From: Matthew Dillon <dillon@dragonflybsd.org>
Date: Tue, 17 Jan 2006 23:50:35 +0000 (+0000)
Subject: Correct sizeof(pointer) bugs that should have been sizeof(*pointer)
X-Git-Tag: v2.0.1~5373
X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/97257a747cb100b49c718d80c9cce60cd83710b1

Correct sizeof(pointer) bugs that should have been sizeof(*pointer)
or strlen(pointer) or something other then sizeof(pointer).

References: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25702
Reported-by: Mark Eklund <meklund@cisco.com>
---

diff --git a/crypto/telnet/libtelnet/sra.c b/crypto/telnet/libtelnet/sra.c
index f58cf87bf7..1cd1f0eb09 100644
--- a/crypto/telnet/libtelnet/sra.c
+++ b/crypto/telnet/libtelnet/sra.c
@@ -28,7 +28,7 @@
  * 
  *
  * $FreeBSD: src/crypto/telnet/libtelnet/sra.c,v 1.1.2.7 2002/05/16 08:46:49 markm Exp $
- * $DragonFly: src/crypto/telnet/libtelnet/sra.c,v 1.2 2003/06/17 04:24:37 dillon Exp $
+ * $DragonFly: src/crypto/telnet/libtelnet/sra.c,v 1.3 2006/01/17 23:50:34 dillon Exp $
  */
 
 #ifdef	SRA
@@ -58,6 +58,8 @@ char *user, *pass, *xuser, *xpass;
 DesData ck;
 IdeaData ik;
 
+#define PASS_SIZE	256
+
 extern int auth_debug_mode;
 extern char line[];
 
@@ -118,7 +120,7 @@ sra_init(Authenticator *ap __unused, int server)
 
 	user = (char *)malloc(256);
 	xuser = (char *)malloc(513);
-	pass = (char *)malloc(256);
+	pass = (char *)malloc(PASS_SIZE);
 	xpass = (char *)malloc(513);
 
 	if (user == NULL || xuser == NULL || pass == NULL || xpass ==
@@ -302,8 +304,8 @@ sra_reply(Authenticator *ap, unsigned char *data, int cnt)
 			goto enc_user;
 		}
 		/* encode password */
-		memset(pass,0,sizeof(pass));
-		telnet_gets("Password: ",pass,255,0);
+		memset(pass,0,PASS_SIZE);
+		telnet_gets("Password: ",pass,PASS_SIZE-1,0);
 		pk_encode(pass,xpass,&ck);
 		/* send it off */
 		if (auth_debug_mode)
diff --git a/crypto/telnet/telnetd/ext.h b/crypto/telnet/telnetd/ext.h
index 98d7c10e1e..52db75a31a 100644
--- a/crypto/telnet/telnetd/ext.h
+++ b/crypto/telnet/telnetd/ext.h
@@ -32,7 +32,7 @@
  *
  *	@(#)ext.h	8.2 (Berkeley) 12/15/93
  * $FreeBSD: src/crypto/telnet/telnetd/ext.h,v 1.2.8.4 2002/04/13 10:59:08 markm Exp $
- * $DragonFly: src/crypto/telnet/telnetd/ext.h,v 1.2 2003/06/17 04:24:37 dillon Exp $
+ * $DragonFly: src/crypto/telnet/telnetd/ext.h,v 1.3 2006/01/17 23:50:35 dillon Exp $
  */
 
 /*
@@ -63,6 +63,8 @@ extern int	auth_level;
 
 extern slcfun	slctab[NSLC + 1];	/* slc mapping table */
 
+#define TERMINAL_TYPE_SIZE	41	/* allocated space for terminaltype */
+
 char	*terminaltype;
 
 /*
diff --git a/crypto/telnet/telnetd/state.c b/crypto/telnet/telnetd/state.c
index 06e22557ad..f2aecf9c67 100644
--- a/crypto/telnet/telnetd/state.c
+++ b/crypto/telnet/telnetd/state.c
@@ -32,7 +32,7 @@
  *
  * @(#)state.c	8.5 (Berkeley) 5/30/95
  * $FreeBSD: src/crypto/telnet/telnetd/state.c,v 1.4.2.3 2002/04/13 10:59:08 markm Exp $
- * $DragonFly: src/crypto/telnet/telnetd/state.c,v 1.2 2003/06/17 04:24:37 dillon Exp $
+ * $DragonFly: src/crypto/telnet/telnetd/state.c,v 1.3 2006/01/17 23:50:35 dillon Exp $
  */
 
 #include <stdarg.h>
@@ -1092,7 +1092,7 @@ suboption(void)
     }  /* end of case TELOPT_TSPEED */
 
     case TELOPT_TTYPE: {		/* Yaaaay! */
-	static char terminalname[41];
+	static char terminalname[TERMINAL_TYPE_SIZE];
 
 	if (his_state_is_wont(TELOPT_TTYPE))	/* Ignore if option disabled */
 		break;
diff --git a/crypto/telnet/telnetd/telnetd.c b/crypto/telnet/telnetd/telnetd.c
index a7cd351e9d..5add37f3de 100644
--- a/crypto/telnet/telnetd/telnetd.c
+++ b/crypto/telnet/telnetd/telnetd.c
@@ -32,7 +32,7 @@
  *
  * @(#)telnetd.c	8.4 (Berkeley) 5/30/95
  * $FreeBSD: src/crypto/telnet/telnetd/telnetd.c,v 1.11.2.5 2002/04/13 10:59:09 markm Exp $
- * $DragonFly: src/crypto/telnet/telnetd/telnetd.c,v 1.2 2003/06/17 04:24:37 dillon Exp $
+ * $DragonFly: src/crypto/telnet/telnetd/telnetd.c,v 1.3 2006/01/17 23:50:35 dillon Exp $
  */
 
 #include "telnetd.h"
@@ -585,8 +585,8 @@ getterminaltype(char *name undef2)
 		     */
 		     _gettermname();
 		    if (strncmp(first, terminaltype, sizeof(first)) != 0) {
-			(void) strncpy(terminaltype, first, sizeof(terminaltype)-1);
-			terminaltype[sizeof(terminaltype)-1] = '\0';
+			(void) strncpy(terminaltype, first, TERMINAL_TYPE_SIZE-1);
+			terminaltype[TERMINAL_TYPE_SIZE-1] = '\0';
 		    }
 		    break;
 		}
diff --git a/sbin/kldconfig/kldconfig.c b/sbin/kldconfig/kldconfig.c
index 4fcfeb74f7..06aace03fb 100644
--- a/sbin/kldconfig/kldconfig.c
+++ b/sbin/kldconfig/kldconfig.c
@@ -24,7 +24,7 @@
  * SUCH DAMAGE.
  *
  * $FreeBSD: src/sbin/kldconfig/kldconfig.c,v 1.3.2.1 2001/08/01 05:52:36 obrien Exp $
- * $DragonFly: src/sbin/kldconfig/kldconfig.c,v 1.2 2003/06/17 04:27:33 dillon Exp $
+ * $DragonFly: src/sbin/kldconfig/kldconfig.c,v 1.3 2006/01/17 23:49:12 dillon Exp $
  */
 
 #include <sys/param.h>
@@ -270,7 +270,7 @@ parsepath(struct pathhead *pathq, char *path, int uniq)
 	
 	while ((p = strsep(&path, ";")) != NULL)
 		if (!uniq) {
-			if (((pe = malloc(sizeof(pe))) == NULL) ||
+			if (((pe = malloc(sizeof(*pe))) == NULL) ||
 			    ((pe->path = strdup(p)) == NULL)) {
 				errno = ENOMEM;
 				err(1, "allocating path element");
diff --git a/usr.bin/xlint/lint1/scan.l b/usr.bin/xlint/lint1/scan.l
index 5789618e63..67c4321393 100644
--- a/usr.bin/xlint/lint1/scan.l
+++ b/usr.bin/xlint/lint1/scan.l
@@ -32,7 +32,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  * $NetBSD: scan.l,v 1.8 1995/10/23 13:38:51 jpo Exp $
- * $DragonFly: src/usr.bin/xlint/lint1/scan.l,v 1.7 2004/07/07 12:24:00 asmodai Exp $
+ * $DragonFly: src/usr.bin/xlint/lint1/scan.l,v 1.8 2006/01/17 23:49:13 dillon Exp $
  */
 
 #include <stdlib.h>
@@ -307,7 +307,7 @@ allocsb()
 	} else {
 		sb = xmalloc(sizeof (sbuf_t));
 	}
-	(void)memset(sb, 0, sizeof (sb));
+	(void)memset(sb, 0, sizeof (*sb));
 	return (sb);
 }
 
diff --git a/usr.sbin/ppp/ncpaddr.c b/usr.sbin/ppp/ncpaddr.c
index 09fe870791..ae58f95124 100644
--- a/usr.sbin/ppp/ncpaddr.c
+++ b/usr.sbin/ppp/ncpaddr.c
@@ -24,7 +24,7 @@
  * SUCH DAMAGE.
  *
  * $FreeBSD: src/usr.sbin/ppp/ncpaddr.c,v 1.10.2.3 2003/04/29 16:05:55 ume Exp $
- * $DragonFly: src/usr.sbin/ppp/ncpaddr.c,v 1.2 2003/06/17 04:30:00 dillon Exp $
+ * $DragonFly: src/usr.sbin/ppp/ncpaddr.c,v 1.3 2006/01/17 23:49:16 dillon Exp $
  */
 
 #include <sys/types.h>
@@ -866,17 +866,17 @@ ncprange_ntoa(const struct ncprange *range)
       for (; len >= 3; res[len -= 2] = '\0')
         if (strcmp(res + len - 2, ".0"))
           break;
-      snprintf(res + len, sizeof res - len, "&0x%08lx",
+      snprintf(res + len, strlen(res) - len, "&0x%08lx",
                (unsigned long)ntohl(range->ncprange_ip4mask.s_addr));
     } else if (range->ncprange_ip4width < 32)
-      snprintf(res + len, sizeof res - len, "/%d", range->ncprange_ip4width);
+      snprintf(res + len, strlen(res) - len, "/%d", range->ncprange_ip4width);
 
     return res;
 
 #ifndef NOINET6
   case AF_INET6:
     if (range->ncprange_ip6width != 128)
-      snprintf(res + len, sizeof res - len, "/%d", range->ncprange_ip6width);
+      snprintf(res + len, strlen(res) - len, "/%d", range->ncprange_ip6width);
 
     return res;
 #endif