[ntp:bk-ntp-dev-send] BitKeeper diffs

Harlan Stenn stenn at deacon.udel.edu
Fri Apr 8 05:41:55 UTC 2011


#### ChangeSet ####
2011-04-08 02:02:48+00:00, davehart at shiny.ad.hartbrothers.com
  Use _mkgmtime() as timegm() in the Windows port, rather than
    libntp/mktime.c's timegm().  Fixed [Bug 1875] on Windows using the old
    asn2ntp() code from before 4.2.7p147.
  ntp_crypto.c string buffer safety.
  Remove use of MAXFILENAME in mode 7 (ntpdc) on-wire structs.
  Change ntpd MAXFILENAME from 128 to 256 to match ntp-keygen.

==== ChangeLog ====
2011-04-08 02:02:45+00:00, davehart at shiny.ad.hartbrothers.com +6 -0
  Use _mkgmtime() as timegm() in the Windows port, rather than
    libntp/mktime.c's timegm().  Fixed [Bug 1875] on Windows using the old
    asn2ntp() code from before 4.2.7p147.
  ntp_crypto.c string buffer safety.
  Remove use of MAXFILENAME in mode 7 (ntpdc) on-wire structs.
  Change ntpd MAXFILENAME from 128 to 256 to match ntp-keygen.

--- 1.834/ChangeLog	2011-04-05 03:50:30 -04:00
+++ 1.834.1.1/ChangeLog	2011-04-07 22:02:45 -04:00
@@ -1,3 +1,9 @@
+* Use _mkgmtime() as timegm() in the Windows port, rather than
+  libntp/mktime.c's timegm().  Fixed [Bug 1875] on Windows using the old
+  asn2ntp() code from before 4.2.7p147.
+* ntp_crypto.c string buffer safety.
+* Remove use of MAXFILENAME in mode 7 (ntpdc) on-wire structs.
+* Change ntpd MAXFILENAME from 128 to 256 to match ntp-keygen.
 (4.2.7p146) 2011/04/05 Released by Harlan Stenn <stenn at ntp.org>
 * String buffer safety cleanup, converting to strlcpy() and strlcat().
 * Use utmpname() before pututline() so repeated steps do not

==== include/ntp.h ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +1 -1
  Change ntpd's MAXFILENAME to 256 to match what ntp-keygen uses.

--- 1.192/include/ntp.h	2011-01-02 04:41:38 -05:00
+++ 1.193/include/ntp.h	2011-04-07 22:02:46 -04:00
@@ -138,7 +138,7 @@ typedef char s_char;
 /*
  * Limits of things
  */
-#define	MAXFILENAME	128	/* max length of file name */
+#define	MAXFILENAME	256	/* max length of file name */
 #define MAXHOSTNAME	512	/* max length of host/node name */
 #define NTP_MAXSTRLEN	256	/* max string length */
 

==== include/ntp_request.h ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +6 -5
  Remove use of MAXFILENAME in mode 7 (ntpdc) on-wire structs.

--- 1.42/include/ntp_request.h	2011-02-20 15:22:30 -05:00
+++ 1.43/include/ntp_request.h	2011-04-07 22:02:46 -04:00
@@ -116,15 +116,16 @@
 /*
  * union of raw addresses to save space
  */
-union addrun
-{
+union addrun {
 	struct in6_addr addr6;
 	struct in_addr  addr;
 };
 
+#define	MODE7_PAYLOAD_LIM	176
+
 typedef union req_data_u_tag {
-	u_int32	u32[(MAXFILENAME + 48) / sizeof(u_int32)];
-	char data[MAXFILENAME + 48];	/* data area [32 prev](176 byte max) */
+	u_int32	u32[MODE7_PAYLOAD_LIM / sizeof(u_int32)];
+	char data[MODE7_PAYLOAD_LIM];	/* data area (176 byte max) */
 } req_data_u;				/* struct conf_peer must fit */
 
 /*
@@ -600,7 +601,7 @@ struct conf_peer {
 	u_char ttl;		/* time to live (multicast) or refclock mode */
 	u_short unused1;	/* unused */
 	keyid_t keyid;		/* key to use for this association */
-	char keystr[MAXFILENAME]; /* public key file name*/
+	char keystr[128];	/* public key file name */
 	u_int v6_flag;		/* is this v6 or not */
 	u_int unused2;			/* unused, padding for peeraddr6 */
 	struct in6_addr peeraddr6;	/* ipv6 address to poll */

==== ntpd/ntp_control.c ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +2 -2
  use sizeof(buffer) rather than inside knowledge of buffer size.

--- 1.166/ntpd/ntp_control.c	2011-04-05 03:05:44 -04:00
+++ 1.167/ntpd/ntp_control.c	2011-04-07 22:02:46 -04:00
@@ -4301,7 +4301,7 @@ report_event(
 
 		ctl_sys_last_event = (u_char)err;
 		ctl_sys_num_events++;
-		snprintf(statstr, NTP_MAXSTRLEN,
+		snprintf(statstr, sizeof(statstr),
 		    "0.0.0.0 %04x %02x %s",
 		    ctlsysstatus(), err, eventstr(err));
 		if (str != NULL) {
@@ -4333,7 +4333,7 @@ report_event(
 		else
 			src = stoa(&peer->srcadr);
 
-		snprintf(statstr, NTP_MAXSTRLEN,
+		snprintf(statstr, sizeof(statstr),
 		    "%s %04x %02x %s", src,
 		    ctlpeerstatus(peer), err, eventstr(err));
 		if (str != NULL) {

==== ntpd/ntp_crypto.c ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +46 -51
  emalloc() + strcpy() -> estrdup().
  fstostr() + strcpy() + fstostr() + strcpy() + snprintf() + report_event()
    -> fstostr() + mprintf_event().
  Use sizeof(buffer) rather than hardcoded knowledge of buffer size.

--- 1.155/ntpd/ntp_crypto.c	2011-03-29 09:35:10 -04:00
+++ 1.155.1.1/ntpd/ntp_crypto.c	2011-04-07 22:02:46 -04:00
@@ -574,9 +574,8 @@ crypto_recv(
 			peer->subject[vallen] = '\0';
 			if (peer->issuer != NULL)
 				free(peer->issuer);
-			peer->issuer = emalloc(vallen + 1);
-			strcpy(peer->issuer, peer->subject);
-			snprintf(statstr, NTP_MAXSTRLEN,
+			peer->issuer = estrdup(peer->subject);
+			snprintf(statstr, sizeof(statstr),
 			    "assoc %d %d host %s %s", peer->associd,
 			    peer->assoc, peer->subject,
 			    OBJ_nid2ln(temp32));
@@ -636,7 +635,7 @@ crypto_recv(
 			}
 			peer->flash &= ~TEST8;
 			temp32 = xinfo->nid;
-			snprintf(statstr, NTP_MAXSTRLEN,
+			snprintf(statstr, sizeof(statstr),
 			    "cert %s %s 0x%x %s (%u) fs %u",
 			    xinfo->subject, xinfo->issuer, xinfo->flags,
 			    OBJ_nid2ln(temp32), temp32,
@@ -679,7 +678,7 @@ crypto_recv(
 
 			peer->crypto |= CRYPTO_FLAG_VRFY;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN, "iff %s fs %u",
+			snprintf(statstr, sizeof(statstr), "iff %s fs %u",
 			    peer->issuer, ntohl(ep->fstamp));
 			record_crypto_stats(&peer->srcadr, statstr);
 #ifdef DEBUG
@@ -720,7 +719,7 @@ crypto_recv(
 
 			peer->crypto |= CRYPTO_FLAG_VRFY;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN, "gq %s fs %u",
+			snprintf(statstr, sizeof(statstr), "gq %s fs %u",
 			    peer->issuer, ntohl(ep->fstamp));
 			record_crypto_stats(&peer->srcadr, statstr);
 #ifdef DEBUG
@@ -760,7 +759,7 @@ crypto_recv(
 
 			peer->crypto |= CRYPTO_FLAG_VRFY;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN, "mv %s fs %u",
+			snprintf(statstr, sizeof(statstr), "mv %s fs %u",
 			    peer->issuer, ntohl(ep->fstamp));
 			record_crypto_stats(&peer->srcadr, statstr);
 #ifdef DEBUG
@@ -819,7 +818,7 @@ crypto_recv(
 				peer->pcookie = cookie;
 			peer->crypto |= CRYPTO_FLAG_COOK;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN,
+			snprintf(statstr, sizeof(statstr),
 			    "cook %x ts %u fs %u", peer->pcookie,
 			    ntohl(ep->tstamp), ntohl(ep->fstamp));
 			record_crypto_stats(&peer->srcadr, statstr);
@@ -880,7 +879,7 @@ crypto_recv(
 			peer->pkeyid = bp->key;
 			peer->crypto |= CRYPTO_FLAG_AUTO;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN, 
+			snprintf(statstr, sizeof(statstr), 
 			    "auto seq %d key %x ts %u fs %u", bp->seq,
 			    bp->key, ntohl(ep->tstamp),
 			    ntohl(ep->fstamp));
@@ -919,7 +918,7 @@ crypto_recv(
 			peer->crypto |= CRYPTO_FLAG_SIGN;
 			peer->flash &= ~TEST8;
 			temp32 = xinfo->nid;
-			snprintf(statstr, NTP_MAXSTRLEN,
+			snprintf(statstr, sizeof(statstr),
 			    "sign %s %s 0x%x %s (%u) fs %u",
 			    xinfo->subject, xinfo->issuer, xinfo->flags,
 			    OBJ_nid2ln(temp32), temp32,
@@ -954,8 +953,6 @@ crypto_recv(
 			 * values and recompute the signatures.
 			 */
 			if (ntohl(ep->pkt[2]) > leap_expire) {
-				char	tbuf[80], str1 [20], str2[20];
-
 				tai_leap.tstamp = ep->tstamp;
 				tai_leap.fstamp = ep->fstamp;
 				tai_leap.vallen = ep->vallen;
@@ -963,16 +960,14 @@ crypto_recv(
 				leap_sec = ntohl(ep->pkt[1]);
 				leap_expire = ntohl(ep->pkt[2]);
 				crypto_update();
-				strcpy(str1, fstostr(leap_sec));
-				strcpy(str2, fstostr(leap_expire));
-				snprintf(tbuf, sizeof(tbuf),
-				    "%d leap %s expire %s", leap_tai, str1,
-				    str2);
-				    report_event(EVNT_TAI, peer, tbuf);
+				mprintf_event(EVNT_TAI, peer,
+				    "%d leap %s expire %s", leap_tai,
+				    fstostr(leap_sec),
+				    fstostr(leap_expire));
 			}
 			peer->crypto |= CRYPTO_FLAG_LEAP;
 			peer->flash &= ~TEST8;
-			snprintf(statstr, NTP_MAXSTRLEN,
+			snprintf(statstr, sizeof(statstr),
 			    "leap TAI offset %d at %u expire %u fs %u",
 			    ntohl(ep->pkt[0]), ntohl(ep->pkt[1]),
 			    ntohl(ep->pkt[2]), ntohl(ep->fstamp));
@@ -1025,7 +1020,7 @@ crypto_recv(
 		 * scan and we return the laundry to the caller.
 		 */
 		if (rval != XEVNT_OK) {
-			snprintf(statstr, NTP_MAXSTRLEN,
+			snprintf(statstr, sizeof(statstr),
 			    "%04x %d %02x %s", htonl(ep->opcode),
 			    associd, rval, eventstr(rval));
 			record_crypto_stats(&peer->srcadr, statstr);
@@ -1367,7 +1362,7 @@ crypto_xmit(
 		uint32 = CRYPTO_ERROR;
 		opcode |= uint32;
 		fp->opcode |= htonl(uint32);
-		snprintf(statstr, NTP_MAXSTRLEN,
+		snprintf(statstr, sizeof(statstr),
 		    "%04x %d %02x %s", opcode, associd, rval,
 		    eventstr(rval));
 		record_crypto_stats(srcadr_sin, statstr);
@@ -1847,7 +1842,7 @@ crypto_update(void)
 		tai_leap.siglen = htonl(sign_siglen);
 	if (leap_sec > 0)
 		crypto_flags |= CRYPTO_FLAG_TAI;
-	snprintf(statstr, NTP_MAXSTRLEN, "signature update ts %u",
+	snprintf(statstr, sizeof(statstr), "signature update ts %u",
 	    ntohl(hostval.tstamp)); 
 	record_crypto_stats(NULL, statstr);
 #ifdef DEBUG
@@ -3127,8 +3122,7 @@ cert_hike(
 	 */
 	if (peer->issuer != NULL)
 		free(peer->issuer);
-	peer->issuer = emalloc(strlen(yp->issuer) + 1);
-	strcpy(peer->issuer, yp->issuer);
+	peer->issuer = estrdup(yp->issuer);
 	xp = peer->xinfo;
 	peer->xinfo = yp;
 
@@ -3246,7 +3240,7 @@ cert_parse(
 	}
 	ret->version = X509_get_version(cert);
 	X509_NAME_oneline(X509_get_subject_name(cert), pathbuf,
-	    MAXFILENAME);
+	    sizeof(pathbuf));
 	pch = strstr(pathbuf, "CN=");
 	if (NULL == pch) {
 		msyslog(LOG_NOTICE, "cert_parse: invalid subject %s",
@@ -3269,7 +3263,7 @@ cert_parse(
 	ret->serial =
 	    (u_long)ASN1_INTEGER_get(X509_get_serialNumber(cert));
 	X509_NAME_oneline(X509_get_issuer_name(cert), pathbuf,
-	    MAXFILENAME);
+	    sizeof(pathbuf));
 	if ((pch = strstr(pathbuf, "CN=")) == NULL) {
 		msyslog(LOG_NOTICE, "cert_parse: invalid issuer %s",
 		    pathbuf);
@@ -3301,7 +3295,7 @@ cert_parse(
 		case NID_ext_key_usage:
 			bp = BIO_new(BIO_s_mem());
 			X509V3_EXT_print(bp, ext, 0, 0);
-			BIO_gets(bp, pathbuf, MAXFILENAME);
+			BIO_gets(bp, pathbuf, sizeof(pathbuf));
 			BIO_free(bp);
 			if (strcmp(pathbuf, "Trust Root") == 0)
 				ret->flags |= CERT_TRUST;
@@ -3444,9 +3438,10 @@ crypto_key(
 	 * wrong, abandon ship.
 	 */
 	if (*cp == '/')
-		strcpy(filename, cp);
+		strlcpy(filename, cp, sizeof(filename));
 	else
-		snprintf(filename, MAXFILENAME, "%s/%s", keysdir, cp);
+		snprintf(filename, sizeof(filename), "%s/%s", keysdir,
+		    cp);
 	str = fopen(filename, "r");
 	if (str == NULL)
 		return (NULL);
@@ -3454,7 +3449,7 @@ crypto_key(
 	/*
 	 * Read the filestamp, which is contained in the first line.
 	 */
-	if ((ptr = fgets(linkname, MAXFILENAME, str)) == NULL) {
+	if ((ptr = fgets(linkname, sizeof(linkname), str)) == NULL) {
 		msyslog(LOG_ERR, "crypto_key: empty file %s",
 		    filename);
 		fclose(str);
@@ -3492,16 +3487,15 @@ crypto_key(
 	pkp->link = pkinfo;
 	pkinfo = pkp;
 	pkp->pkey = pkey;
-	pkp->name = emalloc(strlen(cp) + 1);
+	pkp->name = estrdup(cp);
 	pkp->fstamp = fstamp;
-	strcpy(pkp->name, cp);
 
 	/*
 	 * Leave tracks in the cryptostats.
 	 */
 	if ((ptr = strrchr(linkname, '\n')) != NULL)
 		*ptr = '\0'; 
-	snprintf(statstr, NTP_MAXSTRLEN, "%s mod %d", &linkname[2],
+	snprintf(statstr, sizeof(statstr), "%s mod %d", &linkname[2],
 	    EVP_PKEY_size(pkey) * 8);
 	record_crypto_stats(addr, statstr);
 #ifdef DEBUG
@@ -3557,9 +3551,10 @@ crypto_cert(
 	 * something goes wrong, abandon ship.
 	 */
 	if (*cp == '/')
-		strcpy(filename, cp);
+		strlcpy(filename, cp, sizeof(filename));
 	else
-		snprintf(filename, MAXFILENAME, "%s/%s", keysdir, cp);
+		snprintf(filename, sizeof(filename), "%s/%s", keysdir,
+		    cp);
 	str = fopen(filename, "r");
 	if (str == NULL)
 		return (NULL);
@@ -3567,7 +3562,7 @@ crypto_cert(
 	/*
 	 * Read the filestamp, which is contained in the first line.
 	 */
-	if ((ptr = fgets(linkname, MAXFILENAME, str)) == NULL) {
+	if ((ptr = fgets(linkname, sizeof(linkname), str)) == NULL) {
 		msyslog(LOG_ERR, "crypto_cert: empty file %s",
 		    filename);
 		fclose(str);
@@ -3617,7 +3612,7 @@ crypto_cert(
 
 	if ((ptr = strrchr(linkname, '\n')) != NULL)
 		*ptr = '\0'; 
-	snprintf(statstr, NTP_MAXSTRLEN, "%s 0x%x len %lu",
+	snprintf(statstr, sizeof(statstr), "%s 0x%x len %lu",
 	    &linkname[2], ret->flags, len);
 	record_crypto_stats(NULL, statstr);
 #ifdef DEBUG
@@ -3704,9 +3699,9 @@ crypto_setup(void)
 	/*
 	 * Initialize structures.
 	 */
-	gethostname(hostname, MAXFILENAME);
+	gethostname(hostname, sizeof(hostname));
 	if (host_filename != NULL)
-		strcpy(hostname, host_filename);
+		strlcpy(hostname, host_filename, sizeof(hostname));
 	if (passwd == NULL)
 		passwd = hostname;
 	memset(&hostval, 0, sizeof(hostval));
@@ -3719,7 +3714,7 @@ crypto_setup(void)
 	 * as we know it ends. The host key also becomes the default
 	 * sign key. 
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_host_%s", hostname);
+	snprintf(filename, sizeof(filename), "ntpkey_host_%s", hostname);
 	pinfo = crypto_key(filename, passwd, NULL);
 	if (pinfo == NULL) {
 		msyslog(LOG_ERR,
@@ -3750,14 +3745,15 @@ crypto_setup(void)
 	 * Load optional sign key from file "ntpkey_sign_<hostname>". If
 	 * available, it becomes the sign key.
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_sign_%s", hostname);
-	pinfo = crypto_key(filename, passwd, NULL); if (pinfo != NULL)
-	 	sign_pkey = pinfo->pkey;
+	snprintf(filename, sizeof(filename), "ntpkey_sign_%s", hostname);
+	pinfo = crypto_key(filename, passwd, NULL);
+	if (pinfo != NULL)
+		sign_pkey = pinfo->pkey;
 
 	/*
 	 * Load required certificate from file "ntpkey_cert_<hostname>".
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_cert_%s", hostname);
+	snprintf(filename, sizeof(filename), "ntpkey_cert_%s", hostname);
 	cinfo = crypto_cert(filename);
 	if (cinfo == NULL) {
 		msyslog(LOG_ERR,
@@ -3787,13 +3783,13 @@ crypto_setup(void)
 	if (ptr != NULL)
 		sys_groupname = estrdup((char *)++ptr);
 	if (ident_filename != NULL)
-		strcpy(hostname, ident_filename);
+		strlcpy(hostname, ident_filename, sizeof(hostname));
 
 	/*
 	 * Load optional IFF parameters from file
 	 * "ntpkey_iffkey_<hostname>".
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_iffkey_%s",
+	snprintf(filename, sizeof(filename), "ntpkey_iffkey_%s",
 	    hostname);
 	iffkey_info = crypto_key(filename, passwd, NULL);
 	if (iffkey_info != NULL)
@@ -3803,7 +3799,7 @@ crypto_setup(void)
 	 * Load optional GQ parameters from file
 	 * "ntpkey_gqkey_<hostname>".
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_gqkey_%s",
+	snprintf(filename, sizeof(filename), "ntpkey_gqkey_%s",
 	    hostname);
 	gqkey_info = crypto_key(filename, passwd, NULL);
 	if (gqkey_info != NULL)
@@ -3813,7 +3809,7 @@ crypto_setup(void)
 	 * Load optional MV parameters from file
 	 * "ntpkey_mvkey_<hostname>".
 	 */
-	snprintf(filename, MAXFILENAME, "ntpkey_mvkey_%s",
+	snprintf(filename, sizeof(filename), "ntpkey_mvkey_%s",
 	    hostname);
 	mvkey_info = crypto_key(filename, passwd, NULL);
 	if (mvkey_info != NULL)
@@ -3823,9 +3819,8 @@ crypto_setup(void)
 	 * We met the enemy and he is us. Now strike up the dance.
 	 */
 	crypto_flags |= CRYPTO_FLAG_ENAB | (cinfo->nid << 16);
-	snprintf(statstr, NTP_MAXSTRLEN,
-	    "setup 0x%x host %s %s", crypto_flags, hostname,
-	    OBJ_nid2ln(cinfo->nid));
+	snprintf(statstr, sizeof(statstr), "setup 0x%x host %s %s",
+	    crypto_flags, hostname, OBJ_nid2ln(cinfo->nid));
 	record_crypto_stats(NULL, statstr);
 #ifdef DEBUG
 	if (debug)

==== ntpd/ntp_util.c ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +2 -5
  fstostr() can now safely return strings longer than 19 characters.

--- 1.93/ntpd/ntp_util.c	2011-04-05 03:05:45 -04:00
+++ 1.94/ntpd/ntp_util.c	2011-04-07 22:02:46 -04:00
@@ -1066,11 +1066,8 @@ char * fstostr(
 	unix_stamp = ntp_stamp - JAN_1970;
 	tm = gmtime(&unix_stamp);
 	if (NULL == tm)
-#ifdef WAIT_FOR_NTP_CRYPTO_C_CALLERS_ABLE_TO_HANDLE_MORE_THAN_20_CHARS
-		msnprintf(buf, LIB_BUFLENGTH, "gmtime: %m");
-#else
-		strlcpy(buf, "gmtime() error", LIB_BUFLENGTH);
-#endif
+		msnprintf(buf, LIB_BUFLENGTH, "gmtime(%ld): %m",
+			  (long)unix_stamp);
 	else
 		snprintf(buf, LIB_BUFLENGTH, "%04d%02d%02d%02d%02d",
 			 tm->tm_year + 1900, tm->tm_mon + 1,

==== ports/winnt/include/config.h ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +2 -0
  Use _mkgmtime() as timegm() in the Windows port, rather than
    libntp/mktime.c's timegm().  Fixes [Bug 1875] on Windows, however that
    bug is still present on systems without timegm().

--- 1.93/ports/winnt/include/config.h	2011-01-20 03:27:31 -05:00
+++ 1.94/ports/winnt/include/config.h	2011-04-07 22:02:46 -04:00
@@ -298,6 +298,7 @@ typedef int socklen_t;
 #define isatty		_isatty
 #define mktemp		_mktemp
 #define getpid		_getpid
+#define timegm		_mkgmtime
 #define errno_to_str	isc__strerror
 
 typedef int pid_t;		/* PID is an int */
@@ -377,6 +378,7 @@ typedef __int32 int32_t;	/* define a typ
 # define HAVE_STDARG_H
 # define HAVE_NO_NICE
 # define HAVE_MKTIME
+# define HAVE_TIMEGM			/* actually _mkgmtime */
 # define HAVE_STRUCT_TIMESPEC
 # define HAVE_SYS_TIME_H
 # define HAVE_IO_COMPLETION_PORT

==== sntp/tests/keyFile.cpp ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +7 -6
  strncpy() -> strlcpy()

--- 1.3/sntp/tests/keyFile.cpp	2010-10-30 23:24:28 -04:00
+++ 1.4/sntp/tests/keyFile.cpp	2011-04-07 22:02:46 -04:00
@@ -26,16 +26,17 @@ protected:
 	}
 
 	::testing::AssertionResult CompareKeys(int key_id,
-										  int key_len,
-										  const char* type,
-										  const char* key_seq,
-										  key& actual) {
+					       int key_len,
+					       const char* type,
+					       const char* key_seq,
+					       key& actual) {
 		key temp;
+
 		temp.key_id = key_id;
 		temp.key_len = key_len;
-		strncpy(temp.type, type, sizeof(temp.type));
-		temp.type[sizeof(temp.type)-1] = '\0';
+		strlcpy(temp.type, type, sizeof(temp.type));
 		memcpy(temp.key_seq, key_seq, key_len);
+
 		return CompareKeys(temp, actual);
 	}
 };

==== util/ntp-keygen.c ====
2011-04-08 02:02:46+00:00, davehart at shiny.ad.hartbrothers.com +26 -21
  Remove duplicate BN_CTX_new() call from gen_gqkey(), flagged by Coverity.

--- 1.80/util/ntp-keygen.c	2011-04-05 03:05:48 -04:00
+++ 1.81/util/ntp-keygen.c	2011-04-07 22:02:46 -04:00
@@ -522,7 +522,8 @@ main(
 	if (gqkey)
 		pkey_gqkey = gen_gqkey("gqkey");
 	if (pkey_gqkey == NULL) {
-		sprintf(filename, "ntpkey_gqkey_%s", groupname);
+		snprintf(filename, sizeof(filename), "ntpkey_gqkey_%s",
+		    groupname);
 		pkey_gqkey = readkey(filename, passwd1, &fstamp, NULL);
 		if (pkey_gqkey != NULL) {
 			followlink(filename, sizeof(filename));
@@ -541,8 +542,8 @@ main(
 	if (pkey_gqkey != NULL && HAVE_OPT(ID_KEY)) {
 		RSA	*rsa;
 
-		sprintf(filename, "ntpkey_gqpar_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_gqpar_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing GQ parameters %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -565,8 +566,8 @@ main(
 	if (pkey_gqkey != NULL && passwd2 != NULL) {
 		RSA	*rsa;
 
-		sprintf(filename, "ntpkey_gqkey_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_gqkey_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing GQ keys %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -588,7 +589,8 @@ main(
 	if (iffkey)
 		pkey_iffkey = gen_iffkey("iffkey");
 	if (pkey_iffkey == NULL) {
-		sprintf(filename, "ntpkey_iffkey_%s", groupname);
+		snprintf(filename, sizeof(filename), "ntpkey_iffkey_%s",
+		    groupname);
 		pkey_iffkey = readkey(filename, passwd1, &fstamp, NULL);
 		if (pkey_iffkey != NULL) {
 			followlink(filename, sizeof(filename));
@@ -605,8 +607,8 @@ main(
 	if (pkey_iffkey != NULL && HAVE_OPT(ID_KEY)) {
 		DSA	*dsa;
 
-		sprintf(filename, "ntpkey_iffpar_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_iffpar_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing IFF parameters %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -628,8 +630,8 @@ main(
 	if (pkey_iffkey != NULL && passwd2 != NULL) {
 		DSA	*dsa;
 
-		sprintf(filename, "ntpkey_iffkey_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_iffkey_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing IFF keys %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -651,9 +653,10 @@ main(
 	if (mvkey)
 		pkey_mvkey = gen_mvkey("mv", pkey_mvpar);
 	if (pkey_mvkey == NULL) {
-		sprintf(filename, "ntpkey_mvta_%s", groupname);
+		snprintf(filename, sizeof(filename), "ntpkey_mvta_%s",
+		    groupname);
 		pkey_mvkey = readkey(filename, passwd1, &fstamp,
-		   pkey_mvpar);
+		    pkey_mvpar);
 		if (pkey_mvkey != NULL) {
 			followlink(filename, sizeof(filename));
 			fprintf(stderr, "Using MV keys %s\n",
@@ -667,8 +670,8 @@ main(
 	 * associated with client key 1.
 	 */
 	if (pkey_mvkey != NULL && HAVE_OPT(ID_KEY)) {
-		sprintf(filename, "ntpkey_mvpar_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_mvpar_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing MV parameters %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -685,8 +688,8 @@ main(
 	 * Write the encrypted MV server keys to the stdout stream.
 	 */
 	if (pkey_mvkey != NULL && passwd2 != NULL) {
-		sprintf(filename, "ntpkey_mvkey_%s.%u", groupname,
-		    fstamp);
+		snprintf(filename, sizeof(filename),
+		    "ntpkey_mvkey_%s.%u", groupname, fstamp);
 		fprintf(stderr, "Writing MV keys %s to stdout\n",
 		    filename);
 		fprintf(stdout, "# %s\n# %s\n", filename,
@@ -1220,8 +1223,8 @@ gen_gqkey(
 		    ERR_error_string(ERR_get_error(), NULL));
 		return (NULL);
 	}
-	ctx = BN_CTX_new(); u = BN_new(); v = BN_new();
-	g = BN_new(); k = BN_new(); r = BN_new(); y = BN_new();
+	u = BN_new(); v = BN_new(); g = BN_new();
+	k = BN_new(); r = BN_new(); y = BN_new();
 
 	/*
 	 * Generate the group key b, which is saved in the e member of
@@ -1957,7 +1960,7 @@ x509	(
 	/*
 	 * Write the certificate encoded in PEM.
 	 */
-	sprintf(pathbuf, "%scert", id);
+	snprintf(pathbuf, sizeof(pathbuf), "%scert", id);
 	str = fheader(pathbuf, "cert", hostname);
 	PEM_write_X509(str, cert);
 	fclose(str);
@@ -2076,12 +2079,14 @@ fheader	(
 	char	linkname[MAXFILENAME]; /* link name */
 	int	temp;
 
-	sprintf(filename, "ntpkey_%s_%s.%u", file, owner, fstamp); 
+	snprintf(filename, sizeof(filename), "ntpkey_%s_%s.%u", file,
+	    owner, fstamp); 
 	if ((str = fopen(filename, "w")) == NULL) {
 		perror("Write");
 		exit (-1);
 	}
-	sprintf(linkname, "ntpkey_%s_%s", ulink, hostname);
+	snprintf(linkname, sizeof(linkname), "ntpkey_%s_%s", ulink,
+	    hostname);
 	remove(linkname);
 	temp = symlink(filename, linkname);
 	if (temp < 0)


More information about the bk-ntp-dev-send mailing list