diff --git a/ChangeLog b/ChangeLog index 9bda5cbb..2bad14a9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,17 @@ +2013-09-03 Mats Erik Andersson + + ftp: Avoid numeric size of char array. + + * ftp/cmds.c (macdef): Use sizeof() to avoid size + knowledge about arrays `struct macel.mac_name' + or `macbuf'. + * ftp/domacro.c (domacro): Likewise. + * ftp/ruserpass.c (remote_userpass): Likewise. + Change type of I to size_t. + + * doc/inetutils.texi : Mention + restriction on macro naming. + 2013-08-31 Mats Erik Andersson * tests/syslogd.sh: Lengthen sleeping periods. diff --git a/doc/inetutils.texi b/doc/inetutils.texi index 1f20163d..80c6cda5 100644 --- a/doc/inetutils.texi +++ b/doc/inetutils.texi @@ -1617,23 +1617,27 @@ dash@tie{}@samp{-}, then output is sent to the terminal. @item macdef @var{macro-name} Define a macro called @var{macro-name}, with subsequent lines as the macro definition. A null line (consecutive newline characters in a -file, or carriage returns from the terminal) terminates macro input +file, or carriage returns at a terminal) terminates macro input mode. There is a limit of 16 macros and a total of 4096 characters -in all defined macros. +shared by all defined macros. Only the first eight characters in +@var{macro-name} are significant when determining which +macro to execute. Macros remain defined until a close command is executed. The macro processor interprets @samp{$} and @samp{\} as -special characters. A @samp{$} followed by a number (or numbers) is -replaced by the corresponding argument on the macro invocation command -line. +special characters. A @samp{$} followed by a number (one or more +digits) is replaced by the corresponding argument on the macro's +invocation command line. A @samp{$} followed by the letter @samp{i} tells the macro processor that the macro is to perform a loop. -On the first pass @samp{$i} -is replaced by the first argument on the macro invocation command -line, on the second pass it is replaced by the second argument, and so -on. A @samp{\} followed by any character is replaced by that -character. Use the @samp{\} to prevent special treatment of the -@samp{$}. +On the first pass, @samp{$i} is replaced by the first argument on +the macro's invocation command line, while on the second pass it is +replaced by the second argument, and so forth. +Iteration proceeds until all arguments have been consumed. + +A backslash @samp{\} followed by any character is replaced by that +character. Use the backslash @samp{\} to prevent special treatment +of the dollar sign @samp{$}, as was just explained. @item mdelete [@var{remote-files}] Delete all @var{remote-files} on the remote machine. diff --git a/ftp/cmds.c b/ftp/cmds.c index cf09a9db..10b8d603 100644 --- a/ftp/cmds.c +++ b/ftp/cmds.c @@ -2519,7 +2519,8 @@ macdef (int argc, char **argv) { printf ("Enter macro line by line, terminating it with a null line\n"); } - strncpy (macros[macnum].mac_name, argv[1], 8); + strncpy (macros[macnum].mac_name, argv[1], + sizeof (macros[macnum].mac_name) - 1); if (macnum == 0) { macros[macnum].mac_start = macbuf; @@ -2529,7 +2530,7 @@ macdef (int argc, char **argv) macros[macnum].mac_start = macros[macnum - 1].mac_end + 1; } tmp = macros[macnum].mac_start; - while (tmp != macbuf + 4096) + while (tmp < macbuf + sizeof (macbuf)) { if ((c = getchar ()) == EOF) { diff --git a/ftp/domacro.c b/ftp/domacro.c index 9cad900f..1d2cc949 100644 --- a/ftp/domacro.c +++ b/ftp/domacro.c @@ -70,7 +70,8 @@ domacro (int argc, char *argv[]) } for (i = 0; i < macnum; ++i) { - if (!strncmp (argv[1], macros[i].mac_name, 9)) + if (!strncmp (argv[1], macros[i].mac_name, + sizeof (macros[i].mac_name))) { break; } diff --git a/ftp/ruserpass.c b/ftp/ruserpass.c index 1bf9b419..33d99b0e 100644 --- a/ftp/ruserpass.c +++ b/ftp/ruserpass.c @@ -115,7 +115,8 @@ remote_userpass (char *host, char **aname, char **apass, char **aacct) { char *hdir, buf[BUFSIZ], *tmp; char *myname = 0, *mydomain; - int t, i, c, usedefault = 0; + int t, c, usedefault = 0; + size_t i; struct stat stb; hdir = getenv ("HOME"); @@ -238,7 +239,8 @@ remote_userpass (char *host, char **aname, char **apass, char **aacct) } tmp = macros[macnum].mac_name; *tmp++ = c; - for (i = 0; i < 8 && (c = getc (cfile)) != EOF && !isspace (c); + for (i = 0; i < (sizeof (macros[macnum].mac_name) - 1) + && (c = getc (cfile)) != EOF && !isspace (c); ++i) { *tmp++ = c; @@ -267,7 +269,7 @@ remote_userpass (char *host, char **aname, char **apass, char **aacct) macros[macnum].mac_start = macros[macnum - 1].mac_end + 1; } tmp = macros[macnum].mac_start; - while (tmp != macbuf + 4096) + while (tmp < macbuf + sizeof (macbuf)) { if ((c = getc (cfile)) == EOF) { @@ -287,7 +289,7 @@ remote_userpass (char *host, char **aname, char **apass, char **aacct) } tmp++; } - if (tmp == macbuf + 4096) + if (tmp == macbuf + sizeof (macbuf)) { printf ("4K macro buffer exceeded\n"); goto bad;