From 765d46dfb25aed3f17566b29fc60278fbf8f08c1 Mon Sep 17 00:00:00 2001 From: computezrmle <57127745+computezrmle@users.noreply.github.com> Date: Mon, 1 Aug 2022 12:45:18 +0200 Subject: [PATCH 1/3] Increase msg_buf size --- lib/gui_rpc_client.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/gui_rpc_client.cpp b/lib/gui_rpc_client.cpp index 245b76088b..607752c7a0 100644 --- a/lib/gui_rpc_client.cpp +++ b/lib/gui_rpc_client.cpp @@ -413,7 +413,7 @@ int RPC::parse_reply() { // If present, it chdirs to that directory. int read_gui_rpc_password(char* buf, string& msg) { - char msg_buf[1024]; + char msg_buf[5120]; FILE* f = fopen(GUI_RPC_PASSWD_FILE, "r"); if (!f) { #if defined(__linux__) From 0fd561aadea68e0c55f61ae20a32a8225cea8d66 Mon Sep 17 00:00:00 2001 From: computezrmle <57127745+computezrmle@users.noreply.github.com> Date: Mon, 1 Aug 2022 15:41:54 +0200 Subject: [PATCH 2/3] increase buffer size to avoid warnings --- client/sandbox.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/sandbox.cpp b/client/sandbox.cpp index bb9f231074..db4943e9c1 100644 --- a/client/sandbox.cpp +++ b/client/sandbox.cpp @@ -185,7 +185,7 @@ static int lookup_group(const char* name, gid_t& gid) { #endif int remove_project_owned_file_or_dir(const char* path) { - char cmd[1024]; + char cmd[5120]; if (g_use_sandbox) { snprintf(cmd, sizeof(cmd), "/bin/rm rm -fR \"%s\"", path); From 76ef51f4831c45aeb02548e499dcae00c32ebd73 Mon Sep 17 00:00:00 2001 From: computezrmle <57127745+computezrmle@users.noreply.github.com> Date: Mon, 1 Aug 2022 15:41:56 +0200 Subject: [PATCH 3/3] replace sprintf with snprintf --- lib/gui_rpc_client.cpp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/gui_rpc_client.cpp b/lib/gui_rpc_client.cpp index 607752c7a0..92533aeda9 100644 --- a/lib/gui_rpc_client.cpp +++ b/lib/gui_rpc_client.cpp @@ -420,7 +420,7 @@ int read_gui_rpc_password(char* buf, string& msg) { #define HELP_URL "https://boinc.berkeley.edu/gui_rpc.php" char path[MAXPATHLEN]; if (errno == EACCES) { - sprintf(msg_buf, + snprintf(msg_buf, sizeof(msg_buf), "%s exists but can't be read. See %s", GUI_RPC_PASSWD_FILE, HELP_URL ); @@ -442,16 +442,16 @@ int read_gui_rpc_password(char* buf, string& msg) { fclose(g); if (p) { p += strlen("data_dir="); - sprintf(path, "%s/%s", p, GUI_RPC_PASSWD_FILE); + snprintf(path, sizeof(path), "%s/%s", p, GUI_RPC_PASSWD_FILE); f = fopen(path, "r"); if (!f) { if (errno == EACCES) { - sprintf(msg_buf, + snprintf(msg_buf, sizeof(msg_buf), "%s exists but can't be read. See %s", path, HELP_URL ); } else { - sprintf(msg_buf, "%s not found. See %s", + snprintf(msg_buf, sizeof(msg_buf), "%s not found. See %s", path, HELP_URL ); } @@ -459,7 +459,7 @@ int read_gui_rpc_password(char* buf, string& msg) { return ERR_FOPEN; } } else { - sprintf(msg_buf, + snprintf(msg_buf, sizeof(msg_buf), "No data_dir= found in %s. See %s", LINUX_CONFIG_FILE, HELP_URL ); @@ -469,18 +469,18 @@ int read_gui_rpc_password(char* buf, string& msg) { } else { // no config file; look in default data dir // - sprintf(path, "%s/%s", LINUX_DEFAULT_DATA_DIR, GUI_RPC_PASSWD_FILE); + snprintf(path, sizeof(path), "%s/%s", LINUX_DEFAULT_DATA_DIR, GUI_RPC_PASSWD_FILE); f = fopen(path, "r"); if (!f) { if (errno == EACCES) { - sprintf(msg_buf, + snprintf(msg_buf, sizeof(msg_buf), "%s exists but can't be read. See %s", path, HELP_URL ); msg = msg_buf; return ERR_FOPEN; } - sprintf(msg_buf, "%s not found. See %s", + snprintf(msg_buf, sizeof(msg_buf), "%s not found. See %s", GUI_RPC_PASSWD_FILE, HELP_URL ); msg = msg_buf; @@ -491,12 +491,12 @@ int read_gui_rpc_password(char* buf, string& msg) { // non-Linux if (errno == EACCES) { - sprintf(msg_buf, + snprintf(msg_buf, sizeof(msg_buf), "%s exists but can't be read. Make sure your account is in the 'boinc_users' group", GUI_RPC_PASSWD_FILE ); } else { - sprintf(msg_buf, "%s not found. Try reinstalling BOINC.", + snprintf(msg_buf, sizeof(msg_buf), "%s not found. Try reinstalling BOINC.", GUI_RPC_PASSWD_FILE ); }