Репозитории ALT
Группа :: Мониторинг
Пакет: mtr
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: mtr-0.80-alt-bound.patch
Скачать
Скачать
diff --git mtr/curses.c mtr/curses.c
index 880d85f..de34113 100644
--- mtr/curses.c
+++ mtr/curses.c
@@ -328,12 +328,15 @@ void mtr_curses_hosts(int startstat)
/* temporay hack for stats usec to ms... */
if( index( data_fields[j].format, 'f' ) ) {
- sprintf(buf + hd_len, data_fields[j].format,
+ snprintf(buf + hd_len, sizeof(buf) - hd_len, data_fields[j].format,
data_fields[j].net_xxx(at) /1000.0 );
} else {
- sprintf(buf + hd_len, data_fields[j].format,
+ snprintf(buf + hd_len, sizeof(buf) - hd_len, data_fields[j].format,
data_fields[j].net_xxx(at) );
}
+
+ if(hd_len + data_fields[j].length > sizeof(buf)) break;
+
hd_len += data_fields[j].length;
}
buf[hd_len] = 0;
@@ -537,7 +540,10 @@ void mtr_curses_redraw(void)
if (j < 0) continue;
sprintf( fmt, "%%%ds", data_fields[j].length );
- sprintf( buf + hd_len, fmt, data_fields[j].title );
+ snprintf( buf + hd_len, sizeof(buf) - hd_len, fmt, data_fields[j].title );
+
+ if(hd_len + data_fields[j].length > sizeof(buf)) break;
+
hd_len += data_fields[j].length;
}
attron(A_BOLD);
diff --git mtr/gtk.c mtr/gtk.c
index 9f893bd..fce9f84 100644
--- mtr/gtk.c
+++ mtr/gtk.c
@@ -463,7 +463,8 @@ void update_tree_row(int row, GtkTreeIter *iter)
if ( addrcmp( (void *) addr, (void *) &unspec_addr, af ) != 0 ) {
name = dns_lookup(addr);
if(!name) {
- sprintf(str, "%s", strlongip( addr ));
+ strncpy(str, strlongip( addr ), sizeof(str) - 1);
+ name[ (sizeof str) - 1 ] = '\0';
name = str;
}
}
diff --git mtr/report.c mtr/report.c
index 34ea114..4ecc1e1 100644
--- mtr/report.c
+++ mtr/report.c
@@ -76,7 +76,8 @@ void report_close(void)
strncpy( name, host->h_name, (sizeof name) - 1 );
name[ (sizeof name) - 1 ] = '\0';
} else {
- snprintf(name, sizeof(name), "%s", strlongip( addr ) );
+ strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+ name[ (sizeof name) - 1 ] = '\0';
}
if (len_hosts < strlen(name)) {
len_hosts = strlen(name);
@@ -93,7 +94,10 @@ void report_close(void)
if (j < 0) continue;
snprintf( fmt, sizeof(fmt), "%%%ds", data_fields[j].length );
- snprintf( buf + len, sizeof(buf), fmt, data_fields[j].title );
+ snprintf( buf + len, sizeof(buf) - len, fmt, data_fields[j].title );
+
+ if(len + data_fields[j].length > sizeof(buf)) break;
+
len += data_fields[j].length;
}
printf("%s\n",buf);
@@ -103,7 +107,7 @@ void report_close(void)
for(; at < max; at++) {
addr = net_addr(at);
if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
- sprintf(name, "???");
+ strcpy(name, "???");
} else {
host = dns ? addr2host( (void *) addr, af ) : NULL;
@@ -111,7 +115,8 @@ void report_close(void)
strncpy( name, host->h_name, (sizeof name) - 1 );
name[ (sizeof name) - 1 ] = '\0';
} else {
- snprintf(name, sizeof(name), "%s", strlongip( addr ) );
+ strncpy(name, strlongip( addr ), sizeof(name) );
+ name[ (sizeof name) - 1 ] = '\0';
}
}
@@ -124,12 +129,15 @@ void report_close(void)
/* 1000.0 is a temporay hack for stats usec to ms, impacted net_loss. */
if( index( data_fields[j].format, 'f' ) ) {
- snprintf( buf + len, sizeof(buf), data_fields[j].format,
+ snprintf( buf + len, sizeof(buf) - len, data_fields[j].format,
data_fields[j].net_xxx(at) /1000.0 );
} else {
- snprintf( buf + len, sizeof(buf), data_fields[j].format,
+ snprintf( buf + len, sizeof(buf) - len, data_fields[j].format,
data_fields[j].net_xxx(at) );
}
+
+ if(len + data_fields[j].length > sizeof(buf)) break;
+
len += data_fields[j].length;
}
printf("%s\n",buf);
@@ -205,7 +213,7 @@ void xml_close(void)
addr = net_addr(at);
if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
- sprintf(name, "???");
+ strcpy(name, "???");
} else {
host = dns ? addr2host( (void *) addr, af ) : NULL;
@@ -213,7 +221,8 @@ void xml_close(void)
strncpy( name, host->h_name, (sizeof name) - 1 );
name[ (sizeof name) - 1 ] = '\0';
} else {
- sprintf(name, "%s", strlongip( addr ) );
+ strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+ name[ (sizeof name) - 1 ] = '\0';
}
}
@@ -287,7 +296,7 @@ void csv_close(void)
addr = net_addr(at);
if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
- sprintf(name, "???");
+ strcpy(name, "???");
} else {
host = dns ? addr2host( (void *) addr, af ) : NULL;
@@ -295,7 +304,8 @@ void csv_close(void)
strncpy( name, host->h_name, (sizeof name) - 1 );
name[ (sizeof name) - 1 ] = '\0';
} else {
- sprintf(name, "%s", strlongip( addr ) );
+ strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+ name[ (sizeof name) - 1 ] = '\0';
}
}