Remaining rgagnon source audit improvements (bug #2011)

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3430 65c4cc65-6c06-0410-ace0-fbb531ad65f3

cli.c

@@ -39,12 +39,19 @@
 void ast_cli(int fd, char *fmt, ...)
 {
 	char *stuff;
+	int res = 0;
+
 	va_list ap;
 	va_start(ap, fmt);
-	vasprintf(&stuff, fmt, ap);
+	res = vasprintf(&stuff, fmt, ap);
 	va_end(ap);
-	ast_carefulwrite(fd, stuff, strlen(stuff), 100);
-	free(stuff);
+	if (res == -1) {
+		ast_log(LOG_ERROR, "Out of memory\n");
+	}
+	else {
+		ast_carefulwrite(fd, stuff, strlen(stuff), 100);
+		free(stuff);
+	}
 }
 
 AST_MUTEX_DEFINE_STATIC(clilock);
@@ -179,62 +186,76 @@ static char version_help[] =
 static char *format_uptimestr(time_t timeval)
 {
 	int years = 0, weeks = 0, days = 0, hours = 0, mins = 0, secs = 0;
-	char timestr[256];
-	int pos = 0;
+	char timestr[256]="";
+	int bytes = 0;
+	int maxbytes = 0;
+	int offset = 0;
 #define SECOND (1)
 #define MINUTE (SECOND*60)
 #define HOUR (MINUTE*60)
 #define DAY (HOUR*24)
 #define WEEK (DAY*7)
 #define YEAR (DAY*365)
+#define ESS(x) ((x == 1) ? "" : "s")
 
+	maxbytes = sizeof(timestr);
 	if (timeval < 0)
 		return NULL;
 	if (timeval > YEAR) {
 		years = (timeval / YEAR);
 		timeval -= (years * YEAR);
-		if (years > 1)
-			pos += sprintf(timestr + pos, "%d years, ", years);
-		else
-			pos += sprintf(timestr + pos, "1 year, ");
+		if (years > 0) {
+			snprintf(timestr + offset, maxbytes, "%d year%s, ", years, ESS(years));
+			bytes = strlen(timestr + offset);
+			offset += bytes;
+			maxbytes -= bytes;
+		}
 	}
 	if (timeval > WEEK) {
 		weeks = (timeval / WEEK);
 		timeval -= (weeks * WEEK);
-		if (weeks > 1)
-			pos += sprintf(timestr + pos, "%d weeks, ", weeks);
-		else
-			pos += sprintf(timestr + pos, "1 week, ");
+		if (weeks > 0) {
+			snprintf(timestr + offset, maxbytes, "%d week%s, ", weeks, ESS(weeks));
+			bytes = strlen(timestr + offset);
+			offset += bytes;
+			maxbytes -= bytes;
+		}
 	}
 	if (timeval > DAY) {
 		days = (timeval / DAY);
 		timeval -= (days * DAY);
-		if (days > 1)
-			pos += sprintf(timestr + pos, "%d days, ", days);
-		else
-			pos += sprintf(timestr + pos, "1 day, ");
-
+		if (days > 0) {
+			snprintf(timestr + offset, maxbytes, "%d day%s, ", days, ESS(days));
+			bytes = strlen(timestr + offset);
+			offset += bytes;
+			maxbytes -= bytes;
+		}
 	}
 	if (timeval > HOUR) {
 		hours = (timeval / HOUR);
 		timeval -= (hours * HOUR);
-		if (hours > 1)
-			pos += sprintf(timestr + pos, "%d hours, ", hours);
-		else
-			pos += sprintf(timestr + pos, "1 hour, ");
+		if (hours > 0) {
+			snprintf(timestr + offset, maxbytes, "%d hour%s, ", hours, ESS(hours));
+			bytes = strlen(timestr + offset);
+			offset += bytes;
+			maxbytes -= bytes;
+		}
 	}
 	if (timeval > MINUTE) {
 		mins = (timeval / MINUTE);
 		timeval -= (mins * MINUTE);
-		if (mins > 1)
-			pos += sprintf(timestr + pos, "%d minutes, ", mins);
-		else if (mins > 0)
-			pos += sprintf(timestr + pos, "1 minute, ");
+		if (mins > 0) {
+			snprintf(timestr + offset, maxbytes, "%d minute%s, ", mins, ESS(mins));
+			bytes = strlen(timestr + offset);
+			offset += bytes;
+			maxbytes -= bytes;
+		}
 	}
 	secs = timeval;
 
-	if (secs > 0)
-		pos += sprintf(timestr + pos, "%d seconds", secs);
+	if (secs > 0) {
+		snprintf(timestr + offset, maxbytes, "%d second%s", secs, ESS(secs));
+	}
 
 	return timestr ? strdup(timestr) : NULL;
 }
@@ -657,25 +678,31 @@ static struct ast_cli_entry *find_cli(char *cmds[], int exact)
 	return e;
 }
 
-static void join(char *s, int len, char *w[])
+static void join(char *dest, size_t destsize, char *w[])
 {
 	int x;
 	/* Join words into a string */
-	strcpy(s, "");
+	if (!dest || destsize < 1) {
+		return;
+	}
+	dest[0] = '\0';
 	for (x=0;w[x];x++) {
 		if (x)
-			strncat(s, " ", len - strlen(s));
-		strncat(s, w[x], len - strlen(s));
+			strncat(dest, " ", destsize - strlen(dest) - 1);
+		strncat(dest, w[x], destsize - strlen(dest) - 1);
 	}
 }
 
-static void join2(char *s, int len, char *w[])
+static void join2(char *dest, size_t destsize, char *w[])
 {
 	int x;
 	/* Join words into a string */
-	strcpy(s, "");
+	if (!dest || destsize < 1) {
+		return;
+	}
+	dest[0] = '\0';
 	for (x=0;w[x];x++) {
-		strncat(s, w[x], len - strlen(s));
+		strncat(dest, w[x], destsize - strlen(dest) - 1);
 	}
 }
 

enum.c

@@ -94,7 +94,7 @@ static int parse_naptr(unsigned char *dst, int dstsize, char *tech, int techsize
 	regmatch_t pmatch[9];
 
 
-	strcpy(dst, "");
+	dst[0] = '\0';
 	
 	if (len < sizeof(struct naptr)) {
 		ast_log(LOG_WARNING, "Length too short\n");
@@ -151,7 +151,7 @@ static int parse_naptr(unsigned char *dst, int dstsize, char *tech, int techsize
 	}
 
 	/* DEDBUGGING STUB
-	strcpy(regexp, "!^\\+43(.*)$!\\1@bla.fasel!");
+	strncpy(regexp, "!^\\+43(.*)$!\\1@bla.fasel!", sizeof(regexp) - 1);
 	*/
 
 	regexp_len = strlen(regexp);
@@ -222,7 +222,8 @@ static int parse_naptr(unsigned char *dst, int dstsize, char *tech, int techsize
 		}
 	}
 	*d = 0;
-	strncpy(dst, temp, dstsize);
+	strncpy(dst, temp, dstsize - 1);
+	dst[dstsize - 1] = '\0';
 	return 0;
 }
 
@@ -245,8 +246,8 @@ static int txt_callback(void *context, u_char *answer, int len, u_char *fullansw
 
 	if (answer != NULL) {
 		c->txtlen = strlen(answer);
-		strncpy(c->txt, answer, 255);
-		c->txt[c->txtlen] = 0;
+		strncpy(c->txt, answer, sizeof(c->txt) - 1);
+		c->txt[sizeof(c->txt) - 1] = 0;
 		return 1;
 	} else {
 		c->txt = NULL;
@@ -309,7 +310,7 @@ int ast_get_enum(struct ast_channel *chan, const char *number, char *dst, int ds
 			s = s->next;
 		}
 		if (s) {
-			strcpy(tmp + newpos, s->toplev);
+			strncpy(tmp + newpos, s->toplev, sizeof(tmp) - newpos - 1);
 		}
 		ast_mutex_unlock(&enumlock);
 		if (!s)
@@ -368,7 +369,7 @@ int ast_get_txt(struct ast_channel *chan, const char *number, char *dst, int dst
 			s = s->next;
 		}
 		if (s) {
-			strcpy(tmp + newpos, s->toplev);
+			strncpy(tmp + newpos, s->toplev, sizeof(tmp) - newpos - 1);
 		}
 		ast_mutex_unlock(&enumlock);
 		if (!s)

file.c

@@ -279,14 +279,17 @@ static int copy(char *infile, char *outfile)
 static char *build_filename(char *filename, char *ext)
 {
 	char *fn;
+	int fnsize = 0;
 	char tmp[AST_CONFIG_MAX_PATH]="";
-	snprintf(tmp,sizeof(tmp)-1,"%s/%s",(char *)ast_config_AST_VAR_DIR,"sounds");
-	fn = malloc(strlen(tmp) + strlen(filename) + strlen(ext) + 10);
+
+	snprintf(tmp, sizeof(tmp), "%s/%s", ast_config_AST_VAR_DIR, "sounds");
+	fnsize = strlen(tmp) + strlen(filename) + strlen(ext) + 10;
+	fn = malloc(fnsize);
 	if (fn) {
 		if (filename[0] == '/') 
-			sprintf(fn, "%s.%s", filename, ext);
+			snprintf(fn, fnsize, "%s.%s", filename, ext);
 		else
-			sprintf(fn, "%s/%s.%s", (char *)tmp, filename, ext);
+			snprintf(fn, fnsize, "%s/%s.%s", tmp, filename, ext);
 	}
 	return fn;
 	

logger.c

@@ -211,7 +211,7 @@ static void init_logger_chain(void)
 
 	ast_mutex_lock(&loglock);
 	if ((s = ast_variable_retrieve(cfg, "general", "dateformat"))) {
-		(void)strncpy(dateformat,s,sizeof(dateformat));
+		strncpy(dateformat, s, sizeof(dateformat) - 1);
 	}
 	var = ast_variable_browse(cfg, "logfiles");
 	while(var) {
@@ -266,7 +266,7 @@ static void queue_log_init(void)
 
 int reload_logger(int rotate)
 {
-	char old[AST_CONFIG_MAX_PATH];
+	char old[AST_CONFIG_MAX_PATH] = "";
 	char new[AST_CONFIG_MAX_PATH];
 	struct logchannel *f;
 	FILE *myf;
@@ -307,7 +307,7 @@ int reload_logger(int rotate)
 			fclose(f->fileptr);
 			f->fileptr = NULL;
 			if(rotate) {
-				strncpy(old, f->filename, sizeof(old));
+				strncpy(old, f->filename, sizeof(old) - 1);
 	
 				for(x=0;;x++) {
 					snprintf(new, sizeof(new), "%s.%d", f->filename, x);

manager.c

@@ -651,7 +651,7 @@ static int action_status(struct mansession *s, struct message *m)
 		if (c->bridge)
 			snprintf(bridge, sizeof(bridge), "Link: %s\r\n", c->bridge->name);
 		else
-			strcpy(bridge, "");
+			bridge[0] = '\0';
 		if (c->pbx) {
 			ast_cli(s->fd,
 			"Event: Status\r\n"
@@ -992,13 +992,13 @@ static int action_timeout(struct mansession *s, struct message *m)
 
 static int process_message(struct mansession *s, struct message *m)
 {
-	char action[80];
+	char action[80] = "";
 	struct manager_action *tmp = first_action;
 	char *id = astman_get_header(m,"ActionID");
 	char idText[256] = "";
 	char iabuf[INET_ADDRSTRLEN];
 
-	strncpy(action, astman_get_header(m, "Action"), sizeof(action));
+	strncpy(action, astman_get_header(m, "Action"), sizeof(action) - 1);
 	ast_log( LOG_DEBUG, "Manager received command '%s'\n", action );
 
 	if (ast_strlen_zero(action)) {

muted.c

@@ -25,9 +25,9 @@
 
 static char *config = "/etc/muted.conf";
 
-static char host[256];
-static char user[256];
-static char pass[256];
+static char host[256] = "";
+static char user[256] = "";
+static char pass[256] = "";
 static int smoothfade = 0;
 static int mutelevel = 20;
 static int muted = 0;
@@ -98,17 +98,17 @@ static int load_config(void)
 			}
 			if (!strcasecmp(buf, "host")) {
 				if (val && strlen(val))
-					strncpy(host, val, sizeof(host));
+					strncpy(host, val, sizeof(host) - 1);
 				else
 					fprintf(stderr, "host needs an argument (the host) at line %d\n", lineno);
 			} else if (!strcasecmp(buf, "user")) {
 				if (val && strlen(val))
-					strncpy(user, val, sizeof(user));
+					strncpy(user, val, sizeof(user) - 1);
 				else
 					fprintf(stderr, "user needs an argument (the user) at line %d\n", lineno);
 			} else if (!strcasecmp(buf, "pass")) {
 				if (val && strlen(val))
-					strncpy(pass, val, sizeof(pass));
+					strncpy(pass, val, sizeof(pass) - 1);
 				else
 					fprintf(stderr, "pass needs an argument (the password) at line %d\n", lineno);
 			} else if (!strcasecmp(buf, "smoothfade")) {
@@ -264,7 +264,7 @@ static struct channel *find_channel(char *channel)
 	char tmp[256] = "";
 	char *s, *t;
 	struct channel *chan;
-	strncpy(tmp, channel, sizeof(tmp));
+	strncpy(tmp, channel, sizeof(tmp) - 1);
 	s = strchr(tmp, '/');
 	if (s) {
 		*s = '\0';
@@ -460,15 +460,15 @@ static int wait_event(void)
 		return -1;
 	}
 	if (!strncasecmp(resp, "Event: ", strlen("Event: "))) {
-		strncpy(event, resp + strlen("Event: "), sizeof(event));
+		strncpy(event, resp + strlen("Event: "), sizeof(event) - 1);
 		/* Consume the rest of the non-event */
 		while((resp = get_line()) && strlen(resp)) {
 			if (!strncasecmp(resp, "Channel: ", strlen("Channel: ")))
-				strncpy(channel, resp + strlen("Channel: "), sizeof(channel));
+				strncpy(channel, resp + strlen("Channel: "), sizeof(channel) - 1);
 			if (!strncasecmp(resp, "Newname: ", strlen("Newname: ")))
-				strncpy(newname, resp + strlen("Newname: "), sizeof(newname));
+				strncpy(newname, resp + strlen("Newname: "), sizeof(newname) - 1);
 			if (!strncasecmp(resp, "Oldname: ", strlen("Oldname: ")))
-				strncpy(oldname, resp + strlen("Oldname: "), sizeof(oldname));
+				strncpy(oldname, resp + strlen("Oldname: "), sizeof(oldname) - 1);
 		}
 		if (strlen(channel)) {
 			if (!strcasecmp(event, "Hangup")) 

pbx.c

@@ -875,7 +875,7 @@ static void pbx_substitute_variables_temp(struct ast_channel *c,const char *var,
 		} else
 			*ret = NULL;
 	} else if (c && !strcmp(var, "HINT")) {
-		if (!ast_get_hint(workspace, workspacelen - 1, c, c->context, c->exten))
+		if (!ast_get_hint(workspace, workspacelen, c, c->context, c->exten))
 			*ret = NULL;
 		else
 			*ret = workspace;
@@ -908,12 +908,12 @@ static void pbx_substitute_variables_temp(struct ast_channel *c,const char *var,
 		strncpy(workspace, c->name, workspacelen - 1);
 		*ret = workspace;
 	} else if (c && !strcmp(var, "EPOCH")) {
-		snprintf(workspace, workspacelen -1, "%u",(int)time(NULL));
+		snprintf(workspace, workspacelen, "%u",(int)time(NULL));
 		*ret = workspace;
 	} else if (c && !strcmp(var, "DATETIME")) {
 		thistime=time(NULL);
 		localtime_r(&thistime, &brokentime);
-		snprintf(workspace, workspacelen -1, "%02d%02d%04d-%02d:%02d:%02d",
+		snprintf(workspace, workspacelen, "%02d%02d%04d-%02d:%02d:%02d",
 			brokentime.tm_mday,
 			brokentime.tm_mon+1,
 			brokentime.tm_year+1900,
@@ -926,7 +926,7 @@ static void pbx_substitute_variables_temp(struct ast_channel *c,const char *var,
 		thistime=time(NULL);
 		localtime_r(&thistime, &brokentime);
 		/* 20031130-150612 */
-		snprintf(workspace, workspacelen -1, "%04d%02d%02d-%02d%02d%02d",
+		snprintf(workspace, workspacelen, "%04d%02d%02d-%02d%02d%02d",
 			brokentime.tm_year+1900,
 			brokentime.tm_mon+1,
 			brokentime.tm_mday,
@@ -936,10 +936,10 @@ static void pbx_substitute_variables_temp(struct ast_channel *c,const char *var,
 		);
 		*ret = workspace;
 	} else if (c && !strcmp(var, "UNIQUEID")) {
-		snprintf(workspace, workspacelen -1, "%s", c->uniqueid);
+		snprintf(workspace, workspacelen, "%s", c->uniqueid);
 		*ret = workspace;
 	} else if (c && !strcmp(var, "HANGUPCAUSE")) {
-		snprintf(workspace, workspacelen -1, "%i", c->hangupcause);
+		snprintf(workspace, workspacelen, "%i", c->hangupcause);
 		*ret = workspace;
 	} else if (c && !strcmp(var, "ACCOUNTCODE")) {
 		strncpy(workspace, c->accountcode, workspacelen - 1);
@@ -1083,7 +1083,7 @@ void pbx_substitute_variables_helper(struct ast_channel *c,const char *cp1,char
 			}
 			
 			/* Retrieve variable value */
-			strcpy(workspace, "");
+			workspace[0] = '\0';
 			pbx_substitute_variables_temp(c,vars,&cp4, workspace, sizeof(workspace));
 			if (cp4) {
 				length = strlen(cp4);
@@ -1378,69 +1378,69 @@ int ast_extension_state(struct ast_channel *c, char *context, char *exten)
 
 int ast_device_state_changed(const char *fmt, ...) 
 {
-    struct ast_hint *list;
-    struct ast_state_cb *cblist;
-    char hint[AST_MAX_EXTENSION];
-    char device[AST_MAX_EXTENSION];
-    char *cur, *rest;
-    int state;
-    
-    va_list ap;
+	struct ast_hint *list;
+	struct ast_state_cb *cblist;
+	char hint[AST_MAX_EXTENSION] = "";
+	char device[AST_MAX_EXTENSION];
+	char *cur, *rest;
+	int state;
 
-    va_start(ap, fmt);
-    vsnprintf(device, sizeof(device)-1, fmt, ap);
-    va_end(ap);
+	va_list ap;
 
-    rest = strchr(device, '-');
-    if (rest) {
-	*rest = 0;
-    }
-        
-    ast_mutex_lock(&hintlock);
+	va_start(ap, fmt);
+	vsnprintf(device, sizeof(device), fmt, ap);
+	va_end(ap);
 
-    list = hints;
-    
-    while (list) {
-	
-	strcpy(hint, ast_get_extension_app(list->exten));
-	cur = hint;
-	do {
-	    rest = strchr(cur, '&');
-	    if (rest) {
+	rest = strchr(device, '-');
+	if (rest) {
 		*rest = 0;
-		rest++;
-	    }
-	    
-	    if (!strcmp(cur, device)) {
-	    // Found extension execute callbacks 
-		state = ast_extension_state2(list->exten);
-		if ((state != -1) && (state != list->laststate)) {
-		    // For general callbacks
-		    cblist = statecbs;
-		    while (cblist) {
-			cblist->callback(list->exten->parent->name, list->exten->exten, state, cblist->data);
-			cblist = cblist->next;
-		    }
-		    
-		    // For extension callbacks
-    		    cblist = list->callbacks;
-		    while (cblist) {
-			cblist->callback(list->exten->parent->name, list->exten->exten, state, cblist->data);
-			cblist = cblist->next;
-		    }
-		    
-		    list->laststate = state;
-		}
-		break;
-	    }
-	    cur = rest;
-	} while (cur);
-	
-	list = list->next;
-    }
+	}
 
-    ast_mutex_unlock(&hintlock);
-    return 1;
+	ast_mutex_lock(&hintlock);
+
+	list = hints;
+
+	while (list) {
+
+		strncpy(hint, ast_get_extension_app(list->exten), sizeof(hint) - 1);
+		cur = hint;
+		do {
+			rest = strchr(cur, '&');
+			if (rest) {
+				*rest = 0;
+				rest++;
+			}
+			
+			if (!strcmp(cur, device)) {
+				// Found extension execute callbacks 
+				state = ast_extension_state2(list->exten);
+				if ((state != -1) && (state != list->laststate)) {
+					// For general callbacks
+					cblist = statecbs;
+					while (cblist) {
+						cblist->callback(list->exten->parent->name, list->exten->exten, state, cblist->data);
+						cblist = cblist->next;
+					}
+
+					// For extension callbacks
+					cblist = list->callbacks;
+					while (cblist) {
+						cblist->callback(list->exten->parent->name, list->exten->exten, state, cblist->data);
+						cblist = cblist->next;
+					}
+			
+					list->laststate = state;
+				}
+				break;
+			}
+			cur = rest;
+		} while (cur);
+
+		list = list->next;
+	}
+
+	ast_mutex_unlock(&hintlock);
+	return 1;
 }
 			
 int ast_extension_state_add(char *context, char *exten, 
@@ -1684,12 +1684,12 @@ static int ast_remove_hint(struct ast_exten *e)
 }
 
 
-int ast_get_hint(char *hint, int maxlen, struct ast_channel *c, char *context, char *exten)
+int ast_get_hint(char *hint, int hintsize, struct ast_channel *c, char *context, char *exten)
 {
 	struct ast_exten *e;
 	e = ast_hint_extension(c, context, exten);
 	if (e) {	
-	    strncpy(hint, ast_get_extension_app(e), maxlen);
+	    strncpy(hint, ast_get_extension_app(e), hintsize - 1);
 	    return -1;
 	}
 	return 0;	
@@ -1907,7 +1907,8 @@ int ast_pbx_run(struct ast_channel *c)
 		ast_log(LOG_WARNING, "Don't know what to do with '%s'\n", c->name);
 out:
 	if ((res != AST_PBX_KEEPALIVE) && ast_exists_extension(c, c->context, "h", 1, c->callerid)) {
-		strcpy(c->exten, "h");
+		c->exten[0] = 'h';
+		c->exten[1] = '\0';
 		c->priority = 1;
 		while(ast_exists_extension(c, c->context, c->exten, c->priority, c->callerid)) {
 			if ((res = ast_spawn_extension(c, c->context, c->exten, c->priority, c->callerid))) {
@@ -3696,7 +3697,7 @@ int ast_add_extension2(struct ast_context *con,
 			ext_strncpy(tmp->cidmatch, callerid, sizeof(tmp->cidmatch));
 			tmp->matchcid = 1;
 		} else {
-			strcpy(tmp->cidmatch, "");
+			tmp->cidmatch[0] = '\0';
 			tmp->matchcid = 0;
 		}
 		strncpy(tmp->app, application, sizeof(tmp->app)-1);

srv.c

@@ -60,7 +60,7 @@ static int parse_srv(unsigned char *host, int hostlen, int *portno, unsigned cha
 	if (res && strcmp(repl, ".")) {
 		ast_verbose( VERBOSE_PREFIX_3 "parse_srv: SRV mapped to host %s, port %d\n", repl, ntohs(srv->portnum));
 		if (host) {
-			strncpy(host, repl, hostlen - 2);
+			strncpy(host, repl, hostlen - 1);
 			host[hostlen-1] = '\0';
 		}
 		if (portno)
@@ -109,7 +109,7 @@ int ast_get_srv(struct ast_channel *chan, char *host, int hostlen, int *port, co
 		ret |= ast_autoservice_stop(chan);
 
 	if (ret <= 0) {
-		strcpy(host, "");
+		host[0] = '\0';
 		*port = -1;
 		return ret;
 	}

translate.c

@@ -351,7 +351,9 @@ static int show_translation(int fd, int argc, char *argv[])
 	ast_cli(fd, "          Source Format (Rows) Destination Format(Columns)\n\n");
 	ast_mutex_lock(&list_lock);
 	for (x=-1;x<SHOW_TRANS; x++) {
-		strcpy(line, " ");
+		/* next 2 lines run faster than using strcpy() */
+		line[0] = ' ';
+		line[1] = '\0';
 		for (y=-1;y<SHOW_TRANS;y++) {
 			if (x >= 0 && y >= 0 && tr_matrix[x][y].step)
 				snprintf(line + strlen(line), sizeof(line) - strlen(line), " %5d", tr_matrix[x][y].cost >= 99999 ? tr_matrix[x][y].cost-99999 : tr_matrix[x][y].cost);