From be9783fd1ba5f5150fef1c95349192271942a478 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= Date: Tue, 3 Jul 2018 09:18:08 +0200 Subject: [PATCH 3/3] Reduce string truncation warnings --- cf-agent/verify_databases.c | 18 ++++++------- cf-agent/verify_exec.c | 4 +-- cf-agent/verify_packages.c | 2 +- cf-execd/cf-execd-runner.c | 4 +-- cf-monitord/env_monitor.c | 8 +++--- cf-monitord/mon_network_sniffer.c | 6 ++--- cf-runagent/cf-runagent.c | 6 ++--- cf-serverd/server_common.c | 18 ++++++------- libcfnet/client_protocol.c | 2 +- libenv/sysinfo.c | 45 ++++++++++++++++--------------- libpromises/cf3globals.c | 2 +- libpromises/cf3lex.l | 6 ++--- libpromises/cf3parse.y | 2 +- libpromises/eval_context.c | 4 +-- libpromises/evalfunction.c | 2 +- libpromises/expand.c | 2 +- libpromises/keyring.c | 4 +-- libpromises/syslog_client.c | 2 +- tests/unit/logging_test.c | 2 +- tests/unit/set_domainname_test.c | 2 +- 20 files changed, 71 insertions(+), 70 deletions(-) Index: cfengine-3.12.1/cf-agent/verify_databases.c =================================================================== --- cfengine-3.12.1.orig/cf-agent/verify_databases.c +++ cfengine-3.12.1/cf-agent/verify_databases.c @@ -221,7 +221,7 @@ static PromiseResult VerifySQLPromise(Ev } else { - snprintf(query, CF_MAXVARSIZE - 1, "%s.%s", database, table); + snprintf(query, sizeof(query) - 1, "%s.%s", database, table); if (VerifyTablePromise(ctx, &cfdb, query, a.database.columns, a, pp, &result)) { @@ -300,7 +300,7 @@ static int VerifyDatabasePromise(CfdbCon if (((a.transaction.action) != cfa_warn) && (!DONTDO)) { Log(LOG_LEVEL_VERBOSE, "Attempting to delete the database '%s'", database); - snprintf(query, CF_MAXVARSIZE - 1, "drop database %s", database); + snprintf(query, sizeof(query) - 1, "drop database %s", database); CfVoidQueryDB(cfdb, query); return cfdb->result; } @@ -316,7 +316,7 @@ static int VerifyDatabasePromise(CfdbCon if (((a.transaction.action) != cfa_warn) && (!DONTDO)) { Log(LOG_LEVEL_VERBOSE, "Attempting to create the database '%s'", database); - snprintf(query, CF_MAXVARSIZE - 1, "create database %s", database); + snprintf(query, sizeof(query) - 1, "create database %s", database); CfVoidQueryDB(cfdb, query); return cfdb->result; } @@ -499,7 +499,7 @@ static int ValidateRegistryPromiser(char static int VerifyTablePromise(EvalContext *ctx, CfdbConn *cfdb, char *table_path, Rlist *columns, Attributes a, const Promise *pp, PromiseResult *result) { - char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_MAXVARSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE]; + char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_BUFSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE]; int i, count, size, no_of_cols, *size_table, *done, identified, retval = true; char **name_table, **type_table; @@ -670,12 +670,12 @@ static int VerifyTablePromise(EvalContex { if (size_table[i] > 0) { - snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i], + snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i], type_table[i], size_table[i]); } else { - snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i], + snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i], type_table[i]); } @@ -742,7 +742,7 @@ static int CreateTableColumns(CfdbConn * if (no_of_cols > 0) { - snprintf(query, CF_BUFSIZE - 1, "create table %s(", table); + snprintf(query, sizeof(query) - 1, "create table %s(", table); for (i = 0; i < no_of_cols; i++) { @@ -781,7 +781,7 @@ static int CreateTableColumns(CfdbConn * static Rlist *GetSQLTables(CfdbConn *cfdb) { Rlist *list = NULL; - char query[CF_MAXVARSIZE]; + char query[CF_BUFSIZE]; ListTables(cfdb->type, query); @@ -870,7 +870,7 @@ static int ValidateSQLTableName(char *ta static void QueryTableColumns(char *s, char *db, char *table) { - snprintf(s, CF_MAXVARSIZE - 1, + snprintf(s, CF_BUFSIZE - 1, "SELECT column_name,data_type,character_maximum_length FROM information_schema.columns WHERE table_name ='%s' AND table_schema = '%s'", table, db); } Index: cfengine-3.12.1/cf-agent/verify_exec.c =================================================================== --- cfengine-3.12.1.orig/cf-agent/verify_exec.c +++ cfengine-3.12.1/cf-agent/verify_exec.c @@ -203,7 +203,7 @@ static char *GetLockNameExec(Attributes static ActionResult RepairExec(EvalContext *ctx, Attributes a, const Promise *pp, PromiseResult *result) { - char eventname[CF_BUFSIZE]; + char eventname[CF_BUFSIZE * 2]; char cmdline[CF_BUFSIZE]; char comm[20]; int outsourced, count = 0; @@ -456,7 +456,7 @@ static ActionResult RepairExec(EvalConte umask(maskval); #endif - snprintf(eventname, CF_BUFSIZE - 1, "Exec(%s)", cmdline); + snprintf(eventname, CF_BUFSIZE*2 - 1, "Exec(%s)", cmdline); #ifndef __MINGW32__ if ((a.transaction.background) && outsourced) Index: cfengine-3.12.1/cf-agent/verify_packages.c =================================================================== --- cfengine-3.12.1.orig/cf-agent/verify_packages.c +++ cfengine-3.12.1/cf-agent/verify_packages.c @@ -3176,7 +3176,7 @@ static void DeletePackageManagers(Packag const char *PrefixLocalRepository(const Rlist *repositories, const char *package) { - static char quotedPath[CF_MAXVARSIZE]; /* GLOBAL_R, no need to initialize */ + static char quotedPath[CF_BUFSIZE * 2]; /* GLOBAL_R, no need to initialize */ struct stat sb; char path[CF_BUFSIZE]; Index: cfengine-3.12.1/cf-execd/cf-execd-runner.c =================================================================== --- cfengine-3.12.1.orig/cf-execd/cf-execd-runner.c +++ cfengine-3.12.1/cf-execd/cf-execd-runner.c @@ -195,7 +195,7 @@ void LocalExec(const ExecConfig *config) strlcpy(esc_command, MapName(cmd), CF_BUFSIZE); - char filename[CF_BUFSIZE]; + char filename[CF_BUFSIZE * 3]; { char line[CF_BUFSIZE]; snprintf(line, CF_BUFSIZE, "_%jd_%s", (intmax_t) starttime, CanonifyName(ctime(&starttime))); @@ -205,7 +205,7 @@ void LocalExec(const ExecConfig *config) strlcpy(canonified_fq_name, config->fq_name, CF_BUFSIZE); CanonifyNameInPlace(canonified_fq_name); - snprintf(filename, CF_BUFSIZE, "%s/outputs/cf_%s_%s_%p", + snprintf(filename, sizeof(filename), "%s/outputs/cf_%s_%s_%p", GetWorkDir(), canonified_fq_name, line, thread_name); MapName(filename); Index: cfengine-3.12.1/cf-monitord/env_monitor.c =================================================================== --- cfengine-3.12.1.orig/cf-monitord/env_monitor.c +++ cfengine-3.12.1/cf-monitord/env_monitor.c @@ -943,7 +943,7 @@ static double SetClasses(EvalContext *ct { Log(LOG_LEVEL_DEBUG, "No sigma variation .. can't measure class"); - snprintf(buffer, CF_MAXVARSIZE, "entropy_%s.*", name); + snprintf(buffer, sizeof(buffer), "entropy_%s.*", name); MonEntropyPurgeUnused(buffer); return sig; @@ -1051,13 +1051,13 @@ static void SetVariable(char *name, doub { char var[CF_BUFSIZE]; - snprintf(var, CF_MAXVARSIZE, "value_%s=%.2lf", name, value); + snprintf(var, sizeof(var), "value_%s=%.2lf", name, value); AppendItem(classlist, var, ""); - snprintf(var, CF_MAXVARSIZE, "av_%s=%.2lf", name, average); + snprintf(var, sizeof(var), "av_%s=%.2lf", name, average); AppendItem(classlist, var, ""); - snprintf(var, CF_MAXVARSIZE, "dev_%s=%.2lf", name, stddev); + snprintf(var, sizeof(var), "dev_%s=%.2lf", name, stddev); AppendItem(classlist, var, ""); } Index: cfengine-3.12.1/cf-monitord/mon_network_sniffer.c =================================================================== --- cfengine-3.12.1.orig/cf-monitord/mon_network_sniffer.c +++ cfengine-3.12.1/cf-monitord/mon_network_sniffer.c @@ -210,7 +210,7 @@ static void IncrementCounter(Item **list static void AnalyzeArrival(Item *ip_addresses, long iteration, char *arrival, double *cf_this) { - char src[CF_BUFSIZE], dest[CF_BUFSIZE], flag = '.', *arr; + char src[CF_BUFSIZE], dest[CF_BUFSIZE * 2], flag = '.', *arr; int isme_dest, isme_src; src[0] = dest[0] = '\0'; @@ -387,11 +387,11 @@ static void AnalyzeArrival(Item *ip_addr if (strstr(arrival, ".138")) { - snprintf(dest, CF_BUFSIZE - 1, "%s NETBIOS", src); + snprintf(dest, sizeof(dest) - 1, "%s NETBIOS", src); } else if (strstr(arrival, ".2049")) { - snprintf(dest, CF_BUFSIZE - 1, "%s NFS", src); + snprintf(dest, sizeof(dest) - 1, "%s NFS", src); } else { Index: cfengine-3.12.1/cf-runagent/cf-runagent.c =================================================================== --- cfengine-3.12.1.orig/cf-runagent/cf-runagent.c +++ cfengine-3.12.1/cf-runagent/cf-runagent.c @@ -796,15 +796,15 @@ static void HailExec(AgentConnection *co static FILE *NewStream(char *name) { FILE *fp; - char filename[CF_BUFSIZE]; + char filename[CF_BUFSIZE * 2]; if (OUTPUT_DIRECTORY[0] != '\0') { - snprintf(filename, CF_BUFSIZE, "%s/%s_runagent.out", OUTPUT_DIRECTORY, name); + snprintf(filename, sizeof(filename), "%s/%s_runagent.out", OUTPUT_DIRECTORY, name); } else { - snprintf(filename, CF_BUFSIZE, "%s%coutputs%c%s_runagent.out", + snprintf(filename, sizeof(filename), "%s%coutputs%c%s_runagent.out", GetWorkDir(), FILE_SEPARATOR, FILE_SEPARATOR, name); } Index: cfengine-3.12.1/cf-serverd/server_common.c =================================================================== --- cfengine-3.12.1.orig/cf-serverd/server_common.c +++ cfengine-3.12.1/cf-serverd/server_common.c @@ -370,8 +370,8 @@ static void AbortTransfer(ConnectionInfo { Log(LOG_LEVEL_VERBOSE, "Aborting transfer of file due to source changes"); - char sendbuffer[CF_BUFSIZE]; - snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s", + char sendbuffer[CF_BUFSIZE*2]; + snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1) @@ -385,9 +385,9 @@ static void FailedTransfer(ConnectionInf { Log(LOG_LEVEL_VERBOSE, "Transfer failure"); - char sendbuffer[CF_BUFSIZE]; + char sendbuffer[CF_BUFSIZE*2]; - snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); + snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1) { @@ -419,7 +419,7 @@ void CfGetFile(ServerFileGetState *args) { Log(LOG_LEVEL_INFO, "REFUSE access to file: %s", filename); RefuseAccess(args->conn, args->replyfile); - snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); + snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) { SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size); @@ -437,7 +437,7 @@ void CfGetFile(ServerFileGetState *args) { Log(LOG_LEVEL_ERR, "Open error of file '%s'. (open: %s)", filename, GetErrorStr()); - snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); + snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) { SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size); @@ -458,7 +458,7 @@ void CfGetFile(ServerFileGetState *args) while (true) { - memset(sendbuffer, 0, CF_BUFSIZE); + memset(sendbuffer, 0, sizeof(sendbuffer)); Log(LOG_LEVEL_DEBUG, "Now reading from disk..."); @@ -490,7 +490,7 @@ void CfGetFile(ServerFileGetState *args) if (sb.st_size != savedlen) { - snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); + snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) { @@ -606,7 +606,7 @@ void CfEncryptGetFile(ServerFileGetState while (true) { - memset(sendbuffer, 0, CF_BUFSIZE); + memset(sendbuffer, 0, sizeof(sendbuffer)); if ((n_read = read(fd, sendbuffer, blocksize)) == -1) { Index: cfengine-3.12.1/libcfnet/client_protocol.c =================================================================== --- cfengine-3.12.1.orig/libcfnet/client_protocol.c +++ cfengine-3.12.1/libcfnet/client_protocol.c @@ -63,7 +63,7 @@ void SetSkipIdentify(bool enabled) int IdentifyAgent(ConnectionInfo *conn_info) { - char uname[CF_BUFSIZE], sendbuff[CF_BUFSIZE]; + char uname[CF_MAXVARSIZE], sendbuff[CF_BUFSIZE]; char dnsname[CF_MAXVARSIZE], localip[CF_MAX_IP_LEN]; int ret; Index: cfengine-3.12.1/libenv/sysinfo.c =================================================================== --- cfengine-3.12.1.orig/libenv/sysinfo.c +++ cfengine-3.12.1/libenv/sysinfo.c @@ -443,7 +443,7 @@ static void GetNameInfo3(EvalContext *ct }; int have_component[COMPONENTS_SIZE]; struct stat sb; - char name[CF_MAXVARSIZE], quoteName[CF_MAXVARSIZE], shortname[CF_MAXVARSIZE]; + char name[CF_MAXVARSIZE], quoteName[CF_BUFSIZE], shortname[CF_MAXVARSIZE]; if (uname(&VSYSNAME) == -1) { @@ -2064,7 +2064,7 @@ static int Linux_Suse_Version(EvalContex strncpy(classbuf, vendor, CF_MAXVARSIZE); EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", major); - SetFlavour(ctx, classbuf); + SetFlavor(ctx, classbuf); if (minor != -1) { snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", minor); @@ -2177,7 +2177,7 @@ static void LinuxDebianSanitizeIssue(cha static int Linux_Misc_Version(EvalContext *ctx) { - char flavor[CF_MAXVARSIZE]; + char flavor[CF_BUFSIZE]; char version[CF_MAXVARSIZE]; char os[CF_MAXVARSIZE]; char buffer[CF_BUFSIZE]; @@ -2218,7 +2218,7 @@ static int Linux_Misc_Version(EvalContex if (*os && *version) { - snprintf(flavor, CF_MAXVARSIZE, "%s_%s", os, version); + snprintf(flavor, CF_BUFSIZE, "%s_%s", os, version); SetFlavor(ctx, flavor); return 1; } @@ -2233,7 +2233,7 @@ static int Linux_Debian_Version(EvalCont int major = -1; int release = -1; int result; - char classname[CF_MAXVARSIZE], buffer[CF_MAXVARSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE]; + char classname[CF_BUFSIZE], buffer[CF_BUFSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE]; Log(LOG_LEVEL_VERBOSE, "This appears to be a debian system."); EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent"); @@ -2253,15 +2253,15 @@ static int Linux_Debian_Version(EvalCont { case 2: Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u.%u system.", major, release); - snprintf(classname, CF_MAXVARSIZE, "debian_%u_%u", major, release); + snprintf(classname, CF_BUFSIZE, "debian_%u_%u", major, release); EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent"); - snprintf(classname, CF_MAXVARSIZE, "debian_%u", major); + snprintf(classname, CF_BUFSIZE, "debian_%u", major); SetFlavor(ctx, classname); break; case 1: Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u system.", major); - snprintf(classname, CF_MAXVARSIZE, "debian_%u", major); + snprintf(classname, CF_BUFSIZE, "debian_%u", major); SetFlavor(ctx, classname); break; @@ -2270,7 +2270,7 @@ static int Linux_Debian_Version(EvalCont sscanf(buffer, "%25[^/]", version); if (strlen(version) > 0) { - snprintf(classname, CF_MAXVARSIZE, "debian_%s", version); + snprintf(classname, CF_BUFSIZE, "debian_%s", version); EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent"); } break; @@ -2288,7 +2288,7 @@ static int Linux_Debian_Version(EvalCont { LinuxDebianSanitizeIssue(buffer); sscanf(buffer, "%*s %*s %[^./]", version); - snprintf(buffer, CF_MAXVARSIZE, "debian_%s", version); + snprintf(buffer, CF_BUFSIZE, "debian_%s", version); EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent"); SetFlavor(ctx, buffer); } @@ -2296,12 +2296,12 @@ static int Linux_Debian_Version(EvalCont { LinuxDebianSanitizeIssue(buffer); sscanf(buffer, "%*s %[^.].%d", version, &release); - snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s", version); + snprintf(buffer, CF_BUFSIZE, "ubuntu_%s", version); SetFlavor(ctx, buffer); EvalContextClassPutHard(ctx, "ubuntu", "inventory,attribute_name=none,source=agent"); if (release >= 0) { - snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s_%d", version, release); + snprintf(buffer, CF_BUFSIZE, "ubuntu_%s_%d", version, release); EvalContextClassPutHard(ctx, buffer, "inventory,attribute_name=none,source=agent"); } } @@ -2515,13 +2515,13 @@ static int EOS_Version(EvalContext *ctx) { if (strstr(buffer, "EOS")) { - char version[CF_MAXVARSIZE], class[CF_MAXVARSIZE]; + char version[CF_MAXVARSIZE], class[CF_BUFSIZE]; EvalContextClassPutHard(ctx, "eos", "inventory,attribute_name=none,source=agent"); EvalContextClassPutHard(ctx, "arista", "source=agent"); version[0] = '\0'; sscanf(buffer, "%*s %*s %*s %s", version); CanonifyNameInPlace(version); - snprintf(class, CF_MAXVARSIZE, "eos_%s", version); + snprintf(class, CF_BUFSIZE, "eos_%s", version); EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); } } @@ -2541,14 +2541,14 @@ static int MiscOS(EvalContext *ctx) { if (strstr(buffer, "BIG-IP")) { - char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_MAXVARSIZE]; + char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_BUFSIZE]; EvalContextClassPutHard(ctx, "big_ip", "inventory,attribute_name=none,source=agent"); sscanf(buffer, "%*s %s %*s %s", version, build); CanonifyNameInPlace(version); CanonifyNameInPlace(build); - snprintf(class, CF_MAXVARSIZE, "big_ip_%s", version); + snprintf(class, CF_BUFSIZE, "big_ip_%s", version); EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); - snprintf(class, CF_MAXVARSIZE, "big_ip_%s_%s", version, build); + snprintf(class, CF_BUFSIZE, "big_ip_%s_%s", version, build); EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); SetFlavor(ctx, "BIG-IP"); } @@ -2561,7 +2561,8 @@ static int MiscOS(EvalContext *ctx) static int VM_Version(EvalContext *ctx) { - char *sp, buffer[CF_BUFSIZE], classbuf[CF_BUFSIZE], version[CF_BUFSIZE]; +#define CF_CLASSBUFSIZE 2*CF_BUFSIZE + char *sp, buffer[CF_BUFSIZE], classbuf[CF_CLASSBUFSIZE], version[CF_BUFSIZE]; int major, minor, bug; int sufficient = 0; @@ -2573,17 +2574,17 @@ static int VM_Version(EvalContext *ctx) { if (sscanf(buffer, "VMware ESX Server %d.%d.%d", &major, &minor, &bug) > 0) { - snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d", major); + snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d", major); EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d", major, minor); + snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d", major, minor); EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug); + snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug); EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); sufficient = 1; } else if (sscanf(buffer, "VMware ESX Server %s", version) > 0) { - snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %s", version); + snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %s", version); EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); sufficient = 1; } Index: cfengine-3.12.1/libpromises/cf3globals.c =================================================================== --- cfengine-3.12.1.orig/libpromises/cf3globals.c +++ cfengine-3.12.1/libpromises/cf3globals.c @@ -55,7 +55,7 @@ long LASTSEENEXPIREAFTER = SECONDS_PER_W bool DONTDO = false; /* GLOBAL_A */ /* NB! Check use before changing sizes */ -char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */ +char VFQNAME[CF_BUFSIZE] = ""; /* GLOBAL_E GLOBAL_P */ char VUQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E */ char VDOMAIN[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */ Index: cfengine-3.12.1/libpromises/cf3lex.l =================================================================== --- cfengine-3.12.1.orig/libpromises/cf3lex.l +++ cfengine-3.12.1/libpromises/cf3lex.l @@ -334,7 +334,7 @@ promise_type [a-zA-Z_]+: { yyerror("identifier too long"); } - strncpy(P.currentid, yytext, CF_MAXVARSIZE); + strncpy(P.currentid, yytext, CF_MAXVARSIZE-1); return IDSYNTAX; } @@ -347,7 +347,7 @@ promise_type [a-zA-Z_]+: { yyerror("qualified identifier too long"); } - strncpy(P.currentid, yytext, CF_MAXVARSIZE); + strncpy(P.currentid, yytext, CF_MAXVARSIZE-1); return IDSYNTAX; } @@ -441,7 +441,7 @@ promise_type [a-zA-Z_]+: tmp = xstrdup(yytext); tmp[yyleng - 1] = '\0'; - strncpy(P.currenttype, tmp, CF_MAXVARSIZE); + strncpy(P.currenttype, tmp, CF_MAXVARSIZE-1); if (P.currentclasses != NULL) { Index: cfengine-3.12.1/libpromises/cf3parse.y =================================================================== --- cfengine-3.12.1.orig/libpromises/cf3parse.y +++ cfengine-3.12.1/libpromises/cf3parse.y @@ -1134,7 +1134,7 @@ functionid: IDSYNTAX | NAKEDVAR { ParserDebug("\tP:%s:%s:%s:%s function nakedvar = %s\n", P.block, P.blocktype, P.blockid, P.currentclasses ? P.currentclasses : "any", P.currentstring); - strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE); // Make a var look like an ID + strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE-1); // Make a var look like an ID free(P.currentstring); P.currentstring = NULL; } Index: cfengine-3.12.1/libpromises/eval_context.c =================================================================== --- cfengine-3.12.1.orig/libpromises/eval_context.c +++ cfengine-3.12.1/libpromises/eval_context.c @@ -1569,7 +1569,7 @@ Class *EvalContextClassMatch(const EvalC static bool EvalContextClassPut(EvalContext *ctx, const char *ns, const char *name, bool is_soft, ContextScope scope, const char *tags) { { - char context_copy[CF_MAXVARSIZE]; + char context_copy[CF_BUFSIZE]; char canonified_context[CF_MAXVARSIZE]; @@ -1592,7 +1592,7 @@ static bool EvalContextClassPut(EvalCont if (ns && strcmp(ns, "default") != 0) { - snprintf(context_copy, CF_MAXVARSIZE, "%s:%s", ns, canonified_context); + snprintf(context_copy, CF_BUFSIZE, "%s:%s", ns, canonified_context); } else { Index: cfengine-3.12.1/libpromises/evalfunction.c =================================================================== --- cfengine-3.12.1.orig/libpromises/evalfunction.c +++ cfengine-3.12.1/libpromises/evalfunction.c @@ -496,7 +496,7 @@ static Rlist *GetHostsFromLastseenDB(Ite Item *ip; time_t now = time(NULL); double entrytime; - char address[CF_MAXVARSIZE]; + char address[CF_BUFSIZE]; for (ip = addresses; ip != NULL; ip = ip->next) { Index: cfengine-3.12.1/libpromises/expand.c =================================================================== --- cfengine-3.12.1.orig/libpromises/expand.c +++ cfengine-3.12.1/libpromises/expand.c @@ -870,7 +870,7 @@ static void ResolveControlBody(EvalConte EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "domain"); EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost"); - snprintf(VFQNAME, CF_MAXVARSIZE, "%s.%s", VUQNAME, VDOMAIN); + snprintf(VFQNAME, CF_BUFSIZE, "%s.%s", VUQNAME, VDOMAIN); EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost", VFQNAME, CF_DATA_TYPE_STRING, "inventory,source=agent,attribute_name=Host name"); Index: cfengine-3.12.1/libpromises/keyring.c =================================================================== --- cfengine-3.12.1.orig/libpromises/keyring.c +++ cfengine-3.12.1/libpromises/keyring.c @@ -83,9 +83,9 @@ int RemovePublicKey(const char *id) if (c && c[strlen(suffix)] == '\0') /* dirp->d_name ends with suffix */ { - char keyfilename[CF_BUFSIZE]; + char keyfilename[CF_BUFSIZE * 2]; - snprintf(keyfilename, CF_BUFSIZE, "%s/%s", keysdir, dirp->d_name); + snprintf(keyfilename, CF_BUFSIZE * 2, "%s/%s", keysdir, dirp->d_name); MapName(keyfilename); if (unlink(keyfilename) < 0) Index: cfengine-3.12.1/libpromises/syslog_client.c =================================================================== --- cfengine-3.12.1.orig/libpromises/syslog_client.c +++ cfengine-3.12.1/libpromises/syslog_client.c @@ -112,6 +112,7 @@ void RemoteSysLog(int log_priority, cons char timebuffer[26]; pid_t pid = getpid(); + // rfc3164_len is WAY too small snprintf( message, sizeof(message), Index: cfengine-3.12.1/tests/unit/logging_test.c =================================================================== --- cfengine-3.12.1.orig/tests/unit/logging_test.c +++ cfengine-3.12.1/tests/unit/logging_test.c @@ -6,7 +6,7 @@ #include #include -char VFQNAME[CF_MAXVARSIZE]; +char VFQNAME[CF_BUFSIZE]; char VPREFIX[CF_MAXVARSIZE]; static struct sockaddr *got_address; Index: cfengine-3.12.1/tests/unit/set_domainname_test.c =================================================================== --- cfengine-3.12.1.orig/tests/unit/set_domainname_test.c +++ cfengine-3.12.1/tests/unit/set_domainname_test.c @@ -9,7 +9,7 @@ /* Global variables we care about */ -char VFQNAME[CF_MAXVARSIZE]; +char VFQNAME[CF_BUFSIZE]; char VUQNAME[CF_MAXVARSIZE]; char VDOMAIN[CF_MAXVARSIZE];