From 6c24da0dad1477fb0585eefac19349dd60f37c3f Mon Sep 17 00:00:00 2001 From: Simon Howard Date: Sat, 29 Mar 2014 21:58:08 -0400 Subject: setup: Eliminate use of unsafe string functions. Eliminate use of strcpy, strcat, strncpy, and use the new safe alternatives. --- src/setup/execute.c | 10 ++++++---- src/setup/multiplayer.c | 4 ++-- src/setup/txt_joybinput.c | 3 ++- src/setup/txt_keyinput.c | 3 ++- src/setup/txt_mouseinput.c | 15 ++++++++------- 5 files changed, 20 insertions(+), 15 deletions(-) diff --git a/src/setup/execute.c b/src/setup/execute.c index 57fe71c3..076b39fd 100644 --- a/src/setup/execute.c +++ b/src/setup/execute.c @@ -48,6 +48,7 @@ #include "mode.h" #include "m_argv.h" #include "m_config.h" +#include "m_misc.h" struct execute_context_s { @@ -271,6 +272,7 @@ static char *GetFullExePath(const char *program) { char *result; char *sep; + size_t result_len; unsigned int path_len; sep = strrchr(myargv[0], DIR_SEPARATOR); @@ -282,13 +284,13 @@ static char *GetFullExePath(const char *program) else { path_len = sep - myargv[0] + 1; + result_len = strlen(program) + path_len + 1; + result = malloc(result_len); - result = malloc(strlen(program) + path_len + 1); - - strncpy(result, myargv[0], path_len); + M_StringCopy(result, myargv[0], result_len); result[path_len] = '\0'; - strcat(result, program); + M_StringConcat(result, program, result_len); } return result; diff --git a/src/setup/multiplayer.c b/src/setup/multiplayer.c index 20c8c352..d9fa3f4e 100644 --- a/src/setup/multiplayer.c +++ b/src/setup/multiplayer.c @@ -899,8 +899,8 @@ static void QueryResponseCallback(net_addr_t *addr, char description[47]; sprintf(ping_time_str, "%ims", ping_time); - strncpy(description, querydata->description, 46); - description[46] = '\0'; + M_StringCopy(description, querydata->description, + sizeof(description)); TXT_AddWidgets(results_table, TXT_NewLabel(ping_time_str), diff --git a/src/setup/txt_joybinput.c b/src/setup/txt_joybinput.c index 3e033df9..ce466d50 100644 --- a/src/setup/txt_joybinput.c +++ b/src/setup/txt_joybinput.c @@ -27,6 +27,7 @@ #include "doomkeys.h" #include "joystick.h" +#include "m_misc.h" #include "txt_joybinput.h" #include "txt_gui.h" @@ -137,7 +138,7 @@ static void TXT_JoystickInputDrawer(TXT_UNCAST_ARG(joystick_input)) if (*joystick_input->variable < 0) { - strcpy(buf, "(none)"); + M_StringCopy(buf, "(none)", sizeof(buf)); } else { diff --git a/src/setup/txt_keyinput.c b/src/setup/txt_keyinput.c index 55889dbc..f5f7b562 100644 --- a/src/setup/txt_keyinput.c +++ b/src/setup/txt_keyinput.c @@ -23,6 +23,7 @@ #include #include "doomkeys.h" +#include "m_misc.h" #include "txt_keyinput.h" #include "txt_gui.h" @@ -110,7 +111,7 @@ static void TXT_KeyInputDrawer(TXT_UNCAST_ARG(key_input)) if (*key_input->variable == 0) { - strcpy(buf, "(none)"); + M_StringCopy(buf, "(none)", sizeof(buf)); } else { diff --git a/src/setup/txt_mouseinput.c b/src/setup/txt_mouseinput.c index 6eee78cd..a69d35b4 100644 --- a/src/setup/txt_mouseinput.c +++ b/src/setup/txt_mouseinput.c @@ -24,6 +24,7 @@ #include #include "doomkeys.h" +#include "m_misc.h" #include "txt_mouseinput.h" #include "txt_gui.h" @@ -75,21 +76,21 @@ static void TXT_MouseInputSizeCalc(TXT_UNCAST_ARG(mouse_input)) mouse_input->widget.h = 1; } -static void GetMouseButtonDescription(int button, char *buf) +static void GetMouseButtonDescription(int button, char *buf, size_t buf_len) { switch (button) { case 0: - strcpy(buf, "LEFT"); + M_StringCopy(buf, "LEFT", buf_len); break; case 1: - strcpy(buf, "RIGHT"); + M_StringCopy(buf, "RIGHT", buf_len); break; case 2: - strcpy(buf, "MID"); + M_StringCopy(buf, "MID", buf_len); break; default: - sprintf(buf, "BUTTON #%i", button + 1); + snprintf(buf, buf_len, "BUTTON #%i", button + 1); break; } } @@ -102,11 +103,11 @@ static void TXT_MouseInputDrawer(TXT_UNCAST_ARG(mouse_input)) if (*mouse_input->variable < 0) { - strcpy(buf, "(none)"); + M_StringCopy(buf, "(none)", sizeof(buf)); } else { - GetMouseButtonDescription(*mouse_input->variable, buf); + GetMouseButtonDescription(*mouse_input->variable, buf, sizeof(buf)); } TXT_SetWidgetBG(mouse_input); -- cgit v1.2.3