SEO

#1 (**permalink**) 02-22-2008, 11:27 AM

Hi again,

Here is the patch, against -current

Since no action was taken in the original code incase of an
overflow I kept it at adding:

warnx("Buffer overflown");
return(buf);

If an overflow occured. Please insert something more appropriate
if necesarry.

Index: usr.sbin/ppp/ppp/mppe.c
================================================== =================
RCS file: /cvs/src/usr.sbin/ppp/ppp/mppe.c,v
retrieving revision 1.16
diff -u -p -w -r1.16 mppe.c
--- usr.sbin/ppp/ppp/mppe.c 2 Jul 2002 00:48:30 -0000 1.16
+++ usr.sbin/ppp/ppp/mppe.c 15 Apr 2005 22:52:15 -0000
@@ -39,6 +39,7 @@
#include <string.h>
#include <termios.h>
#include <openssl/rc4.h>
+#include <err.h>

#include "defs.h"
#include "mbuf.h"
@@ -386,42 +387,71 @@ MPPEDispOpts(struct fsm_opt *o)

ua_ntohl(o->data, &val);
len = 0;
- if ((n = snprintf(buf, sizeof buf, "value 0x%08x ", (unsigned)val)) > 0)
+ n = snprintf(buf, sizeof(buf), "value 0x%08x ", (unsigned)val);
+ if (n == -1 || n >= sizeof(buf)) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
if (!(val & MPPE_OPT_BITMASK)) {
- if ((n = snprintf(buf + len, sizeof buf - len, "(0")) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, "(0");
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
} else {
ch = '(';
if (val & MPPE_OPT_128BIT) {
- if ((n = snprintf(buf + len, sizeof buf - len, "%c128", ch)) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, "%c128", ch);
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
ch = '/';
}
if (val & MPPE_OPT_56BIT) {
- if ((n = snprintf(buf + len, sizeof buf - len, "%c56", ch)) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, "%c56", ch);
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
ch = '/';
}
if (val & MPPE_OPT_40BIT) {
- if ((n = snprintf(buf + len, sizeof buf - len, "%c40", ch)) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, "%c40", ch);
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
ch = '/';
}
}

- if ((n = snprintf(buf + len, sizeof buf - len, " bits, state%s",
- (val & MPPE_OPT_STATELESS) ? "less" : "ful")) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, " bits, state%s",
+ (val & MPPE_OPT_STATELESS) ? "less" : "ful");
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;

if (val & MPPE_OPT_COMPRESSED) {
- if ((n = snprintf(buf + len, sizeof buf - len, ", compressed")) > 0)
+ n = snprintf(buf + len, sizeof(buf) - len, ", compressed");
+ if (n == -1 || n >= sizeof(buf) - len) {
+ warnx("Buffer overflown");
+ return(buf);
+ } else
len += n;
}

- snprintf(buf + len, sizeof buf - len, ")");
-
- return buf;
+ n = snprintf(buf + len, sizeof(buf) - len, ")");
+ if (n == -1 || n >= sizeof(buf) - len)
+ warnx("Buffer overflown");
+ return(buf);
}

static int

# Han

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

SEO

Re: KNF for usr.sbin/ppp/ppp/mppe.c