diff options
| -rw-r--r-- | FICS/comproc.c | 22 | ||||
| -rw-r--r-- | FICS/gamedb.c | 11 | ||||
| -rw-r--r-- | FICS/playerdb.c | 95 |
3 files changed, 97 insertions, 31 deletions
diff --git a/FICS/comproc.c b/FICS/comproc.c index a7a5ea1..06592cc 100644 --- a/FICS/comproc.c +++ b/FICS/comproc.c @@ -47,6 +47,7 @@ result converted to larger type. Markus Uhlin 25/07/24 Fixed use of potentially dangerous functions. + Markus Uhlin 25/07/29 Usage of 'int64_t'. */ #include "stdinclude.h" @@ -56,6 +57,8 @@ #include <err.h> #include <errno.h> +#include <inttypes.h> +#include <stdint.h> #include "board.h" #include "command.h" @@ -130,17 +133,17 @@ com_more(int p, param_list param) PUBLIC void rscan_news2(FILE *fp, int p, int num) { - char *junkp; char count[10] = { '\0' }; char junk[MAX_LINE_SIZE] = { '\0' }; - long int lval; + char *junkp; + int64_t lval; time_t crtime; if (num == 0) return; if (fgets(junk, sizeof junk, fp) == NULL || feof(fp) || - sscanf(junk, "%ld %9s", &lval, count) != 2) + sscanf(junk, "%" SCNd64 " " "%9s", &lval, count) != 2) return; rscan_news2(fp, p, num - 1); @@ -157,12 +160,12 @@ PUBLIC int com_news(int p, param_list param) { FILE *fp = NULL; - char *junkp = NULL; char count[10] = { '\0' }; char filename[MAX_FILENAME_SIZE] = { '\0' }; char junk[MAX_LINE_SIZE] = { '\0' }; + char *junkp = NULL; int found = 0; - long int lval = 0; + int64_t lval = 0; time_t crtime = 0; snprintf(filename, sizeof filename, "%s/newnews.index", news_dir); @@ -172,7 +175,7 @@ com_news(int p, param_list param) return COM_OK; } -#define SCAN_JUNK "%ld %9s" +#define SCAN_JUNK ("%" SCNd64 " " "%9s") _Static_assert(9 < ARRAY_SIZE(count), "'count' too small"); if (param[0].type == 0) { @@ -763,7 +766,7 @@ plogins(int p, char *fname) char ipstr[20] = { '\0' }; char loginName[MAX_LOGIN_NAME + 1] = { '\0' }; int registered = 0; - long int lval = 0; + int64_t lval = 0; time_t tval = 0; uint16_t inout = 0; @@ -775,9 +778,10 @@ plogins(int p, char *fname) _Static_assert(19 < ARRAY_SIZE(ipstr), "'ipstr' too small"); _Static_assert(19 < ARRAY_SIZE(loginName), "'loginName' too small"); +#define SCAN_FMT ("%" SCNu16 " %19s " "%" SCNd64 " " "%d %19s\n") while (!feof(fp)) { - if (fscanf(fp, "%hu %19s %ld %d %19s\n", &inout, loginName, - &lval, ®istered, ipstr) != 5) { + if (fscanf(fp, SCAN_FMT, &inout, loginName, &lval, ®istered, + ipstr) != 5) { fprintf(stderr, "FICS: Error in login info format. " "%s\n", fname); fclose(fp); diff --git a/FICS/gamedb.c b/FICS/gamedb.c index 7f5e645..19f0dc7 100644 --- a/FICS/gamedb.c +++ b/FICS/gamedb.c @@ -45,6 +45,7 @@ Markus Uhlin 25/04/06 Fixed Clang Tidy warnings. Markus Uhlin 25/07/28 Fixed use of potentially dangerous functions. + Markus Uhlin 25/07/29 Usage of 'int64_t'. */ #include "stdinclude.h" @@ -52,7 +53,9 @@ #include <err.h> #include <errno.h> +#include <inttypes.h> #include <limits.h> +#include <stdint.h> #include "command.h" #include "config.h" @@ -1282,7 +1285,7 @@ PRIVATE int ReadV1GameFmt(game *g, FILE *fp, const char *file, int version) { int ret[3]; - long int lval; + int64_t lval; _Static_assert(17 < ARRAY_SIZE(g->white_name), "Unexpected array size"); _Static_assert(17 < ARRAY_SIZE(g->black_name), "Unexpected array size"); @@ -1306,7 +1309,7 @@ ReadV1GameFmt(game *g, FILE *fp, const char *file, int version) if (version < 3 && !g->bInitTime) g->bInitTime = g->wInitTime; - if (fscanf(fp, "%ld", &lval) != 1) { + if (fscanf(fp, "%" SCNd64, &lval) != 1) { warnx("%s: %s: failed to get time of start", __func__, file); return -1; } else @@ -1520,7 +1523,7 @@ PRIVATE void WriteGameFile(FILE *fp, int g) { game *gg = &garray[g]; - long int lval; + int64_t lval; player *bp = &parray[gg->black]; player *wp = &parray[gg->white]; @@ -1531,7 +1534,7 @@ WriteGameFile(FILE *fp, int g) gg->bInitTime, gg->bIncrement); lval = gg->timeOfStart; - fprintf(fp, "%ld\n", lval); + fprintf(fp, "%" PRId64 "\n", lval); #ifdef TIMESEAL fprintf(fp, "%d %d\n", diff --git a/FICS/playerdb.c b/FICS/playerdb.c index 1373630..29e14f4 100644 --- a/FICS/playerdb.c +++ b/FICS/playerdb.c @@ -46,6 +46,9 @@ Markus Uhlin 25/04/02 add_to_list: added an upper limit for the list size. Markus Uhlin 25/04/06 Fixed Clang Tidy warnings. + Markus Uhlin 25/07/28 Restricted file permissions upon + creation. + Markus Uhlin 25/07/30 Usage of 'int64_t'. */ #include "stdinclude.h" @@ -53,6 +56,8 @@ #include <err.h> #include <errno.h> +#include <fcntl.h> +#include <inttypes.h> #include <stdint.h> #include "command.h" @@ -1174,6 +1179,7 @@ player_markdeleted(int p) FILE *fp; char fname[MAX_FILENAME_SIZE]; char fname2[MAX_FILENAME_SIZE]; + int fd; if (!parray[p].registered) // Player must not be registered return -1; @@ -1184,9 +1190,17 @@ player_markdeleted(int p) parray[p].login[0], parray[p].login); xrename(__func__, fname, fname2); - if ((fp = fopen(fname2, "a")) != NULL) { // Touch the file + errno = 0; + fd = open(fname2, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) { + warn("%s: open", __func__); + return -1; + } else if ((fp = fdopen(fd, "a")) != NULL) { // Touch the file fprintf(fp, "\n"); fclose(fp); + } else { + close(fd); } return 0; @@ -1290,6 +1304,7 @@ player_save(int p) { FILE *fp; char fname[MAX_FILENAME_SIZE]; + int fd; if (!player_num_ok_chk(p)) { warnx("%s: invalid player number %d", __func__, p); @@ -1314,8 +1329,15 @@ player_save(int p) snprintf(fname, sizeof fname, "%s/%c/%s", player_dir, parray[p].login[0], parray[p].login); - if ((fp = fopen(fname, "w")) == NULL) { + errno = 0; + fd = open(fname, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) { + warn("%s: Problem opening file %s for write", __func__, fname); + return -1; + } else if ((fp = fdopen(fd, "w")) == NULL) { warn("%s: Problem opening file %s for write", __func__, fname); + close(fd); return -1; } @@ -1601,10 +1623,20 @@ player_ontime(int p) PRIVATE void write_p_inout(int inout, int p, char *file, int maxlines) { - FILE *fp; + FILE *fp; + int fd; + + errno = 0; + fd = open(file, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); - if ((fp = fopen(file, "a")) == NULL) + if (fd < 0) { + warn("%s: open", __func__); + return; + } else if ((fp = fdopen(fd, "a")) == NULL) { + warn("%s: fdopen", __func__); + close(fd); return; + } fprintf(fp, "%d %s %ld %d %s\n", inout, parray[p].name, (long int)time(NULL), parray[p].registered, @@ -1663,7 +1695,7 @@ player_lastconnect(int p) char loginName[MAX_LOGIN_NAME]; int inout, registered; int ret, too_long; - long int lval = 0; + int64_t lval = 0; time_t last = 0; ret = snprintf(fname, sizeof fname, "%s/player_data/%c/%s.%s", @@ -1689,8 +1721,8 @@ player_lastconnect(int p) _Static_assert(19 < ARRAY_SIZE(ipstr), "'ipstr' too small"); - if (fscanf(fp, "%d %19s %ld %d %19s\n", &inout, loginName, - &lval, ®istered, ipstr) != 5) { + if (fscanf(fp, ("%d %19s " "%" SCNd64 " %d %19s\n"), &inout, + loginName, &lval, ®istered, ipstr) != 5) { fprintf(stderr, "FICS: Error in login info format. %s" "\n", fname); fclose(fp); @@ -1711,7 +1743,7 @@ player_lastdisconnect(int p) char loginName[MAX_LOGIN_NAME]; int inout, registered; int ret, too_long; - long int lval; + int64_t lval; time_t last = 0; ret = snprintf(fname, sizeof fname, "%s/player_data/%c/%s.%s", @@ -1732,8 +1764,8 @@ player_lastdisconnect(int p) _Static_assert(19 < ARRAY_SIZE(ipstr), "'ipstr' too small"); - if (fscanf(fp, "%d %19s %ld %d %19s\n", &inout, loginName, - &lval, ®istered, ipstr) != 5) { + if (fscanf(fp, ("%d %19s " "%" SCNd64 " %d %19s\n"), &inout, + loginName, &lval, ®istered, ipstr) != 5) { fprintf(stderr, "FICS: Error in login info format. %s" "\n", fname); fclose(fp); @@ -2573,9 +2605,10 @@ PUBLIC int player_add_message(int top, int fromp, char *message) { FILE *fp; - char fname[MAX_FILENAME_SIZE]; - char messbody[1024]; - char subj[256]; + char fname[MAX_FILENAME_SIZE] = { '\0' }; + char messbody[1024] = { '\0' }; + char subj[256] = { '\0' }; + int fd; time_t t = time(NULL); if (!parray[top].registered) @@ -2588,8 +2621,16 @@ player_add_message(int top, int fromp, char *message) if (lines_file(fname) >= MAX_MESSAGES && parray[top].adminLevel == 0) return -1; - if ((fp = fopen(fname, "a")) == NULL) + errno = 0; + fd = open(fname, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) + return -1; + else if ((fp = fdopen(fd, "a")) == NULL) { + close(fd); return -1; + } + fprintf(fp, "%s at %s: %s\n", parray[fromp].name, strltime(&t), message); fclose(fp); @@ -2752,13 +2793,21 @@ PRIVATE int WriteMsgFile(int p, textlist *Head) { FILE *fp; - char fName[MAX_FILENAME_SIZE]; + char fName[MAX_FILENAME_SIZE] = { '\0' }; + int fd; textlist *Cur; GetMsgFile(p, fName, sizeof fName, __func__); - if ((fp = fopen(fName, "w")) == NULL) + errno = 0; + fd = open(fName, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) + return 0; + else if ((fp = fdopen(fd, "w")) == NULL) { + close(fd); return 0; + } for (Cur = Head; Cur != NULL; Cur = Cur->next) fprintf(fp, "%s", Cur->text); fclose(fp); @@ -3161,7 +3210,8 @@ PUBLIC int player_add_comment(int p_by, int p_to, char *comment) { FILE *fp; - char fname[MAX_FILENAME_SIZE]; + char fname[MAX_FILENAME_SIZE] = { '\0' }; + int fd; time_t t = time(NULL); if (!parray[p_to].registered) @@ -3170,8 +3220,17 @@ player_add_comment(int p_by, int p_to, char *comment) snprintf(fname, sizeof fname, "%s/player_data/%c/%s.%s", stats_dir, parray[p_to].login[0], parray[p_to].login, "comments"); - if ((fp = fopen(fname, "a")) == NULL) + errno = 0; + fd = open(fname, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR); + + if (fd < 0) { + warn("%s: open", __func__); + return -1; + } else if ((fp = fdopen(fd, "a")) == NULL) { + warn("%s: fdopen", __func__); + close(fd); return -1; + } fprintf(fp, "%s at %s: %s\n", parray[p_by].name, strltime(&t), comment); fclose(fp); |