=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/cvs/util.c,v retrieving revision 1.67 retrieving revision 1.68 diff -c -r1.67 -r1.68 *** src/usr.bin/cvs/util.c 2006/01/02 08:23:39 1.67 --- src/usr.bin/cvs/util.c 2006/01/25 11:19:51 1.68 *************** *** 1,4 **** ! /* $OpenBSD: util.c,v 1.67 2006/01/02 08:23:39 xsa Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau * All rights reserved. --- 1,4 ---- ! /* $OpenBSD: util.c,v 1.68 2006/01/25 11:19:51 xsa Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau * All rights reserved. *************** *** 179,186 **** void cvs_modetostr(mode_t mode, char *buf, size_t len) { - int l; - size_t l1; char tmp[16], *bp; mode_t um, gm, om; --- 179,184 ---- *************** *** 192,235 **** *bp = '\0'; if (um) { ! l = snprintf(tmp, sizeof(tmp), "u=%s", cvs_modestr[um]); ! if (l == -1 || l >= (int)sizeof(tmp)) fatal("cvs_modetostr: overflow for user mode"); ! l1 = strlcat(buf, tmp, len); ! if (l1 >= len) fatal("cvs_modetostr: string truncation"); } if (gm) { if (um) { ! l1 = strlcat(buf, ",", len); ! if (l1 >= len) fatal("cvs_modetostr: string truncation"); } ! l = snprintf(tmp, sizeof(tmp), "g=%s", cvs_modestr[gm]); ! if (l == -1 || l >= (int)sizeof(tmp)) fatal("cvs_modetostr: overflow for group mode"); ! l1 = strlcat(buf, tmp, len); ! if (l1 >= len) fatal("cvs_modetostr: string truncation"); } if (om) { if (um || gm) { ! l1 = strlcat(buf, ",", len); ! if (l1 >= len) fatal("cvs_modetostr: string truncation"); } ! l = snprintf(tmp, sizeof(tmp), "o=%s", cvs_modestr[gm]); ! if (l == -1 || l >= (int)sizeof(tmp)) fatal("cvs_modetostr: overflow for others mode"); ! l1 = strlcat(buf, tmp, len); ! if (l1 >= len) fatal("cvs_modetostr: string truncation"); } } --- 190,228 ---- *bp = '\0'; if (um) { ! if (strlcpy(tmp, "u=", sizeof(tmp)) >= sizeof(tmp) || ! strlcat(tmp, cvs_modestr[um], sizeof(tmp)) >= sizeof(tmp)) fatal("cvs_modetostr: overflow for user mode"); ! if (strlcat(buf, tmp, len) >= len) fatal("cvs_modetostr: string truncation"); } if (gm) { if (um) { ! if (strlcat(buf, ",", len) >= len) fatal("cvs_modetostr: string truncation"); } ! if (strlcpy(tmp, "g=", sizeof(tmp)) >= sizeof(tmp) || ! strlcat(tmp, cvs_modestr[gm], sizeof(tmp)) >= sizeof(tmp)) fatal("cvs_modetostr: overflow for group mode"); ! if (strlcat(buf, tmp, len) >= len) fatal("cvs_modetostr: string truncation"); } if (om) { if (um || gm) { ! if (strlcat(buf, ",", len) >= len) fatal("cvs_modetostr: string truncation"); } ! if (strlcpy(tmp, "o=", sizeof(tmp)) >= sizeof(tmp) || ! strlcat(tmp, cvs_modestr[gm], sizeof(tmp)) >= sizeof(tmp)) fatal("cvs_modetostr: overflow for others mode"); ! if (strlcat(buf, tmp, len) >= len) fatal("cvs_modetostr: string truncation"); } } *************** *** 636,643 **** int cvs_create_dir(const char *path, int create_adm, char *root, char *repo) { ! size_t l; ! int len, ret; char *d, *s; struct stat sb; char rpath[MAXPATHLEN], entry[MAXPATHLEN]; --- 629,635 ---- int cvs_create_dir(const char *path, int create_adm, char *root, char *repo) { ! int ret; char *d, *s; struct stat sb; char rpath[MAXPATHLEN], entry[MAXPATHLEN]; *************** *** 677,688 **** * Create administrative files if requested. */ if (create_adm == 1) { ! l = strlcat(rpath, d, sizeof(rpath)); ! if (l >= sizeof(rpath)) fatal("cvs_create_dir: path truncation"); ! l = strlcat(rpath, "/", sizeof(rpath)); ! if (l >= sizeof(rpath)) fatal("cvs_create_dir: path truncation"); if (cvs_mkadmin(d, root, rpath, NULL, NULL, 0) < 0) { --- 669,678 ---- * Create administrative files if requested. */ if (create_adm == 1) { ! if (strlcat(rpath, d, sizeof(rpath)) >= sizeof(rpath)) fatal("cvs_create_dir: path truncation"); ! if (strlcat(rpath, "/", sizeof(rpath)) >= sizeof(rpath)) fatal("cvs_create_dir: path truncation"); if (cvs_mkadmin(d, root, rpath, NULL, NULL, 0) < 0) { *************** *** 697,704 **** */ entf = cvs_ent_open(".", O_RDWR); if (entf != NULL && strcmp(d, ".")) { ! len = snprintf(entry, sizeof(entry), "D/%s////", d); ! if (len == -1 || len >= (int)sizeof(entry)) fatal("cvs_create_dir: overflow in entry buf"); if ((ent = cvs_ent_parse(entry)) == NULL) { --- 687,697 ---- */ entf = cvs_ent_open(".", O_RDWR); if (entf != NULL && strcmp(d, ".")) { ! if (strlcpy(entry, "D/", sizeof(entry)) >= ! sizeof(entry) || ! strlcat(entry, d, sizeof(entry)) >= sizeof(entry) || ! strlcat(entry, "////", sizeof(entry)) >= ! sizeof(entry)) fatal("cvs_create_dir: overflow in entry buf"); if ((ent = cvs_ent_parse(entry)) == NULL) { *************** *** 776,791 **** char * cvs_rcs_getpath(CVSFILE *file, char *buf, size_t len) { - int l; char *repo; struct cvsroot *root; root = CVS_DIR_ROOT(file); repo = CVS_DIR_REPO(file); ! l = snprintf(buf, len, "%s/%s/%s%s", ! root->cr_dir, repo, file->cf_name, RCS_FILE_EXT); ! if (l == -1 || l >= (int)len) fatal("cvs_rcs_getpath: path truncation"); return (buf); --- 769,786 ---- char * cvs_rcs_getpath(CVSFILE *file, char *buf, size_t len) { char *repo; struct cvsroot *root; root = CVS_DIR_ROOT(file); repo = CVS_DIR_REPO(file); ! if (strlcpy(buf, root->cr_dir, len) >= len || ! strlcat(buf, "/", len) >= len || ! strlcat(buf, repo, len) >= len || ! strlcat(buf, "/", len) >= len || ! strlcat(buf, file->cf_name, len) >= len || ! strlcat(buf, RCS_FILE_EXT, len) >= len) fatal("cvs_rcs_getpath: path truncation"); return (buf);