diff -ruN faxd/ClassModem.c++.orig faxd/ClassModem.c++ --- faxd/ClassModem.c++.orig Sun Jun 13 00:41:02 1999 +++ faxd/ClassModem.c++ Mon Jun 12 21:52:37 2000 @@ -169,7 +169,7 @@ { protoTrace("DIAL %s", number); char buf[256]; - sprintf(buf, (const char*) conf.dialCmd, number); + snprintf(buf, sizeof(buf), (const char*) conf.dialCmd, number); emsg = ""; CallStatus cs = (atCmd(buf, AT_NOTHING) ? dialResponse(emsg) : FAILURE); if (cs != OK && emsg == "") diff -ruN faxd/FaxMachineLog.c++.orig faxd/FaxMachineLog.c++ --- faxd/FaxMachineLog.c++.orig Mon Oct 12 13:47:49 1998 +++ faxd/FaxMachineLog.c++ Mon Jun 12 21:52:37 2000 @@ -75,9 +75,13 @@ int oerrno = errno; // save errno on entry char buf[16*1024]; timeval tv; + int len; + (void) gettimeofday(&tv, 0); strftime(buf, sizeof (buf), "%h %d %T", localtime((time_t*) &tv.tv_sec)); - sprintf(buf+strlen(buf), ".%02u: [%5d]: ", tv.tv_usec / 10000, pid); + len = strlen(buf); + snprintf(buf+len, sizeof(buf) - len, ".%02u: [%5d]: ", + tv.tv_usec / 10000, pid); /* * Copy format string into a local buffer so * that we can substitute for %m, a la syslog. @@ -96,6 +100,7 @@ fmt.put(fp[0]); } fmt.put('\n'); fmt.put('\0'); - vsprintf(buf+strlen(buf), (const char*) fmt, ap); + len = strlen(buf); + vsnprintf(buf+len, sizeof(buf) - len, (const char*) fmt, ap); (void) Sys::write(fd, buf, strlen(buf)); } diff -ruN faxd/FaxRecv.c++.orig faxd/FaxRecv.c++ --- faxd/FaxRecv.c++.orig Sun Jun 13 00:41:03 1999 +++ faxd/FaxRecv.c++ Mon Jun 12 21:52:37 2000 @@ -139,7 +139,7 @@ * number file to reflect the allocation. */ (void) flock(ftmp, LOCK_EX|LOCK_NB); - sprintf(line, "%u", seqnum); + snprintf(line, sizeof(line), "%u", seqnum); (void) lseek(fseqf, 0, SEEK_SET); if (Sys::write(fseqf, line, strlen(line)) != strlen(line) || ftruncate(fseqf,strlen(line))) { diff -ruN faxd/FaxRequest.c++.orig faxd/FaxRequest.c++ --- faxd/FaxRequest.c++.orig Sun Jun 13 00:41:03 1999 +++ faxd/FaxRequest.c++ Mon Jun 12 21:52:38 2000 @@ -679,7 +679,8 @@ FaxRequest::error(const char* fmt0 ...) { char fmt[128]; - sprintf(fmt, "%s: line %u: %s", (const char*) qfile, (u_int) lineno, fmt0); + snprintf(fmt, sizeof(fmt), "%s: line %u: %s", (const char*) qfile, + (u_int) lineno, fmt0); va_list ap; va_start(ap, fmt0); vlogError(fmt, ap); diff -ruN faxd/Getty.c++.orig faxd/Getty.c++ --- faxd/Getty.c++.orig Sun Jun 13 00:41:03 1999 +++ faxd/Getty.c++ Mon Jun 12 21:54:22 2000 @@ -218,7 +218,7 @@ // NB: this is executed in the parent fxStr device = fxStr::format("%s/" | line, _PATH_DEV); Sys::chown(device, UUCPLock::getUUCPUid(), UUCPLock::getUUCPGid()); - Sys::chmod(device, 0600); // reset protection + Sys::chmod(device, 0660); // reset protection } extern void vlogError(const char* fmt, va_list ap); diff -ruN faxd/ModemServer.c++.orig faxd/ModemServer.c++ --- faxd/ModemServer.c++.orig Sun Jun 13 00:41:04 1999 +++ faxd/ModemServer.c++ Mon Jun 12 21:52:38 2000 @@ -324,7 +324,7 @@ if (seteuid(0) >= 0) { // must be done as root const SchedInfo& si = schedInfo[s]; pcinfo_t pcinfo; - strcpy(pcinfo.pc_clname, si.clname); + strlcpy(pcinfo.pc_clname, si.clname, sizeof(pcinfo.pc_clname)); if (priocntl((idtype_t)0, 0, PC_GETCID, (caddr_t)&pcinfo) >= 0) { pcparms_t pcparms; pcparms.pc_cid = pcinfo.pc_cid; @@ -604,7 +604,7 @@ } while (ftmp < 0 && errno == EEXIST && --ntry >= 0); umask(omask); if (ftmp >= 0) { - sprintf(line, "%u", seqnum); + snprintf(line, sizeof(line), "%u", seqnum); (void) lseek(fseqf, 0, SEEK_SET); if (Sys::write(fseqf, line, strlen(line)) != strlen(line) || ftruncate(fseqf,strlen(line))) @@ -806,7 +806,7 @@ va_list ap; va_start(ap, fmt0); char fmt[256]; - sprintf(fmt, "MODEM %s", fmt0); + snprintf(fmt, sizeof(fmt), "MODEM %s", fmt0); vtraceStatus(FAXTRACE_MODEMOPS, fmt, ap); va_end(ap); } diff -ruN faxd/ServerConfig.c++.orig faxd/ServerConfig.c++ --- faxd/ServerConfig.c++.orig Sun Jun 13 00:41:04 1999 +++ faxd/ServerConfig.c++ Mon Jun 12 21:52:38 2000 @@ -373,9 +373,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -384,9 +384,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogWarning(fmt, ap); } diff -ruN faxd/UUCPLock.c++.orig faxd/UUCPLock.c++ --- faxd/UUCPLock.c++.orig Sun Jun 13 00:41:05 1999 +++ faxd/UUCPLock.c++ Mon Jun 12 21:56:52 2000 @@ -37,6 +37,7 @@ } #endif #include +#include /* * UUCP Device Locking Support. @@ -148,6 +149,13 @@ UUCPuid = pwd->pw_uid; UUCPgid = pwd->pw_gid; endpwent(); // paranoia + + + const group *grp = getgrnam("dialer"); + if (!grp) + faxApp::fatal("Can not deduce identity of DIALER"); + UUCPgid = grp->gr_gid; + endgrent(); // paranoia } } uid_t UUCPLock::getUUCPUid() { setupIDs(); return UUCPuid; } diff -ruN faxd/faxApp.c++.orig faxd/faxApp.c++ --- faxd/faxApp.c++.orig Sun Jun 13 00:41:05 1999 +++ faxd/faxApp.c++ Mon Jun 12 21:52:39 2000 @@ -231,7 +231,7 @@ logError("fcntl: %m"); } char msg[4096]; - vsprintf(msg, fmt, ap); + vsnprintf(msg, sizeof(msg), fmt, ap); u_int len = strlen(msg)+1; if (Sys::write(faxqfifo, msg, len) != len) { if (errno == EBADF || errno == EPIPE) // reader expired @@ -263,7 +263,7 @@ faxApp::sendModemStatus(const char* devid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "+%s:%s", devid, fmt0); + snprintf(fmt, sizeof(fmt), "+%s:%s", devid, fmt0); va_list ap; va_start(ap, fmt0); bool ok = vsendQueuer(fmt, ap); @@ -278,7 +278,7 @@ faxApp::sendJobStatus(const char* jobid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "*%s:%s", jobid, fmt0); + snprintf(fmt, sizeof(fmt), "*%s:%s", jobid, fmt0); va_list ap; va_start(ap, fmt0); bool ok = vsendQueuer(fmt, ap); @@ -293,7 +293,7 @@ faxApp::sendRecvStatus(const char* devid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "@%s:%s", devid, fmt0); + snprintf(fmt, sizeof(fmt), "@%s:%s", devid, fmt0); va_list ap; va_start(ap, fmt0); bool ok = vsendQueuer(fmt, ap); diff -ruN faxd/faxQueueApp.c++.orig faxd/faxQueueApp.c++ --- faxd/faxQueueApp.c++.orig Sat Jul 10 07:23:05 1999 +++ faxd/faxQueueApp.c++ Mon Jun 12 21:52:39 2000 @@ -971,10 +971,10 @@ * -m max pages to generate * -1|-2 1d or 2d encoding */ - char rbuf[20]; sprintf(rbuf, "%u", params.verticalRes()); - char wbuf[20]; sprintf(wbuf, "%u", params.pageWidth()); - char lbuf[20]; sprintf(lbuf, "%d", params.pageLength()); - char mbuf[20]; sprintf(mbuf, "%u", dci.getMaxSendPages()); + char rbuf[20]; snprintf(rbuf, sizeof(rbuf), "%u", params.verticalRes()); + char wbuf[20]; snprintf(wbuf, sizeof(wbuf), "%u", params.pageWidth()); + char lbuf[20]; snprintf(lbuf, sizeof(lbuf), "%d", params.pageLength()); + char mbuf[20]; snprintf(mbuf, sizeof(mbuf), "%u", dci.getMaxSendPages()); const char* argv[30]; int ac = 0; switch (req.op) { @@ -2726,9 +2726,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -2737,9 +2737,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0); vlogWarning(fmt, ap); } diff -ruN faxd/trigtest.c++.orig faxd/trigtest.c++ --- faxd/trigtest.c++.orig Sun Jun 13 00:41:08 1999 +++ faxd/trigtest.c++ Mon Jun 12 21:52:39 2000 @@ -296,7 +296,7 @@ int fd, n; char msg[256]; - sprintf(fifoName, "client/%u", getpid()); + snprintf(fifoName, sizeof(fifoname), "client/%u", getpid()); if (Sys::mkfifo(fifoName, 0666) < 0 && errno != EEXIST) { perror("mkfifo"); exit(-1); @@ -309,7 +309,7 @@ unlink(fifoName); exit(-1); } - sprintf(msg, "T%s:N%s", fifoName, trigger); + snprintf(msg, sizeof(msg), "T%s:N%s", fifoName, trigger); send(msg, strlen(msg)+1); for (;;) { FD_ZERO(&rd);