head 1.4; access; symbols pkgsrc-2026Q1:1.4.0.166 pkgsrc-2026Q1-base:1.4 pkgsrc-2025Q4:1.4.0.164 pkgsrc-2025Q4-base:1.4 pkgsrc-2025Q3:1.4.0.162 pkgsrc-2025Q3-base:1.4 pkgsrc-2025Q2:1.4.0.160 pkgsrc-2025Q2-base:1.4 pkgsrc-2025Q1:1.4.0.158 pkgsrc-2025Q1-base:1.4 pkgsrc-2024Q4:1.4.0.156 pkgsrc-2024Q4-base:1.4 pkgsrc-2024Q3:1.4.0.154 pkgsrc-2024Q3-base:1.4 pkgsrc-2024Q2:1.4.0.152 pkgsrc-2024Q2-base:1.4 pkgsrc-2024Q1:1.4.0.150 pkgsrc-2024Q1-base:1.4 pkgsrc-2023Q4:1.4.0.148 pkgsrc-2023Q4-base:1.4 pkgsrc-2023Q3:1.4.0.146 pkgsrc-2023Q3-base:1.4 pkgsrc-2023Q2:1.4.0.144 pkgsrc-2023Q2-base:1.4 pkgsrc-2023Q1:1.4.0.142 pkgsrc-2023Q1-base:1.4 pkgsrc-2022Q4:1.4.0.140 pkgsrc-2022Q4-base:1.4 pkgsrc-2022Q3:1.4.0.138 pkgsrc-2022Q3-base:1.4 pkgsrc-2022Q2:1.4.0.136 pkgsrc-2022Q2-base:1.4 pkgsrc-2022Q1:1.4.0.134 pkgsrc-2022Q1-base:1.4 pkgsrc-2021Q4:1.4.0.132 pkgsrc-2021Q4-base:1.4 pkgsrc-2021Q3:1.4.0.130 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.128 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.126 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.124 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.122 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.4.0.118 pkgsrc-2020Q2-base:1.4 pkgsrc-2020Q1:1.4.0.98 pkgsrc-2020Q1-base:1.4 pkgsrc-2019Q4:1.4.0.120 pkgsrc-2019Q4-base:1.4 pkgsrc-2019Q3:1.4.0.116 pkgsrc-2019Q3-base:1.4 pkgsrc-2019Q2:1.4.0.114 pkgsrc-2019Q2-base:1.4 pkgsrc-2019Q1:1.4.0.112 pkgsrc-2019Q1-base:1.4 pkgsrc-2018Q4:1.4.0.110 pkgsrc-2018Q4-base:1.4 pkgsrc-2018Q3:1.4.0.108 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.106 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.104 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.4.0.102 pkgsrc-2017Q4-base:1.4 pkgsrc-2017Q3:1.4.0.100 pkgsrc-2017Q3-base:1.4 pkgsrc-2017Q2:1.4.0.96 pkgsrc-2017Q2-base:1.4 pkgsrc-2017Q1:1.4.0.94 pkgsrc-2017Q1-base:1.4 pkgsrc-2016Q4:1.4.0.92 pkgsrc-2016Q4-base:1.4 pkgsrc-2016Q3:1.4.0.90 pkgsrc-2016Q3-base:1.4 pkgsrc-2016Q2:1.4.0.88 pkgsrc-2016Q2-base:1.4 pkgsrc-2016Q1:1.4.0.86 pkgsrc-2016Q1-base:1.4 pkgsrc-2015Q4:1.4.0.84 pkgsrc-2015Q4-base:1.4 pkgsrc-2015Q3:1.4.0.82 pkgsrc-2015Q3-base:1.4 pkgsrc-2015Q2:1.4.0.80 pkgsrc-2015Q2-base:1.4 pkgsrc-2015Q1:1.4.0.78 pkgsrc-2015Q1-base:1.4 pkgsrc-2014Q4:1.4.0.76 pkgsrc-2014Q4-base:1.4 pkgsrc-2014Q3:1.4.0.74 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.72 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.70 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.4.0.68 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.66 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.4.0.64 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.62 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.4.0.60 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.58 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.56 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.54 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.52 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.4.0.50 pkgsrc-2011Q3-base:1.4 pkgsrc-2011Q2:1.4.0.48 pkgsrc-2011Q2-base:1.4 pkgsrc-2011Q1:1.4.0.46 pkgsrc-2011Q1-base:1.4 pkgsrc-2010Q4:1.4.0.44 pkgsrc-2010Q4-base:1.4 pkgsrc-2010Q3:1.4.0.42 pkgsrc-2010Q3-base:1.4 pkgsrc-2010Q2:1.4.0.40 pkgsrc-2010Q2-base:1.4 pkgsrc-2010Q1:1.4.0.38 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.4.0.36 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.4.0.34 pkgsrc-2009Q3-base:1.4 pkgsrc-2009Q2:1.4.0.32 pkgsrc-2009Q2-base:1.4 pkgsrc-2009Q1:1.4.0.30 pkgsrc-2009Q1-base:1.4 pkgsrc-2008Q4:1.4.0.28 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.26 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.24 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.22 pkgsrc-2008Q2-base:1.4 cwrapper:1.4.0.20 pkgsrc-2008Q1:1.4.0.18 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.4.0.16 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.4.0.14 pkgsrc-2007Q3-base:1.4 pkgsrc-2007Q2:1.4.0.12 pkgsrc-2007Q2-base:1.4 pkgsrc-2007Q1:1.4.0.10 pkgsrc-2007Q1-base:1.4 pkgsrc-2006Q4:1.4.0.8 pkgsrc-2006Q4-base:1.4 pkgsrc-2006Q3:1.4.0.6 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.4.0.4 pkgsrc-2006Q2-base:1.4 pkgsrc-2006Q1:1.4.0.2 pkgsrc-2006Q1-base:1.4 pkgsrc-2005Q4:1.3.0.8 pkgsrc-2005Q4-base:1.3 pkgsrc-2005Q3:1.3.0.6 pkgsrc-2005Q3-base:1.3 pkgsrc-2005Q2:1.3.0.4 pkgsrc-2005Q2-base:1.3 pkgsrc-2005Q1:1.3.0.2; locks; strict; comment @# @; 1.4 date 2006.03.02.21.03.39; author wiz; state Exp; branches; next 1.3; 1.3 date 2005.04.13.17.00.14; author salo; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2005.04.13.16.36.07; author salo; state Exp; branches; next 1.1; 1.1 date 2005.04.13.16.19.59; author christos; state Exp; branches; next ; 1.3.2.1 date 2005.04.13.17.00.14; author snj; state dead; branches; next 1.3.2.2; 1.3.2.2 date 2005.04.14.04.42.23; author snj; state Exp; branches; next ; desc @@ 1.4 log @Update to 1.6: 16/09/2005 : V 1.6 - Removed the algorithm lightgreydomain as the new mxgrey does better and simpler - Removed the UPDATE option, now gld always update triplets. - Fixed a minor flaw in the MXGREY algorithm. - Now you can configure MXGREY to consider an ip as a safe MX after X succesful greylists instead of only 1 . (read gld.conf for details) - Now gld updates the counters only when mail is not greylisted - Added Training mode, read gld.conf for details - Now gld verify that if you supply a custom smtp code, it's a 4XX code otherwise gld discard it and use 450 . - If gld cannot connect to MySQL server on startup it will not refuse to run anymore, but will set keepdbopen to 0 and accept to run . - The sample config file provided now only listen to loopback only accept connection from localhost and runs as nobody/ nobody. WARNING: if you were using lightgreydomain algorithm, it has been discontinued use MXGREY in place, please read gld.conf for details. @ text @$NetBSD: patch-ab,v 1.3 2005/04/13 17:00:14 salo Exp $ --- greylist.c.orig 2005-09-16 11:52:41.000000000 +0200 +++ greylist.c @@@@ -20,8 +20,11 @@@@ pid=getpid(); ts=time(0); strncpy(oip,ip,sizeof(oip)-1); +oip[sizeof(oip)-1] = '\0'; strncpy(osender,sender,sizeof(osender)-1); +osender[sizeof(osender)-1] = '\0'; strncpy(orecipient,recipient,sizeof(orecipient)-1); +orecipient[sizeof(orecipient)-1] = '\0'; if(conf->debug==1) printf("%d: Starting the greylist algo\n",pid); @@@@ -97,6 +100,7 @@@@ if(conf->whitelist==1) if(domain==NULL) domain=osender; strncpy(netw,oip,sizeof(netw)-1); + netw[sizeof(netw)-1] = '\0'; l=strlen(netw); for(i=l-1;i>=0;i--) { @@@@ -127,7 +131,7 @@@@ if(conf->dnswl[0]!=0) if(x==4) { snprintf(query,sizeof(query)-1,"%d.%d.%d.%d.%s",d,c,b,a,conf->dnswl); - n=DnsIp(query,NULL); + n=DnsIp(query,NULL, 0); if(conf->debug==1) printf("%d: DNSQuery=(%s) result=%ld\n",pid,query,n); if(n==0) { @ 1.3 log @Put the correct content into patch-ab.. *sigh* @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.1 2005/04/13 16:19:59 christos Exp $ d3 3 a5 3 --- greylist.c.orig 2005-04-13 05:26:10.000000000 -0400 +++ greylist.c 2005-04-13 12:03:39.000000000 -0400 @@@@ -21,8 +21,11 @@@@ d17 2 a18 2 @@@@ -68,10 +71,18 @@@@ if(conf->debug==1) printf("%d: lightgrey on domain is on, let's keep the domain only on recipient and sender\n",pid); d20 14 a33 35 domain=(char *)strstr(osender,"@@"); - if(domain!=NULL) strncpy(sender,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(sender,domain,BLEN-1); + sender[BLEN-1] = '\0'; + } domain=(char *)strstr(orecipient,"@@"); - if(domain!=NULL) strncpy(recipient,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(recipient,domain,BLEN-1); + recipient[BLEN-1] = '\0'; + } } // @@@@ -119,6 +130,7 @@@@ if(domain==NULL) domain=osender; strncpy(netw,oip,sizeof(netw)-1); + netw[sizeof(netw)-1] = '\0'; l=strlen(netw); for(i=l-1;i>=0;i--) if(netw[i]=='.') @@@@ -148,7 +160,7 @@@@ if(x==4) { snprintf(query,sizeof(query)-1,"%d.%d.%d.%d.%s",d,c,b,a,conf->dnswl); - n=DnsIp(query,NULL); + n=DnsIp(query,NULL, 0); if(conf->debug==1) printf("%d: DNSQuery=(%s) result=%ld\n",pid,query,n); if(n==0) { @ 1.3.2.1 log @file patch-ab was added on branch pkgsrc-2005Q1 on 2005-04-13 17:00:14 +0000 @ text @d1 54 @ 1.3.2.2 log @Pullup ticket 440 - requested by Lubomir Sedlacik security fix for gld Revisions pulled up: - pkgsrc/mail/gld/Makefile 1.5, 1.6 - pkgsrc/mail/gld/MESSAGE 1.4 - pkgsrc/mail/gld/PLIST 1.2 - pkgsrc/mail/gld/distinfo 1.3, 1.4, 1.5, 1.6, 1.7, 1.8 - pkgsrc/mail/gld/patches/patch-aa 1.2, 1.3, 1.4, 1.5 - pkgsrc/mail/gld/patches/patch-ab 1.1, 1.2, 1.3 - pkgsrc/mail/gld/patches/patch-ac 1.1 - pkgsrc/mail/gld/patches/patch-ad 1.1 - pkgsrc/mail/gld/patches/patch-ae 1.1 - pkgsrc/mail/gld/patches/patch-af 1.1 Module Name: pkgsrc Committed By: christos Date: Wed Apr 13 16:19:59 UTC 2005 Modified Files: pkgsrc/mail/gld: Makefile distinfo pkgsrc/mail/gld/patches: patch-aa Added Files: pkgsrc/mail/gld/patches: patch-ab Log Message: Update to 1.5 to fix security vulnerability issues. - Add more patches to totally eliminate strcpy(); this code is horrible. ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 16:36:07 UTC 2005 Modified Files: pkgsrc/mail/gld: distinfo pkgsrc/mail/gld/patches: patch-ab Added Files: pkgsrc/mail/gld/patches: patch-ac patch-ad patch-ae patch-af Log Message: Split patch-ab to one patch per file. ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 16:42:43 UTC 2005 Modified Files: pkgsrc/mail/gld: Makefile Log Message: Remove PKGREVISION. ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 17:00:14 UTC 2005 Modified Files: pkgsrc/mail/gld: distinfo pkgsrc/mail/gld/patches: patch-ab Log Message: Put the correct content into patch-ab.. *sigh* ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 17:07:49 UTC 2005 Modified Files: pkgsrc/mail/gld: PLIST distinfo pkgsrc/mail/gld/patches: patch-aa Log Message: Fix installation of sql scripts. This package needs more work.. (e.g., pgsql support) ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 17:12:08 UTC 2005 Modified Files: pkgsrc/mail/gld: distinfo pkgsrc/mail/gld/patches: patch-aa Log Message: Install all the correct files.. ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 17:14:01 UTC 2005 Modified Files: pkgsrc/mail/gld: distinfo pkgsrc/mail/gld/patches: patch-aa Log Message: Add rcsid. ---- Module Name: pkgsrc Committed By: salo Date: Wed Apr 13 17:30:28 UTC 2005 Modified Files: pkgsrc/mail/gld: MESSAGE Log Message: Point to the correct sql script. XXX: this should be reworked when pgsql support is added Style. @ text @a0 54 $NetBSD: patch-ab,v 1.3.2.1 2005/04/14 04:42:23 snj Exp $ --- greylist.c.orig 2005-04-13 05:26:10.000000000 -0400 +++ greylist.c 2005-04-13 12:03:39.000000000 -0400 @@@@ -21,8 +21,11 @@@@ ts=time(0); strncpy(oip,ip,sizeof(oip)-1); +oip[sizeof(oip)-1] = '\0'; strncpy(osender,sender,sizeof(osender)-1); +osender[sizeof(osender)-1] = '\0'; strncpy(orecipient,recipient,sizeof(orecipient)-1); +orecipient[sizeof(orecipient)-1] = '\0'; if(conf->debug==1) printf("%d: Starting the greylist algo\n",pid); @@@@ -68,10 +71,18 @@@@ if(conf->debug==1) printf("%d: lightgrey on domain is on, let's keep the domain only on recipient and sender\n",pid); domain=(char *)strstr(osender,"@@"); - if(domain!=NULL) strncpy(sender,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(sender,domain,BLEN-1); + sender[BLEN-1] = '\0'; + } domain=(char *)strstr(orecipient,"@@"); - if(domain!=NULL) strncpy(recipient,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(recipient,domain,BLEN-1); + recipient[BLEN-1] = '\0'; + } } // @@@@ -119,6 +130,7 @@@@ if(domain==NULL) domain=osender; strncpy(netw,oip,sizeof(netw)-1); + netw[sizeof(netw)-1] = '\0'; l=strlen(netw); for(i=l-1;i>=0;i--) if(netw[i]=='.') @@@@ -148,7 +160,7 @@@@ if(x==4) { snprintf(query,sizeof(query)-1,"%d.%d.%d.%d.%s",d,c,b,a,conf->dnswl); - n=DnsIp(query,NULL); + n=DnsIp(query,NULL, 0); if(conf->debug==1) printf("%d: DNSQuery=(%s) result=%ld\n",pid,query,n); if(n==0) { @ 1.2 log @Split patch-ab to one patch per file. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 14 --- sockets.h.orig 2005-04-13 12:13:23.000000000 -0400 +++ sockets.h 2005-04-13 12:06:34.000000000 -0400 @@@@ -118,10 +118,10 @@@@ /* DNS functions */ -int DnsIp(char *host,char *ip); -int DnsFQDN(char *host,char *fqdn); -int DnsName(char *ip,char *fqdn); -void GetPeerIp(int sock,char *ip,char *fqdn); +int DnsIp(char *host,char *ip,size_t); +int DnsFQDN(char *host,char *fqdn,size_t); +int DnsName(char *ip,char *fqdn,size_t); +void GetPeerIp(int sock,char *ip,size_t,char *fqdn,size_t); d7 7 a13 1 /* Special Functions */ d15 40 @ 1.1 log @Update to 1.5 to fix security vulnerability issues. - Add more patches to totally eliminate strcpy(); this code is horrible. @ text @a2 287 --- greylist.c.orig 2005-04-13 05:26:10.000000000 -0400 +++ greylist.c 2005-04-13 12:03:39.000000000 -0400 @@@@ -21,8 +21,11 @@@@ ts=time(0); strncpy(oip,ip,sizeof(oip)-1); +oip[sizeof(oip)-1] = '\0'; strncpy(osender,sender,sizeof(osender)-1); +osender[sizeof(osender)-1] = '\0'; strncpy(orecipient,recipient,sizeof(orecipient)-1); +orecipient[sizeof(orecipient)-1] = '\0'; if(conf->debug==1) printf("%d: Starting the greylist algo\n",pid); @@@@ -68,10 +71,18 @@@@ if(conf->debug==1) printf("%d: lightgrey on domain is on, let's keep the domain only on recipient and sender\n",pid); domain=(char *)strstr(osender,"@@"); - if(domain!=NULL) strncpy(sender,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(sender,domain,BLEN-1); + sender[BLEN-1] = '\0'; + } domain=(char *)strstr(orecipient,"@@"); - if(domain!=NULL) strncpy(recipient,domain,BLEN-1); + if(domain!=NULL) + { + strncpy(recipient,domain,BLEN-1); + recipient[BLEN-1] = '\0'; + } } // @@@@ -119,6 +130,7 @@@@ if(domain==NULL) domain=osender; strncpy(netw,oip,sizeof(netw)-1); + netw[sizeof(netw)-1] = '\0'; l=strlen(netw); for(i=l-1;i>=0;i--) if(netw[i]=='.') @@@@ -148,7 +160,7 @@@@ if(x==4) { snprintf(query,sizeof(query)-1,"%d.%d.%d.%d.%s",d,c,b,a,conf->dnswl); - n=DnsIp(query,NULL); + n=DnsIp(query,NULL, 0); if(conf->debug==1) printf("%d: DNSQuery=(%s) result=%ld\n",pid,query,n); if(n==0) { --- cnf.c.orig 2005-04-13 12:06:54.000000000 -0400 +++ cnf.c 2005-04-13 12:11:51.000000000 -0400 @@@@ -36,11 +36,16 @@@@ // We set the default values -strcpy(conf->sqlhost,"localhost"); -strcpy(conf->sqluser,"myuser"); -strcpy(conf->sqldb,"mydb"); -strcpy(conf->sqlpasswd,"mypasswd"); -strcpy(conf->message,"Greylisted"); +strncpy(conf->sqlhost,"localhost",sizeof(conf->sqlhost)-1); +conf->sqlhost[sizeof(conf->sqlhost)-1] = '\0'; +strncpy(conf->sqluser,"myuser",sizeof(conf->sqluser)-1); +conf->sqluser[sizeof(conf->sqluser)-1] = '\0'; +strncpy(conf->sqldb,"mydb",sizeof(conf->sqldb)-1); +conf->sqldb[sizeof(conf->sqldb)-1] = '\0'; +strncpy(conf->sqlpasswd,"mypasswd",sizeof(conf->sqlpasswd)-1); +conf->sqlpasswd[sizeof(conf->sqlpasswd)-1] = '\0'; +strncpy(conf->message,"Greylisted",sizeof(conf->message)-1); +conf->message[sizeof(conf->message)-1] = '\0'; conf->port=2525; conf->maxcon=100; conf->mini=60; @@@@ -73,14 +78,46 @@@@ buffer[strlen(buffer)-1]=0; *p=0; if(strcmp(buffer,"CLIENTS")==0) ReadClients(conf,p+1); - if(strcmp(buffer,"USER")==0) strcpy(conf->user,p+1); - if(strcmp(buffer,"GROUP")==0) strcpy(conf->grp,p+1); - if(strcmp(buffer,"DNSWL")==0) strcpy(conf->dnswl,p+1); - if(strcmp(buffer,"SQLHOST")==0) strcpy(conf->sqlhost,p+1); - if(strcmp(buffer,"SQLUSER")==0) strcpy(conf->sqluser,p+1); - if(strcmp(buffer,"SQLDB")==0) strcpy(conf->sqldb,p+1); - if(strcmp(buffer,"SQLPASSWD")==0) strcpy(conf->sqlpasswd,p+1); - if(strcmp(buffer,"MESSAGE")==0) strcpy(conf->message,p+1); + if(strcmp(buffer,"USER")==0) + { + strncpy(conf->user,p+1,sizeof(conf->user)-1); + conf->user[sizeof(conf->user)-1] = '\0'; + } + if(strcmp(buffer,"GROUP")==0) + { + strncpy(conf->grp,p+1,sizeof(conf->grp)-1); + conf->grp[sizeof(conf->grp)-1] = '\0'; + } + if(strcmp(buffer,"DNSWL")==0) + { + strncpy(conf->dnswl,p+1,sizeof(conf->dnswl)-1); + conf->dnswl[sizeof(conf->dnswl)-1] = '\0'; + } + if(strcmp(buffer,"SQLHOST")==0) + { + strncpy(conf->sqlhost,p+1,sizeof(conf->sqlhost)-1); + conf->sqlhost[sizeof(conf->sqlhost)-1] = '\0'; + } + if(strcmp(buffer,"SQLUSER")==0) + { + strncpy(conf->sqluser,p+1,sizeof(conf->sqluser)-1); + conf->sqluser[sizeof(conf->sqluser)-1] = '\0'; + } + if(strcmp(buffer,"SQLDB")==0) + { + strncpy(conf->sqldb,p+1,sizeof(conf->sqldb)-1); + conf->sqldb[sizeof(conf->sqldb)-1] = '\0'; + } + if(strcmp(buffer,"SQLPASSWD")==0) + { + strncpy(conf->sqlpasswd,p+1,sizeof(conf->sqlpasswd)-1); + conf->sqlpasswd[sizeof(conf->sqlpasswd)-1] = '\0'; + } + if(strcmp(buffer,"MESSAGE")==0) + { + strncpy(conf->message,p+1,sizeof(conf->message)-1); + conf->message[sizeof(conf->message)-1] = '\0'; + } if(strcmp(buffer,"PORT")==0) conf->port=atoi(p+1); if(strcmp(buffer,"MAXCON")==0) conf->maxcon=atoi(p+1); if(strcmp(buffer,"MINTIME")==0) conf->mini=atol(p+1); --- server.c.orig 2005-04-13 03:28:29.000000000 -0400 +++ server.c 2005-04-13 12:15:36.000000000 -0400 @@@@ -208,7 +208,7 @@@@ int pid; pid=getpid(); -GetPeerIp(s,ip,buff); +GetPeerIp(s,ip,BLEN,buff,BLEN); // // We check if this IP is authorized to connect to us @@@@ -261,21 +261,34 @@@@ // Now, we are sure our buffer string length is no more than BLEN // as all parameters are defined also as buffers with a BLEN size // no buffer overflow is possible using strcpy . + // But what's the point. Protect it anyway. // if(strcmp(buff,"")==0) break; if(strncmp(buff,"request=",8)==0) - strcpy(request,buff+8); + { + strncpy(request,buff+8, sizeof(request)-1); + request[sizeof(request)-1] = '\0'; + } if(strncmp(buff,"sender=",7)==0) - strcpy(sender,buff+7); + { + strncpy(sender,buff+7, sizeof(sender)-1); + sender[sizeof(sender)-1] = '\0'; + } if(strncmp(buff,"recipient=",10)==0) - strcpy(recipient,buff+10); + { + strncpy(recipient,buff+10, sizeof(recipient)-1); + recipient[sizeof(recipient)-1] = '\0'; + } if(strncmp(buff,"client_address=",15)==0) - strcpy(ip,buff+15); + { + strncpy(ip,buff+15,sizeof(ip)-1); + ip[sizeof(ip)-1] = '\0'; + } } @@@@ -300,7 +313,11 @@@@ // Now, we can safely use, str** functions // -if(sender[0]==0) strcpy(sender,"void@@void"); +if(sender[0]==0) + { + strncpy(sender,"void@@void",sizeof(sender)-1); + sender[sizeof(sender)-1] = '\0'; + } if(strcmp(request,REQ)!=0 || recipient[0]==0 || ip[0]==0) { --- sockets.c.orig 2004-10-12 08:39:34.000000000 -0400 +++ sockets.c 2005-04-13 12:06:13.000000000 -0400 @@@@ -540,7 +540,7 @@@@ /* */ /************************************************/ -int DnsIp(char *host,char *ip) +int DnsIp(char *host,char *ip, size_t len) { struct hostent *hostptr; struct in_addr *ptr; @@@@ -552,7 +552,11 @@@@ ptr=(struct in_addr *) *hostptr->h_addr_list; -if(ip!=NULL) strcpy(ip,(char *)inet_ntoa(*ptr)); +if(ip!=NULL) + { + strncpy(ip,(char *)inet_ntoa(*ptr), len - 1); + ip[len-1] = '\0'; + } return(0); } @@@@ -572,13 +576,14 @@@@ /* */ /************************************************/ -int DnsFQDN(char *host,char *fqdn) +int DnsFQDN(char *host,char *fqdn, size_t len) { struct hostent *hostptr; if((hostptr=(struct hostent *)gethostbyname(host))==NULL) return(S_HOST_ERR); -strcpy(fqdn,hostptr->h_name); +strncpy(fqdn,hostptr->h_name, len-1); +fqdn[len-1] = '\0'; return(0); } @@@@ -599,7 +604,7 @@@@ /* */ /************************************************/ -int DnsName(char *ip,char *fqdn) +int DnsName(char *ip,char *fqdn, size_t len) { struct hostent *hostptr; @@@@ -609,7 +614,8 @@@@ if((hostptr=(struct hostent *)gethostbyaddr((char *)&addr,sizeof(struct in_addr),AF_INET))==NULL) return(S_HOST_ERR); -strcpy(fqdn,hostptr->h_name); +strncpy(fqdn,hostptr->h_name, len-1); +fqdn[len-1] = '\0'; return(0); } @@@@ -631,20 +637,27 @@@@ /* */ /************************************************/ -void GetPeerIp(int sock,char *ipfrom,char *hostfrom) +void GetPeerIp(int sock,char *ipfrom, size_t lip, char *hostfrom, size_t hip) { struct sockaddr_in from; size_t foo=sizeof(struct sockaddr_in); struct hostent *hostptr; -strcpy(ipfrom,"???.???.???.???"); -strcpy(hostfrom,"?????"); +strncpy(ipfrom,"???.???.???.???", lip-1); +ipfrom[lip-1] = '\0'; +strncpy(hostfrom,"?????", hip-1); +hostfrom[hip-1] = '\0'; if (getpeername(sock,(struct sockaddr *)&from, &foo) == 0) { - strcpy(ipfrom,(char *)inet_ntoa(from.sin_addr)); + strncpy(ipfrom,(char *)inet_ntoa(from.sin_addr), lip-1); + ipfrom[lip-1] = '\0'; hostptr=(struct hostent *)gethostbyaddr((char *)&from.sin_addr,sizeof(struct in_addr),AF_INET); - if(hostptr!=NULL) strcpy(hostfrom,hostptr->h_name); + if(hostptr!=NULL) + { + strncpy(hostfrom,hostptr->h_name, hip-1); + hostfrom[hip-1] = '\0'; + } } } @