Avoid strcat; use snprintf or strlcat instead

svn:r2605

3 files changed, 13 insertions, 18 deletions

diff --git a/src/or/rephist.c b/src/or/rephist.c
index b87217280d..8c6b6cf559 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -307,8 +307,7 @@ void write_rep_history(const char *filename)
   const char *name1;
 
   tmpfile = tor_malloc(strlen(filename)+5);
-  strcpy(tmpfile, filename);
-  strcat(tmpfile, "_tmp");
+  snprintf(tmpfile, strlen(filename)+5, "%s_tmp", filename);
 
   f = fopen(tmpfile, "w");
   if (!f) goto done;
@@ -548,7 +547,7 @@ char *rep_hist_get_bandwidth_lines(void)
         snprintf(cp, len-(cp-buf), "%d,", b->totals[i]);
       cp += strlen(cp);
     }
-    strcat(cp, "\n");
+    strlcat(cp, "\n", len-(cp-buf));
     ++cp;
   }
   return buf;
diff --git a/src/or/router.c b/src/or/router.c
index e96b6b7752..799c7b3002 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -325,14 +325,14 @@ int init_keys(void) {
   snprintf(keydir,sizeof(keydir),"%s/fingerprint", datadir);
   log_fn(LOG_INFO,"Dumping fingerprint to %s...",keydir);
   tor_assert(strlen(options.Nickname) <= MAX_NICKNAME_LEN);
-  strcpy(fingerprint, options.Nickname);
-  strcat(fingerprint, " ");
+  strlcpy(fingerprint, options.Nickname, sizeof(fingerprint));
+  strlcat(fingerprint, " ", sizeof(fingerprint));
   if (crypto_pk_get_fingerprint(get_identity_key(),
                                 fingerprint+strlen(fingerprint), 1)<0) {
     log_fn(LOG_ERR, "Error computing fingerprint");
     return -1;
   }
-  strcat(fingerprint, "\n");
+  strlcat(fingerprint, "\n", sizeof(fingerprint));
   if (write_str_to_file(keydir, fingerprint, 0))
     return -1;
   if(!authdir_mode())
@@ -717,7 +717,7 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
       /* There is no port set; write ":*" */
       if (written > maxlen-4)
         return -1;
-      strcat(s+written, ":*\n");
+      strlcat(s+written, ":*\n", maxlen-written);
       written += 3;
     } else if (tmpe->prt_min == tmpe->prt_max) {
       /* There is only one port; write ":80". */
@@ -741,7 +741,7 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
     return -1;
 
   /* Sign the directory */
-  strcat(s+written, "router-signature\n");
+  strlcat(s+written, "router-signature\n", maxlen-written);
   written += strlen(s+written);
   s[written] = '\0';
   if (router_get_router_hash(s, digest) < 0)
@@ -751,14 +751,14 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
     log_fn(LOG_WARN, "Error signing digest");
     return -1;
   }
-  strcat(s+written, "-----BEGIN SIGNATURE-----\n");
+  strlcat(s+written, "-----BEGIN SIGNATURE-----\n", maxlen-written);
   written += strlen(s+written);
   if (base64_encode(s+written, maxlen-written, signature, 128) < 0) {
     log_fn(LOG_WARN, "Couldn't base64-encode signature");
     return -1;
   }
   written += strlen(s+written);
-  strcat(s+written, "-----END SIGNATURE-----\n");
+  strlcat(s+written, "-----END SIGNATURE-----\n", maxlen-written);
   written += strlen(s+written);
 
   if (written > maxlen-2)
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 6d3ad66506..bc6030b202 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1032,14 +1032,10 @@ router_parse_exit_policy(directory_token_t *tok) {
   newe = tor_malloc_zero(sizeof(struct exit_policy_t));
 
   newe->string = tor_malloc(8+strlen(arg));
-  if (tok->tp == K_REJECT) {
-    strcpy(newe->string, "reject ");
-    newe->policy_type = EXIT_POLICY_REJECT;
-  } else {
-    strcpy(newe->string, "accept ");
-    newe->policy_type = EXIT_POLICY_ACCEPT;
-  }
-  strcat(newe->string, arg); /* can't overflow */
+  snprintf(newe->string, 8+strlen(arg), "%s %s",
+           (tok->tp == K_REJECT) ? "reject" : "accept", arg);
+  newe->policy_type = (tok->tp == K_REJECT) ? EXIT_POLICY_REJECT
+    : EXIT_POLICY_ACCEPT;
 
   if (parse_addr_and_port_range(arg, &newe->addr, &newe->msk,
                                 &newe->prt_min, &newe->prt_max))