eliminate strcpy & strcat, by using strlcpy, strlcat or snprintf where

author deraadt <deraadt@openbsd.org>

Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)

committer deraadt <deraadt@openbsd.org>

Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)
author deraadt <deraadt@openbsd.org>
Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)
committer deraadt <deraadt@openbsd.org>
Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)
diff --git a/libexec/tradcpp/files.c b/libexec/tradcpp/files.c

index ea151b2..e5e9455 100644 (file)
--- a/libexec/tradcpp/files.c
+++ b/libexec/tradcpp/files.c
@@ -313,11 +313,7 @@ mkfilename(struct place *place, const char *dir, const char *file)
  
         rlen = dlen + (needslash ? 1 : 0) + flen;
         ret = domalloc(rlen + 1);
-       strcpy(ret, dir);
-       if (needslash) {
-               strcat(ret, "/");
-       }
-       strcat(ret, file);
+       snprintf(ret, rlen+1, "%s%s%s", dir, needslash ? "/" : "", file);
         return ret;
  }
  
diff --git a/libexec/tradcpp/macro.c b/libexec/tradcpp/macro.c

index 2105980..8fe1e37 100644 (file)
--- a/libexec/tradcpp/macro.c
+++ b/libexec/tradcpp/macro.c
@@ -779,10 +779,10 @@ expand_substitute(struct place *p, struct expstate *es)
         for (i=0; i<num; i++) {
                 ei = expansionitemarray_get(&es->curmacro->expansion, i);
                 if (ei->isstring) {
-                       strcat(ret, ei->string);
+                       strlcat(ret, ei->string, len+1);
                 } else {
                         arg = stringarray_get(&es->args, ei->param);
-                       strcat(ret, arg);
+                       strlcat(ret, arg, len+1);
                 }
         }
  
diff --git a/libexec/tradcpp/utils.c b/libexec/tradcpp/utils.c

index d4ab7a1..8be2d1e 100644 (file)
--- a/libexec/tradcpp/utils.c
+++ b/libexec/tradcpp/utils.c
@@ -29,6 +29,7 @@
  
  #include <stdlib.h>
  #include <string.h>
+#include <stdio.h>
  #include <assert.h>
  
  #include "utils.h"
@@ -170,7 +171,7 @@ dostrdup(const char *s)
  
         len = strlen(s);
         ret = domalloc(len+1);
-       strcpy(ret, s);
+       strlcpy(ret, s, len+1);
         return ret;
  }
  
@@ -182,8 +183,7 @@ dostrdup2(const char *s, const char *t)
  
         len = strlen(s) + strlen(t);
         ret = domalloc(len+1);
-       strcpy(ret, s);
-       strcat(ret, t);
+       snprintf(ret, len+1, "%s%s", s, t);
         return ret;
  }
  
@@ -195,9 +195,7 @@ dostrdup3(const char *s, const char *t, const char *u)
  
         len = strlen(s) + strlen(t) + strlen(u);
         ret = domalloc(len+1);
-       strcpy(ret, s);
-       strcat(ret, t);
-       strcat(ret, u);
+       snprintf(ret, len+1, "%s%s%s", s, t, u);
         return ret;
  }
author	deraadt <deraadt@openbsd.org>
	Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)
committer	deraadt <deraadt@openbsd.org>
	Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)
libexec/tradcpp/files.c		patch \| blob \| history
libexec/tradcpp/macro.c		patch \| blob \| history
libexec/tradcpp/utils.c		patch \| blob \| history