From a08190694c94aa65f5584c0a246310ea8d4e1f69 Mon Sep 17 00:00:00 2001
From: matthieu <matthieu@openbsd.org>
Date: Tue, 10 Jul 2018 14:44:34 +0000
Subject: [PATCH] Get rid of strcpy and strncpy (they were all looking safe
 though)

---
 app/xenodm/greeter/Login.c   | 15 +++++++--------
 app/xenodm/greeter/greet.c   |  6 ++----
 app/xenodm/xenodm/auth.c     |  3 +--
 app/xenodm/xenodm/file.c     |  3 +--
 app/xenodm/xenodm/resource.c |  9 +++------
 app/xenodm/xenodm/util.c     |  7 +++----
 6 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/app/xenodm/greeter/Login.c b/app/xenodm/greeter/Login.c
index 5692071d3..252ea94ab 100644
--- a/app/xenodm/greeter/Login.c
+++ b/app/xenodm/greeter/Login.c
@@ -763,7 +763,7 @@ SetPrompt (Widget ctx, int promptNum, const char *message,
         return -1;
     }
 
-    strncpy(prompt, message, messageLen);
+    strlcpy(prompt, message, messageLen);
 
     /* Make sure text prompts have at least two spaces at end */
     e = messageLen;
@@ -838,12 +838,10 @@ SetValue(Widget ctx, int promptNum, char *value)
     if (VALUE_TEXT(w, promptNum) == NULL)
         return -1;
 
-    if (value == NULL) {
+    if (value == NULL)
         bzero(VALUE_TEXT(w, promptNum), VALUE_TEXT_MAX(w, promptNum));
-    } else {
-        strncpy(VALUE_TEXT(w, promptNum), value, VALUE_TEXT_MAX(w, promptNum));
-        VALUE_TEXT(w, promptNum)[VALUE_TEXT_MAX(w, promptNum)] = '\0';
-    }
+    else
+        strlcpy(VALUE_TEXT(w, promptNum), value, VALUE_TEXT_MAX(w, promptNum));
 
     VALUE_SHOW_START(w, promptNum) = 0;
     VALUE_SHOW_END(w, promptNum) = 0;
@@ -885,8 +883,9 @@ realizeDeleteChar (LoginWidget ctx)
             } else {
                 EraseValue (ctx, redrawFrom, promptNum);
             }
-            strcpy(VALUE_TEXT(ctx, promptNum) + PROMPT_CURSOR(ctx, promptNum),
-                   VALUE_TEXT(ctx, promptNum) + PROMPT_CURSOR(ctx, promptNum) + 1);
+            strlcpy(VALUE_TEXT(ctx, promptNum) + PROMPT_CURSOR(ctx, promptNum),
+                    VALUE_TEXT(ctx, promptNum) + PROMPT_CURSOR(ctx, promptNum) + 1,
+                    VALUE_TEXT_MAX(ctx, promptNum));
             DrawValue (ctx, redrawFrom, promptNum);
         }
     }
diff --git a/app/xenodm/greeter/greet.c b/app/xenodm/greeter/greet.c
index 6f1717594..3802bb358 100644
--- a/app/xenodm/greeter/greet.c
+++ b/app/xenodm/greeter/greet.c
@@ -101,10 +101,8 @@ GreetDone (
 	    data->name, strlen (data->passwd));
     switch (status) {
     case NOTIFY_OK:
-	strncpy (name, data->name, sizeof(name));
-	name[sizeof(name)-1] = '\0';
-	strncpy (password, data->passwd, sizeof(password));
-	password[sizeof(password)-1] = '\0';
+	strlcpy (name, data->name, sizeof(name));
+	strlcpy (password, data->passwd, sizeof(password));
 	code = 0;
 	done = 1;
 	break;
diff --git a/app/xenodm/xenodm/auth.c b/app/xenodm/xenodm/auth.c
index 7f022ec88..2e4791a88 100644
--- a/app/xenodm/xenodm/auth.c
+++ b/app/xenodm/xenodm/auth.c
@@ -724,8 +724,7 @@ setAuthNumber (Xauth *auth, char *name)
 	    auth->number_length = strlen (colon);
 	number = malloc (auth->number_length + 1);
 	if (number) {
-	    strncpy (number, colon, auth->number_length);
-	    number[auth->number_length] = '\0';
+	    strlcpy (number, colon, auth->number_length);
 	} else {
 	    LogOutOfMem ("setAuthNumber");
 	    auth->number_length = 0;
diff --git a/app/xenodm/xenodm/file.c b/app/xenodm/xenodm/file.c
index d171048be..3fe73a442 100644
--- a/app/xenodm/xenodm/file.c
+++ b/app/xenodm/xenodm/file.c
@@ -89,8 +89,7 @@ splitIntoWords (char *s)
 	    freeFileArgs (args);
 	    return NULL;
 	}
-	strncpy (args[nargs], wordStart, s - wordStart);
-	args[nargs][s-wordStart] = '\0';
+	strlcpy (args[nargs], wordStart, s - wordStart);
 	++nargs;
 	args[nargs] = NULL;
     }
diff --git a/app/xenodm/xenodm/resource.c b/app/xenodm/xenodm/resource.c
index ec61b3f74..743432098 100644
--- a/app/xenodm/xenodm/resource.c
+++ b/app/xenodm/xenodm/resource.c
@@ -260,18 +260,15 @@ GetResource (
 		LogOutOfMem ("GetResource");
 		return;
 	}
-	strncpy (new_string, string, len);
-	new_string[len] = '\0';
+	strlcpy (new_string, string, len);
 	*(valuep) = new_string;
 	break;
     case DM_INT:
-	strncpy (str_buf, string, sizeof (str_buf));
-	str_buf[sizeof (str_buf)-1] = '\0';
+	strlcpy (str_buf, string, sizeof (str_buf));
 	*((int *) valuep) = atoi (str_buf);
 	break;
     case DM_BOOL:
-	strncpy (str_buf, string, sizeof (str_buf));
-	str_buf[sizeof (str_buf)-1] = '\0';
+	strlcpy (str_buf, string, sizeof (str_buf));
 	XmuCopyISOLatin1Lowered (str_buf, str_buf);
 	if (!strcmp (str_buf, "true") ||
 	    !strcmp (str_buf, "on") ||
diff --git a/app/xenodm/xenodm/util.c b/app/xenodm/xenodm/util.c
index 369ce9b0a..a2397c8d7 100644
--- a/app/xenodm/xenodm/util.c
+++ b/app/xenodm/xenodm/util.c
@@ -136,8 +136,7 @@ putEnv(const char *string, char **env)
 	return NULL;
     }
 
-    strncpy(n, string,nl + 1);
-    n[nl] = 0;
+    strlcpy(n, string,nl + 1);
 
     env = setEnv(env,n,v);
     free(n);
@@ -193,8 +192,8 @@ parseArgs (char **argv, const char *string)
 				} else {
 				    argv = newargv;
 				}
-				argv[i] = strncpy (save, word, string-word);
-				argv[i][string-word] = '\0';
+				strlcpy (save, word, string-word);
+				argv[i] = save;
 				i++;
 			}
 			if (!*string)