Rewrote some prohibited APIs in plugins/ (sprintf, strcpy, strcat).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24274 f5534014-38df-0310-8fa8-9805f1628bb7

diff --git a/plugins/agentx/packet-agentx.c b/plugins/agentx/packet-agentx.c
index 255e8ed2f2b66cde7ea7b1ca48cc374af52d01ba..2d399de04e47e8bb391f633aa860a3705051fc75 100644 (file)
--- a/plugins/agentx/packet-agentx.c
+++ b/plugins/agentx/packet-agentx.c
@@ -326,11 +326,11 @@ static int convert_oid_to_str(guint32 *oid, int len, char* str, int slen, char p
        if(slen < len) return 0;
 
        if(prefix) {
-               tlen+= sprintf(str,".1.3.6.1.%d",prefix);
+               tlen += g_snprintf(str,slen,".1.3.6.1.%d",prefix);
        }
 
        for(i=0; i < len && tlen < slen; i++) {
-               tlen += sprintf(str+tlen,".%d",oid[i]);
+               tlen += g_snprintf(str+tlen,slen-tlen,".%d",oid[i]);
        }
        return tlen;
 }

diff --git a/plugins/artnet/packet-artnet.c b/plugins/artnet/packet-artnet.c
index 20e58ae52115f49fbec6aa1d3e4dd90aeb52d7c4..79c76fa0538d35f12146d98c60dee47f63c4f48c 100644 (file)
--- a/plugins/artnet/packet-artnet.c
+++ b/plugins/artnet/packet-artnet.c
@@ -800,22 +800,20 @@ dissect_artnet_output(tvbuff_t *tvb, guint offset, proto_tree *tree)
   for (r=0; r < row_count;r++) {
     for (c=0;(c < global_disp_col_count) && (((r*global_disp_col_count)+c) < length);c++) {
       if ((c % (global_disp_col_count/2)) == 0) {
-        sprintf(ptr, " ");
-        ptr++;
+        ptr += g_snprintf(ptr, sizeof string - strlen(string), " ");
       }
 
       v = tvb_get_guint8(tvb, (offset+(r*global_disp_col_count)+c));
       if (global_disp_chan_val_type == 0) {
         v = (v * 100) / 255;
         if (v == 100) {
-          sprintf(ptr, "FL ");
+          ptr += g_snprintf(ptr, sizeof string - strlen(string), "FL ");
         } else {
-          sprintf(ptr, chan_format[global_disp_chan_val_type], v);
+          ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
         }
       } else {
-        sprintf(ptr, chan_format[global_disp_chan_val_type], v);
+        ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
       }
-      ptr += strlen(ptr);
     }
     
     proto_tree_add_none_format(si,hf_artnet_output_dmx_data, tvb,

diff --git a/plugins/asn1/packet-asn1.c b/plugins/asn1/packet-asn1.c
index 85fed297e8b702a6c73fede0bd1bd9e9b040d88b..6bd383ebc6d7cddfc6698b0c90120370391e4ee4 100644 (file)
--- a/plugins/asn1/packet-asn1.c
+++ b/plugins/asn1/packet-asn1.c
@@ -572,7 +572,7 @@ showoctets(guchar *octets, guint len, guint hexlen) /* if len <= hexlen, always
                        for (i=0; i<len; i++) {
                                p += sprintf(p, "%2.2X", octets[i]);
                        }
-                       strcpy(p, endstr);
+                       strncpy(p, endstr, len*2 + 5);
                } else {
                        if (len <= hexlen) { /* show both hex and ascii, assume hexlen < MAX_OTSLEN */
                                str = p = g_malloc(len*3+2);
@@ -586,7 +586,7 @@ showoctets(guchar *octets, guint len, guint hexlen) /* if len <= hexlen, always
                                /* g_strdup_printf("%*s%s", len, octets, endstr) does not work ?? */
                                str = g_malloc(len+5);
                                strncpy(str, octets, len);
-                               strcpy(&str[len], endstr);
+                               strncpy(&str[len], endstr, 5);
                        }
                }
        }
@@ -3311,7 +3311,7 @@ PDUtext(char *txt, PDUinfo *info) /* say everything we know about this entry */
                        }
                }
        } else {
-               strcpy(txt, "no info available");
+               strncpy(txt, "no info available", 20);
        }
 
        return;

diff --git a/plugins/enttec/packet-enttec.c b/plugins/enttec/packet-enttec.c
index 3291f970199bd9310966bcbe0a20d0f1b6076e3a..d8b3dc040f8b30f39ff41acbece725aa80b37fbb 100644 (file)
--- a/plugins/enttec/packet-enttec.c
+++ b/plugins/enttec/packet-enttec.c
@@ -290,21 +290,19 @@ dissect_enttec_dmx_data(tvbuff_t *tvb, guint offset, proto_tree *tree)
                for (r=0; r < row_count;r++) {
                        for (c=0;(c < global_disp_col_count) && (((r*global_disp_col_count)+c) < ui);c++) {
                                if ((c % (global_disp_col_count/2)) == 0) {
-                                       sprintf(ptr, " ");
-                                       ptr++;
+                                       ptr += g_snprintf(ptr, sizeof string - strlen(string), " ");
                                }
                                v = dmx_data[(r*global_disp_col_count)+c];
                                if (global_disp_chan_val_type == 0) {
                                        v = (v * 100) / 255;
                                        if (v == 100) {
-                                               sprintf(ptr, "FL ");
+                                               ptr += g_snprintf(ptr, sizeof string - strlen(string), "FL ");
                                        } else {
-                                               sprintf(ptr, chan_format[global_disp_chan_val_type], v);
+                                               ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
                                        }
                                } else {
-                                       sprintf(ptr, chan_format[global_disp_chan_val_type], v);
+                                       ptr += g_snprintf(ptr, sizeof string - strlen(string), chan_format[global_disp_chan_val_type], v);
                                }
-                               ptr += strlen(ptr);
                        }
 
                        start_offset = dmx_data_offset[(r*global_disp_col_count)];

diff --git a/plugins/ethercat/packet-ecatmb.c b/plugins/ethercat/packet-ecatmb.c
index 5a3bae3cf08a34f4e96735622fe6e417b036469d..8d00b63c8310245eebfd2a5b0de3e405a336167b 100644 (file)
--- a/plugins/ethercat/packet-ecatmb.c
+++ b/plugins/ethercat/packet-ecatmb.c
@@ -550,19 +550,19 @@ static void SoeFormater(tvbuff_t *tvb, gint offset, char *szText, gint nMax, gui
          SoEIdToString(tmp, soe.anSoeHeaderDataUnion.IDN, sizeof(tmp)-1);
          elm[0] = 0;
          if ( soe.anSoeHeaderControlUnion.v.DataState )
-            strcat(elm, "D");
+            strncat(elm, "D", 2);
          if ( soe.anSoeHeaderControlUnion.v.Name )
-            strcat(elm, "N");
+            strncat(elm, "N", 2);
          if ( soe.anSoeHeaderControlUnion.v.Attribute )
-            strcat(elm, "A");
+            strncat(elm, "A", 2);
          if ( soe.anSoeHeaderControlUnion.v.Unit )
-            strcat(elm, "U");
+            strncat(elm, "U", 2);
          if ( soe.anSoeHeaderControlUnion.v.Min )
-            strcat(elm, "I");
+            strncat(elm, "I", 2);
          if ( soe.anSoeHeaderControlUnion.v.Max )
-            strcat(elm, "X");
+            strncat(elm, "X", 2);
          if ( soe.anSoeHeaderControlUnion.v.Value )
-            strcat(elm, "V");
+            strncat(elm, "V", 2);
          switch ( soe.anSoeHeaderControlUnion.v.OpCode )
          {
          case ECAT_SOE_OPCODE_RRQ:

diff --git a/plugins/gryphon/packet-gryphon.c b/plugins/gryphon/packet-gryphon.c
index 7743d313b7a744605aba40726a61376f2422f016..b531b0473a415050e82b0709ae51dbaf10d3ac42 100644 (file)
--- a/plugins/gryphon/packet-gryphon.c
+++ b/plugins/gryphon/packet-gryphon.c
@@ -937,11 +937,11 @@ cmd_setfilt(tvbuff_t *tvb, int offset, proto_tree *pt)
     length =  tvb_get_guint8(tvb, offset+4) + tvb_get_guint8(tvb, offset+5)
        + tvb_get_ntohs(tvb, offset+6);
     if (flag)
-       strcpy (mode, "Pass");
+       strncpy (mode, "Pass", 10);
     else
-       strcpy (mode, "Block");
+       strncpy (mode, "Block", 10);
     if (length == 0)
-       strcat (mode, " all");
+       strncat (mode, " all", 10);
     proto_tree_add_text(pt, tvb, offset, 4, "Pass/Block flag: %s", mode);
     proto_tree_add_text(pt, tvb, offset+4, 4, "Length of Pattern & Mask: %d", length);
     offset += 8;
@@ -2197,21 +2197,21 @@ blm_mode(tvbuff_t *tvb, int offset, proto_tree *pt)
     switch (x) {
     case 0:
        mode = "Off";
-       sprintf (line, "reserved");
+       g_snprintf (line, 50, "reserved");
        break;
     case 1:
        mode = "Average over time";
        seconds = y / 1000;
        y = y % 1000;
-       sprintf (line, "Averaging period: %d.%03d seconds", seconds, y);
+       g_snprintf (line, 50, "Averaging period: %d.%03d seconds", seconds, y);
        break;
     case 2:
        mode = "Average over frame count";
-       sprintf (line, "Averaging period: %d frames", y);
+       g_snprintf (line, 50, "Averaging period: %d frames", y);
        break;
     default:
        mode = "- unknown -";
-       sprintf (line, "reserved");
+       g_snprintf (line, 50, "reserved");
     }
     proto_tree_add_text(pt, tvb, offset, 4, "Mode: %s", mode);
     offset += 4;

diff --git a/plugins/irda/packet-ircomm.c b/plugins/irda/packet-ircomm.c
index 61f888fe551c1c2104f42bb9b53cd58f2a355b01..a35c3d9dcf104f4a09b90a1fdf5ef5ca68059b05 100644 (file)
--- a/plugins/irda/packet-ircomm.c
+++ b/plugins/irda/packet-ircomm.c
@@ -188,9 +188,9 @@ static void dissect_cooked_ircomm(tvbuff_t* tvb, packet_info* pinfo, proto_tree*
 
 
         if (len > 0)
-            sprintf(buf, "Clen=%d, UserData: %d byte%s", clen, len, (len > 1)? "s": "");
+            g_snprintf(buf, 128, "Clen=%d, UserData: %d byte%s", clen, len, (len > 1)? "s": "");
         else
-            sprintf(buf, "Clen=%d", clen);
+            g_snprintf(buf, 128, "Clen=%d", clen);
         col_add_str(pinfo->cinfo, COL_INFO, buf);
     }
 
@@ -238,8 +238,7 @@ static void dissect_raw_ircomm(tvbuff_t* tvb, packet_info* pinfo, proto_tree* ro
     {
         char    buf[128];
 
-
-        sprintf(buf, "User Data: %d byte%s", len, (len > 1)? "s": "");
+        g_snprintf(buf, 128, "User Data: %d byte%s", len, (len > 1)? "s": "");
         col_add_str(pinfo->cinfo, COL_INFO, buf);
     }
 
@@ -293,15 +292,15 @@ static gboolean dissect_ircomm_parameters(tvbuff_t* tvb, unsigned offset, packet
 
                     pv = tvb_get_guint8(tvb, offset+2);
                     if (pv & IRCOMM_3_WIRE_RAW)
-                        strcat(buf, ", 3-Wire raw");
+                        strncat(buf, ", 3-Wire raw", 256 - strlen(buf));
                     if (pv & IRCOMM_3_WIRE)
-                        strcat(buf, ", 3-Wire");
+                        strncat(buf, ", 3-Wire", 256 - strlen(buf));
                     if (pv & IRCOMM_9_WIRE)
-                        strcat(buf, ", 9-Wire");
+                        strncat(buf, ", 9-Wire", 256 - strlen(buf));
                     if (pv & IRCOMM_CENTRONICS)
-                        strcat(buf, ", Centronics");
+                        strncat(buf, ", Centronics", 256 - strlen(buf));
 
-                    strcat(buf, ")");
+                    strncat(buf, ")", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -312,11 +311,11 @@ static gboolean dissect_ircomm_parameters(tvbuff_t* tvb, unsigned offset, packet
 
                     pv = tvb_get_guint8(tvb, offset+2);
                     if (pv & IRCOMM_SERIAL)
-                        strcat(buf, ", serial");
+                        strncat(buf, ", serial", 256 - strlen(buf));
                     if (pv & IRCOMM_PARALLEL)
-                        strcat(buf, ", parallel");
+                        strncat(buf, ", parallel", 256 - strlen(buf));
 
-                    strcat(buf, ")");
+                    strncat(buf, ")", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 

diff --git a/plugins/irda/packet-irda.c b/plugins/irda/packet-irda.c
index 92ee1f7e112eef2f4508e34c08c0506e9a0a550a..baa1bc100d5fed53c81839113037ad73a2b72653 100644 (file)
--- a/plugins/irda/packet-irda.c
+++ b/plugins/irda/packet-irda.c
@@ -477,7 +477,7 @@ static unsigned dissect_ttp(tvbuff_t* tvb, packet_info* pinfo, proto_tree* root,
         char    buf[128];
 
 
-        sprintf(buf, ", Credit=%d", head & ~TTP_PARAMETERS);
+        g_snprintf(buf, 128, ", Credit=%d", head & ~TTP_PARAMETERS);
         col_append_str(pinfo->cinfo, COL_INFO, buf);
     }
 
@@ -745,25 +745,25 @@ static void dissect_iap_result(tvbuff_t* tvb, packet_info* pinfo, proto_tree* ro
             case GET_VALUE_BY_CLASS:
                 if (retcode == 0)
                 {
+                    guint8 *string;
                     switch (tvb_get_guint8(tvb, offset + 6))
                     {
                         case IAS_MISSING:
-                            strcpy(buf, ", Missing");
+                            g_snprintf(buf, 300, ", Missing");
                             break;
 
                         case IAS_INTEGER:
-                            sprintf(buf, ", Integer: %d", tvb_get_ntohl(tvb, offset + 7));
+                            g_snprintf(buf, 300, ", Integer: %d", tvb_get_ntohl(tvb, offset + 7));
                             break;
 
                         case IAS_OCT_SEQ:
-                            sprintf(buf, ", %d Octets", tvb_get_ntohs(tvb, offset + 7));
+                            g_snprintf(buf, 300, ", %d Octets", tvb_get_ntohs(tvb, offset + 7));
                             break;
 
                         case IAS_STRING:
-                            strcpy(buf, ", \"");
                             n = tvb_get_guint8(tvb, offset + 8);
-                            tvb_memcpy(tvb, buf + 3, offset + 9, n);
-                            strcpy(buf + 3 + n, "\"");
+                            string = tvb_get_ephemeral_string(tvb, offset + 9, n);
+                            g_snprintf(buf, 300, ", \"%s\"", string);
                             break;
                     }
                     col_append_str(pinfo->cinfo, COL_INFO, buf);
@@ -1303,25 +1303,25 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Baud Rate (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 2400");
+                        strncat(buf, ", 2400", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 9600");
+                        strncat(buf, ", 9600", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 19200");
+                        strncat(buf, ", 19200", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 38400");
+                        strncat(buf, ", 38400", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 57600");
+                        strncat(buf, ", 57600", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 115200");
+                        strncat(buf, ", 115200", 256 - strlen(buf));
                     if (pv & 0x40)
-                        strcat(buf, ", 576000");
+                        strncat(buf, ", 576000", 256 - strlen(buf));
                     if (pv & 0x80)
-                        strcat(buf, ", 1152000");
+                        strncat(buf, ", 1152000", 256 - strlen(buf));
                     if ((p_len > 1) && (tvb_get_guint8(tvb, offset+3) & 0x01))
-                        strcat(buf, ", 4000000");
+                        strncat(buf, ", 4000000", 256 - strlen(buf));
 
-                    strcat(buf, " bps)");
+                    strncat(buf, " bps)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1331,15 +1331,15 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Maximum Turn Time (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 500");
+                        strncat(buf, ", 500", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 250");
+                        strncat(buf, ", 250", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 100");
+                        strncat(buf, ", 100", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 50");
+                        strncat(buf, ", 50", 256 - strlen(buf));
 
-                    strcat(buf, " ms)");
+                    strncat(buf, " ms)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1349,19 +1349,19 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Data Size (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 64");
+                        strncat(buf, ", 64", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 128");
+                        strncat(buf, ", 128", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 256");
+                        strncat(buf, ", 256", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 512");
+                        strncat(buf, ", 512", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 1024");
+                        strncat(buf, ", 1024", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 2048");
+                        strncat(buf, ", 2048", 256 - strlen(buf));
 
-                    strcat(buf, " bytes)");
+                    strncat(buf, " bytes)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1371,21 +1371,21 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Window Size (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 1");
+                        strncat(buf, ", 1", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 2");
+                        strncat(buf, ", 2", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 3");
+                        strncat(buf, ", 3", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 4");
+                        strncat(buf, ", 4", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 5");
+                        strncat(buf, ", 5", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 6");
+                        strncat(buf, ", 6", 256 - strlen(buf));
                     if (pv & 0x40)
-                        strcat(buf, ", 7");
+                        strncat(buf, ", 7", 256 - strlen(buf));
 
-                    strcat(buf, " frame window)");
+                    strncat(buf, " frame window)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1395,23 +1395,23 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Additional BOFs (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 48");
+                        strncat(buf, ", 48", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 24");
+                        strncat(buf, ", 24", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 12");
+                        strncat(buf, ", 12", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 5");
+                        strncat(buf, ", 5", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 3");
+                        strncat(buf, ", 3", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 2");
+                        strncat(buf, ", 2", 256 - strlen(buf));
                     if (pv & 0x40)
-                        strcat(buf, ", 1");
+                        strncat(buf, ", 1", 256 - strlen(buf));
                     if (pv & 0x80)
-                        strcat(buf, ", 0");
+                        strncat(buf, ", 0", 256 - strlen(buf));
 
-                    strcat(buf, " additional BOFs at 115200)");
+                    strncat(buf, " additional BOFs at 115200)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1421,23 +1421,23 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Minimum Turn Time (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 10");
+                        strncat(buf, ", 10", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 5");
+                        strncat(buf, ", 5", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 1");
+                        strncat(buf, ", 1", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 0.5");
+                        strncat(buf, ", 0.5", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 0.1");
+                        strncat(buf, ", 0.1", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 0.05");
+                        strncat(buf, ", 0.05", 256 - strlen(buf));
                     if (pv & 0x40)
-                        strcat(buf, ", 0.01");
+                        strncat(buf, ", 0.01", 256 - strlen(buf));
                     if (pv & 0x80)
-                        strcat(buf, ", 0");
+                        strncat(buf, ", 0", 256 - strlen(buf));
 
-                    strcat(buf, " ms)");
+                    strncat(buf, " ms)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1447,23 +1447,23 @@ static unsigned dissect_negotiation(tvbuff_t* tvb, proto_tree* tree, unsigned of
                     proto_item_append_text(ti, ": Link Disconnect/Threshold Time (");
 
                     if (pv & 0x01)
-                        strcat(buf, ", 3/0");
+                        strncat(buf, ", 3/0", 256 - strlen(buf));
                     if (pv & 0x02)
-                        strcat(buf, ", 8/3");
+                        strncat(buf, ", 8/3", 256 - strlen(buf));
                     if (pv & 0x04)
-                        strcat(buf, ", 12/3");
+                        strncat(buf, ", 12/3", 256 - strlen(buf));
                     if (pv & 0x08)
-                        strcat(buf, ", 16/3");
+                        strncat(buf, ", 16/3", 256 - strlen(buf));
                     if (pv & 0x10)
-                        strcat(buf, ", 20/3");
+                        strncat(buf, ", 20/3", 256 - strlen(buf));
                     if (pv & 0x20)
-                        strcat(buf, ", 25/3");
+                        strncat(buf, ", 25/3", 256 - strlen(buf));
                     if (pv & 0x40)
-                        strcat(buf, ", 30/3");
+                        strncat(buf, ", 30/3", 256 - strlen(buf));
                     if (pv & 0x80)
-                        strcat(buf, ", 40/3");
+                        strncat(buf, ", 40/3", 256 - strlen(buf));
 
-                    strcat(buf, " s)");
+                    strncat(buf, " s)", 256 - strlen(buf));
 
                     proto_item_append_text(ti, buf+2);
 
@@ -1592,29 +1592,29 @@ static void dissect_xid(tvbuff_t* tvb, packet_info* pinfo, proto_tree* root, pro
                 service_hints[0] = 0;
 
                 if (hint1 & 0x01)                
-                    strcat(service_hints, ", PnP Compatible");
+                    strncat(service_hints, ", PnP Compatible", 256 - strlen(service_hints));
                 if (hint1 & 0x02)
-                    strcat(service_hints, ", PDA/Palmtop");
+                    strncat(service_hints, ", PDA/Palmtop", 256 - strlen(service_hints));
                 if (hint1 & 0x04)
-                    strcat(service_hints, ", Computer");
+                    strncat(service_hints, ", Computer", 256 - strlen(service_hints));
                 if (hint1 & 0x08)
-                    strcat(service_hints, ", Printer");
+                    strncat(service_hints, ", Printer", 256 - strlen(service_hints));
                 if (hint1 & 0x10)
-                    strcat(service_hints, ", Modem");
+                    strncat(service_hints, ", Modem", 256 - strlen(service_hints));
                 if (hint1 & 0x20)
-                    strcat(service_hints, ", Fax");
+                    strncat(service_hints, ", Fax", 256 - strlen(service_hints));
                 if (hint1 & 0x40)
-                    strcat(service_hints, ", LAN Access");
+                    strncat(service_hints, ", LAN Access", 256 - strlen(service_hints));
                 if (hint2 & 0x01)
-                    strcat(service_hints, ", Telephony");
+                    strncat(service_hints, ", Telephony", 256 - strlen(service_hints));
                 if (hint2 & 0x02)
-                    strcat(service_hints, ", File Server");
+                    strncat(service_hints, ", File Server", 256 - strlen(service_hints));
                 if (hint2 & 0x04)
-                    strcat(service_hints, ", IrCOMM");
+                    strncat(service_hints, ", IrCOMM", 256 - strlen(service_hints));
                 if (hint2 & 0x20)
-                    strcat(service_hints, ", OBEX");
+                    strncat(service_hints, ", OBEX", 256 - strlen(service_hints));
 
-                strcat(service_hints, ")");
+                strncat(service_hints, ")", 256 - strlen(service_hints));
                 service_hints[0] = ' ';
                 service_hints[1] = '(';
 

diff --git a/plugins/lwres/packet-lwres.c b/plugins/lwres/packet-lwres.c
index 2d26b381bd95a160393aa4098fab718e153b8d85..0c6d57aad7abc4a1384560f49cbeb65b68dcb87b 100644 (file)
--- a/plugins/lwres/packet-lwres.c
+++ b/plugins/lwres/packet-lwres.c
@@ -315,7 +315,7 @@ lwres_get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset,
        break;
 
       default:
-       strcpy(name, "<Unknown extended label>");
+       strncpy(name, "<Unknown extended label>", maxname);
        /* Parsing will propably fail from here on, since the */
        /* label length is unknown... */
        len = offset - start_offset;
@@ -345,7 +345,7 @@ lwres_get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset,
          will make us look at some character again, which means we're
         looping. */
       if (chars_processed >= data_size) {
-        strcpy(name, "<Name contains a pointer that loops>");
+        strncpy(name, "<Name contains a pointer that loops>", maxname);
         if (len < min_len)
           THROW(ReportedBoundsError);
         return len;
@@ -363,7 +363,7 @@ lwres_get_dns_name(tvbuff_t *tvb, int offset, int dns_data_offset,
     len = offset - start_offset;
   /* Zero-length name means "root server" */
   if (*name == '\0')
-    strcpy(name, "<Root>");
+    strncpy(name, "<Root>", maxname);
   if (len < min_len)
     THROW(ReportedBoundsError);
   return len;