diff --git a/Libraries/LibC/time.cpp b/Libraries/LibC/time.cpp index 89e279ec60..5f1c8eeabe 100644 --- a/Libraries/LibC/time.cpp +++ b/Libraries/LibC/time.cpp @@ -304,10 +304,9 @@ size_t strftime(char* destination, size_t max_size, const char* format, const st return 0; } - if (builder.length() + 1 > max_size) - return 0; - strcpy(destination, builder.build().characters()); - return builder.length(); + auto str = builder.build(); + bool fits = str.copy_characters_to_buffer(destination, max_size); + return fits ? str.length() : 0; } long timezone = 0; diff --git a/Libraries/LibCore/Socket.cpp b/Libraries/LibCore/Socket.cpp index 6685839a27..5ad2beb1f3 100644 --- a/Libraries/LibCore/Socket.cpp +++ b/Libraries/LibCore/Socket.cpp @@ -112,13 +112,12 @@ bool Socket::connect(const SocketAddress& address) sockaddr_un saddr; saddr.sun_family = AF_LOCAL; auto dest_address = address.to_string(); - if (dest_address.length() >= sizeof(saddr.sun_path)) { + bool fits = dest_address.copy_characters_to_buffer(saddr.sun_path, sizeof(saddr.sun_path)); + if (!fits) { fprintf(stderr, "Core::Socket: Failed to connect() to %s: Path is too long!\n", dest_address.characters()); errno = EINVAL; return false; } - strcpy(saddr.sun_path, address.to_string().characters()); - m_destination_address = address; return common_connect((const sockaddr*)&saddr, sizeof(saddr)); diff --git a/Libraries/LibCore/SocketAddress.h b/Libraries/LibCore/SocketAddress.h index 1ffa3da24f..717f4e8fd3 100644 --- a/Libraries/LibCore/SocketAddress.h +++ b/Libraries/LibCore/SocketAddress.h @@ -87,10 +87,9 @@ public: ASSERT(type() == Type::Local); sockaddr_un address; address.sun_family = AF_LOCAL; - if (m_local_address.length() >= sizeof(address.sun_path)) { + bool fits = m_local_address.copy_characters_to_buffer(address.sun_path, sizeof(address.sun_path)); + if (!fits) return {}; - } - strcpy(address.sun_path, m_local_address.characters()); return address; } diff --git a/Libraries/LibCrypt/crypt.cpp b/Libraries/LibCrypt/crypt.cpp index 3431383fee..0a789bfe6a 100644 --- a/Libraries/LibCrypt/crypt.cpp +++ b/Libraries/LibCrypt/crypt.cpp @@ -55,7 +55,11 @@ char* crypt_r(const char* key, const char* salt, struct crypt_data* data) size_t salt_len = min(strcspn(salt_value, "$"), crypt_salt_max); size_t header_len = salt_len + 3; - strncpy(data->result, salt, header_len); + bool fits = String(salt, header_len).copy_characters_to_buffer(data->result, sizeof(data->result)); + if (!fits) { + errno = EINVAL; + return nullptr; + } data->result[header_len] = '$'; Crypto::Hash::SHA256 sha; @@ -65,7 +69,11 @@ char* crypt_r(const char* key, const char* salt, struct crypt_data* data) auto digest = sha.digest(); auto string = encode_base64(ReadonlyBytes(digest.immutable_data(), digest.data_length())); - strncpy(data->result + header_len + 1, string.characters(), sha_string_length); + fits = string.copy_characters_to_buffer(data->result + header_len + 1, sizeof(data->result) - header_len - 1); + if (!fits) { + errno = EINVAL; + return nullptr; + } return data->result; } diff --git a/Services/DHCPClient/DHCPv4Client.cpp b/Services/DHCPClient/DHCPv4Client.cpp index 355c03dc7b..855fe6846e 100644 --- a/Services/DHCPClient/DHCPv4Client.cpp +++ b/Services/DHCPClient/DHCPv4Client.cpp @@ -71,7 +71,12 @@ static void set_params(const InterfaceDescriptor& iface, const IPv4Address& ipv4 struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); - strlcpy(ifr.ifr_name, iface.m_ifname.characters(), IFNAMSIZ); + + bool fits = iface.m_ifname.copy_characters_to_buffer(ifr.ifr_name, IFNAMSIZ); + if (!fits) { + dbg() << "Interface name doesn't fit into IFNAMSIZ!"; + return; + } // set the IP address ifr.ifr_addr.sa_family = AF_INET; diff --git a/Services/DHCPClient/DHCPv4Client.h b/Services/DHCPClient/DHCPv4Client.h index c45f08f0d1..3527e8da98 100644 --- a/Services/DHCPClient/DHCPv4Client.h +++ b/Services/DHCPClient/DHCPv4Client.h @@ -27,9 +27,9 @@ #pragma once #include "DHCPv4.h" -#include #include #include +#include #include #include #include @@ -39,7 +39,7 @@ #include struct InterfaceDescriptor { - FlyString m_ifname; + String m_ifname; MACAddress m_mac_address; }; diff --git a/Userland/ifconfig.cpp b/Userland/ifconfig.cpp index 32235e7cc3..8f858be1f0 100644 --- a/Userland/ifconfig.cpp +++ b/Userland/ifconfig.cpp @@ -116,7 +116,11 @@ int main(int argc, char** argv) struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); - strlcpy(ifr.ifr_name, ifname.characters(), IFNAMSIZ); + bool fits = ifname.copy_characters_to_buffer(ifr.ifr_name, IFNAMSIZ); + if (!fits) { + fprintf(stderr, "Interface name '%s' is too long\n", ifname.characters()); + return 1; + } ifr.ifr_addr.sa_family = AF_INET; ((sockaddr_in&)ifr.ifr_addr).sin_addr.s_addr = address.value().to_in_addr_t(); @@ -144,7 +148,11 @@ int main(int argc, char** argv) struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); - strlcpy(ifr.ifr_name, ifname.characters(), IFNAMSIZ); + bool fits = ifname.copy_characters_to_buffer(ifr.ifr_name, IFNAMSIZ); + if (!fits) { + fprintf(stderr, "Interface name '%s' is too long\n", ifname.characters()); + return 1; + } ifr.ifr_netmask.sa_family = AF_INET; ((sockaddr_in&)ifr.ifr_netmask).sin_addr.s_addr = address.value().to_in_addr_t(); diff --git a/Userland/ping.cpp b/Userland/ping.cpp index 9096d0e470..d8248cb094 100644 --- a/Userland/ping.cpp +++ b/Userland/ping.cpp @@ -125,7 +125,10 @@ int main(int argc, char** argv) ping_packet.header.code = 0; ping_packet.header.un.echo.id = htons(pid); ping_packet.header.un.echo.sequence = htons(seq++); - strlcpy(ping_packet.msg, "Hello there!\n", sizeof(ping_packet.msg)); + + bool fits = String("Hello there!\n").copy_characters_to_buffer(ping_packet.msg, sizeof(ping_packet.msg)); + // It's a constant string, we can be sure that it fits. + ASSERT(fits); ping_packet.header.checksum = internet_checksum(&ping_packet, sizeof(PingPacket));