From: Erik de Castro Lopo Date: Tue, 19 Mar 2013 09:23:44 +0000 (+1100) Subject: Replace broken str* functions with safe versions. X-Git-Tag: 1.3.0pre4~56 X-Git-Url: http://review.tizen.org/git/?p=platform%2Fupstream%2Fflac.git;a=commitdiff_plain;h=2d6354ff2a618a79d40edbd4f208b4b07c5422f1 Replace broken str* functions with safe versions. --- diff --git a/src/flac/encode.c b/src/flac/encode.c index c3e470c..50ca006 100644 --- a/src/flac/encode.c +++ b/src/flac/encode.c @@ -32,6 +32,7 @@ #include "share/grabbag.h" #include "share/compat.h" #include "share/private.h" +#include "share/safe_str.h" #include "encode.h" #ifdef min @@ -2070,8 +2071,8 @@ FLAC__bool EncoderSession_init_encoder(EncoderSession *e, encode_options_t optio return false; } else { - strcat(apodizations, options.compression_settings[ic].value.t_string); - strcat(apodizations, ";"); + safe_strncat(apodizations, options.compression_settings[ic].value.t_string, sizeof(apodizations)); + safe_strncat(apodizations, ";", sizeof(apodizations)); } break; case CST_MAX_LPC_ORDER: diff --git a/src/flac/main.c b/src/flac/main.c index 3880d09..5e4879f 100644 --- a/src/flac/main.c +++ b/src/flac/main.c @@ -37,6 +37,7 @@ #include "share/alloc.h" #include "share/grabbag.h" #include "share/compat.h" +#include "share/safe_str.h" #include "analyze.h" #include "decode.h" #include "encode.h" @@ -977,8 +978,8 @@ int parse_option(int short_option, const char *long_option, const char *option_a return usage_error("ERROR: too many seekpoints requested\n"); } else { - strcat(option_values.requested_seek_points, option_argument); - strcat(option_values.requested_seek_points, ";"); + safe_strncat(option_values.requested_seek_points, option_argument, sizeof(option_values.requested_seek_points)); + safe_strncat(option_values.requested_seek_points, ";", sizeof(option_values.requested_seek_points)); } } break; @@ -1894,14 +1895,15 @@ int encode_file(const char *infilename, FLAC__bool is_first_file, FLAC__bool is_ /* if infilename and outfilename point to the same file, we need to write to a temporary file */ if(encode_infile != stdin && grabbag__file_are_same(infilename, outfilename)) { static const char *tmp_suffix = ".tmp,fl-ac+en'c"; + size_t dest_len = strlen(outfilename) + strlen(tmp_suffix) + 1; /*@@@@ still a remote possibility that a file with this filename exists */ - if(0 == (internal_outfilename = safe_malloc_add_3op_(strlen(outfilename), /*+*/strlen(tmp_suffix), /*+*/1))) { + if(0 == (internal_outfilename = safe_malloc_(dest_len))) { flac__utils_printf(stderr, 1, "ERROR allocating memory for tempfile name\n"); conditional_fclose(encode_infile); return 1; } - strcpy(internal_outfilename, outfilename); - strcat(internal_outfilename, tmp_suffix); + safe_strncpy(internal_outfilename, outfilename, dest_len); + safe_strncat(internal_outfilename, tmp_suffix, dest_len); } if(input_format == FORMAT_RAW) { @@ -2173,7 +2175,7 @@ const char *get_outfilename(const char *infilename, const char *suffix) static char buffer[4096]; /* @@@ bad MAGIC NUMBER */ if(0 == strcmp(infilename, "-") || option_values.force_to_stdout) { - strcpy(buffer, "-"); + safe_strncpy(buffer, "-", sizeof(buffer)); } else { char *p; diff --git a/src/libFLAC/metadata_iterators.c b/src/libFLAC/metadata_iterators.c index d2a229a..bc3823e 100644 --- a/src/libFLAC/metadata_iterators.c +++ b/src/libFLAC/metadata_iterators.c @@ -47,6 +47,7 @@ #include "share/alloc.h" #include "share/compat.h" #include "share/macros.h" +#include "share/safe_str.h" #include "private/macros.h" #include "private/memory.h" @@ -3198,28 +3199,32 @@ FLAC__bool open_tempfile_(const char *filename, const char *tempfile_path_prefix { static const char *tempfile_suffix = ".metadata_edit"; if(0 == tempfile_path_prefix) { - if(0 == (*tempfilename = safe_malloc_add_3op_(strlen(filename), /*+*/strlen(tempfile_suffix), /*+*/1))) { + size_t dest_len = strlen(filename) + strlen(tempfile_suffix) + 1; + if(0 == (*tempfilename = safe_malloc_(dest_len))) { *status = FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; return false; } - strcpy(*tempfilename, filename); - strcat(*tempfilename, tempfile_suffix); + safe_strncpy(*tempfilename, filename, dest_len); + safe_strncat(*tempfilename, tempfile_suffix, dest_len); } else { const char *p = strrchr(filename, '/'); + size_t dest_len; if(0 == p) p = filename; else p++; - if(0 == (*tempfilename = safe_malloc_add_4op_(strlen(tempfile_path_prefix), /*+*/strlen(p), /*+*/strlen(tempfile_suffix), /*+*/2))) { + dest_len = strlen(tempfile_path_prefix) + strlen(p) + strlen(tempfile_suffix) + 2; + + if(0 == (*tempfilename = safe_malloc_(dest_len))) { *status = FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; return false; } - strcpy(*tempfilename, tempfile_path_prefix); - strcat(*tempfilename, "/"); - strcat(*tempfilename, p); - strcat(*tempfilename, tempfile_suffix); + safe_strncpy(*tempfilename, tempfile_path_prefix, dest_len); + safe_strncat(*tempfilename, "/", dest_len); + safe_strncat(*tempfilename, p, dest_len); + safe_strncat(*tempfilename, tempfile_suffix, dest_len); } if(0 == (*tempfile = fopen(*tempfilename, "w+b"))) { diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c index 107be9d..13e7cec 100644 --- a/src/metaflac/utils.c +++ b/src/metaflac/utils.c @@ -20,15 +20,16 @@ # include #endif -#include "utils.h" -#include "FLAC/assert.h" -#include "share/alloc.h" -#include "share/utf8.h" #include #include #include #include #include +#include "utils.h" +#include "FLAC/assert.h" +#include "share/alloc.h" +#include "share/safe_str.h" +#include "share/utf8.h" void die(const char *message) { @@ -72,7 +73,7 @@ void local_strcat(char **dest, const char *source) *dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1); if(0 == *dest) die("out of memory growing string"); - strcpy((*dest)+ndest, source); + safe_strncpy((*dest)+ndest, source, ndest + nsource + 1); } void hexdump(const char *filename, const FLAC__byte *buf, unsigned bytes, const char *indent) diff --git a/src/monkeys_audio_utilities/flac_mac/main.c b/src/monkeys_audio_utilities/flac_mac/main.c index c93a9c9..e8582a4 100644 --- a/src/monkeys_audio_utilities/flac_mac/main.c +++ b/src/monkeys_audio_utilities/flac_mac/main.c @@ -33,6 +33,8 @@ #include #include +#include "share/safe_str.h" + static int execit(char *prog, char *args); static int forkit(char *prog, char *args); @@ -44,11 +46,11 @@ int main(int argc, char *argv[]) /* get the directory where MAC external codecs reside */ if(0 != (p = strrchr(argv[0],'\\'))) { - strcpy(macdir, argv[0]); + safe_strncpy(macdir, argv[0], sizeof(macdir)); *(strrchr(macdir,'\\')+1) = '\0'; } else { - strcpy(macdir, ""); + safe_strncpy(macdir, "", sizeof(macdir)); } /* determine which codec we were called as and parse the options */ @@ -104,8 +106,8 @@ int main(int argc, char *argv[]) flac_snprintf(options, sizeof (options), "-%d", flac_level); for(i = opt_arg; i < argc; i++) if(argv[i][0] == '-') { - strcat(options, " "); - strcat(options, argv[i]); + safe_strncat(options, " "); + safe_strncat(options, argv[i]); } flac_snprintf(cmdline, sizeof (cmdline), "\"%s\" %s -o \"%s\" \"%s\"", prog, options, argv[to_arg], argv[from_arg]); @@ -117,27 +119,46 @@ int main(int argc, char *argv[]) * it's final resting place. */ if(0 == flac_return_val) { + char *cptr; /* get the destination directory, if any */ if(0 != (p = strchr(argv[to_arg],'\\'))) { - strcpy(from, argv[to_arg]); + safe_strncpy(from, argv[to_arg], sizeof(from)); *(strrchr(from,'\\')+1) = '\0'; } else { - strcpy(from, ""); + safe_strncpy(from, "", sizeof(from)); } /* for the full 'from' and 'to' paths for the renamer process */ p = strrchr(argv[from_arg],'\\'); - strcat(from, p? p+1 : argv[from_arg]); - strcpy(to, from); - if(0 == strchr(from,'.')) + safe_strncat(from, p? p+1 : argv[from_arg]); + safe_strncpy(to, from, sizeof(to)); + + cptr = strrchr(from,'.'); + if(cptr == NULL) return -3; + cptr [0] = 0; + switch(codec) { - case SHORTEN: strcpy(strrchr(from,'.'), ".shn"); break; - case WAVPACK: strcpy(strrchr(from,'.'), ".wv"); break; - case RKAU: strcpy(strrchr(from,'.'), ".rka"); break; + case SHORTEN: + safe_strncat(from, ".shn", sizeof (from)); + break; + case WAVPACK: + safe_strncat(from, ".wv", sizeof (from)); + break; + case RKAU: + safe_strncpy(from, ".rka", sizeof (from)); + break; + default: + return -4; } - strcpy(strrchr(to,'.'), ".flac"); + + cptr = strrchr(to,'.'); + if(cptr == NULL) + return -3; + cptr [0] = 0; + + safe_strncat(to, ".flac", sizeof(to)); flac_snprintf(prog, sizeof (prog), "%sflac_ren.exe", macdir); flac_snprintf(cmdline, sizeof (cmdline), "\"%s\" \"%s\" \"%s\"", prog, from, to); diff --git a/src/share/grabbag/cuesheet.c b/src/share/grabbag/cuesheet.c index 15ca5f3..76d49c4 100644 --- a/src/share/grabbag/cuesheet.c +++ b/src/share/grabbag/cuesheet.c @@ -20,12 +20,13 @@ # include #endif -#include "share/grabbag.h" -#include "share/compat.h" -#include "FLAC/assert.h" #include #include #include +#include "FLAC/assert.h" +#include "share/compat.h" +#include "share/grabbag.h" +#include "share/safe_str.h" unsigned grabbag__cuesheet_msf_to_frame(unsigned minutes, unsigned seconds, unsigned frames) { @@ -292,7 +293,7 @@ static FLAC__bool local__cuesheet_parse_(FILE *file, const char **error_message, *error_message = "CD-DA CATALOG number must be 13 decimal digits"; return false; } - strcpy(cs->media_catalog_number, field); + safe_strncpy(cs->media_catalog_number, field, sizeof(cs->media_catalog_number)); disc_has_catalog = true; } else if(0 == FLAC__STRCASECMP(field, "FLAGS")) { @@ -421,7 +422,7 @@ static FLAC__bool local__cuesheet_parse_(FILE *file, const char **error_message, *error_message = "invalid ISRC number"; return false; } - strcpy(cs->tracks[cs->num_tracks-1].isrc, field); + safe_strncpy(cs->tracks[cs->num_tracks-1].isrc, field, sizeof(cs->tracks[cs->num_tracks-1].isrc)); track_has_isrc = true; } else if(0 == FLAC__STRCASECMP(field, "TRACK")) { diff --git a/src/share/grabbag/replaygain.c b/src/share/grabbag/replaygain.c index 8832888..34cac63 100644 --- a/src/share/grabbag/replaygain.c +++ b/src/share/grabbag/replaygain.c @@ -20,11 +20,6 @@ # include #endif -#include "share/grabbag.h" -#include "share/replaygain_analysis.h" -#include "FLAC/assert.h" -#include "FLAC/metadata.h" -#include "FLAC/stream_decoder.h" #include #include #include @@ -35,6 +30,13 @@ #endif #include /* for stat(), maybe chmod() */ +#include "FLAC/assert.h" +#include "FLAC/metadata.h" +#include "FLAC/stream_decoder.h" +#include "share/grabbag.h" +#include "share/replaygain_analysis.h" +#include "share/safe_str.h" + #ifdef local_min #undef local_min #endif @@ -591,8 +593,7 @@ static FLAC__bool parse_double_(const FLAC__StreamMetadata_VorbisComment_Entry * if(0 == q) return false; q++; - memset(s, 0, sizeof(s)-1); - strncpy(s, q, local_min(sizeof(s)-1, (size_t) (entry->length - (q-p)))); + safe_strncpy(s, q, local_min(sizeof(s), (size_t) (entry->length - (q-p)))); v = strtod(s, &end); if(end == s) diff --git a/src/share/utf8/charset_test.c b/src/share/utf8/charset_test.c index 1840076..82b6b3f 100644 --- a/src/share/utf8/charset_test.c +++ b/src/share/utf8/charset_test.c @@ -119,7 +119,7 @@ void test_utf8() assert(charset_mbtowc(charset, &wc, "\377\277\277\277\277\277", 9) == -1); /* Encoder */ - strcpy(s, "......."); + safe_strncpy(s, ".......", sizeof(s)); assert(charset_wctomb(charset, s, 1 << 31) == -1 && !strcmp(s, ".......")); assert(charset_wctomb(charset, s, 127) == 1 && @@ -161,7 +161,7 @@ void test_ascii() assert(charset_mbtowc(charset, &wc, "\200", 2) == -1); /* Encoder */ - strcpy(s, ".."); + safe_strncpy(s, "..", sizeof(s)); assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, "..")); assert(charset_wctomb(charset, s, 255) == -1); assert(charset_wctomb(charset, s, 128) == -1); @@ -182,7 +182,7 @@ void test_iso1() assert(charset_mbtowc(charset, &wc, "\302\200", 9) == 1 && wc == 0xc2); /* Encoder */ - strcpy(s, ".."); + safe_strncpy(s, "..", sizeof(s)); assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, "..")); assert(charset_wctomb(charset, s, 255) == 1 && !strcmp(s, "\377.")); assert(charset_wctomb(charset, s, 128) == 1 && !strcmp(s, "\200.")); @@ -203,7 +203,7 @@ void test_iso2() assert(charset_mbtowc(charset, &wc, "\377", 2) == 1 && wc == 0x2d9); /* Encoder */ - strcpy(s, ".."); + safe_strncpy(s, "..", sizeof(s)); assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, "..")); assert(charset_wctomb(charset, s, 255) == -1 && !strcmp(s, "..")); assert(charset_wctomb(charset, s, 258) == 1 && !strcmp(s, "\303.")); @@ -230,7 +230,7 @@ void test_convert() assert(charset_convert("UTF-8", "iso-8859-1", "\302\200\304\200x", 5, &q, &n) == 1 && n == 3 && !strcmp(q, "\200?x")); - assert(charset_convert("iso-8859-1", "UTF-8", + assert(charset_convert("iso-8859-1", "UTF-8", "\000\200\377", 3, &q, &n) == 0 && n == 5 && !memcmp(q, "\000\302\200\303\277", 5)); assert(charset_convert("iso-8859-1", "iso-8859-1", diff --git a/src/share/utf8/iconvert.c b/src/share/utf8/iconvert.c index b5ed2c3..d52deab 100644 --- a/src/share/utf8/iconvert.c +++ b/src/share/utf8/iconvert.c @@ -30,6 +30,7 @@ #include "iconvert.h" #include "share/alloc.h" +#include "share/safe_str.h" /* * Convert data from one encoding to another. Return: @@ -76,18 +77,18 @@ int iconvert(const char *fromcode, const char *tocode, tocode[4] != '8' || tocode[5] != '\0') { char *tocode1; - + size_t dest_len = strlen(tocode) + 11; /* * Try using this non-standard feature of glibc and libiconv. * This is deliberately not a config option as people often * change their iconv library without rebuilding applications. */ - tocode1 = safe_malloc_add_2op_(strlen(tocode), /*+*/11); + tocode1 = safe_malloc_(dest_len); if (!tocode1) goto fail; - strcpy(tocode1, tocode); - strcat(tocode1, "//TRANSLIT"); + safe_strncpy(tocode1, tocode, dest_len); + safe_strncat(tocode1, "//TRANSLIT", dest_len); cd2 = iconv_open(tocode1, "UTF-8"); free(tocode1); diff --git a/src/share/utf8/utf8.c b/src/share/utf8/utf8.c index 48fe355..63827c7 100644 --- a/src/share/utf8/utf8.c +++ b/src/share/utf8/utf8.c @@ -31,6 +31,7 @@ #include #include "share/alloc.h" +#include "share/safe_str.h" #include "utf8.h" #include "charset.h" @@ -298,7 +299,7 @@ static int convert_string(const char *fromcode, const char *tocode, s = safe_malloc_add_2op_(fromlen, /*+*/1); if (!s) return -1; - strcpy(s, from); + safe_strncpy(s, from, fromlen + 1); *to = s; for (; *s; s++) if (*s & ~0x7f) diff --git a/src/test_libFLAC/metadata_manip.c b/src/test_libFLAC/metadata_manip.c index ea51d17..baedd10 100644 --- a/src/test_libFLAC/metadata_manip.c +++ b/src/test_libFLAC/metadata_manip.c @@ -38,6 +38,7 @@ #include "share/grabbag.h" #include "share/compat.h" #include "share/macros.h" +#include "share/safe_str.h" #include "test_libs_common/file_utils_flac.h" #include "test_libs_common/metadata_utils.h" #include "metadata.h" @@ -186,11 +187,11 @@ static void delete_from_our_metadata_(unsigned position) static FLAC__bool open_tempfile_(const char *filename, FILE **tempfile, char **tempfilename) { static const char *tempfile_suffix = ".metadata_edit"; - - if(0 == (*tempfilename = malloc(strlen(filename) + strlen(tempfile_suffix) + 1))) + size_t dest_len = strlen(filename) + strlen(tempfile_suffix) + 1; + if(0 == (*tempfilename = malloc(dest_len))) return false; - strcpy(*tempfilename, filename); - strcat(*tempfilename, tempfile_suffix); + safe_strncpy(*tempfilename, filename, dest_len); + safe_strncat(*tempfilename, tempfile_suffix, dest_len); if(0 == (*tempfile = fopen(*tempfilename, "wb"))) return false; @@ -545,7 +546,7 @@ static FLAC__bool generate_file_(FLAC__bool include_extras, FLAC__bool is_ogg) if (0 == (cuesheet = FLAC__metadata_object_new(FLAC__METADATA_TYPE_CUESHEET))) return die_("priming our metadata"); cuesheet->is_last = false; - strcpy(cuesheet->data.cue_sheet.media_catalog_number, "bogo-MCN"); + safe_strncpy(cuesheet->data.cue_sheet.media_catalog_number, "bogo-MCN", sizeof(cuesheet->data.cue_sheet.media_catalog_number)); cuesheet->data.cue_sheet.lead_in = 123; cuesheet->data.cue_sheet.is_cd = false; if (!FLAC__metadata_object_cuesheet_insert_blank_track(cuesheet, 0))