[64294] trunk/base/src
jmr at macports.org
jmr at macports.org
Sun Feb 28 13:59:15 PST 2010
Revision: 64294
http://trac.macports.org/changeset/64294
Author: jmr at macports.org
Date: 2010-02-28 13:59:12 -0800 (Sun, 28 Feb 2010)
Log Message:
-----------
error checking, sprintf -> snprintf, strcpy -> strncpy
Modified Paths:
--------------
trunk/base/src/darwintracelib1.0/darwintrace.c
trunk/base/src/pextlib1.0/tracelib.c
trunk/base/src/registry2.0/item.c
trunk/base/src/registry2.0/itemobj.c
trunk/base/src/registry2.0/util.c
trunk/base/src/tclobjc1.0/tclobjc_types.m
Modified: trunk/base/src/darwintracelib1.0/darwintrace.c
===================================================================
--- trunk/base/src/darwintracelib1.0/darwintrace.c 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/darwintracelib1.0/darwintrace.c 2010-02-28 21:59:12 UTC (rev 64294)
@@ -239,8 +239,10 @@
if (varValue) {
int theSize = strlen(varName) + strlen(varValue) + 2;
theResult = (char*) malloc(theSize);
- sprintf(theResult, "%s=%s", varName, varValue);
- theResult[theSize - 1] = 0;
+ if (theResult) {
+ snprintf(theResult, theSize, "%s=%s", varName, varValue);
+ theResult[theSize - 1] = 0;
+ }
}
return theResult;
@@ -334,7 +336,7 @@
int sock=socket(AF_UNIX, SOCK_STREAM, 0);
struct sockaddr_un sun;
sun.sun_family=AF_UNIX;
- strcpy(sun.sun_path, __env_darwintrace_log);
+ strncpy(sun.sun_path, __env_darwintrace_log, sizeof(sun.sun_path));
if(connect(sock, (struct sockaddr*)&sun, strlen(__env_darwintrace_log)+1+sizeof(sun.sun_family))!=-1)
{
dprintf("darwintrace: connect successful. socket %d\n", sock);
@@ -474,8 +476,8 @@
if(is_directory(path))
return 1;
- strcpy(buffer, "dep_check\t");
- strcpy(buffer+10, path);
+ strncpy(buffer, "dep_check\t", sizeof(buffer));
+ strncpy(buffer+10, path, sizeof(buffer)-10);
p=exchange_with_port(buffer, strlen(buffer)+1, 1, 0);
if(p==(char*)-1||!p)
return 0;
Modified: trunk/base/src/pextlib1.0/tracelib.c
===================================================================
--- trunk/base/src/pextlib1.0/tracelib.c 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/pextlib1.0/tracelib.c 2010-02-28 21:59:12 UTC (rev 64294)
@@ -342,9 +342,9 @@
{
char buf[1024], tclcmd[32];
- vsprintf(buf, format, va);
+ vsnprintf(buf, sizeof(buf), format, va);
- sprintf(tclcmd, "ui_%s $warn", severity);
+ snprintf(tclcmd, sizeof(tclcmd), "ui_%s $warn", severity);
Tcl_SetVar(interp, "warn", buf, 0);
Modified: trunk/base/src/registry2.0/item.c
===================================================================
--- trunk/base/src/registry2.0/item.c 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/registry2.0/item.c 2010-02-28 21:59:12 UTC (rev 64294)
@@ -150,13 +150,16 @@
sqlite3_stmt* stmt;
Tcl_Obj* result;
/* 40 + 20 per clause is safe */
- char* query = (char*)malloc((20*objc)*sizeof(char));
+ int query_size = (20*objc)*sizeof(char);
+ char* query = (char*)malloc(query_size);
+ char* query_start = "SELECT proc FROM items";
char* insert;
+ int insert_size = query_size - strlen(query_start);
if (db == NULL) {
return TCL_ERROR;
}
- strcpy(query, "SELECT proc FROM items");
- insert = query + strlen("SELECT proc FROM items");
+ strncpy(query, query_start, query_size);
+ insert = query + strlen(query_start);
for (i=2; i<objc; i++) {
int len;
int index;
@@ -179,11 +182,13 @@
}
key = Tcl_GetString(keyObj);
if (i == 2) {
- sprintf(insert, " WHERE %s=?", key);
+ snprintf(insert, insert_size, " WHERE %s=?", key);
insert += 9 + strlen(key);
+ insert_size -= 9 + strlen(key);
} else {
- sprintf(insert, " AND %s=?", key);
+ snprintf(insert, insert_size, " AND %s=?", key);
insert += 7 + strlen(key);
+ insert_size -= 7 + strlen(key);
}
}
r = sqlite3_prepare(db, query, -1, &stmt, NULL);
Modified: trunk/base/src/registry2.0/itemobj.c
===================================================================
--- trunk/base/src/registry2.0/itemobj.c 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/registry2.0/itemobj.c 2010-02-28 21:59:12 UTC (rev 64294)
@@ -110,7 +110,7 @@
int len;
const char* result;
Tcl_Obj* resultObj;
- sprintf(query, "SELECT %s FROM items WHERE rowid=?", key);
+ snprintf(query, sizeof(query), "SELECT %s FROM items WHERE rowid=?", key);
sqlite3_prepare(item->db, query, -1, &stmt, NULL);
sqlite3_bind_int64(stmt, 1, item->rowid);
sqlite3_step(stmt);
@@ -133,7 +133,7 @@
char query[64];
char* key = Tcl_GetString(objv[2]);
char* value = Tcl_GetString(objv[3]);
- sprintf(query, "UPDATE items SET %s=? WHERE rowid=?", key);
+ snprintf(query, sizeof(query), "UPDATE items SET %s=? WHERE rowid=?", key);
sqlite3_prepare(item->db, query, -1, &stmt, NULL);
sqlite3_bind_text(stmt, 1, value, -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt, 2, item->rowid);
Modified: trunk/base/src/registry2.0/util.c
===================================================================
--- trunk/base/src/registry2.0/util.c 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/registry2.0/util.c 2010-02-28 21:59:12 UTC (rev 64294)
@@ -51,11 +51,12 @@
* N^2 to N. It'll be alchemy for the 21st century.
*/
char* unique_name(Tcl_Interp* interp, char* prefix) {
- char* result = malloc(strlen(prefix) + TCL_INTEGER_SPACE + 1);
+ int result_size = strlen(prefix) + TCL_INTEGER_SPACE + 1;
+ char* result = malloc(result_size);
Tcl_CmdInfo info;
int i;
for (i=0; ; i++) {
- sprintf(result, "%s%d", prefix, i);
+ snprintf(result, result_size, "%s%d", prefix, i);
if (Tcl_GetCommandInfo(interp, result, &info) == 0) {
break;
}
Modified: trunk/base/src/tclobjc1.0/tclobjc_types.m
===================================================================
--- trunk/base/src/tclobjc1.0/tclobjc_types.m 2010-02-28 20:56:54 UTC (rev 64293)
+++ trunk/base/src/tclobjc1.0/tclobjc_types.m 2010-02-28 21:59:12 UTC (rev 64294)
@@ -110,7 +110,7 @@
/* objPtr->bytes must be allocated with Tcl_Alloc */
objPtr->bytes = Tcl_Alloc(length);
- strcpy(objPtr->bytes, string);
+ strncpy(objPtr->bytes, string, length);
free(string);
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20100228/cdd06475/attachment.html>
More information about the macports-changes
mailing list