Switch the engine to using cli_strlcat instead of strcat

11 years ago · 1f271616be
parent 96ff19a19e
commit 1f271616be
4 changed files with 25 additions and 18 deletions
--- a/libclamav/matcher-ac.c
+++ b/libclamav/matcher-ac.c
@ -1577,6 +1577,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

    if(strchr(hexsig, '(')) {
 	    char *hexnew, *start, *h, *c;
+        size_t hexnewsz;

 	if(hex) {
 	    hexcpy = hex;
@ -1585,7 +1586,8 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
 	    return CL_EMEM;
 	}

-	if(!(hexnew = (char *) cli_calloc(strlen(hexsig) + 1, 1))) {
+    hexnewsz = strlen(hexsig) + 1;
+	if(!(hexnew = (char *) cli_calloc(1, hexnewsz))) {
 	    free(new);
 	    free(hexcpy);
 	    return CL_EMEM;
@ -1611,7 +1613,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
 		    pt[-2] = 0;
 		}
 	    }
-	    strcat(hexnew, start);
+	    cli_strlcat(hexnew, start, hexnewsz);

 	    if(!(start = strchr(pt, ')'))) {
 		mpool_free(root->mempool, newspecial);
@ -1654,7 +1656,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
 		    continue;
 		}
 	    }
-	    strcat(hexnew, "()");
+	    cli_strlcat(hexnew, "()", hexnewsz);
 	    new->special++;
 	    newtable = (struct cli_ac_special **) mpool_realloc(root->mempool, new->special_table, new->special * sizeof(struct cli_ac_special *));
 	    if(!newtable) {
@ -1746,7 +1748,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
 	}

 	if(start)
-	    strcat(hexnew, start);
+	    cli_strlcat(hexnew, start, hexnewsz);

 	hex = hexnew;
 	free(hexcpy);
--- a/libclamav/mbox.c
+++ b/libclamav/mbox.c
@ -697,12 +697,12 @@ parseEmailFile(fmap_t *map, size_t *at, const table_t *rfc821, const char *first
 						break;
 					}
 				} else if(line != NULL) {
-					fulllinelength += strlen(line);
+					fulllinelength += strlen(line) + 1;
 					ptr = cli_realloc(fullline, fulllinelength);
 					if(ptr == NULL)
 						continue;
 					fullline = ptr;
-					strcat(fullline, line);
+					cli_strlcat(fullline, line, fulllinelength);
 				}

 				assert(fullline != NULL);
@ -902,12 +902,12 @@ parseEmailHeaders(message *m, const table_t *rfc821)
 					fullline = cli_strdup(line);
 					fulllinelength = strlen(line) + 1;
 				} else if(line) {
-					fulllinelength += strlen(line);
+					fulllinelength += strlen(line) + 1;
 					ptr = cli_realloc(fullline, fulllinelength);
 					if(ptr == NULL)
 						continue;
 					fullline = ptr;
-					strcat(fullline, line);
+					cli_strlcat(fullline, line, fulllinelength);
 				}
 				assert(fullline != NULL);

@ -1456,6 +1456,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
 						 */
 						while(t_line && next_is_folded_header(t_line)) {
 							const char *data;
+                            size_t datasz;

 							t_line = t_line->t_next;

@ -1474,14 +1475,14 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
 								break;
 							}

-							ptr = cli_realloc(fullline,
-								strlen(fullline) + strlen(data) + 1);
+                            datasz = strlen(fullline) + strlen(data) + 1;
+							ptr = cli_realloc(fullline, datasz);

 							if(ptr == NULL)
 								break;

 							fullline = ptr;
-							strcat(fullline, data);
+							cli_strlcat(fullline, data, datasz);

 							/*quotes = count_quotes(data);*/
 						}
--- a/libclamav/message.c
+++ b/libclamav/message.c
@ -480,6 +480,7 @@ messageAddArguments(message *m, const char *s)
 	while(*string) {
 		const char *key, *cptr;
 		char *data, *field;
+        size_t datasz=0;

 		if(isspace(*string & 0xff) || (*string == ';')) {
 			string++;
@ -592,12 +593,14 @@ messageAddArguments(message *m, const char *s)

 			*ptr = '\0';

+            datasz = strlen(kcopy) + strlen(data) + 2;
 			field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2);
 			if(field) {
-				strcat(field, "=");
-				strcat(field, data);
-			} else
+                cli_strlcat(field, "=", datasz);
+                cli_strlcat(field, data, datasz);
+			} else {
 				free(kcopy);
+            }
 			free(data);
 		} else {
 			size_t len;
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@ -117,7 +117,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
 	int ret, asterisk = 0, range;
 	unsigned int i, j, hexlen, parts = 0;
 	int mindist = 0, maxdist = 0, error = 0;
-
+    size_t hexcpysz;

    hexlen = strlen(hexsig);
    if (hexsig[0] == '$') {
@ -165,18 +165,19 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
    }
    if((wild = strchr(hexsig, '{'))) {
 	if(sscanf(wild, "%c%u%c", &l, &range, &r) == 3 && l == '{' && r == '}' && range > 0 && range < 128) {
-	    hexcpy = cli_calloc(hexlen + 2 * range, sizeof(char));
+        hexcpysz = hexlen + 2 * range;
+	    hexcpy = cli_calloc(1, hexcpysz);
 	    if(!hexcpy)
 		return CL_EMEM;
 	    strncpy(hexcpy, hexsig, wild - hexsig);
 	    for(i = 0; i < (unsigned int) range; i++)
-		strcat(hexcpy, "??");
+		cli_strlcat(hexcpy, "??", hexcpysz);
 	    if(!(wild = strchr(wild, '}'))) {
 		cli_errmsg("cli_parse_add(): Problem adding signature: missing bracket\n");
 		free(hexcpy);
 		return CL_EMALFDB;
 	    }
-	    strcat(hexcpy, ++wild);
+	    cli_strlcat(hexcpy, ++wild, hexcpysz);
 	    ret = cli_parse_add(root, virname, hexcpy, rtype, type, offset, target, lsigid, options);
 	    free(hexcpy);
 	    return ret;