Skip to content

Commit

Permalink
refactoring + security: avoid overflow
Browse files Browse the repository at this point in the history
  • Loading branch information
shlomif committed Apr 29, 2020
1 parent 540c495 commit fe182a2
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 26 deletions.
2 changes: 1 addition & 1 deletion fortune-mod/ChangeLog
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ February 23, 2020 (fortune-mod 2.14.0)

December 18, 2019 (fortune-mod 2.12.0)

Extract rinutils as aa package and require it as a dep:
Extract rinutils as a package and require it as a dep:
https://github.com/shlomif/rinutils/ .

Move some jokes to the offensive collection:
Expand Down
2 changes: 2 additions & 0 deletions fortune-mod/util/fortune-mod-common.h
Original file line number Diff line number Diff line change
Expand Up @@ -64,3 +64,5 @@
#define srandom(x) srand(x)
#define sleep(n) Sleep((n)*1000)
#endif
#include <rinutils/count.h>
#include <rinutils/unused.h>
27 changes: 12 additions & 15 deletions fortune-mod/util/randstr.c
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,9 @@
*/

#include "fortune-mod-common.h"
#include <rinutils/count.h>
#include <rinutils/unused.h>

char *Infile, /* name of input file */
Datafile[MAXPATHLEN], /* name of data file */
Delimch; /* delimiter character */
char *input_filename, data_filename[MAXPATHLEN],
Delimch; /* delimiter character */

FILE *Inf, *Dataf, *Outf;

Expand All @@ -104,22 +101,22 @@ static void getargs(char *av[])

if (*av)
{
Infile = *av;
if (strlen(Infile) > COUNT(Datafile) - 10)
input_filename = *av;
if (strlen(input_filename) > COUNT(data_filename) - 10)
{
perror("input is too long");
exit(1);
}
/* Hmm. Don't output anything if we can help it.
* fprintf(stderr, "Input file: %s\n",Infile); */
char *const extc = strrchr(Infile, '.');
* fprintf(stderr, "Input file: %s\n",input_filename); */
char *const extc = strrchr(input_filename, '.');
if (!extc)
{
sprintf(Datafile, "%s.dat", Infile);
sprintf(data_filename, "%s.dat", input_filename);
}
else
{
strcpy(Datafile, Infile);
strcpy(data_filename, input_filename);
*extc = '\0';
}
}
Expand Down Expand Up @@ -191,14 +188,14 @@ int main(int ac GCC_UNUSED, char **av)
static STRFILE tbl; /* description table */

getargs(av);
if ((Inf = fopen(Infile, "r")) == NULL)
if ((Inf = fopen(input_filename, "r")) == NULL)
{
perror(Infile);
perror(input_filename);
exit(1);
}
if ((Dataf = fopen(Datafile, "r")) == NULL)
if ((Dataf = fopen(data_filename, "r")) == NULL)
{
perror(Datafile);
perror(data_filename);
exit(1);
}
if (!fread((char *)&tbl, sizeof tbl, 1, Dataf))
Expand Down
1 change: 0 additions & 1 deletion fortune-mod/util/strfile.c
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@
*/

#include "fortune-mod-common.h"
#include <rinutils/count.h>

/*
* This program takes a file composed of strings separated by
Expand Down
21 changes: 12 additions & 9 deletions fortune-mod/util/unstr.c
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,8 @@ static char sccsid[] = "@(#)unstr.c 8.1 (Berkeley) 5/31/93";

#include "fortune-mod-common.h"

static char *input_filename, Datafile[MAXPATHLEN], /* name of data file */
Delimch, /* delimiter character */
static char *input_filename, data_filename[MAXPATHLEN],
Delimch, /* delimiter character */
output_filename[MAXPATHLEN];

static char NewDelch = '\0'; /* a replacement delimiter character */
Expand All @@ -102,7 +102,6 @@ static FILE *Inf, *Dataf, *Outf;
/* ARGSUSED */
static void getargs(int ac, char *av[])
{
char *extc;
int ch;

while ((ch = getopt(ac, av, "c:")) != EOF)
Expand All @@ -129,15 +128,19 @@ static void getargs(int ac, char *av[])
{
input_filename = *av;
fprintf(stderr, "Input file: %s\n", input_filename);
if (strlen(input_filename) > COUNT(data_filename) - 10)
{
perror("input is too long");
exit(1);
}
if (!strrchr(input_filename, '.'))
{
strcpy(Datafile, input_filename);
strcat(Datafile, ".dat");
sprintf(data_filename, "%s.dat", input_filename);
}
else
{
strcpy(Datafile, input_filename);
extc = strrchr(input_filename, '.');
strcpy(data_filename, input_filename);
char *extc = strrchr(input_filename, '.');
*extc = '\0';
}
if (*++av)
Expand Down Expand Up @@ -206,9 +209,9 @@ int main(int ac, char **av)
perror(input_filename);
exit(1);
}
if ((Dataf = fopen(Datafile, "r")) == NULL)
if ((Dataf = fopen(data_filename, "r")) == NULL)
{
perror(Datafile);
perror(data_filename);
exit(1);
}
if (*output_filename == '\0')
Expand Down

0 comments on commit fe182a2

Please sign in to comment.