Merge remaining audit patch (save dlfcn.c)

git-svn-id: http://svn.digium.com/svn/asterisk/trunk@3436 f38db490-d61c-443f-a65b-d21fe96a405b
author: markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> 2004-07-14 13:57:15 +0000
committer: markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> 2004-07-14 13:57:15 +0000
commit: 5d8654361451b217b1fc604f449554e74a11b70b (patch)
tree: 30a1118273807f5c6ba0e3ca611ab0c6a160fa3b /cdr
parent: 3aea726c3943cf31d2d90c194d1e126891b1481d (diff)
4 files changed, 57 insertions, 51 deletions
diff --git a/cdr/cdr_csv.c b/cdr/cdr_csv.c
index 8c553db68..a1d391cfb 100755
--- a/cdr/cdr_csv.c
+++ b/cdr/cdr_csv.c
@@ -71,16 +71,16 @@ static char *name = "csv";
 
 static FILE *mf = NULL;
 
-static int append_string(char *buf, char *s, int len)
+static int append_string(char *buf, char *s, size_t bufsize)
 {
 	int pos = strlen(buf);
 	int spos = 0;
 	int error = 0;
-	if (pos >= len - 4)
+	if (pos >= bufsize - 4)
 		return -1;
 	buf[pos++] = '\"';
 	error = -1;
-	while(pos < len - 3) {
+	while(pos < bufsize - 3) {
 		if (!s[spos]) {
 			error = 0;
 			break;
@@ -96,87 +96,87 @@ static int append_string(char *buf, char *s, int len)
 	return error;
 }
 
-static int append_int(char *buf, int s, int len)
+static int append_int(char *buf, int s, size_t bufsize)
 {
 	char tmp[32];
 	int pos = strlen(buf);
 	snprintf(tmp, sizeof(tmp), "%d", s);
-	if (pos + strlen(tmp) > len - 3)
+	if (pos + strlen(tmp) > bufsize - 3)
 		return -1;
-	strncat(buf, tmp, len);
+	strncat(buf, tmp, bufsize - strlen(buf) - 1);
 	pos = strlen(buf);
 	buf[pos++] = ',';
 	buf[pos++] = '\0';
 	return 0;
 }
 
-static int append_date(char *buf, struct timeval tv, int len)
+static int append_date(char *buf, struct timeval tv, size_t bufsize)
 {
-	char tmp[80];
+	char tmp[80] = "";
 	struct tm tm;
 	time_t t;
 	t = tv.tv_sec;
-	if (strlen(buf) > len - 3)
+	if (strlen(buf) > bufsize - 3)
 		return -1;
 	if (!tv.tv_sec && !tv.tv_usec) {
-		strncat(buf, ",", len);
+		strncat(buf, ",", bufsize - strlen(buf) - 1);
 		return 0;
 	}
 	localtime_r(&t,&tm);
 	strftime(tmp, sizeof(tmp), DATE_FORMAT, &tm);
-	return append_string(buf, tmp, len);
+	return append_string(buf, tmp, bufsize);
 }
 
-static int build_csv_record(char *buf, int len, struct ast_cdr *cdr)
+static int build_csv_record(char *buf, size_t bufsize, struct ast_cdr *cdr)
 {
 
 	buf[0] = '\0';
 	/* Account code */
-	append_string(buf, cdr->accountcode, len);
+	append_string(buf, cdr->accountcode, bufsize);
 	/* Source */
-	append_string(buf, cdr->src, len);
+	append_string(buf, cdr->src, bufsize);
 	/* Destination */
-	append_string(buf, cdr->dst, len);
+	append_string(buf, cdr->dst, bufsize);
 	/* Destination context */
-	append_string(buf, cdr->dcontext, len);
+	append_string(buf, cdr->dcontext, bufsize);
 	/* Caller*ID */
-	append_string(buf, cdr->clid, len);
+	append_string(buf, cdr->clid, bufsize);
 	/* Channel */
-	append_string(buf, cdr->channel, len);
+	append_string(buf, cdr->channel, bufsize);
 	/* Destination Channel */
-	append_string(buf, cdr->dstchannel, len);
+	append_string(buf, cdr->dstchannel, bufsize);
 	/* Last Application */
-	append_string(buf, cdr->lastapp, len);
+	append_string(buf, cdr->lastapp, bufsize);
 	/* Last Data */
-	append_string(buf, cdr->lastdata, len);
+	append_string(buf, cdr->lastdata, bufsize);
 	/* Start Time */
-	append_date(buf, cdr->start, len);
+	append_date(buf, cdr->start, bufsize);
 	/* Answer Time */
-	append_date(buf, cdr->answer, len);
+	append_date(buf, cdr->answer, bufsize);
 	/* End Time */
-	append_date(buf, cdr->end, len);
+	append_date(buf, cdr->end, bufsize);
 	/* Duration */
-	append_int(buf, cdr->duration, len);
+	append_int(buf, cdr->duration, bufsize);
 	/* Billable seconds */
-	append_int(buf, cdr->billsec, len);
+	append_int(buf, cdr->billsec, bufsize);
 	/* Disposition */
-	append_string(buf, ast_cdr_disp2str(cdr->disposition), len);
+	append_string(buf, ast_cdr_disp2str(cdr->disposition), bufsize);
 	/* AMA Flags */
-	append_string(buf, ast_cdr_flags2str(cdr->amaflags), len);
+	append_string(buf, ast_cdr_flags2str(cdr->amaflags), bufsize);
 
 #ifdef CSV_LOGUNIQUEID
 	/* Unique ID */
-	append_string(buf, cdr->uniqueid, len);
+	append_string(buf, cdr->uniqueid, bufsize);
 #endif
 #ifdef CSV_LOGUSERFIELD
 	/* append the user field */
-	append_string(buf, cdr->userfield,len);	
+	append_string(buf, cdr->userfield,bufsize);	
 #endif
 	/* If we hit the end of our buffer, log an error */
-	if (strlen(buf) < len - 5) {
+	if (strlen(buf) < bufsize - 5) {
 		/* Trim off trailing comma */
 		buf[strlen(buf) - 1] = '\0';
-		strncat(buf, "\n", len);
+		strncat(buf, "\n", bufsize - strlen(buf) - 1);
 		return 0;
 	}
 	return -1;
@@ -205,7 +205,7 @@ static int csv_log(struct ast_cdr *cdr)
 	/* Make sure we have a big enough buf */
 	char buf[1024];
 	char csvmaster[AST_CONFIG_MAX_PATH];
-	snprintf((char *)csvmaster,sizeof(csvmaster)-1,"%s/%s/%s",(char *)ast_config_AST_LOG_DIR,CSV_LOG_DIR,CSV_MASTER);
+	snprintf(csvmaster, sizeof(csvmaster),"%s/%s/%s", ast_config_AST_LOG_DIR, CSV_LOG_DIR, CSV_MASTER);
 #if 0
 	printf("[CDR] %s ('%s' -> '%s') Dur: %ds Bill: %ds Disp: %s Flags: %s Account: [%s]\n", cdr->channel, cdr->src, cdr->dst, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), ast_cdr_flags2str(cdr->amaflags), cdr->accountcode);
 #endif
diff --git a/cdr/cdr_odbc.c b/cdr/cdr_odbc.c
index 6cfe62211..e52730f2e 100755
--- a/cdr/cdr_odbc.c
+++ b/cdr/cdr_odbc.c
@@ -56,25 +56,25 @@ static int odbc_log(struct ast_cdr *cdr)
 	short int ODBC_mlen;
 	int ODBC_res;
 	char ODBC_msg[200], ODBC_stat[10];
-	char sqlcmd[2048], timestr[128];
+	char sqlcmd[2048] = "", timestr[128];
 	int res = 0;
 	struct tm tm;
 
 	localtime_r(&cdr->start.tv_sec,&tm);
 
 	ast_mutex_lock(&odbc_lock);
-	strftime(timestr,128,DATE_FORMAT,&tm);
+	strftime(timestr, sizeof(timestr), DATE_FORMAT, &tm);
 	memset(sqlcmd,0,2048);
 	if((loguniqueid != NULL) && ((strcmp(loguniqueid, "1") == 0) || (strcmp(loguniqueid, "yes") == 0)))
 	{
-		sprintf(sqlcmd,"INSERT INTO cdr "
+		snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr "
 		"(calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,"
 		"lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) "
 		"VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
 	}
 	else
 	{
-		sprintf(sqlcmd,"INSERT INTO cdr "
+		snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr "
 		"(calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,"
 		"duration,billsec,disposition,amaflags,accountcode) "
 		"VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
@@ -264,8 +264,9 @@ static int odbc_load_module(void)
 		dsn = malloc(strlen(tmp) + 1);
 		if (dsn != NULL)
 		{
+			memset(dsn, 0, strlen(tmp) + 1);
 			dsn_alloc = 1;
-			strcpy(dsn,tmp);
+			strncpy(dsn, tmp, strlen(tmp));
 		}
 		else
 		{
@@ -285,8 +286,9 @@ static int odbc_load_module(void)
 		username = malloc(strlen(tmp) + 1);
 		if (username != NULL)
 		{
+			memset(username, 0, strlen(tmp) + 1);
 			username_alloc = 1;
-			strcpy(username,tmp);
+			strncpy(username, tmp, strlen(tmp));
 		}
 		else
 		{
@@ -306,8 +308,9 @@ static int odbc_load_module(void)
 		password = malloc(strlen(tmp) + 1);
 		if (password != NULL)
 		{
+			memset(password, 0, strlen(tmp) + 1);
 			password_alloc = 1;
-			strcpy(password,tmp);
+			strncpy(password, tmp, strlen(tmp));
 		}
 		else
 		{
diff --git a/cdr/cdr_pgsql.c b/cdr/cdr_pgsql.c
index 902136c04..15a5f0efc 100755
--- a/cdr/cdr_pgsql.c
+++ b/cdr/cdr_pgsql.c
@@ -49,15 +49,13 @@ PGresult	*result;
 static int pgsql_log(struct ast_cdr *cdr)
 {
 	struct tm tm;
-	char sqlcmd[2048], timestr[128];
+	char sqlcmd[2048] = "", timestr[128];
 	char *pgerror;
 
 	ast_mutex_lock(&pgsql_lock);
 
-	memset(sqlcmd,0,2048);
-
 	localtime_r(&cdr->start.tv_sec,&tm);
-	strftime(timestr,128,DATE_FORMAT,&tm);
+	strftime(timestr, sizeof(timestr), DATE_FORMAT, &tm);
 
 	if ((!connected) && pghostname && pgdbuser && pgpassword && pgdbname) {
 		conn = PQsetdbLogin(pghostname, pgdbport, NULL, NULL, pgdbname, pgdbuser, pgpassword);
@@ -101,7 +99,7 @@ static int pgsql_log(struct ast_cdr *cdr)
 
 		ast_log(LOG_DEBUG,"cdr_pgsql: inserting a CDR record.\n");
 
-		sprintf(sqlcmd,"INSERT INTO cdr (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')",timestr,clid,cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata,cdr->duration,cdr->billsec,ast_cdr_disp2str(cdr->disposition),cdr->amaflags, cdr->accountcode, uniqueid, userfield);
+		snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')",timestr,clid,cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata,cdr->duration,cdr->billsec,ast_cdr_disp2str(cdr->disposition),cdr->amaflags, cdr->accountcode, uniqueid, userfield);
 		ast_log(LOG_DEBUG,"cdr_pgsql: SQL command executed:  %s\n",sqlcmd);
 	
 		/* Test to be sure we're still connected... */
@@ -204,8 +202,9 @@ static int my_load_module(void)
 	if (tmp) {
 		pghostname = malloc(strlen(tmp) + 1);
 		if (pghostname != NULL) {
+			memset(pghostname, 0, strlen(tmp) + 1);
 			hostname_alloc = 1;
-			strcpy(pghostname,tmp);
+			strncpy(pghostname, tmp, strlen(tmp));
 		} else {
 			ast_log(LOG_ERROR,"Out of memory error.\n");
 			return -1;
@@ -219,8 +218,9 @@ static int my_load_module(void)
 	if (tmp) {
 		pgdbname = malloc(strlen(tmp) + 1);
 		if (pgdbname != NULL) {
+			memset(pgdbname, 0, strlen(tmp) + 1);
 			dbname_alloc = 1;
-			strcpy(pgdbname,tmp);
+			strncpy(pgdbname, tmp, strlen(tmp));
 		} else {
 			ast_log(LOG_ERROR,"Out of memory error.\n");
 			return -1;
@@ -234,8 +234,9 @@ static int my_load_module(void)
 	if (tmp) {
 		pgdbuser = malloc(strlen(tmp) + 1);
 		if (pgdbuser != NULL) {
+			memset(pgdbuser, 0, strlen(tmp) + 1);
 			dbuser_alloc = 1;
-			strcpy(pgdbuser,tmp);
+			strncpy(pgdbuser, tmp, strlen(tmp));
 		} else {
 			ast_log(LOG_ERROR,"Out of memory error.\n");
 			return -1;
@@ -249,8 +250,9 @@ static int my_load_module(void)
 	if (tmp) {
 		pgpassword = malloc(strlen(tmp) + 1);
 		if (pgpassword != NULL) {
+			memset(pgpassword, 0, strlen(tmp) + 1);
 			password_alloc = 1;
-			strcpy(pgpassword,tmp);
+			strncpy(pgpassword, tmp, strlen(tmp));
 		} else {
 			ast_log(LOG_ERROR,"Out of memory error.\n");
 			return -1;
@@ -264,8 +266,9 @@ static int my_load_module(void)
 	if (tmp) {
 		pgdbport = malloc(strlen(tmp) + 1);
 		if (pgdbport != NULL) {
+			memset(pgdbport, 0, strlen(tmp) + 1);
 			dbport_alloc = 1;
-			strcpy(pgdbport,tmp);
+			strncpy(pgdbport, tmp, strlen(tmp));
 		} else {
 			ast_log(LOG_ERROR,"Out of memory error.\n");
 			return -1;
diff --git a/cdr/cdr_sqlite.c b/cdr/cdr_sqlite.c
index b63273263..adfc81b53 100755
--- a/cdr/cdr_sqlite.c
+++ b/cdr/cdr_sqlite.c
@@ -162,7 +162,7 @@ int load_module(void)
 	int res;
 
 	/* is the database there? */
-	snprintf((char *)fn,sizeof(fn)-1,"%s/cdr.db",(char *)ast_config_AST_LOG_DIR);
+	snprintf(fn, sizeof(fn), "%s/cdr.db", ast_config_AST_LOG_DIR);
 	db = sqlite_open(fn, 0660, &zErr);
 	if (!db) {
 		ast_log(LOG_ERROR, "cdr_sqlite: %s\n", zErr);
author	markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b>	2004-07-14 13:57:15 +0000
committer	markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b>	2004-07-14 13:57:15 +0000
commit	5d8654361451b217b1fc604f449554e74a11b70b (patch)
tree	30a1118273807f5c6ba0e3ca611ab0c6a160fa3b /cdr
parent	3aea726c3943cf31d2d90c194d1e126891b1481d (diff)