Fix various warnings.

Remove uses of strcat, strcpy, sprintf, etc.
Fix warnings about unused variables.

src/acl.c

@@ -466,7 +466,8 @@ int add_domain_to_acl(char *domain) {
                         logit(LOG_ERR,"Can't allocate memory for ACL, malloc error\n");
                         return 0;
                 }
-                strcpy(dns_acl_curr->domain, domain);
+                strncpy(dns_acl_curr->domain, domain, sizeof(dns_acl_curr->domain));
+				dns_acl_curr->domain[sizeof(dns_acl_curr->domain) - 1] = '\0';
                 dns_acl_curr->next = NULL;
 
                 if (dns_acl_head == NULL)

src/check_nrpe.c

@@ -529,7 +529,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
 			if (i <= 0)
 				break;
 
-			strcat(query, "!");
+			strncat(query, "!", i);
 			strncat(query, argv[c], i);
 			query[sizeof(query) - 1] = '\x0';
 		}
@@ -1012,8 +1012,9 @@ void setup_ssl()
 		}
 
 		if (!sslprm.allowDH) {
-			if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6) {
-				strcat(sslprm.cipher_list, ":!ADH");
+			x = strlen(sslprm.cipher_list);
+			if (x < sizeof(sslprm.cipher_list) - 6) {
+				strncpy(sslprm.cipher_list + x, ":!ADH", sizeof(sslprm.cipher_list) - x);
 				if (sslprm.log_opts & SSL_LogStartup)
 					logit(LOG_INFO, "New SSL Cipher List: %s", sslprm.cipher_list);
 			}
@@ -1062,10 +1063,13 @@ void set_sig_handlers()
 
 int connect_to_remote()
 {
+#ifdef HAVE_SSL
+	int rc, ssl_err, ern, x, nerrs = 0;
+#endif
 	struct sockaddr_storage addr;
 	struct in_addr *inaddr;
 	socklen_t addrlen;
-	int result, rc, ssl_err, ern, x, nerrs = 0;
+	int result;
 
 	/* try to connect to the host at the given port number */
 	if ((sd = my_connect(server_name, &hostaddr, server_port, address_family, bind_address, stderr_to_stdout)) < 0)
@@ -1073,7 +1077,7 @@ int connect_to_remote()
 
 	result = STATE_OK;
 	addrlen = sizeof(addr);
-	rc = getpeername(sd, (struct sockaddr *)&addr, &addrlen);
+	getpeername(sd, (struct sockaddr *)&addr, &addrlen);
 	if (addr.ss_family == AF_INET) {
 		struct sockaddr_in *addrin = (struct sockaddr_in *)&addr;
 		inaddr = &addrin->sin_addr;
@@ -1224,10 +1228,10 @@ int send_request()
 		v2_send_packet->crc32_value = htonl(calculated_crc32);
 
 	} else {
-
-		pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(query) + 1;
+		int query_len = strlen(query);
+		pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + query_len + 1;
 		if (packet_ver == NRPE_PACKET_VERSION_3) {
-			pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(query) + 1;
+			pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + query_len + 1;
 		}
 		if (pkt_size < sizeof(v2_packet)) {
 			pkt_size = sizeof(v2_packet);
@@ -1242,7 +1246,7 @@ int send_request()
 		v3_send_packet->buffer_length = pkt_size - sizeof(v3_packet);
 		v3_send_packet->buffer_length += (packet_ver == NRPE_PACKET_VERSION_4 ? NRPE_V4_PACKET_SIZE_OFFSET : NRPE_V3_PACKET_SIZE_OFFSET);
 		v3_send_packet->buffer_length = htonl(v3_send_packet->buffer_length);
-		strcpy(&v3_send_packet->buffer[0], query);
+		memcpy(&v3_send_packet->buffer[0], query, query_len + 1);
 
 		/* calculate the crc 32 value of the packet */
 		v3_send_packet->crc32_value = 0;
@@ -1253,7 +1257,9 @@ int send_request()
 	/* send the request to the remote */
 	bytes_to_send = pkt_size;
 
+#ifdef HAVE_SSL
 	if (use_ssl == FALSE)
+#endif
 		rc = sendall(sd, (char *)send_pkt, &bytes_to_send);
 #ifdef HAVE_SSL
 	else {
@@ -1420,8 +1426,11 @@ int read_response()
 
 int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pkt)
 {
+#ifdef HAVE_SSL
+	int32_t bytes_read = 0;
+#endif
 	v2_packet	packet;
-	int32_t pkt_size, common_size, tot_bytes, bytes_to_recv, buffer_size, bytes_read = 0;
+	int32_t pkt_size, common_size, tot_bytes, bytes_to_recv, buffer_size;
 	int rc;
 	char *buff_ptr;
 

src/nrpe.c

@@ -187,7 +187,7 @@ int main(int argc, char **argv)
 		buffer[sizeof(buffer) - 1] = '\x0';
 
 		/* get absolute path of current working directory */
-		strcpy(config_file, "");
+		config_file[0] = '\0';
 		if (getcwd(config_file, sizeof(config_file)) == NULL) {
 			printf("ERROR: getcwd(): %s, bailing out...\n", strerror(errno));
 			exit(STATE_CRITICAL);
@@ -487,8 +487,9 @@ void init_ssl(void)
 	}
 
 	if (!sslprm.allowDH) {
-		if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6)
-			strcat(sslprm.cipher_list, ":!ADH");
+		i = strlen(sslprm.cipher_list);
+		if (i < sizeof(sslprm.cipher_list) - 6)
+			strncpy(sslprm.cipher_list + i, ":!ADH", sizeof(sslprm.cipher_list) - i);
 	} else {
 		/* use anonymous DH ciphers */
 		if (sslprm.allowDH == 2) {
@@ -1710,7 +1711,8 @@ void conn_check_peer(int sock)
 
 		case AF_INET6:
 			/* log info */
-			strcpy(remote_host, ipstr);
+			strncpy(remote_host, ipstr, sizeof(remote_host));
+			remote_host[sizeof(remote_host) - 1] = '\0';
 			if (debug == TRUE || (sslprm.log_opts & SSL_LogIpAddr)) {
 				logit(LOG_DEBUG, "Connection from %s port %d", ipstr, nptr6->sin6_port);
 			}
@@ -1860,8 +1862,9 @@ void handle_connection(int sock)
 		if (v3_receive_packet)
 			send_buff = strdup(buffer);
 		else {
-			send_buff = calloc(1, sizeof(buffer));
-			strcpy(send_buff, buffer);
+			int size = sizeof(buffer);
+			send_buff = calloc(1, size);
+			strncpy(send_buff, buffer, size);
 		}
 		result = STATE_OK;
 
@@ -1877,8 +1880,9 @@ void handle_connection(int sock)
 			if (v3_receive_packet)
 				send_buff = strdup(buffer);
 			else {
-				send_buff = calloc(1, sizeof(buffer));
-				strcpy(send_buff, buffer);
+				int size = sizeof(buffer);
+				send_buff = calloc(1, size);
+				strncpy(send_buff, buffer, size);
 			}
 			result = STATE_UNKNOWN;
 
@@ -1897,7 +1901,7 @@ void handle_connection(int sock)
 				logit(LOG_DEBUG, "Running command: %s", processed_command);
 
 			/* run the command */
-			strcpy(buffer, "");
+			buffer[0] = '\0';
 			result = my_system(processed_command, command_timeout, &early_timeout, &send_buff);
 
 			if (debug == TRUE)	/* log debug info */
@@ -1906,11 +1910,13 @@ void handle_connection(int sock)
 
 			/* see if the command timed out */
 			if (early_timeout == TRUE) {
-				sprintf(send_buff, "NRPE: Command timed out after %d seconds\n",
+				free(send_buff);
+				asprintf(&send_buff, "NRPE: Command timed out after %d seconds\n",
 						command_timeout);
 				result = STATE_UNKNOWN;
 			} else if (!strcmp(send_buff, "")) {
-				sprintf(send_buff, "NRPE: Unable to read output\n");
+				free(send_buff);
+				asprintf(&send_buff, "NRPE: Unable to read output\n");
 				result = STATE_UNKNOWN;
 			}
 
@@ -1959,10 +1965,10 @@ void handle_connection(int sock)
 		send_packet.crc32_value = htonl(calculated_crc32);
 
 	} else {
-
-		pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
+		int send_buff_len = strlen(send_buff);
+		pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + send_buff_len + 1;
 		if (packet_ver == NRPE_PACKET_VERSION_3) {
-			pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
+			pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + send_buff_len + 1;
 		}
 		v3_send_packet = calloc(1, pkt_size);
 		send_pkt = (char *)v3_send_packet;
@@ -1971,8 +1977,8 @@ void handle_connection(int sock)
 		v3_send_packet->packet_type = htons(RESPONSE_PACKET);
 		v3_send_packet->result_code = htons(result);
 		v3_send_packet->alignment = 0;
-		v3_send_packet->buffer_length = htonl(strlen(send_buff) + 1);
-		strcpy(&v3_send_packet->buffer[0], send_buff);
+		v3_send_packet->buffer_length = htonl(send_buff_len + 1);
+		memcpy(&v3_send_packet->buffer[0], send_buff, send_buff_len + 1);
 
 		/* calculate the crc 32 value of the packet */
 		v3_send_packet->crc32_value = 0;
@@ -2653,7 +2659,7 @@ int write_pid_file(void)
 
 	/* write new pid file */
 	if ((fd = open(pid_file, O_WRONLY | O_CREAT, 0644)) >= 0) {
-		sprintf(pbuf, "%d\n", (int)getpid());
+		snprintf(pbuf, sizeof(pbuf), "%d\n", (int)getpid());
 
 		if (write(fd, pbuf, strlen(pbuf)) == -1)
 			logit(LOG_ERR, "ERROR: write_pid_file() write(fd, pbuf) failed...");
@@ -2929,7 +2935,7 @@ int process_macros(char *input_buffer, char *output_buffer, int buffer_length)
 	int       arg_index = 0;
 	char     *selected_macro = NULL;
 
-	strcpy(output_buffer, "");
+	output_buffer[0] = '\0';
 
 	in_macro = FALSE;