for (i=0; cvs_ignore_list[i]; i++)
add_exclude(cvs_ignore_list[i]);
- if ((p=getenv("HOME"))) {
+ if ((p=getenv("HOME")) && strlen(p) < (MAXPATHLEN-12)) {
sprintf(fname,"%s/.cvsignore",p);
add_exclude_file(fname,0);
}
last_gid = file->gid;
last_time = file->modtime;
- strcpy(lastname,file->name);
- lastname[255] = 0;
+ strncpy(lastname,file->name,MAXPATHLEN-1);
+ lastname[MAXPATHLEN-1] = 0;
}
last_gid = file->gid;
last_time = file->modtime;
- strcpy(lastname,file->name);
- lastname[255] = 0;
+ strncpy(lastname,file->name,MAXPATHLEN-1);
+ lastname[MAXPATHLEN-1] = 0;
}
return;
}
- strcpy(fname,dir);
+ strncpy(fname,dir,MAXPATHLEN-1);
+ fname[MAXPATHLEN-1]=0;
l = strlen(fname);
if (fname[l-1] != '/')
strcat(fname,"/");
if (strcmp(di->d_name,".")==0 ||
strcmp(di->d_name,"..")==0)
continue;
- strcpy(p,di->d_name);
+ strncpy(p,di->d_name,MAXPATHLEN-l);
send_file_name(f,flist,fname);
}
char fname2[MAXPATHLEN];
char *fname = fname2;
- strcpy(fname,argv[i]);
+ strncpy(fname,argv[i],MAXPATHLEN-1);
+ fname[MAXPATHLEN-1] = 0;
l = strlen(fname);
if (l != 1 && fname[l-1] == '/') {
}
/* open tmp file */
+ if (strlen(fname) > (MAXPATHLEN-8)) {
+ fprintf(FERROR,"filename too long\n");
+ continue;
+ }
sprintf(fnametmp,"%s.XXXXXX",fname);
if (NULL == mktemp(fnametmp)) {
fprintf(FERROR,"mktemp %s failed\n",fnametmp);
if (make_backups) {
char fnamebak[MAXPATHLEN];
+ if (strlen(fname) + strlen(backup_suffix) > (MAXPATHLEN-1)) {
+ fprintf(FERROR,"backup filename too long\n");
+ continue;
+ }
sprintf(fnamebak,"%s%s",fname,backup_suffix);
if (rename(fname,fnamebak) != 0 && errno != ENOENT) {
fprintf(FERROR,"rename %s %s : %s\n",fname,fnamebak,strerror(errno));
fname[0] = 0;
if (file->dir) {
- strcpy(fname,file->dir);
+ strncpy(fname,file->dir,MAXPATHLEN-1);
+ fname[MAXPATHLEN-1] = 0;
strcat(fname,"/");
}
- strcat(fname,file->name);
+ strncat(fname,file->name,MAXPATHLEN-strlen(fname));
if (verbose > 2)
fprintf(FERROR,"send_files(%d,%s)\n",i,fname);