diff options
| author |   henning <henning@openbsd.org> | 2003-04-08 17:34:53 +0000 |
|---|---|---|
| committer | henning <henning@openbsd.org> | 2003-04-08 17:34:53 +0000 |
| commit | 19883fa5c132ac8e93e9fa2f84f0453836254fc3 (patch) | |
| tree | 6ec6562fa053519cb62d2a63ddf1a1221ad318f4 | |
| parent | string shit, ok pval@ (diff) | |
| download | wireguard-openbsd-19883fa5c132ac8e93e9fa2f84f0453836254fc3.tar.xz wireguard-openbsd-19883fa5c132ac8e93e9fa2f84f0453836254fc3.zip | |
string shit; ok pval
| -rw-r--r-- | usr.sbin/httpd/src/support/ab.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/usr.sbin/httpd/src/support/ab.c b/usr.sbin/httpd/src/support/ab.c index 4127bc47fb3..3fd81c4697f 100644 --- a/usr.sbin/httpd/src/support/ab.c +++ b/usr.sbin/httpd/src/support/ab.c @@ -101,7 +101,6 @@ /* * BUGS: * - * - uses strcpy/etc. * - has various other poor buffer attacks related to the lazy parsing of * response headers from the server * - doesn't implement much of HTTP/1.x, only accepts certain forms of @@ -1352,14 +1351,14 @@ static void test(void) static void copyright(void) { if (!use_html) { - printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.10 $> apache-1.3"); + printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.11 $> apache-1.3"); printf("Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); printf("Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/\n"); printf("\n"); } else { printf("<p>\n"); - printf(" This is ApacheBench, Version %s <i><%s></i> apache-1.3<br>\n", VERSION, "$Revision: 1.10 $"); printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n"); + printf(" This is ApacheBench, Version %s <i><%s></i> apache-1.3<br>\n", VERSION, "$Revision: 1.11 $"); printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n"); printf(" Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/<br>\n"); printf("</p>\n<p>\n"); } @@ -1440,9 +1439,9 @@ static int parse_url(char * purl) } if ((cp = strchr(purl, '/')) == NULL) return 1; - strcpy(path, cp); + strlcpy(path, cp, sizeof(path)); *cp = '\0'; - strcpy(hostname, h); + strlcpy(hostname, h, sizeof(hostname)); if (p != NULL) port = atoi(p); @@ -1572,7 +1571,7 @@ int main(int argc, char **argv) * something */ break; case 'T': - strcpy(content_type, optarg); + strlcpy(content_type, optarg, sizeof(content_type)); break; case 'C': strncat(cookie, "Cookie: ", sizeof(cookie)-strlen(cookie)-1); @@ -1617,7 +1616,7 @@ int main(int argc, char **argv) p++; proxyport = atoi(p); }; - strcpy(proxyhost, optarg); + strlcpy(proxyhost, optarg, sizeof(proxyhost)); isproxy = 1; } break; @@ -1661,8 +1660,8 @@ int main(int argc, char **argv) fprintf(stderr, "%s: wrong number of arguments\n", argv[0]); usage(argv[0]); } - strcpy(url, argv[optind++]); - strcpy(fullurl, url); + strlcpy(url, argv[optind++], sizeof(url)); + strlcpy(fullurl, url, sizeof(fullurl)); if (parse_url(url)) { fprintf(stderr, "%s: invalid URL\n", argv[0]); usage(argv[0]); |