[Fedora-directory-commits] ldapserver/ldap/servers/plugins/acl acldllmain.c, 1.4, 1.5 acllas.c, 1.5, 1.6
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/acl
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/servers/plugins/acl
Modified Files:
acldllmain.c acllas.c
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: acldllmain.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acldllmain.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- acldllmain.c 19 Apr 2005 22:07:28 -0000 1.4
+++ acldllmain.c 11 Apr 2006 02:14:38 -0000 1.5
@@ -136,6 +136,7 @@
va_list ap;
va_start (ap, fmt);
_snprintf (debugBuf, sizeof(debugBuf), fmt, ap);
+ debugBuf[sizeof(debugBuf)-1] = 0;
va_end (ap);
OutputDebugString (debugBuf);
Index: acllas.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acllas.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- acllas.c 19 Apr 2005 22:07:28 -0000 1.5
+++ acllas.c 11 Apr 2006 02:14:38 -0000 1.6
@@ -1436,10 +1436,11 @@
if ( idx < 0 )
{
sprintf ( buf, "\nuserDN=\"%s\"\nmember=", info->userDN);
- if (info->member)
+ if (info->member && *info->member)
{
len = strlen (buf);
- sprintf ( &(buf[len]), "\"%s\"", info->member );
+ /* member is a char ** */
+ sprintf ( &(buf[len]), "\"%s\"", *info->member );
}
len = strlen (buf);
sprintf ( &(buf[len]), "\nmemberinfo[%d]-[%d]:", info->c_idx, info->lu_idx );
18 years
[Fedora-directory-commits] ldapserver/ldap/clients/orgchart wrapper.c, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/clients/orgchart
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/clients/orgchart
Modified Files:
wrapper.c
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: wrapper.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/orgchart/wrapper.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- wrapper.c 19 Apr 2005 22:07:20 -0000 1.4
+++ wrapper.c 11 Apr 2006 02:14:33 -0000 1.5
@@ -62,7 +62,7 @@
#define PATH_MAX 512
#endif
-char *get_perl_file(char *);
+char *get_perl_file(char *, size_t);
/*
@@ -77,7 +77,7 @@
printf("Content-type:text/html;charset=UTF-8\n\n<html>Hi\n");
- get_perl_file(script);
+ get_perl_file(script, sizeof(script)-1);
if (strchr(script, '/') != NULL || strchr(script, '\\') != NULL) {
printf("Paths not allowed. Filenames only.\n");
@@ -94,10 +94,11 @@
}
char *
-get_perl_file(char *script) {
+get_perl_file(char *script, size_t scriptsize) {
char *qs = getenv("QUERY_STRING");
char *p1 = NULL;
char *p2 = NULL;
+ size_t maxsize;
if (qs == NULL || *qs == '\0') {
printf("No QUERY_STRING found\n");
@@ -113,6 +114,8 @@
for (p2 = p1; *p2 != '\0' && *p2 != '&'; p2++);
- strncpy(script, p1, p2-p1);
- script[p2-p1] = '\0';
+ maxsize = (scriptsize < (p2-p1)) ? scriptsize : (p2-p1);
+
+ PL_strncpyz(script, p1, maxsize);
+ script[maxsize] = '\0';
}
18 years
[Fedora-directory-commits] ldapserver/ldap/clients/dsgw cgiutil.c, 1.6, 1.7 ckdel.c, 1.4, 1.5 ckdump.c, 1.4, 1.5 ckget.c, 1.4, 1.5 ckpurge.c, 1.4, 1.5 ckput.c, 1.4, 1.5 config.c, 1.5, 1.6 cookie.c, 1.5, 1.6 dbtdsgw.h, 1.4, 1.5 domodify.c, 1.5, 1.6 dsexpldif.c, 1.4, 1.5 dsgw.h, 1.6, 1.7 dsgwutil.c, 1.5, 1.6 dsimpldif.c, 1.4, 1.5 emitf.c, 1.4, 1.5 entrydisplay.c, 1.5, 1.6 htmlparse.c, 1.4, 1.5 ldaputil.c, 1.4, 1.5 templateindex.c, 1.4, 1.5 tutor.c, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/clients/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/clients/dsgw
Modified Files:
cgiutil.c ckdel.c ckdump.c ckget.c ckpurge.c ckput.c config.c
cookie.c dbtdsgw.h domodify.c dsexpldif.c dsgw.h dsgwutil.c
dsimpldif.c emitf.c entrydisplay.c htmlparse.c ldaputil.c
templateindex.c tutor.c
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: cgiutil.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/cgiutil.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- cgiutil.c 4 May 2005 16:37:27 -0000 1.6
+++ cgiutil.c 11 Apr 2006 02:14:32 -0000 1.7
@@ -236,7 +236,7 @@
if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) {
char errbuf[ 256 ];
- PR_snprintf( errbuf, 256,
+ PR_snprintf( errbuf, sizeof(errbuf),
XP_GetClientStr(DBT_missingFormDataElement100s_), varname );
dsgw_error( DSGW_ERR_BADFORMDATA, errbuf, DSGW_ERROPT_EXIT, 0, NULL );
}
@@ -325,21 +325,24 @@
vars++;
ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1));
-
- x=0;
- /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */
- tmp = strtok(in, "&");
- ans[x]=dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
-
- while((tmp = strtok(NULL, "&"))) {
- if ( strchr( tmp, '=' ) == NULL ) {
- break;
+ if (ans) {
+ x=0;
+ /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */
+ tmp = strtok(in, "&");
+ if (tmp && *tmp && strchr(tmp, '=')) {
+ ans[x]=dsgw_ch_strdup(tmp);
+ dsgw_form_unescape(ans[x++]);
+
+ while((x <= vars) && (tmp = strtok(NULL, "&"))) {
+ if ( strchr( tmp, '=' ) == NULL ) {
+ break;
+ }
+ ans[x] = dsgw_ch_strdup(tmp);
+ dsgw_form_unescape(ans[x++]);
+ }
+ }
+ ans[x] = NULL;
}
- ans[x] = dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
- }
- ans[x] = NULL;
return(ans);
}
Index: ckdel.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckdel.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ckdel.c 19 Apr 2005 22:07:01 -0000 1.4
+++ ckdel.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -45,12 +45,16 @@
main( int argc, char **argv)
{
char cookie[ 512 ];
+ char *ptr;
int rc;
printf( "Remove an entry to the cookie database\n" );
printf( "cookie: " );
- gets( cookie );
+ fgets( cookie, sizeof(cookie), stdin );
+ if (ptr = strchr(cookie, '\n')) {
+ *ptr = 0;
+ }
rc = dsgw_delcookie( cookie );
if ( rc == 0 ) {
Index: ckdump.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckdump.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ckdump.c 19 Apr 2005 22:07:01 -0000 1.4
+++ ckdump.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -44,12 +44,6 @@
main()
{
- char *p;
- time_t expires;
- char dn[ 512 ];
- char pw[ 512 ];
- char expsec[ 512 ];
-
#ifdef notdef /* this was some testing code... */
{
char *ck, *r, *d, *p;
Index: ckget.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckget.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ckget.c 19 Apr 2005 22:07:01 -0000 1.4
+++ ckget.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -55,9 +55,15 @@
printf( "Retrieve an entry from the cookie database\n" );
printf( "cookie: " );
- gets( cookie );
+ fgets( cookie, sizeof(cookie), stdin );
+ if (p = strchr(cookie, '\n')) {
+ *p = 0;
+ }
printf( "dn: " );
- gets( dn );
+ fgets( dn, sizeof(dn), stdin );
+ if (p = strchr(dn, '\n')) {
+ *p = 0;
+ }
rc = dsgw_ckdn2passwd( cookie, dn, &pw );
if ( rc == 0 ) {
Index: ckpurge.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckpurge.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ckpurge.c 19 Apr 2005 22:07:01 -0000 1.4
+++ ckpurge.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -44,11 +44,6 @@
main()
{
- char *p;
- time_t expires;
- char dn[ 512 ];
- char pw[ 512 ];
- char expsec[ 512 ];
int np = 0;
time_t last;
FILE *fp;
Index: ckput.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ckput.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ckput.c 19 Apr 2005 22:07:01 -0000 1.4
+++ ckput.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -59,17 +59,18 @@
SEC_RNGInit();
SEC_SystemInfoForRNG();
+ dn[0] = pw[0] = lifesec[0] = 0;
if ( argc > 1 ) {
while (( c = getopt( argc, argv, "d:l:p:" )) != EOF ) {
switch ( c ) {
case 'd':
- strcpy( dn, optarg );
+ PL_strncpyz( dn, optarg, sizeof(dn) );
break;
case 'l':
- strcpy( lifesec, optarg );
+ PL_strncpyz( lifesec, optarg, sizeof(lifesec) );
break;
case 'p':
- strcpy( pw, optarg );
+ PL_strncpyz( pw, optarg, sizeof(pw) );
break;
}
}
@@ -77,11 +78,20 @@
if ( strlen( dn ) == 0 || strlen( pw ) == 0 || strlen( lifesec ) == 0 ) {
printf( "dn: " );
- gets( dn );
+ fgets( dn, sizeof(dn), stdin );
+ if (p = strchr(dn, '\n')) {
+ *p = 0;
+ }
printf( "passwd: " );
- gets( pw );
+ fgets( pw, sizeof(pw), stdin );
+ if (p = strchr(pw, '\n')) {
+ *p = 0;
+ }
printf( "expires in how many seconds? " );
- gets( lifesec );
+ fgets( lifesec, sizeof(lifesec), stdin );
+ if (p = strchr(lifesec, '\n')) {
+ *p = 0;
+ }
}
lifetime = atol( lifesec );
Index: config.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/config.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- config.c 19 Apr 2005 22:07:02 -0000 1.5
+++ config.c 11 Apr 2006 02:14:32 -0000 1.6
@@ -298,22 +298,6 @@
read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 );
free( fname );
-#if 0
- /* if necessary, try to set path to certificate database */
-#ifndef DSGW_NO_SSL
- if ( gc->gc_ldapssl && gc->gc_securitypath == NULL ) {
- if ( gc->gc_admserv ) {
- if (( p = get_nsadm_var( "CertFile" )) != NULL ) {
- gc->gc_securitypath = dsgw_ch_malloc( strlen( p ) + 4 );
- sprintf( gc->gc_securitypath, "%s.db", p );
- }
- } else {
- gc->gc_securitypath = DSGW_DEFSECURITYPATH;
- }
- }
-#endif
-#endif
-
if ( browser_ignores_acceptcharset() ) {
set_dsgwcharset();
} else {
@@ -379,7 +363,7 @@
if ( strstr( filename, "dsgw-l10n.conf" ) != NULL ) {
return; /* ignore if it's dsgw-l10n.conf */
}
- PR_snprintf( buf, MAXPATHLEN + 100,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_cannotOpenConfigFileSN_), filename );
dsgw_error( DSGW_ERR_BADCONFIG, buf, DSGW_ERROPT_EXIT, 0, NULL );
}
@@ -978,7 +962,7 @@
return;
}
- PR_snprintf( tmpldif, 128, "%s.tmp", ldif);
+ PR_snprintf( tmpldif, sizeof(tmpldif), "%s.tmp", ldif);
if ( (newfp = fopen( tmpldif, "w" )) == NULL ) {
dsgw_emitf (XP_GetClientStr(DBT_AppSuffixCouldNotOpenTmpFileSN_),
ldif);
@@ -1199,7 +1183,7 @@
}
/* read old dbswitch.conf contents */
- PR_snprintf( oldfname, MAXPATHLEN, "%s/%s", userdb_path,
+ PR_snprintf( oldfname, sizeof(oldfname), "%s/%s", userdb_path,
DSGW_DBSWITCH_FILE );
if (( rc = dbconf_read_config_file( oldfname, &cip )) != LDAPU_SUCCESS ) {
report_ldapu_error( rc, DSGW_ERR_BADCONFIG, erropts );
@@ -1207,10 +1191,10 @@
}
/* write db info to new file, replacing information for "dbhandle" */
- PR_snprintf( newfname, MAXPATHLEN, "%s/%s", userdb_path,
+ PR_snprintf( newfname, sizeof(newfname), "%s/%s", userdb_path,
DSGW_DBSWITCH_TMPFILE );
if (( newfp = fopen( newfname, "w" )) == NULL ) {
- PR_snprintf( buf, MAXPATHLEN + 100,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_cannotOpenConfigFileSForWritingN_), newfname );
dsgw_error( DSGW_ERR_UPDATE_DBSWITCH, buf, erropts, 0, NULL );
return( -1 );
@@ -1693,7 +1677,7 @@
for ( token = strtok_quote( line, " \t" ); token != NULL;
token = strtok_quote( NULL, " \t" ) ) {
if ( *argcp == MAXARGS ) {
- PR_snprintf( buf, 20,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_maxD_), MAXARGS );
dsgw_error( DSGW_ERR_CONFIGTOOMANYARGS, buf,
DSGW_ERROPT_EXIT, 0, NULL );
Index: cookie.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/cookie.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- cookie.c 19 Apr 2005 22:07:02 -0000 1.5
+++ cookie.c 11 Apr 2006 02:14:32 -0000 1.6
@@ -144,8 +144,8 @@
PK11_ConfigurePKCS11(NULL, NULL, tokDes, ptokDes, NULL, NULL, NULL, NULL, 0, 0 );
/*NSS_NoDB_Init(NULL);*/
dsgw_initNSS();
- PK11_GenerateRandom(buf, RNDBUFLEN);
- return( buf2str( buf, RNDBUFLEN ));
+ PK11_GenerateRandom(buf, sizeof(buf));
+ return( buf2str( buf, sizeof(buf) ));
}
@@ -162,7 +162,7 @@
#define F_OK 0
#endif
#endif
- sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context);
+ PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context);
if ( access( cdb, F_OK ) == 0 ) {
fp = fopen( cdb, "r+" );
@@ -253,7 +253,7 @@
}
for (;;) {
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
#ifdef DSGW_DEBUG
dsgw_log( "dsgw_ckdn2passwd: cookie <%s> not found in db\n",
@@ -433,14 +433,14 @@
if (( fp = dsgw_opencookiedb()) == NULL ) {
return -1;
}
- fgets( buf, CKBUFSIZ, fp );
+ fgets( buf, sizeof(buf), fp );
if ( strncmp( buf, "lastpurge:", 10 )) {
dsgw_closecookiedb( fp );
return -1;
}
rc = DSGW_CKDB_KEY_NOT_PRESENT;
for (;;) {
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
break;
}
if ( strncmp( buf, rndstr, CKLEN )) {
@@ -513,7 +513,7 @@
pos = ftell( fp );
fseek( fp, 0L, SEEK_SET );
- fgets( buf, CKBUFSIZ, fp );
+ fgets( buf, sizeof(buf), fp );
if ( strncmp( buf, "lastpurge:", 10 )) {
ret = (time_t) 0L;
} else {
@@ -553,7 +553,7 @@
size_t csize; /* current size of file */
char cdb[MAXPATHLEN]; /*DSGW_COOKIEDB_FNAME + context*/
- sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context);
+ PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context);
if (( fp = dsgw_opencookiedb()) == NULL ) {
return -1;
@@ -576,10 +576,11 @@
char *p;
char *dbdn;
int nukeit;
+ size_t maxlen = sizeof(expbuf);
nukeit = 0;
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
break;
}
if ( strncmp( buf, "lastpurge:", 10 ) == 0 ) {
@@ -596,8 +597,13 @@
dsgw_closecookiedb( fp );
return -1;
}
- strncpy( expbuf, exp, p - exp );
- expbuf[ p - exp ] = '\0';
+ if ((p - exp) < maxlen) {
+ maxlen = p - exp;
+ } else {
+ maxlen--; /* need a length, not a count */
+ }
+ strncpy( expbuf, exp, maxlen );
+ expbuf[ maxlen ] = '\0';
time( &now );
/* Get the entry's DN */
@@ -678,7 +684,7 @@
return;
}
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
printf( "Cookie database is empty (no lastpurge line)\n" );
return;
@@ -686,8 +692,9 @@
puts( buf );
for (;;) {
+ size_t maxlen = sizeof(expbuf);
char *p;
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
printf( "%d entries, %d expired\n", total, expired );
return;
@@ -702,8 +709,13 @@
return;
}
printf( "%s", buf );
- strncpy( expbuf, exp, p - exp + 1 );
- expbuf[ p - exp + 1 ] = '\0';
+ if ((p - exp + 1) < maxlen) {
+ maxlen = p - exp + 1;
+ } else {
+ maxlen--; /* need a length, not a count */
+ }
+ strncpy( expbuf, exp, maxlen );
+ expbuf[ maxlen ] = '\0';
time( &now );
total++;
if ( now > atol( expbuf )) {
@@ -752,6 +764,7 @@
return NULL;
}
+ /* richm: replace with PR_smprintf */
ckbuf = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( r ) +
strlen( edn ) + strlen( DSGW_AUTHCKNAME ) + 2 + 20 );
ckbuf[ 0 ] = '\0';
@@ -770,26 +783,6 @@
-#if 0
-/*
- * Given a time_t, return a GMTString representation of that time.
- */
-char *
-dsgw_t2gmts( time_t cktime )
-{
- time_t tnl;
- struct tm *pt;
-#define TBUFSIZE 40
- char tbuf[ TBUFSIZE ];
-
- tnl = time( NULL );
- pt = gmtime( &tnl );
- (void)strftime( tbuf, (size_t)TBUFSIZE, "%A, %d-%b-%y %T GMT", pt);
- return( dsgw_ch_strdup( tbuf ));
-}
-#endif
-
-
/*
* Password obfuscation, etc.
* There is no real security here -- we just encrypt using a hard-coded key.
Index: dbtdsgw.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dbtdsgw.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dbtdsgw.h 19 Apr 2005 22:07:02 -0000 1.4
+++ dbtdsgw.h 11 Apr 2006 02:14:32 -0000 1.5
@@ -463,5 +463,6 @@
ResDef( DBT_missingArgumentForOrgChartURLDirectiv_, 412, "Missing argument for \"url-orgchart-base\" directive\n" )/*extracted from config.c*/
ResDef( DBT_missingArgumentForOrgChartSearchAttr_ , 413, "Missing argument for \"orgchart-attrib-farleft-rdn\" directive\n" )/*extracted from config.c*/
ResDef( DBT_theCharsetIsNotSupported , 414, "The charset is not supported\n" )
+ ResDef( DBT_invalidTemplateVarLen, 415, "The string length %d of template variable \"%s\" is too long\n" )
END_STR(dsgw)
Index: domodify.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/domodify.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- domodify.c 20 May 2005 15:52:43 -0000 1.5
+++ domodify.c 11 Apr 2006 02:14:32 -0000 1.6
@@ -153,7 +153,7 @@
}
if ( !quiet ) {
- PR_snprintf( buf, 256,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_SDirectoryEntry_), changedesc );
dsgw_html_begin( buf, 1 );
} else {
@@ -413,7 +413,7 @@
entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
{
int lderr, i, j, opoffset, modop, mls, unique, unchanged_count;
- char *varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs;
+ char *varname, *varvalue, *attr, *p, **vals, **unchanged_attrs;
char *ntuserid = NULL;
LDAPMod **pmods;
Index: dsexpldif.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsexpldif.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dsexpldif.c 19 Apr 2005 22:07:02 -0000 1.4
+++ dsexpldif.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -124,14 +124,14 @@
if (gc->gc_localdbconf == NULL) {
/* remote */
- PR_snprintf (cmd, BIG_LINE,
+ PR_snprintf (cmd, sizeof(cmd),
"./%s -b \"%s\" -h %s -p %d \"objectclass=*\" > %s 2> %s",
DSGW_LDAPSEARCH, gc->gc_ldapsearchbase, gc->gc_ldapserver,
gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE);
}
else {
/* local database */
- PR_snprintf (cmd, BIG_LINE,
+ PR_snprintf (cmd, sizeof(cmd),
"./%s -b \"\" -C %s \"objectclass=*\" > %s 2> %s",
DSGW_LDAPSEARCH, gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE);
}
Index: dsgw.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsgw.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- dsgw.h 20 May 2005 15:52:43 -0000 1.6
+++ dsgw.h 11 Apr 2006 02:14:32 -0000 1.7
@@ -825,7 +825,12 @@
int dsgw_parse_cookie( char *cookie, char **rndstr, char **dn );
char *dsgw_getvp( int cginum );
#ifdef DSGW_DEBUG
-void dsgw_log( char *fmt, ... );
+void dsgw_log( char *fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
void dsgw_logstringarray( char *arrayname, char **strs );
void dsgw_log_out (const char* s, size_t n);
#else
@@ -875,16 +880,36 @@
void dsgw_strcat_escaped( char *s1, const char *s2 );
char *dsgw_strdup_escaped( const char *s );
void dsgw_substitute_and_output( char *s, char *tag, char *value, int escape );
-void dsgw_form_begin( const char* name, const char* format, ... );
+void dsgw_form_begin( const char* name, const char* format, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
char *dsgw_strdup_with_entities( char *s, int *madecopyp );
void dsgw_HTML_emits( char * );
void dsgw_emit_cgi_var( int argc, char **argv );
-void dsgw_emit_button( int argc, char **argv, const char* format, ... );
+void dsgw_emit_button( int argc, char **argv, const char* format, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
void dsgw_emit_alertForm();
-void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... );
+void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
void dsgw_emit_confirmForm();
void dsgw_emit_confirm( const char* frame, const char* yes, const char* no,
- const char* windowOptions, int enquote, const char* fmt, ... );
+ const char* windowOptions, int enquote, const char* fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 6, 7)));
+#else
+ ;
+#endif
/*
* in htmlparse.c:
@@ -983,7 +1008,12 @@
* in emitf.c
*/
int dsgw_emits (const char* s); /* like fputs(s, stdout) */
-int dsgw_emitf (const char* format, ...); /* like printf */
+int dsgw_emitf (const char* format, ...) /* like printf */
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
int dsgw_emitfv (const char* format, va_list argl);
char* dsgw_emit_converts_to (char* charset);
int is_UTF_8 (const char* charset);
@@ -995,7 +1025,12 @@
void dsgw_quotation_begin (int kind);
void dsgw_quotation_end();
int dsgw_quote_emits (int kind, const char* s);
-int dsgw_quote_emitf (int kind, const char* format, ...);
+int dsgw_quote_emitf (int kind, const char* format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
/*
* in collate.c
Index: dsgwutil.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsgwutil.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- dsgwutil.c 19 Apr 2005 22:07:02 -0000 1.5
+++ dsgwutil.c 11 Apr 2006 02:14:32 -0000 1.6
@@ -927,7 +927,7 @@
#endif
install_dir = getenv("NETSITE_ROOT");
if (install_dir != NULL) {
- sprintf(tmp_log, "%s/tmp/dsgw", install_dir);
+ PR_snprintf(tmp_log, sizeof(tmp_log), "%s/tmp/dsgw", install_dir);
#if defined( XP_WIN32 )
for(ilen=0; ilen < strlen(tmp_log); ilen++)
{
@@ -937,15 +937,15 @@
#endif /* XP_WIN32 */
} else {
#if defined( XP_WIN32 )
- ilen = strlen(tmp_dir);
GetTempPath( ilen+1, tmp_dir );
+ ilen = strlen(tmp_dir);
/* Remove trailing slash. */
pch = tmp_dir[ilen-1];
if( pch == '\\' || pch == '/' )
tmp_dir[ilen-1] = '\0';
- sprintf(tmp_log, "%s\\DSGW", tmp_dir);
+ PR_snprintf(tmp_log, sizeof(tmp_log), "%s\\DSGW", tmp_dir);
#else
- sprintf(tmp_log, "/tmp/dsgw");
+ PR_snprintf(tmp_log, sizeof(tmp_log), "/tmp/dsgw");
#endif
}
return tmp_log;
@@ -964,7 +964,7 @@
#else
"%s/%.50s.out";
#endif
- PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname );
+ PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname );
log_out_fp = fopen( fname, "w" );
}
if (log_out_fp != NULL) {
@@ -996,14 +996,14 @@
#else
"%s/%.50s";
#endif
- PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname );
+ PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname );
if (( logfp = fopen( fname, "a+" )) == NULL ) {
return;
}
}
- memcpy( timebuf, ctime( &t ), 19 );
- timebuf[ 19 ] = '\0';
+ memcpy( timebuf, ctime( &t ), sizeof(timebuf)-1 );
+ timebuf[ sizeof(timebuf)-1 ] = '\0';
fprintf( logfp, "%s %s: ", timebuf, progname );
va_start( ap, fmt );
@@ -1327,7 +1327,7 @@
}
}
for ( i=0 ; i<countLang ; i++ ) {
- strcpy(AcceptLanguageList[i],ptrLanguage[i]);
+ PL_strncpyz(AcceptLanguageList[i],ptrLanguage[i],sizeof(AcceptLanguageList[i]));
}
} else {
@@ -1336,7 +1336,7 @@
cPtr = strtok(input,",");
while (cPtr) {
if (strlen(cPtr)<MAX_ACCEPT_LENGTH) { /* ignore if too long */
- strcpy(AcceptLanguageList[countLang++],cPtr);
+ PL_strncpyz(AcceptLanguageList[countLang++],cPtr,sizeof(AcceptLanguageList[i]));
if (countLang>=MAX_ACCEPT_LANGUAGE) break; /* quit if too many */
}
cPtr = strtok(NULL,",");
Index: dsimpldif.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/dsimpldif.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dsimpldif.c 19 Apr 2005 22:07:02 -0000 1.4
+++ dsimpldif.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -148,17 +148,17 @@
if (gc->gc_localdbconf == NULL) {
/* remote */
- PR_snprintf (cmd, BIG_LINE, "./%s -a %s -h %s -p %d -f %s > %s 2>&1",
+ PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -h %s -p %d -f %s > %s 2>&1",
DSGW_LDAPMODIFY, stop?"":"-c",gc->gc_ldapserver,
gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE);
}
else {
/* local database */
- PR_snprintf (cmd, BIG_LINE, "./%s -a %s -C %s -f %s > %s 2>&1",
+ PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -C %s -f %s > %s 2>&1",
DSGW_LDAPMODIFY, stop?"":"-c", gc->gc_localdbconf, ldiffile,
DSGW_NULL_DEVICE);
}
- PR_snprintf (path, BIG_LINE, "%s%s", userdb_path, DSGW_TOOLSDIR);
+ PR_snprintf (path, sizeof(path), "%s%s", userdb_path, DSGW_TOOLSDIR);
chdir ( path );
fflush (stdout);
if (system (cmd) == 0) {
Index: emitf.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/emitf.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- emitf.c 19 Apr 2005 22:07:02 -0000 1.4
+++ emitf.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -188,12 +188,12 @@
char deffmt[DEFFMTC];
char* fmt = deffmt;
- size_t fmtc = DEFFMTC;
+ size_t fmtc = sizeof(deffmt);
const char* next;
const char* f;
- char buf [1024];
+ char buf [1024] = {0};
int i;
i = count_slots (format);
@@ -396,33 +396,33 @@
}
/* produce a single argument */
switch (islot->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION:
switch ((++islot)->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION:
switch ((++islot)->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION: goto bail; /* how did this happen? */
case TYPE_PERCENT:
@@ -647,7 +647,7 @@
s += slen; /* advance pointer to next unconverted chars */
/* convert as many chars from s as will fit in buf */
result = dsgw_convert(DSGW_FROM_UTF8, emit_converter,
- &bufptr, CONVERT_BUFSIZE, &len,
+ &bufptr, sizeof(buf), &len,
s, n, &slen, &err);
/* write the converted chars to the output */
n = dsgw_emitq ((FILE*)parm, buf, len);
@@ -661,34 +661,6 @@
return parm;
}
-#if 0
-static void
-dsgw_convert (void* parm, const char* s, size_t n)
- /* Transform the output, in a visually distinctive way.
- This function is intended for testing, only.
- */
-{
- while (parm && n > 0) {
- const size_t len = LDAP_UTF8LEN(s);
- if (len == 1 && *s >= '!' && *s <= '~') { /* ASCII */
- /* output the double-width variant of this character */
- unsigned c = (unsigned)*s - '!' + 0xFF01;
- unsigned char buf[3];
- buf[2] = 0x80 | (c & 0x3F); c >>= 6;
- buf[1] = 0x80 | (c & 0x3F); c >>= 6;
- buf[0] = 0xE0 | (c & 0x0F);
- parm = dsgw_emitn (parm, (char*)buf, 3);
- } else {
- parm = dsgw_emitn (parm, s, len);
- }
- if (parm) {
- n -= len;
- s += len;
- }
- }
-}
-#endif
-
int
dsgw_emits (const char* s)
/* This function works like fputs(s, stdout), except it
Index: entrydisplay.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/entrydisplay.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- entrydisplay.c 20 May 2005 15:52:43 -0000 1.5
+++ entrydisplay.c 11 Apr 2006 02:14:32 -0000 1.6
@@ -239,7 +239,9 @@
static char *dsgw_time(time_t secs_since_1970);
/* attribute syntax handler routines */
+#if NEEDED_FOR_DEBUGGING
static void ntdomain_display( struct dsgw_attrdispinfo *adip );
+#endif
static void ntuserid_display( struct dsgw_attrdispinfo *adip );
static void str_display( struct dsgw_attrdispinfo *adip );
static void str_edit( struct dsgw_attrdispinfo *adip );
@@ -1623,10 +1625,10 @@
memcpy( &iValue, bin_data.bv_val, sizeof( iValue ) );
if(( adip->adi_opts & DSGW_ATTROPT_DECIMAL ) != 0 )
- PR_snprintf( szFormat, 512, "%%lu" );
+ PR_snprintf( szFormat, sizeof(szFormat), "%%lu" );
else
- PR_snprintf( szFormat, 512, "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 );
- PR_snprintf( szFlags, 512, szFormat, iValue );
+ PR_snprintf( szFormat, sizeof(szFormat), "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 );
+ PR_snprintf( szFlags, sizeof(szFlags), szFormat, iValue );
fputs( szFlags, stdout );
@@ -1639,6 +1641,7 @@
}
}
+#if NEEDED_FOR_DEBUGGING
/*
* display handler for NT Domain Identifier string
*/
@@ -1671,7 +1674,7 @@
}
}
-
+#endif
/*
@@ -3222,7 +3225,7 @@
}
/* convert to utf8 */
- u_strToUTF8(obuf, BSIZ, NULL, dstr0, myStrlen, &err);
+ u_strToUTF8(obuf, sizeof(obuf), NULL, dstr0, myStrlen, &err);
if (err != U_ZERO_ERROR) {
dsgw_error( DSGW_ERR_LDAPGENERAL, NULL, DSGW_ERROPT_EXIT, err, NULL );
Index: htmlparse.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/htmlparse.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- htmlparse.c 19 Apr 2005 22:07:02 -0000 1.4
+++ htmlparse.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -202,14 +202,14 @@
} else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT &&
!strcmp(templates[ index ].name + 1, "CONTEXT ")) {
char line[ BIG_LINE ];
- PR_snprintf( line, BIG_LINE, templates[ index ].format, context);
+ PR_snprintf( line, sizeof(line), templates[ index ].format, context);
dsgw_emits( line );
} else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT ) {
/* I just can't believe there's no easy way to create
* a va_list. */
char line[ BIG_LINE ];
- PR_snprintf( line, BIG_LINE, templates[ index ].format,
+ PR_snprintf( line, sizeof(line), templates[ index ].format,
( *argc > 0 && vars[ 0 ] != NULL ) ? vars[ 0 ]: "",
( *argc > 1 && vars[ 1 ] != NULL ) ? vars[ 1 ]: "",
( *argc > 2 && vars[ 2 ] != NULL ) ? vars[ 2 ]: "",
@@ -377,14 +377,14 @@
dsgw_emits("<center><table border=2 width=100%%>\n");
- util_snprintf(line, BIG_LINE, "<tr>");
+ util_snprintf(line, sizeof(line), "<tr>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<td align=center width=100%%>");
+ util_snprintf(line, sizeof(line), "<td align=center width=100%%>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<hr size=0 width=0>");
+ util_snprintf(line, sizeof(line), "<hr size=0 width=0>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<FONT size=+2><b>%s</b></FONT>"
+ util_snprintf(line, sizeof(line), "<FONT size=+2><b>%s</b></FONT>"
"<hr size=0 width=0>"
"</th>", ( argc > 0 ) ? argv[0] : "" );
dsgw_emits(line);
@@ -399,7 +399,7 @@
char line[BIG_LINE];
dsgw_emits("<HTML>");
dsgw_head_begin();
- util_snprintf(line, BIG_LINE, "\n<TITLE>%s</TITLE></HEAD>\n"
+ util_snprintf(line, sizeof(line), "\n<TITLE>%s</TITLE></HEAD>\n"
"<BODY %s>\n", ( argc > 0 ) ? argv[0] : "", dsgw_html_body_colors );
dsgw_emits(line);
}
@@ -411,10 +411,10 @@
char line[BIG_LINE];
if ( argc > 0 ) {
- util_snprintf(line, BIG_LINE, "<BODY %s %s>\n", dsgw_html_body_colors,
+ util_snprintf(line, sizeof(line), "<BODY %s %s>\n", dsgw_html_body_colors,
( argc > 0 ) ? argv[0] : "" );
} else {
- util_snprintf(line, BIG_LINE, "<BODY %s>\n", dsgw_html_body_colors );
+ util_snprintf(line, sizeof(line), "<BODY %s>\n", dsgw_html_body_colors );
}
dsgw_emits(line);
@@ -451,14 +451,14 @@
if(!verify) {
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=submit value=\"%s\">"
"</td>\n",
XP_GetClientStr(DBT_ok_1));
dsgw_emits(outstr);
} else {
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=button value=\"%s\" "
"onclick=\"verify(this.form)\">"
"</td>\n",
@@ -467,7 +467,7 @@
}
{
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=reset value=\"%s\"></td>\n",
XP_GetClientStr(DBT_reset_));
dsgw_emits(outstr);
@@ -489,12 +489,12 @@
dsgw_emits("<center><table border=2 width=100%%><tr>");
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=submit value=\"%s\">"
"</td>\n",
XP_GetClientStr(DBT_done_));
dsgw_emits(outstr);
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=button value=\"%s\" "
"onClick=\"top.close()\"></td>\n",
XP_GetClientStr(DBT_cancel_2));
@@ -707,8 +707,19 @@
}
} else {
if ( isvar != -1 ) {
- isvar += LDAP_UTF8COPY(scratch + isvar, string);
- scratch[ isvar ] = '\0';
+ /* check for scratch overflow */
+ if ((strlen(string) + isvar) < sizeof(scratch)) {
+ isvar += LDAP_UTF8COPY(scratch + isvar, string);
+ scratch[ isvar ] = '\0';
+ } else {
+ char msg[BUFSIZ];
+ /* error - buffer overflow */
+ PR_snprintf(msg, sizeof(msg), XP_GetClientStr(DBT_invalidTemplateVarLen),
+ strlen(string), string);
+ template_error(msg);
+ *argc = 0;
+ return NULL;
+ }
} else {
if ( *string == DIRECTIVE_END ) {
break;
Index: ldaputil.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/ldaputil.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ldaputil.c 19 Apr 2005 22:07:02 -0000 1.4
+++ ldaputil.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -50,6 +50,7 @@
#include <io.h>
#include <fcntl.h>
#endif
+#include "libadminutil/distadm.h"
static dsgwtmplinfo *init_listdisplay( char *tmplname, unsigned long options );
static int do_search( dsgwtmplinfo *tip, LDAP *ld, char *base, int scope,
@@ -1305,7 +1306,7 @@
*errsp = XP_GetClientStr(DBT_invalidUserIdOrNullLdapHandle_);
return NULL;
}
- PR_snprintf( filtbuf, 85, "uid=%s", uid );
+ PR_snprintf( filtbuf, sizeof(filtbuf), "uid=%s", uid );
if (( rc = ldap_search_s( ld, base, LDAP_SCOPE_SUBTREE, filtbuf,
attrs, 1, &result )) != LDAP_SUCCESS ) {
@@ -1423,10 +1424,10 @@
}
if ( count > 1 ) {
- util_snprintf( line, BIG_LINE, "%s\n<SELECT NAME=\"%s\">\n",
+ util_snprintf( line, sizeof(line), "%s\n<SELECT NAME=\"%s\">\n",
prefix, varname );
} else {
- util_snprintf( line, BIG_LINE, "<INPUT TYPE=\"hidden\" NAME=\"%s\" ",
+ util_snprintf( line, sizeof(line), "<INPUT TYPE=\"hidden\" NAME=\"%s\" ",
varname );
}
dsgw_emits( line );
@@ -1463,7 +1464,7 @@
}
if ( count > 1 ) {
- util_snprintf( line, BIG_LINE, "</SELECT>\n%s\n", suffix );
+ util_snprintf( line, sizeof(line), "</SELECT>\n%s\n", suffix );
dsgw_emits( line );
}
@@ -1500,7 +1501,7 @@
}
}
- util_snprintf( line, BIG_LINE, " VALUE=\"%s\">%s\n", escapeddn,
+ util_snprintf( line, sizeof(line), " VALUE=\"%s\">%s\n", escapeddn,
only_one ? "" : friendlyname );
free( escapeddn );
if ( rdns != NULL ) {
Index: templateindex.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/templateindex.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- templateindex.c 19 Apr 2005 22:07:02 -0000 1.4
+++ templateindex.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -63,11 +63,11 @@
if( ( dir == NULL ) || (strlen( dir ) == 0) )
return NULL;
- if( ( ret = malloc( sizeof( char * ) ) ) == NULL )
+ if( ( ret = malloc( sizeof( char * ) * 2 ) ) == NULL )
return NULL;
- strcpy(szWildcardFileSpec, dir);
- strcat(szWildcardFileSpec, "/*");
+ PL_strncpyz(szWildcardFileSpec, dir, sizeof(szWildcardFileSpec));
+ PL_strcatn(szWildcardFileSpec, sizeof(szWildcardFileSpec), "/*");
hFile = _findfirst( szWildcardFileSpec, &fileinfo);
if( hFile == -1 )
Index: tutor.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/clients/dsgw/tutor.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- tutor.c 19 Apr 2005 22:07:03 -0000 1.4
+++ tutor.c 11 Apr 2006 02:14:32 -0000 1.5
@@ -124,7 +124,7 @@
*tmp='\0';
dsgw_emitf("<BASE href=\"%s%s/%s\">\n", surl, sn, base);
}
- while( fgets(line, BIG_LINE, html)) {
+ while( fgets(line, sizeof(line), html)) {
dsgw_emits( line );
}
}
@@ -210,7 +210,7 @@
map=fopen(man_index, "r");
if(!map)
goto ohwell;
- while(fgets(line, BIG_LINE, map)) {
+ while(fgets(line, sizeof(line), map)) {
if(line[0]==';')
continue;
else if(ldap_utf8isspace(line))
18 years
[Fedora-directory-commits] ldapserver/ldap/admin/src cfg_sspt.c, 1.8, 1.9 create_instance.c, 1.26, 1.27 ds_remove_uninst.cpp, 1.6, 1.7 init_ds_env.c, 1.5, 1.6 instindex.cpp, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/ldap/admin/src
Modified Files:
cfg_sspt.c create_instance.c ds_remove_uninst.cpp
init_ds_env.c instindex.cpp
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: cfg_sspt.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/cfg_sspt.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- cfg_sspt.c 16 Feb 2006 17:39:47 -0000 1.8
+++ cfg_sspt.c 11 Apr 2006 02:14:31 -0000 1.9
@@ -239,6 +239,12 @@
#ifdef CGI_DEBUG
#include <stdarg.h>
+static void debug_log (const char* file, const char* format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
static void
debug_log (const char* file, const char* format, ...)
@@ -375,6 +381,12 @@
list of strings to substitute in the format; basically just constructs
the correct aci string and passes it to add_aci
*/
+int add_aci_v(LDAP* ld, char* DN, char* format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
int
add_aci_v(LDAP* ld, char* DN, char* format, ...)
{
Index: create_instance.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- create_instance.c 16 Mar 2006 22:19:31 -0000 1.26
+++ create_instance.c 11 Apr 2006 02:14:31 -0000 1.27
@@ -145,6 +145,13 @@
#endif
static char *make_error(char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
+
+static char *make_error(char *fmt, ...)
{
static char errbuf[ERR_SIZE];
va_list args;
@@ -661,6 +668,12 @@
#define chownsearch(a, b)
#endif
+char *gen_script(char *s_root, char *name, char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
char *gen_script(char *s_root, char *name, char *fmt, ...)
{
@@ -715,6 +728,12 @@
}
char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 4, 5)));
+#else
+ ;
+#endif
+char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...)
{
char myperl[PATH_SIZE];
char fn[PATH_SIZE];
@@ -1356,8 +1375,7 @@
/* ---------------------- Update server script files ---------------------- */
int update_server(server_config_s *cf)
{
- char line[PATH_SIZE], *t, *sroot = cf->sroot;
- char subdir[PATH_SIZE];
+ char *t;
char error_param[BIG_LINE] = {0};
#if defined( SOLARIS )
Index: ds_remove_uninst.cpp
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/ds_remove_uninst.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ds_remove_uninst.cpp 2 Sep 2005 20:40:48 -0000 1.6
+++ ds_remove_uninst.cpp 11 Apr 2006 02:14:31 -0000 1.7
@@ -80,6 +80,13 @@
#include "setupapi.h"
#define MAX_STR_SIZE 512
+static void dsLogMessage(const char *level, const char *which,
+ const char *format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
static InstallLog *installLog = NULL;
Index: init_ds_env.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/init_ds_env.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- init_ds_env.c 19 Apr 2005 22:06:55 -0000 1.5
+++ init_ds_env.c 11 Apr 2006 02:14:31 -0000 1.6
@@ -48,6 +48,7 @@
#include "libadminutil/distadm.h"
#include "init_ds_env.h"
#include "dsalib.h"
+#include "prprf.h"
int init_ds_env()
{
Index: instindex.cpp
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/instindex.cpp,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- instindex.cpp 14 Mar 2006 17:13:38 -0000 1.9
+++ instindex.cpp 11 Apr 2006 02:14:31 -0000 1.10
@@ -55,7 +55,7 @@
#include <string.h>
/* --------------------------------- main --------------------------------- */
-
+#if NEEDED_FOR_DEBUGGING
static void
printInfo(int argc, char *argv[], char *envp[], FILE* fp)
{
@@ -76,6 +76,7 @@
fprintf(fp, "#####################################\n");
}
+#endif
#if defined (__hpux) && defined (__ia64)
int main(int argc, char *argv[], char *envp[])
18 years
[Fedora-directory-commits] ldapserver/include/base ereport.h, 1.6, 1.7 util.h, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/include/base
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/include/base
Modified Files:
ereport.h util.h
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: ereport.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/include/base/ereport.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ereport.h 19 Apr 2005 22:06:44 -0000 1.6
+++ ereport.h 11 Apr 2006 02:14:26 -0000 1.7
@@ -60,7 +60,12 @@
* the current date.
*/
-NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...);
+NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
NSAPI_PUBLIC int INTereport_v(int degree, char *fmt, va_list args);
NSPR_END_EXTERN_C
Index: util.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/include/base/util.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- util.h 19 Apr 2005 22:06:44 -0000 1.6
+++ util.h 11 Apr 2006 02:14:26 -0000 1.7
@@ -67,12 +67,22 @@
NSAPI_PUBLIC
int INTutil_vsprintf(char *s, register const char *fmt, va_list args);
-NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...);
+NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
NSAPI_PUBLIC int INTutil_vsnprintf(char *s, int n, register const char *fmt,
va_list args);
-NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...);
+NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
NSAPI_PUBLIC int INTutil_strftime(char *s, const char *format, const struct tm *t);
18 years
[Fedora-directory-commits] ldapserver/config pathsub.h,1.4,1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/config
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8136/ldapserver/config
Modified Files:
pathsub.h
Log Message:
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value. I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: pathsub.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/config/pathsub.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- pathsub.h 19 Apr 2005 22:06:42 -0000 1.4
+++ pathsub.h 11 Apr 2006 02:14:25 -0000 1.5
@@ -61,7 +61,12 @@
extern char *program;
-extern void fail(char *format, ...);
+extern void fail(char *format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
extern char *getcomponent(char *path, char *name);
extern char *ino2name(ino_t ino, char *dir);
extern void *xmalloc(size_t size);
18 years
[Fedora-directory-commits] ldapserver buildpaths.mk, 1.13, 1.14 components.mk, 1.46, 1.47
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9783
Modified Files:
buildpaths.mk components.mk
Log Message:
Make the build/pull work like the adminserver does with respect to console. Otherwise, dsbuild with recent code no longer works.
Index: buildpaths.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/buildpaths.mk,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- buildpaths.mk 29 Mar 2006 19:42:39 -0000 1.13
+++ buildpaths.mk 8 Apr 2006 19:29:35 -0000 1.14
@@ -139,7 +139,7 @@
ADMINSERVER_SOURCE_ROOT = $(BUILD_ROOT)/../adminserver
-LDAPCONSOLE_SOURCE_ROOT = $(BUILD_ROOT)/../directoryconsole
+LDAPCONSOLE_SOURCE_ROOT = $(BUILD_ROOT)/..
# these are the files needed to build the java components - xmltools and dsmlgw -
# and where to get them
Index: components.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/components.mk,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- components.mk 7 Apr 2006 22:19:35 -0000 1.46
+++ components.mk 8 Apr 2006 19:29:35 -0000 1.47
@@ -569,7 +569,7 @@
ADMINSERVER_SUBCOMPS:=admin base
ifdef LDAPCONSOLE_SOURCE_ROOT
- LDAPCONSOLE_DIR = $(ABS_ROOT)/../built/package
+ LDAPCONSOLE_DIR = $(LDAPCONSOLE_SOURCE_ROOT)/built/package
else
LDAPCONSOLE_DIR = $(CLASS_DEST)
endif
18 years
[Fedora-directory-commits] dsbuild/ds/setuputil Makefile,1.3,1.4
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/dsbuild/ds/setuputil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/setuputil
Modified Files:
Makefile
Log Message:
You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ...
Right now this only works with the cvs.fedora.redhat.com repository, but
it will be easy to add support for others such as mozilla.
I added ICU to the mod_admserv build.
adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now.
ldapserver uses the correct path to directoryconsole now.
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/dsbuild/ds/setuputil/Makefile,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- Makefile 16 Feb 2006 21:34:09 -0000 1.3
+++ Makefile 8 Apr 2006 19:27:05 -0000 1.4
@@ -3,9 +3,14 @@
GARNAME = fedora-setuputil
GARVERSION = 1.0.2
CATEGORIES = ds
-DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
PATCHFILES =
+ifdef USE_CVS
+CVSMODULES=setuputil
+else
+DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
+endif
+
LIBDEPS =
DESCRIPTION = setuputil
@@ -22,6 +27,10 @@
BUILD_ARGS += BUILD_DEBUG=optimize
endif
+ifdef USE_CVS
+post-extract: extract-cvs
+endif
+
configure-custom:
$(MAKECOOKIE)
18 years
[Fedora-directory-commits] dsbuild/ds/mod_restartd Makefile, 1.2, 1.3
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/dsbuild/ds/mod_restartd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/mod_restartd
Modified Files:
Makefile
Log Message:
You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ...
Right now this only works with the cvs.fedora.redhat.com repository, but
it will be easy to add support for others such as mozilla.
I added ICU to the mod_admserv build.
adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now.
ldapserver uses the correct path to directoryconsole now.
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/dsbuild/ds/mod_restartd/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Makefile 14 Feb 2006 22:29:23 -0000 1.2
+++ Makefile 8 Apr 2006 19:27:04 -0000 1.3
@@ -3,9 +3,14 @@
GARNAME = mod_restartd
GARVERSION = 1.0.2
CATEGORIES = ds
-DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
PATCHFILES =
+ifdef USE_CVS
+CVSMODULES=mod_restartd
+else
+DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
+endif
+
LIBDEPS =
DESCRIPTION = mod_restartd
@@ -21,6 +26,10 @@
INSTALL_SCRIPTS = custom
BUILD_ARGS =
+ifdef USE_CVS
+post-extract: extract-cvs
+endif
+
ifdef BUILD_MODULE_RPM
ifeq ($(DEBUG),full)
FLAVOR=dbg
18 years
[Fedora-directory-commits] dsbuild/ds/onlinehelp Makefile,1.2,1.3
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/dsbuild/ds/onlinehelp
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9565/dsbuild/ds/onlinehelp
Modified Files:
Makefile
Log Message:
You can now do a dsbuild with sources from CVS by using make USE_CVS=1 ...
Right now this only works with the cvs.fedora.redhat.com repository, but
it will be easy to add support for others such as mozilla.
I added ICU to the mod_admserv build.
adminserver uses MOD_*_LIBPATH instead of MOD_*_LIB_DIR now.
ldapserver uses the correct path to directoryconsole now.
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/dsbuild/ds/onlinehelp/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Makefile 14 Feb 2006 22:29:34 -0000 1.2
+++ Makefile 8 Apr 2006 19:27:05 -0000 1.3
@@ -1,15 +1,24 @@
GARNAME = fedora-onlinehelp
GARVERSION = 1.0.2
CATEGORIES = ds
-DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
PATCHFILES =
+ifdef USE_CVS
+CVSMODULES=onlinehelp
+else
+DISTFILES = $(GARNAME)-$(GARVERSION).tar.gz
+endif
+
LIBDEPS =
DESCRIPTION = onlinehelp
INSTALL_SCRIPTS = custom
+ifdef USE_CVS
+post-extract: extract-cvs
+endif
+
configure-custom:
$(MAKECOOKIE)
18 years