diff options
| author | Mark Adler <madler@alumni.caltech.edu> | 2012-05-02 23:18:38 -0700 |
|---|---|---|
| committer | Mark Adler <madler@alumni.caltech.edu> | 2012-05-02 23:18:38 -0700 |
| commit | c58f7ab28d5fc346032592414055db4edcc18050 (patch) | |
| tree | dfbaf405ca98d3101fb8c7319c17846b23c6aad5 | |
| parent | 2689b3cceb054f83d4d084ffc1db09606b0c2515 (diff) | |
| download | zlib-c58f7ab28d5fc346032592414055db4edcc18050.tar.gz zlib-c58f7ab28d5fc346032592414055db4edcc18050.tar.bz2 zlib-c58f7ab28d5fc346032592414055db4edcc18050.zip | |
Replace use of unsafe string functions with snprintf if available.
This avoids warnings in OpenBSD that apparently can't be turned
off whenever you link strcpy, strcat, or sprintf. When snprintf
isn't available, the use of the "unsafe" string functions has
always in fact been safe, since the lengths are all checked before
those functions are called.
We do not use strlcpy or strlcat, since they are not (yet) found on
all systems. snprintf on the other hand is part of the C standard
library and is very common.
| -rw-r--r-- | gzlib.c | 13 | ||||
| -rw-r--r-- | test/minigzip.c | 16 |
2 files changed, 29 insertions, 0 deletions
| @@ -208,7 +208,11 @@ local gzFile gz_open(path, fd, mode) | |||
| 208 | *(state->path) = 0; | 208 | *(state->path) = 0; |
| 209 | else | 209 | else |
| 210 | #endif | 210 | #endif |
| 211 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 212 | snprintf(state->path, len + 1, "%s", (const char *)path); | ||
| 213 | #else | ||
| 211 | strcpy(state->path, path); | 214 | strcpy(state->path, path); |
| 215 | #endif | ||
| 212 | 216 | ||
| 213 | /* compute the flags for open() */ | 217 | /* compute the flags for open() */ |
| 214 | oflag = | 218 | oflag = |
| @@ -284,7 +288,11 @@ gzFile ZEXPORT gzdopen(fd, mode) | |||
| 284 | 288 | ||
| 285 | if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL) | 289 | if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL) |
| 286 | return NULL; | 290 | return NULL; |
| 291 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 292 | snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); /* for debugging */ | ||
| 293 | #else | ||
| 287 | sprintf(path, "<fd:%d>", fd); /* for debugging */ | 294 | sprintf(path, "<fd:%d>", fd); /* for debugging */ |
| 295 | #endif | ||
| 288 | gz = gz_open(path, fd, mode); | 296 | gz = gz_open(path, fd, mode); |
| 289 | free(path); | 297 | free(path); |
| 290 | return gz; | 298 | return gz; |
| @@ -594,9 +602,14 @@ void ZLIB_INTERNAL gz_error(state, err, msg) | |||
| 594 | state->msg = (char *)"out of memory"; | 602 | state->msg = (char *)"out of memory"; |
| 595 | return; | 603 | return; |
| 596 | } | 604 | } |
| 605 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 606 | snprintf(state->msg, strlen(state->path) + strlen(msg) + 3, | ||
| 607 | "%s%s%s", state->path, ": ", msg); | ||
| 608 | #else | ||
| 597 | strcpy(state->msg, state->path); | 609 | strcpy(state->msg, state->path); |
| 598 | strcat(state->msg, ": "); | 610 | strcat(state->msg, ": "); |
| 599 | strcat(state->msg, msg); | 611 | strcat(state->msg, msg); |
| 612 | #endif | ||
| 600 | return; | 613 | return; |
| 601 | } | 614 | } |
| 602 | 615 | ||
diff --git a/test/minigzip.c b/test/minigzip.c index aa7ac7a..0a1f81f 100644 --- a/test/minigzip.c +++ b/test/minigzip.c | |||
| @@ -463,8 +463,12 @@ void file_compress(file, mode) | |||
| 463 | exit(1); | 463 | exit(1); |
| 464 | } | 464 | } |
| 465 | 465 | ||
| 466 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 467 | snprintf(outfile, sizeof(outfile), "%s%s", file, GZ_SUFFIX); | ||
| 468 | #else | ||
| 466 | strcpy(outfile, file); | 469 | strcpy(outfile, file); |
| 467 | strcat(outfile, GZ_SUFFIX); | 470 | strcat(outfile, GZ_SUFFIX); |
| 471 | #endif | ||
| 468 | 472 | ||
| 469 | in = fopen(file, "rb"); | 473 | in = fopen(file, "rb"); |
| 470 | if (in == NULL) { | 474 | if (in == NULL) { |
| @@ -499,7 +503,11 @@ void file_uncompress(file) | |||
| 499 | exit(1); | 503 | exit(1); |
| 500 | } | 504 | } |
| 501 | 505 | ||
| 506 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 507 | snprintf(buf, sizeof(buf), "%s", file); | ||
| 508 | #else | ||
| 502 | strcpy(buf, file); | 509 | strcpy(buf, file); |
| 510 | #endif | ||
| 503 | 511 | ||
| 504 | if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) { | 512 | if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) { |
| 505 | infile = file; | 513 | infile = file; |
| @@ -508,7 +516,11 @@ void file_uncompress(file) | |||
| 508 | } else { | 516 | } else { |
| 509 | outfile = file; | 517 | outfile = file; |
| 510 | infile = buf; | 518 | infile = buf; |
| 519 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 520 | snprintf(buf + len, sizeof(buf) - len, "%s", GZ_SUFFIX); | ||
| 521 | #else | ||
| 511 | strcat(infile, GZ_SUFFIX); | 522 | strcat(infile, GZ_SUFFIX); |
| 523 | #endif | ||
| 512 | } | 524 | } |
| 513 | in = gzopen(infile, "rb"); | 525 | in = gzopen(infile, "rb"); |
| 514 | if (in == NULL) { | 526 | if (in == NULL) { |
| @@ -546,7 +558,11 @@ int main(argc, argv) | |||
| 546 | gzFile file; | 558 | gzFile file; |
| 547 | char *bname, outmode[20]; | 559 | char *bname, outmode[20]; |
| 548 | 560 | ||
| 561 | #if !defined(NO_snprintf) && !defined(NO_vsnprintf) | ||
| 562 | snprintf(outmode, sizeof(outmode), "%s", "wb6 "); | ||
| 563 | #else | ||
| 549 | strcpy(outmode, "wb6 "); | 564 | strcpy(outmode, "wb6 "); |
| 565 | #endif | ||
| 550 | 566 | ||
| 551 | prog = argv[0]; | 567 | prog = argv[0]; |
| 552 | bname = strrchr(argv[0], '/'); | 568 | bname = strrchr(argv[0], '/'); |