You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
167 lines
6.1 KiB
167 lines
6.1 KiB
https://sourceforge.net/p/vpopmail/patches/98/
|
|
|
|
--- a/vpopmaild.c (revision 998)
|
|
+++ b/vpopmaild.c (working copy)
|
|
@@ -1326,7 +1326,7 @@
|
|
}
|
|
}
|
|
snprintf(newpath, MAXPATH, "%s",myvpw->pw_dir);
|
|
- strncat(newpath, &path[i], MAXPATH );
|
|
+ strncat(newpath, &path[i], MAXPATH-strlen(newpath)-1);
|
|
} else { /* may be domain name */
|
|
for(i=0;path[i]!='/'&&path[i]!=0&&i<256;++i) {
|
|
thedomain[i] = path[i];
|
|
@@ -1337,7 +1337,7 @@
|
|
return(9);
|
|
}
|
|
snprintf(newpath, MAXPATH, "%s", thedir);
|
|
- strncat(newpath, &path[i], MAXPATH );
|
|
+ strncat(newpath, &path[i], MAXPATH-strlen(newpath)-1);
|
|
}
|
|
}
|
|
|
|
@@ -1459,23 +1459,23 @@
|
|
}
|
|
snprintf( WriteBuf, sizeof(WriteBuf), "%s", mydirent->d_name);
|
|
if ( S_ISREG(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," file", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," file", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISDIR(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," dir", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," dir", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISCHR(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," chardev", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," chardev", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISBLK(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," blkdev", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," blkdev", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISFIFO(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," fifo", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," fifo", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISLNK(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," link", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," link", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else if ( S_ISSOCK(statbuf.st_mode ) ) {
|
|
- strncat(WriteBuf," sock", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," sock", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else {
|
|
- strncat(WriteBuf," unknown", sizeof(WriteBuf));
|
|
+ strncat(WriteBuf," unknown", sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
}
|
|
- strncat(WriteBuf,RET_CRLF, sizeof(WriteBuf));
|
|
+ strncat(WriteBuf,RET_CRLF, sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
wait_write();
|
|
}
|
|
if ( closedir(mydir) < 0 ) {
|
|
@@ -1604,7 +1604,7 @@
|
|
while(fgets(tmpbuf,sizeof(tmpbuf),fs)!=NULL){
|
|
if ( strcmp(tmpbuf, "." RET_CRLF) == 0 || strcmp(tmpbuf, ".\n") == 0 ) {
|
|
snprintf(WriteBuf, sizeof(WriteBuf), "%s", ".");
|
|
- strncat(WriteBuf, tmpbuf, sizeof(WriteBuf));
|
|
+ strncat(WriteBuf, tmpbuf, sizeof(WriteBuf)-strlen(WriteBuf)-1);
|
|
} else {
|
|
memcpy(WriteBuf,tmpbuf,sizeof(tmpbuf));
|
|
}
|
|
--- a/vmysql.c (revision 998)
|
|
+++ b/vmysql.c (working copy)
|
|
@@ -731,7 +731,7 @@
|
|
);
|
|
|
|
if ( sortit == 1 ) {
|
|
- strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE);
|
|
+ strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE-strlen(SqlBufRead)-1);
|
|
}
|
|
|
|
if (res_read!=NULL) mysql_free_result(res_read_getall);
|
|
--- a/vldap.c (revision 998)
|
|
+++ b/vldap.c (working copy)
|
|
@@ -1022,7 +1022,7 @@
|
|
|
|
/* if we are lucky the domain is in the assign file */
|
|
if ( vget_assign(domain,dir_control_file,MAX_DIR_NAME,NULL,NULL)!=NULL ) {
|
|
- strncat(dir_control_file, "/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file, "/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
|
|
/* it isn't in the assign file so we have to get it from /etc/passwd */
|
|
} else {
|
|
@@ -1041,7 +1041,7 @@
|
|
}
|
|
|
|
/* stick on the rest of the path */
|
|
- strncat(dir_control_file, "/" DOMAINS_DIR "/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file, "/" DOMAINS_DIR "/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
}
|
|
return(dir_control_file);
|
|
}
|
|
@@ -1177,7 +1177,7 @@
|
|
char dir_control_file[MAX_DIR_NAME];
|
|
|
|
vget_assign(domain, dir_control_file, 156, NULL,NULL);
|
|
- strncat(dir_control_file,"/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file,"/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
return(unlink(dir_control_file));
|
|
}
|
|
|
|
--- a/vpopmail.c (revision 998)
|
|
+++ b/vpopmail.c (working copy)
|
|
@@ -1900,8 +1900,8 @@
|
|
|
|
// Copy the rest of the terms into the domain name
|
|
for(j=1;j<i;j++) {
|
|
- strncat( domain, ".", MAX_BUFF );
|
|
- strncat( domain, parts[j], MAX_BUFF );
|
|
+ strncat( domain, ".", MAX_BUFF-strlen(domain)-1);
|
|
+ strncat( domain, parts[j], MAX_BUFF-strlen(domain)-1);
|
|
}
|
|
|
|
}
|
|
--- a/vcdb.c (revision 998)
|
|
+++ b/vcdb.c (working copy)
|
|
@@ -271,7 +271,7 @@
|
|
}
|
|
|
|
strncpy(line,user,sizeof(line));
|
|
- strncat(line,":",sizeof(line));
|
|
+ strncat(line,":",sizeof(line)-strlen(line)-1);
|
|
ptr = line;
|
|
while (*ptr != ':') { ptr++; }
|
|
ptr++;
|
|
@@ -1055,7 +1055,7 @@
|
|
char dir_control_file[MAX_DIR_NAME];
|
|
|
|
vget_assign(domain, dir_control_file, 156, NULL,NULL);
|
|
- strncat(dir_control_file,"/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file,"/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
return(unlink(dir_control_file));
|
|
}
|
|
|
|
@@ -1120,7 +1120,7 @@
|
|
|
|
/* if we are lucky the domain is in the assign file */
|
|
if ( vget_assign(domain,dir_control_file,MAX_DIR_NAME,NULL,NULL)!=NULL ) {
|
|
- strncat(dir_control_file, "/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file, "/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
|
|
/* it isn't in the assign file so we have to get it from /etc/passwd */
|
|
} else {
|
|
@@ -1139,7 +1139,7 @@
|
|
}
|
|
|
|
/* stick on the rest of the path */
|
|
- strncat(dir_control_file, "/" DOMAINS_DIR "/.dir-control", MAX_DIR_NAME);
|
|
+ strncat(dir_control_file, "/" DOMAINS_DIR "/.dir-control", MAX_DIR_NAME-strlen(dir_control_file)-1);
|
|
}
|
|
return(dir_control_file);
|
|
}
|
|
--- a/vpgsql.c (revision 998)
|
|
+++ b/vpgsql.c (working copy)
|
|
@@ -522,7 +522,7 @@
|
|
#endif
|
|
);
|
|
if ( sortit == 1 ) {
|
|
- strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE);
|
|
+ strncat( SqlBufRead, " order by pw_name", SQL_BUF_SIZE-strlen(SqlBufRead)-1);
|
|
}
|
|
if ( pgres ) { /* reset state if we had previous result */
|
|
PQclear(pgres); // clear previous result
|