From 677eb18d202d100871dd6b08a18db9dba314ed3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stig=20Bj=C3=B8rlykke?= Date: Sat, 2 Feb 2008 17:25:40 +0000 Subject: Rewrote some prohibited APIs in epan/dissectors/ (sprintf, strcpy, strcat). If we get some truncated strings we probably overwrote some buffers... svn path=/trunk/; revision=24249 --- epan/dissectors/packet-nbns.c | 39 +++++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 18 deletions(-) (limited to 'epan/dissectors/packet-nbns.c') diff --git a/epan/dissectors/packet-nbns.c b/epan/dissectors/packet-nbns.c index 791874b020..1895f431bd 100644 --- a/epan/dissectors/packet-nbns.c +++ b/epan/dissectors/packet-nbns.c @@ -465,11 +465,11 @@ nbns_add_nbns_flags(column_info *cinfo, proto_tree *nbns_tree, tvbuff_t *tvb, in opcode = (guint16) ((flags & F_OPCODE) >> OPCODE_SHIFT); g_snprintf(buf, MAX_BUF_SIZE, "%s", val_to_str(opcode, opcode_vals, "Unknown operation")); if (flags & F_RESPONSE && !is_wack) { - strcat(buf, " response"); - strcat(buf, ", "); - strcat(buf, val_to_str(flags & F_RCODE, rcode_vals, - "Unknown error")); - + strncat(buf, " response", MAX_BUF_SIZE - strlen(buf)); + strncat(buf, ", ", MAX_BUF_SIZE - strlen(buf)); + strncat(buf, val_to_str(flags & F_RCODE, rcode_vals, + "Unknown error"), MAX_BUF_SIZE - strlen(buf)); + buf[MAX_BUF_SIZE-1] = '\0'; if ((flags & F_RCODE) && check_col(cinfo, COL_INFO)) col_append_fstr(cinfo, COL_INFO, ", %s", val_to_str(flags & F_RCODE, rcode_vals, @@ -519,11 +519,12 @@ nbns_add_nb_flags(proto_tree *rr_tree, tvbuff_t *tvb, int offset, gushort flags) buf=ep_alloc(MAX_BUF_SIZE); g_snprintf(buf, MAX_BUF_SIZE, "%s", val_to_str(flags & NB_FLAGS_ONT, nb_flags_ont_vals, "Unknown")); - strcat(buf, ", "); + strncat(buf, ", ", MAX_BUF_SIZE - strlen(buf)); if (flags & NB_FLAGS_G) - strcat(buf, "group"); + strncat(buf, "group", MAX_BUF_SIZE - strlen(buf)); else - strcat(buf, "unique"); + strncat(buf, "unique", MAX_BUF_SIZE - strlen(buf)); + buf[MAX_BUF_SIZE-1] = '\0'; tf = proto_tree_add_text(rr_tree, tvb, offset, 2, "Flags: 0x%x (%s)", flags, buf); field_tree = proto_item_add_subtree(tf, ett_nbns_nb_flags); @@ -554,19 +555,20 @@ nbns_add_name_flags(proto_tree *rr_tree, tvbuff_t *tvb, int offset, buf=ep_alloc(MAX_BUF_SIZE); g_snprintf(buf, MAX_BUF_SIZE, "%s", val_to_str(flags & NAME_FLAGS_ONT, name_flags_ont_vals, "Unknown")); - strcat(buf, ", "); + strncat(buf, ", ", MAX_BUF_SIZE - strlen(buf)); if (flags & NAME_FLAGS_G) - strcat(buf, "group"); + strncat(buf, "group", MAX_BUF_SIZE - strlen(buf)); else - strcat(buf, "unique"); + strncat(buf, "unique", MAX_BUF_SIZE - strlen(buf)); if (flags & NAME_FLAGS_DRG) - strcat(buf, ", being deregistered"); + strncat(buf, ", being deregistered", MAX_BUF_SIZE - strlen(buf)); if (flags & NAME_FLAGS_CNF) - strcat(buf, ", in conflict"); + strncat(buf, ", in conflict", MAX_BUF_SIZE - strlen(buf)); if (flags & NAME_FLAGS_ACT) - strcat(buf, ", active"); + strncat(buf, ", active", MAX_BUF_SIZE - strlen(buf)); if (flags & NAME_FLAGS_PRM) - strcat(buf, ", permanent node name"); + strncat(buf, ", permanent node name", MAX_BUF_SIZE - strlen(buf)); + buf[MAX_BUF_SIZE-1] = '\0'; tf = proto_tree_add_text(rr_tree, tvb, offset, 2, "Name flags: 0x%x (%s)", flags, buf); field_tree = proto_item_add_subtree(tf, ett_nbns_name_flags); @@ -664,9 +666,10 @@ dissect_nbns_answer(tvbuff_t *tvb, int offset, int nbns_data_offset, (data_offset - data_start) + data_len, "%s: type %s, class %s", name, type_name, class_name); - strcat(name, " ("); - strcat(name, netbios_name_type_descr(name_type)); - strcat(name, ")"); + strncat(name, " (", MAX_NAME_LEN - strlen(name)); + strncat(name, netbios_name_type_descr(name_type), MAX_NAME_LEN - strlen(name)); + strncat(name, ")", MAX_NAME_LEN - strlen(name)); + name[MAX_NAME_LEN-1] = '\0'; rr_tree = add_rr_to_tree(trr, ett_nbns_rr, tvb, offset, name, name_len, type_name, dns_class_name(class), ttl, data_len); while (data_len > 0) { -- cgit v1.2.3