mirror of
https://github.com/rfc1036/whois.git
synced 2026-04-03 06:40:52 +00:00
91 lines
3.0 KiB
Diff
91 lines
3.0 KiB
Diff
The gentoo people submitted this patch. I'm not applying it as it makes
|
|
the code harder to understand with no major gain and without being a
|
|
fully correct fix.
|
|
|
|
diff -Nru whois-4.6.6.orig/whois.c whois-4.6.6/whois.c
|
|
--- whois-4.6.6.orig/whois.c 2003-06-15 12:36:52.000000000 -0400
|
|
+++ whois-4.6.6/whois.c 2003-08-11 02:15:30.000000000 -0400
|
|
@@ -73,12 +73,12 @@
|
|
/* RIPE flags */
|
|
if (strchr(ripeflags, ch)) {
|
|
for (p = fstring; *p; p++);
|
|
- sprintf(p--, "-%c ", ch);
|
|
+ snprintf(p--, sizeof(fstring), "-%c ", ch);
|
|
continue;
|
|
}
|
|
if (strchr(ripeflagsp, ch)) {
|
|
for (p = fstring; *p; p++);
|
|
- sprintf(p--, "-%c %s ", ch, optarg);
|
|
+ snprintf(p--, sizeof(fstring), "-%c %s ", ch, optarg);
|
|
if (ch == 't' || ch == 'v' || ch == 'q')
|
|
nopar = 1;
|
|
continue;
|
|
@@ -132,10 +132,10 @@
|
|
while (1) {
|
|
qslen += strlen(*argv) + 1 + 1;
|
|
qstring = realloc(qstring, qslen);
|
|
- strcat(qstring, *argv++);
|
|
+ strncat(qstring, *argv++, qslen-1);
|
|
if (argc == 1)
|
|
break;
|
|
- strcat(qstring, " ");
|
|
+ strncat(qstring, " ", qslen);
|
|
argc--;
|
|
}
|
|
}
|
|
@@ -401,10 +401,13 @@
|
|
{
|
|
char *buf;
|
|
int i, isripe = 0;
|
|
+ int buflen = 0;
|
|
|
|
/* +10 for CORE; +2 for \r\n; +1 for NULL */
|
|
- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4
|
|
- + 10 + 2 + 1);
|
|
+ buflen = (strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 10 + 2 + 1);
|
|
+
|
|
+ buf = malloc(buflen);
|
|
+
|
|
*buf = '\0';
|
|
for (i = 0; ripe_servers[i]; i++)
|
|
if (strcmp(server, ripe_servers[i]) == 0) {
|
|
@@ -426,23 +429,23 @@
|
|
if (*flags) {
|
|
if (!isripe && strcmp(server, "whois.corenic.net") != 0)
|
|
puts(_("Warning: RIPE flags used with a traditional server."));
|
|
- strcat(buf, flags);
|
|
+ strncat(buf, flags, buflen);
|
|
}
|
|
/* FIXME: /e is not applied to .JP ASN */
|
|
if (!isripe && (strcmp(server, "whois.nic.mil") == 0 ||
|
|
strcmp(server, "whois.nic.ad.jp") == 0) &&
|
|
strncasecmp(query, "AS", 2) == 0 && isasciidigit(query[2]))
|
|
- sprintf(buf, "AS %s", query + 2); /* fix query for DDN */
|
|
+ snprintf(buf, buflen, "AS %s", query + 2); /* fix query for DDN */
|
|
else if (!isripe && strcmp(server, "whois.corenic.net") == 0)
|
|
- sprintf(buf, "--machine %s", query); /* machine readable output */
|
|
+ snprintf(buf, buflen, "--machine %s", query); /* machine readable output */
|
|
else if (!isripe && strcmp(server, "whois.nic.ad.jp") == 0) {
|
|
char *lang = getenv("LANG"); /* not a perfect check, but... */
|
|
if (!lang || (strncmp(lang, "ja", 2) != 0))
|
|
- sprintf(buf, "%s/e", query); /* ask for english text */
|
|
+ snprintf(buf, buflen, "%s/e", query); /* ask for english text */
|
|
else
|
|
- strcat(buf, query);
|
|
+ strncat(buf, query, buflen);
|
|
} else
|
|
- strcat(buf, query);
|
|
+ strncat(buf, query, buflen);
|
|
return buf;
|
|
}
|
|
|
|
@@ -485,7 +488,7 @@
|
|
|
|
if (verb)
|
|
printf(_("Detected referral to %s on %s.\n"), nq, nh);
|
|
- strcat(nq, "\r\n");
|
|
+ strncat(nq, "\r\n", sizeof(nq));
|
|
fd = openconn(nh, np);
|
|
do_query(fd, nq);
|
|
continue;
|