > -1) {
+ char unname[256];
+- strcpy(unname, build_unix_name(&nwpath, 2));
++ strncpy(unname, build_unix_name(&nwpath, 2), sizeof(unname)-1);
+ if (mode) {
+ completition=nw_creat_node(nwpath.volume, unname, 1);
+ } else { /* rmdir */
+@@ -1694,7 +1696,7 @@
+ char zpath[256];
+ struct stat zstbuff;
+ completition = 0;
+- strcpy(qfn, build_unix_name(&quellpath,0));
++ strncpy(qfn, build_unix_name(&quellpath,0), sizeof(qfn)-1);
+ memcpy(&zielpath, &quellpath, sizeof(NW_PATH));
+ strmaxcpy(zielpath.fn, destdata, destdatalen);
+
+@@ -1714,7 +1716,7 @@
+ */
+ #endif
+
+- strcpy(zpath, build_unix_name(&zielpath, 1));
++ strncpy(zpath, build_unix_name(&zielpath, 1), sizeof(zpath)-1);
+ if (stat(qfn, &qstbuff) ||
+ tru_eff_rights_exists(quellpath.volume, qfn, &qstbuff,
+ TRUSTEE_W|TRUSTEE_M|TRUSTEE_R))
+@@ -1727,7 +1729,7 @@
+ if (completition > -1){
+ int result;
+ char unziel[256];
+- strcpy(unziel, build_unix_name(&zielpath, 0));
++ strncpy(unziel, build_unix_name(&zielpath, 0), sizeof(unziel)-1);
+
+ seteuid(0);
+ result = unx_mvdir((uint8 *)qfn, (uint8 *)unziel);
+@@ -1815,7 +1817,7 @@
+ NW_DIR *d = &(dirs[0]);
+ int namspace_max_baseh=0;
+ int namspace_max_searchh=0;
+- strcpy((char*)nwlogin.path, (char*)login);
++ strncpy((char*)nwlogin.path, (char*)login, sizeof(nwlogin.path)-1);
+ nwlogin.fn[0] = '\0';
+ nwlogin.volume = 0;
+
+@@ -1850,7 +1852,7 @@
+ entry8_flags = hextoi((char*)buff);
+ } else if (what == 9) { /* umode */
+ uint8 buf1[300], buf2[300];
+- if (2 == sscanf((char*)buff, "%s %s", buf1, buf2)) {
++ if (2 == sscanf((char*)buff, "%300s %300s", buf1, buf2)) {
+ default_umode_dir = octtoi(buf1);
+ default_umode_file = octtoi(buf2);
+ }
+@@ -1999,7 +2001,7 @@
+ &stbuff);
+ if (!completition) {
+ char unixname[300];
+- strcpy(unixname, build_unix_name(&nwpath, 0));
++ strncpy(unixname, build_unix_name(&nwpath, 0), sizeof(unixname)-1);
+ if ( S_ISDIR(stbuff.st_mode) ) {
+ get_dir_attrib((NW_DIR_INFO*)info, unixname, &stbuff,
+ &nwpath);
+@@ -2056,7 +2058,7 @@
+ &searchsequence,
+ search_attrib,
+ unixname,
+- &stbuff)){
++ &stbuff, sizeof(nwpath.fn))){
+
+ if ( S_ISDIR(stbuff.st_mode) ) {
+ get_dir_attrib((NW_DIR_INFO*)info, unixname, &stbuff,
+@@ -2086,7 +2088,7 @@
+ int inode=conn_get_kpl_path(&nwpath, &stbuff, dir_handle, data, len, 1);
+ if (inode > -1) {
+ uint8 unixname[257];
+- strcpy(unixname, build_unix_name(&nwpath, 0));
++ strncpy(unixname, build_unix_name(&nwpath, 0), sizeof(unixname-1));
+ inode = insert_new_dir(&nwpath, stbuff.st_dev, stbuff.st_ino,
+ driveletter, is_temphandle, task);
+ *eff_rights=tru_get_eff_rights(nwpath.volume, unixname, &stbuff);
+@@ -2225,7 +2227,7 @@
+ int completition = conn_get_kpl_path(&nwpath, &stbuff,
+ dir_handle, data, len, 0);
+ if (completition < 0) return(completition);
+- strcpy(unname, build_unix_name(&nwpath, 0));
++ strncpy(unname, build_unix_name(&nwpath, 0), sizeof(unname)-1);
+ if (s_stat(unname, &stbuff, NULL) ||
+ (!modus && !S_ISDIR(stbuff.st_mode)) ) {
+ completition = -0x9c;
+@@ -2248,7 +2250,7 @@
+ int completition = conn_get_kpl_path(&nwpath, &stbuff, dir_handle, data, len, 0);
+ if (completition > -1) {
+ char unixname[300];
+- strcpy(unixname, build_unix_name(&nwpath, 0));
++ strncpy(unixname, build_unix_name(&nwpath, 0), sizeof(unixname)-1);
+ completition=file_creat_open(nwpath.volume, (uint8*)unixname,
+ &stbuff, attrib, access, creatmode, task);
+
+@@ -2283,7 +2285,7 @@
+ up_fn(wild);
+ }
+
+- strcpy((char*)dirname, (char*)wild);
++ strncpy((char*)dirname, (char*)wild, sizeof(dirname)-1);
+ XDPRINTF((5,0,"SCAN_DIR: rights = 0x%x, subnr = %d",
+ (int)rights, (int)GET_BE16(subnr)));
+
+@@ -2294,7 +2296,7 @@
+ &searchsequence,
+ 0x10,
+ unixname,
+- &stbuff) ) {
++ &stbuff, sizeof(dirname)) ) {
+
+ XDPRINTF((5,0,"SCAN_DIR: von %s, found %s:", dh->unixname, dirname));
+ if (++aktsequence == dirsequence) { /* actual found */
+@@ -2306,7 +2308,7 @@
+ un_time_2_nw(stbuff.st_mtime, subdatetime+2, 1);
+ return(tru_get_inherited_mask(volume, unixname, &stbuff));
+ }
+- strcpy((char*)dirname, (char*)wild);
++ strncpy((char*)dirname, (char*)wild, sizeof(dirname)-1);
+ } /* while */
+ } else {
+ *(dh->kpath) = '.';
+@@ -2427,7 +2429,7 @@
+ if (!completition) {
+ char unixname[300];
+ NW_SCAN_DIR_INFO *scif = (NW_SCAN_DIR_INFO*)rdata;
+- strcpy(unixname, build_unix_name(&nwpath, 0));
++ strncpy(unixname, build_unix_name(&nwpath, 0), sizeof(unixname)-1);
+ memset(rdata, 0, sizeof(NW_SCAN_DIR_INFO));
+ U32_TO_BE32((uint32)searchsequence, scif->searchsequence);
+
+@@ -2459,7 +2461,7 @@
+ nwpath.path, nwpath.fn, completition));
+ if (completition > -1) {
+ char unixname[300];
+- strcpy(unixname, build_unix_name(&nwpath, 2));
++ strncpy(unixname, build_unix_name(&nwpath, 2), sizeof(unixname)-1);
+ if (!s_stat(unixname, &stbuff, NULL)) {
+ NW_DOS_DIR_INFO *d=(NW_DOS_DIR_INFO*)rdata;
+ memset(rdata, 0, sizeof(NW_DOS_DIR_INFO));
+@@ -2491,7 +2493,7 @@
+ if (!completition) {
+ char unixname[300];
+ uint32 change_mask=GET_32(f->change_bits);
+- strcpy(unixname,build_unix_name(&nwpath, 0));
++ strncpy(unixname,build_unix_name(&nwpath, 0), sizeof(unixname)-1);
+ if (change_mask & 0x2) {
+ completition=set_nw_attrib_dword(nwpath.volume, unixname, &stbuff,
+ GET_32(f->u.f.attributes));
+@@ -2610,7 +2612,7 @@
+ NW_PATH nwpath;
+ int result = conn_get_kpl_path(&nwpath, &stbuff, dir_handle, data, len, 0);
+ if (result < 0) return(result);
+- strcpy(unname, build_unix_name(&nwpath, 0));
++ strncpy(unname, build_unix_name(&nwpath, 0), sizeof(unname)-1);
+ if (s_stat(unname, &stbuff, NULL) ||
+ (!extended && !S_ISDIR(stbuff.st_mode)) ) {
+ result = -0x9c;
+@@ -2634,7 +2636,7 @@
+ NW_PATH nwpath;
+ int result = conn_get_kpl_path(&nwpath, &stbuff, dir_handle, data, len, 0);
+ if (result < 0) return(result);
+- strcpy(unname, build_unix_name(&nwpath, 0));
++ strncpy(unname, build_unix_name(&nwpath, 0), sizeof(unname)-1);
+ if (s_stat(unname, &stbuff, NULL) ||
+ (!extended && !S_ISDIR(stbuff.st_mode)) ) {
+ result = -0x9c;
+@@ -2653,7 +2655,7 @@
+ NW_PATH nwpath;
+ int result = conn_get_kpl_path(&nwpath, &stbuff, dir_handle, data, len,0);
+ if (result < 0) return(result);
+- strcpy(unname, build_unix_name(&nwpath, 0));
++ strncpy(unname, build_unix_name(&nwpath, 0), sizeof(unname)-1);
+ if (s_stat(unname, &stbuff, NULL) || !S_ISDIR(stbuff.st_mode)) {
+ result = -0x9c;
+ } else {
+@@ -2695,7 +2697,7 @@
+ int result = conn_get_kpl_path(&nwpath, &stbuff, dir_handle, path, len,
+ (extended) ? 0 : 1);
+ if (result < 0) return(result);
+- strcpy(unname, build_unix_name(&nwpath, 0));
++ strncpy(unname, build_unix_name(&nwpath, 0), sizeof(unname)-1);
+ if (s_stat(unname, &stbuff, NULL) ||
+ (!extended && !S_ISDIR(stbuff.st_mode)) ) {
+ result = -0x9c;
+Index: connect.h
+===================================================================
+RCS file: /usr/local/cvsrp/mars/connect.h,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- connect.h 1999/06/04 09:37:55 1.1.1.2
++++ connect.h 1999/09/27 07:51:48 1.2
+@@ -210,7 +210,7 @@
+ extern int entry8_flags; /* special flags, see examples nw.ini, entry 8 */
+
+ extern int conn_get_full_path(int dirhandle, uint8 *data, int len,
+- uint8 *fullpath);
++ uint8 *fullpath, int lenn);
+
+ extern int conn_get_kpl_unxname(char *unixname,
+ int dirhandle,
+Index: ipxif.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/ipxif.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+Index: nameos2.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nameos2.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -r1.1.1.1 -r1.2
+--- nameos2.c 1999/01/28 06:21:36 1.1.1.1
++++ nameos2.c 1999/09/27 07:51:48 1.2
+@@ -116,7 +116,7 @@
+ }
+ #endif
+
+-void mangle_os2_name(NW_VOL *vol, uint8 *unixname, uint8 *pp)
++void mangle_os2_name(NW_VOL *vol, uint8 *unixname, uint8 *pp, int len)
+ {
+ #if MAX_NAME_OS2_CACHE
+ int k = -1;
+@@ -149,7 +149,7 @@
+ new_str(b->cache[0], pp);
+ }
+ } else {
+- strcpy(pp, b->cache[besthit]);
++ strncpy(pp, b->cache[besthit], len-1);
+ if (besthit > 2) {
+ uint8 *sp=b->cache[besthit];
+ while (besthit--) {
+Index: nameos2.h
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nameos2.h,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -r1.1.1.1 -r1.2
+--- nameos2.h 1999/01/28 06:21:36 1.1.1.1
++++ nameos2.h 1999/09/27 07:51:48 1.2
+@@ -7,7 +7,7 @@
+ #define _NAMEOS2_H_
+ #if WITH_NAME_SPACE_CALLS
+
+-extern void mangle_os2_name(NW_VOL *vol, uint8 *unixname, uint8 *pp);
++extern void mangle_os2_name(NW_VOL *vol, uint8 *unixname, uint8 *pp, int len);
+ extern int fn_os2_match(uint8 *s, uint8 *p, int soptions);
+
+ #endif
+Index: namspace.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/namspace.c,v
+retrieving revision 1.1.1.3
+retrieving revision 1.2
+diff -u -r1.1.1.3 -r1.2
+--- namspace.c 1999/06/04 09:37:56 1.1.1.3
++++ namspace.c 1999/09/27 07:51:48 1.2
+@@ -617,7 +617,7 @@
+ if (nwpath->namespace == NAME_OS2) {
+ dos2unixcharset(pp);
+ pp+=npbeg;
+- mangle_os2_name(v, unixname, pp);
++ mangle_os2_name(v, unixname, pp, sizeof(unixname)-v->unixnamlen-npbeg);
+ if (nplen > 0) {
+ unix2doscharset(pp);
+ memcpy(nwpath->path+npbeg, pp, nplen);
+Index: nwattrib.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwattrib.c,v
+retrieving revision 1.1.1.1
+retrieving revision 1.2
+diff -u -r1.1.1.1 -r1.2
+--- nwattrib.c 1999/01/28 06:21:36 1.1.1.1
++++ nwattrib.c 1999/09/27 07:51:48 1.2
+@@ -33,7 +33,7 @@
+ int l;
+ uint8 buf_uc[4];
+ U32_TO_BE32(inode, buf_uc);
+- l=sprintf(buf, "%s/%x/%x/%x/%x", path_attributes,
++ l=snprintf(buf, sizeof(buf), "%s/%x/%x/%x/%x", path_attributes,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -52,7 +52,7 @@
+ char buf[255];
+ uint8 buf_uc[4];
+ U32_TO_BE32(inode, buf_uc);
+- sprintf(buf, "%s/%x/%x/%x/%x/%x", path_attributes,
++ snprintf(buf, sizeof(buf), "%s/%x/%x/%x/%x/%x", path_attributes,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -71,7 +71,7 @@
+ int l;
+ uint8 buf_uc[4];
+ U32_TO_BE32(inode, buf_uc);
+- sprintf(buf, "%s/%x/%x/%x/%x/%x", path_attributes,
++ snprintf(buf, sizeof(buf), "%s/%x/%x/%x/%x/%x", path_attributes,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+Index: nwbind.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwbind.c,v
+retrieving revision 1.1.1.4
+retrieving revision 1.2
+diff -u -r1.1.1.4 -r1.2
+--- nwbind.c 1999/06/04 09:37:58 1.1.1.4
++++ nwbind.c 1999/09/27 07:51:48 1.2
+@@ -416,7 +416,7 @@
+ } *xdata = (struct XDATA*) responsedata;
+ int k, i, h;
+ memset(xdata, 0, sizeof(struct XDATA));
+- strcpy(xdata->servername, my_nwname);
++ strncpy(xdata->servername, my_nwname, sizeof(xdata->servername)-1);
+ if (!tells_server_version) {
+ xdata->version = 2;
+ xdata->subversion = 15;
+Index: nwconn.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwconn.c,v
+retrieving revision 1.1.1.4
+retrieving revision 1.2
+diff -u -r1.1.1.4 -r1.2
+--- nwconn.c 1999/06/04 09:37:59 1.1.1.4
++++ nwconn.c 1999/09/27 07:51:48 1.2
+@@ -1129,7 +1129,7 @@
+ uint8 *path = rdata+3+q_name_len+2;
+ uint8 new_path[257];
+ int result = conn_get_full_path(*dirhandle,
+- path, pathlen, new_path);
++ path, pathlen, new_path, sizeof(new_path));
+ if (result > -1) {
+ int diffsize = result - pathlen;
+ *dirhandle = 0;
+Index: nwdbm.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwdbm.c,v
+retrieving revision 1.1.1.3
+retrieving revision 1.2
+diff -u -r1.1.1.3 -r1.2
+--- nwdbm.c 1999/03/07 09:02:42 1.1.1.3
++++ nwdbm.c 1999/09/27 07:51:49 1.2
+@@ -2362,7 +2362,7 @@
+ pp=directory;
+ state++;
+ } else if (state==3) {
+- strcpy(command, p-1);
++ strncpy(command, p-1, sizeof(command)-1);
+ break;
+ }
+ }
+Index: nwfile.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwfile.c,v
+retrieving revision 1.1.1.3
+retrieving revision 1.2
+diff -u -r1.1.1.3 -r1.2
+--- nwfile.c 1999/06/04 09:38:00 1.1.1.3
++++ nwfile.c 1999/09/27 07:51:49 1.2
+@@ -100,7 +100,7 @@
+ fh->st_ino = 0;
+ fh->access = 0;
+ fh->inuse = 0;
+- strcpy((char*)fh->fname, (char*)unixname);
++ strncpy((char*)fh->fname, (char*)unixname, sizeof(fh->fname)-1);
+ fh->fh_flags = 0;
+ fh->f = NULL;
+ fh->volume = volume;
+@@ -699,7 +699,7 @@
+ {
+ if (NULL == fh->f) {
+ char pipecommand[512];
+- sprintf(pipecommand, "%s %s %d %d",
++ snprintf(pipecommand, sizeof(pipecommand), "%s %s %d %d",
+ fh->fname,
+ dowrite ? "WRITE" : "READ",
+ act_connection, act_pid);
+Index: nwqconn.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwqconn.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- nwqconn.c 1999/01/28 06:24:10 1.1.1.2
++++ nwqconn.c 1999/09/27 07:51:49 1.2
+@@ -212,7 +212,7 @@
+ FILE *f=NULL;
+ if (prc_len && *(prc+prc_len-1)=='!'){
+ strmaxcpy((uint8*)buff, prc, prc_len-1);
+- sprintf(printcommand, "%s %s %s", buff,
++ snprintf(printcommand, sizeof(printcommand), "%s %s %s", buff,
+ qpa.banner_user_name, qpa.banner_file_name);
+ } else
+ strmaxcpy((uint8*)printcommand, prc, prc_len);
+Index: nwserv.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwserv.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- nwserv.c 1999/01/28 06:24:12 1.1.1.2
++++ nwserv.c 1999/09/27 07:51:49 1.2
+@@ -851,7 +851,7 @@
+ char inhalt4[500];
+ char dummy;
+ int anz;
+- if ((anz=sscanf((char*)buff, "%s %s %s %s", inhalt, inhalt2,
++ if ((anz=sscanf((char*)buff, "%500s %500s %500s %500s", inhalt, inhalt2,
+ inhalt3, inhalt4)) > 0) {
+ switch (what) {
+ case 2 : if (full) {
+@@ -1287,7 +1287,7 @@
+ int frame=-1;
+ uint32 netnum=0L;
+ char buf[256];
+- strcpy(buf, argv[j+2]);
++ strncpy(buf, argv[j+2], sizeof(buf)-1);
+ upstr(buf);
+ if (!strcmp(buf, "802.3"))
+ frame=IPX_FRAME_8023;
+Index: nwvolume.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/nwvolume.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- nwvolume.c 1999/01/28 06:24:13 1.1.1.2
++++ nwvolume.c 1999/09/27 07:51:49 1.2
+@@ -144,7 +144,7 @@
+ uint8 umode_filestr[256];
+ uint8 *p;
+ int len;
+- int founds = sscanf((char*)buff, "%s %s %s %s %s",
++ int founds = sscanf((char*)buff, "%256s %256s %256s %256s %256s",
+ sysname, unixname, optionstr, umode_dirstr, umode_filestr);
+ if (founds > 1) {
+ NW_VOL *vol=&(nw_volumes[used_nw_volumes]);
+@@ -341,9 +341,9 @@
+ flen = 0;
+ fname = "";
+ } else {
+- strcpy(fullname, unixname);
++ strncpy(fullname, unixname, sizeof(fullname)-1);
+ /* concatenation $HOME/ and add/on/ */
+- strcpy(fullname + homepathlen, nw_volumes[k].homeaddon);
++ strncpy(fullname + homepathlen, nw_volumes[k].homeaddon, sizeof(fullname)-homepathlen-1);
+ fname = fullname;
+ flen = homepathlen + nw_volumes[k].addonlen;
+ }
+@@ -666,10 +666,10 @@
+ uint8 trusteepath[500];
+ uint8 *p;
+ free_vol_trustee(v);
+- strcpy(trusteepath, path_trustees);
++ strncpy(trusteepath, path_trustees, sizeof(trusteepath)-1);
+ p=trusteepath+strlen(trusteepath);
+ *p++='/';
+- strcpy(p, v->sysname);
++ strncpy(p, v->sysname, sizeof(trusteepath)-strlen(p)-1);
+ p+=strlen(v->sysname);
+ *p++='/';
+ *p='\0';
+Index: trustee.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/trustee.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- trustee.c 1999/01/28 06:24:14 1.1.1.2
++++ trustee.c 1999/09/27 07:51:49 1.2
+@@ -283,7 +283,7 @@
+ char volname[100];
+ if (nw_get_volume_name(volume, volname) < 1) return;
+ U32_TO_BE32(inode, buf_uc);
+- sprintf(buf, "%s/%s/%x/%x/%x/%x/n.%x", path_trustees, volname,
++ snprintf(buf, sizeof(buf), "%s/%s/%x/%x/%x/%x/n.%x", path_trustees, volname,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -306,7 +306,7 @@
+ char volname[100];
+ if (nw_get_volume_name(volume, volname) < 1) return(-0xff);
+ U32_TO_BE32(inode, buf_uc);
+- l=sprintf(buf, "%s/%s/%x/%x/%x/%x/t.%x", path_trustees, volname,
++ l=snprintf(buf, sizeof(buf), "%s/%s/%x/%x/%x/%x/t.%x", path_trustees, volname,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -328,7 +328,7 @@
+ char volname[100];
+ if (nw_get_volume_name(volume, volname) < 1) return(result);
+ U32_TO_BE32(inode, buf_uc);
+- sprintf(buf, "%s/%s/%x/%x/%x/%x/t.%x/%x", path_trustees, volname,
++ snprintf(buf, sizeof(buf), "%s/%s/%x/%x/%x/%x/t.%x/%x", path_trustees, volname,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -351,7 +351,7 @@
+ int len;
+ unsigned int sernum=0;
+ if (nw_get_volume_name(volume, volname) < 1) return(-1);
+- sprintf(buf, "%s/%s/ts", path_trustees, volname);
++ snprintf(buf, sizeof(buf), "%s/%s/ts", path_trustees, volname);
+ len=readlink(buf, buf1, sizeof(buf1)-1);
+ if (len>0) {
+ buf1[len]='\0';
+@@ -380,7 +380,7 @@
+ char volname[100];
+ if (nw_get_volume_name(volume, volname) < 1) return;
+ U32_TO_BE32(inode, buf_uc);
+- len=sprintf(buf, "%s/%s/%x/%x/%x/%x/", path_trustees, volname,
++ len=snprintf(buf, sizeof(buf), "%s/%s/%x/%x/%x/%x/", path_trustees, volname,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -438,7 +438,7 @@
+
+ (void)nw_get_volume_name(volume, volname);
+
+- l=sprintf(buf, "%s/%s/%x/%x/%x/%x/t.%x", path_trustees, volname,
++ l=snprintf(buf, sizeof(buf), "%s/%s/%x/%x/%x/%x/t.%x", path_trustees, volname,
+ dev,
+ (int) buf_uc[0],
+ (int) buf_uc[1],
+@@ -458,7 +458,7 @@
+ int len;
+ unsigned int id;
+ if (1 == sscanf(dirbuff->d_name, "%x", &id)) {
+- strcpy(p, dirbuff->d_name);
++ strncpy(p, dirbuff->d_name, sizeof(buf)-l-1);
+ len=readlink(buf, btrustee, 254);
+ if (len > 0) {
+ unsigned int utrustee=0;
+Index: unxfile.c
+===================================================================
+RCS file: /usr/local/cvsrp/mars/unxfile.c,v
+retrieving revision 1.1.1.2
+retrieving revision 1.2
+diff -u -r1.1.1.2 -r1.2
+--- unxfile.c 1999/01/28 06:24:15 1.1.1.2
++++ unxfile.c 1999/09/27 07:51:49 1.2
+@@ -84,7 +84,7 @@
+ ( dirbuff->d_name[0] != '.'
+ || (dirbuff->d_name[1] != '\0' &&
+ (dirbuff->d_name[1] != '.' || dirbuff->d_name[2] != '\0')))) {
+- strcpy(p, dirbuff->d_name);
++ strncpy(p, dirbuff->d_name, len+300+len-1);
+ if (unlink(buf) && unx_xrmdir(buf)) {
+ errorp(1, "unx_xrmdir", "cannot remove '%s'", buf);
+ break;
+@@ -105,7 +105,7 @@
+ if (!stat(newname, &statb)) return(EEXIST);
+ if (stat(oldname, &statb)) return(-1);
+ else if (!S_ISDIR(statb.st_mode)) return(-1);
+- sprintf(command, "mv %s %s 2>&1 >/dev/null" , oldname, newname);
++ snprintf(command, sizeof(command)-1, "mv %s %s 2>&1 >/dev/null" , oldname, newname);
+ return(system(command));
+ }
+ #endif
Index: doc/README.FREEBSD
===================================================================
RCS file: /usr/local/cvsrp/mars/doc/README.FREEBSD,v
diff --git a/net/mars_nwe/pkg-plist b/net/mars_nwe/pkg-plist
index d3c746524dc1..8a1585d99c16 100644
--- a/net/mars_nwe/pkg-plist
+++ b/net/mars_nwe/pkg-plist
@@ -1,3 +1,4 @@
+etc/nwserv.conf.example
sbin/nwserv
sbin/ncpserv
sbin/nwbind
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 16:26:50 +0000