generic-library/libupnp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove most of strcpy, sprintf and strcat

Browse Source 
Replace strcpy, sprintf and strcat by strncpy, snprintf and strncat to
avoid buffer overflows.
This commit is contained in:
Fabrice Fontaine
2012-03-08 10:08:09 +01:00
parent 9965f02727
commit 97a17ff5ad
13 changed files with 174 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
upnp/src/ssdp/ssdp_ctrlpt.c
View File

@@ -319,24 +319,27 @@ static void CreateClientRequestPacket(
{
char TempBuf[COMMAND_LEN];
memset(TempBuf, 0, sizeof(TempBuf));
strcpy(RqstBuf, "M-SEARCH * HTTP/1.1\r\n");
if (AddressFamily == AF_INET) {
sprintf(TempBuf, "HOST: %s:%d\r\n", SSDP_IP, SSDP_PORT);
snprintf(TempBuf, sizeof(TempBuf) - 1, "HOST: %s:%d\r\n",
SSDP_IP, SSDP_PORT);
} else if (AddressFamily == AF_INET6) {
sprintf(TempBuf, "HOST: [%s]:%d\r\n", SSDP_IPV6_LINKLOCAL,
SSDP_PORT);
snprintf(TempBuf, sizeof(TempBuf) - 1, "HOST: [%s]:%d\r\n",
SSDP_IPV6_LINKLOCAL, SSDP_PORT);
}
strcat(RqstBuf, TempBuf);
strcat(RqstBuf, "MAN: \"ssdp:discover\"\r\n");
if (Mx > 0) {
sprintf(TempBuf, "MX: %d\r\n", Mx);
snprintf(TempBuf, sizeof(TempBuf) - 1, "MX: %d\r\n", Mx);
strcat(RqstBuf, TempBuf);
}
if (SearchTarget != NULL) {
sprintf(TempBuf, "ST: %s\r\n", SearchTarget);
snprintf(TempBuf, sizeof(TempBuf) - 1, "ST: %s\r\n",
SearchTarget);
strcat(RqstBuf, TempBuf);
}
strcat(RqstBuf, "\r\n");
@@ -357,21 +360,24 @@ static void CreateClientRequestPacketUlaGua(
{
char TempBuf[COMMAND_LEN];
memset(TempBuf, 0, sizeof(TempBuf));
strcpy(RqstBuf, "M-SEARCH * HTTP/1.1\r\n");
if (AddressFamily == AF_INET) {
sprintf(TempBuf, "HOST: %s:%d\r\n", SSDP_IP, SSDP_PORT);
snprintf(TempBuf, sizeof(TempBuf) - 1, "HOST: %s:%d\r\n",
SSDP_IP, SSDP_PORT);
} else if (AddressFamily == AF_INET6) {
sprintf(TempBuf, "HOST: [%s]:%d\r\n", SSDP_IPV6_SITELOCAL,
SSDP_PORT);
snprintf(TempBuf, sizeof(TempBuf) - 1, "HOST: [%s]:%d\r\n",
SSDP_IPV6_SITELOCAL, SSDP_PORT);
}
strcat(RqstBuf, TempBuf);
strcat(RqstBuf, "MAN: \"ssdp:discover\"\r\n");
if (Mx > 0) {
sprintf(TempBuf, "MX: %d\r\n", Mx);
snprintf(TempBuf, sizeof(TempBuf) - 1, "MX: %d\r\n", Mx);
strcat(RqstBuf, TempBuf);
}
if (SearchTarget) {
sprintf(TempBuf, "ST: %s\r\n", SearchTarget);
snprintf(TempBuf, sizeof(TempBuf) - 1, "ST: %s\r\n",
SearchTarget);
strcat(RqstBuf, TempBuf);
}
strcat(RqstBuf, "\r\n");