From 114abad767c36c25d8c282a918c9f998dd279ef8 Mon Sep 17 00:00:00 2001 From: Armin Novak Date: Fri, 24 Aug 2018 09:54:25 +0200 Subject: [PATCH] Removed use of strcpy. --- channels/client/addin.c | 11 ++- channels/cliprdr/client/cliprdr_main.c | 2 +- channels/drdynvc/client/drdynvc_main.c | 2 +- channels/encomsp/client/encomsp_main.c | 2 +- channels/rail/client/rail_main.c | 2 +- channels/rdpdr/client/rdpdr_main.c | 2 +- channels/rdpsnd/client/rdpsnd_main.c | 2 +- channels/remdesk/client/remdesk_main.c | 4 +- channels/remdesk/server/remdesk_main.c | 7 +- .../urbdrc/client/libusb/libusb_udevice.c | 3 +- .../urbdrc/client/libusb/libusb_udevman.c | 2 +- channels/urbdrc/client/urbdrc_main.c | 16 ++-- client/Mac/MRDPView.m | 28 +++++-- client/Mac/cli/AppDelegate.m | 2 +- client/X11/xf_keyboard.c | 2 +- client/common/cmdline.c | 4 +- libfreerdp/common/addin.c | 1 + libfreerdp/core/tcp.c | 2 +- libfreerdp/crypto/tls.c | 7 +- rdtk/librdtk/rdtk_font.c | 6 +- uwac/libuwac/uwac-os.c | 81 +++++++++++-------- winpr/libwinpr/clipboard/synthetic.c | 14 ++-- winpr/libwinpr/file/namedPipeClient.c | 75 +++++++++-------- winpr/libwinpr/pipe/pipe.c | 2 +- winpr/libwinpr/shell/shell.c | 7 +- winpr/tools/makecert/makecert.c | 16 ++-- 26 files changed, 169 insertions(+), 133 deletions(-) diff --git a/channels/client/addin.c b/channels/client/addin.c index 0c82f9d79..ddfeccacd 100644 --- a/channels/client/addin.c +++ b/channels/client/addin.c @@ -87,9 +87,8 @@ extern const STATIC_ADDIN_TABLE CLIENT_STATIC_ADDIN_TABLE[]; FREERDP_ADDIN** freerdp_channels_list_client_static_addins(LPSTR pszName, LPSTR pszSubsystem, LPSTR pszType, DWORD dwFlags) { - int i, j; + size_t i, j; DWORD nAddins; - FREERDP_ADDIN* pAddin = NULL; FREERDP_ADDIN** ppAddins = NULL; STATIC_SUBSYSTEM_ENTRY* subsystems; nAddins = 0; @@ -105,7 +104,7 @@ FREERDP_ADDIN** freerdp_channels_list_client_static_addins(LPSTR pszName, LPSTR for (i = 0; CLIENT_STATIC_ADDIN_TABLE[i].name != NULL; i++) { - pAddin = (FREERDP_ADDIN*) calloc(1, sizeof(FREERDP_ADDIN)); + FREERDP_ADDIN* pAddin = (FREERDP_ADDIN*) calloc(1, sizeof(FREERDP_ADDIN)); if (!pAddin) { @@ -113,7 +112,7 @@ FREERDP_ADDIN** freerdp_channels_list_client_static_addins(LPSTR pszName, LPSTR goto error_out; } - strcpy(pAddin->cName, CLIENT_STATIC_ADDIN_TABLE[i].name); + sprintf_s(pAddin->cName, ARRAYSIZE(pAddin->cName), "%s", CLIENT_STATIC_ADDIN_TABLE[i].name); pAddin->dwFlags = FREERDP_ADDIN_CLIENT; pAddin->dwFlags |= FREERDP_ADDIN_STATIC; pAddin->dwFlags |= FREERDP_ADDIN_NAME; @@ -130,8 +129,8 @@ FREERDP_ADDIN** freerdp_channels_list_client_static_addins(LPSTR pszName, LPSTR goto error_out; } - strcpy(pAddin->cName, CLIENT_STATIC_ADDIN_TABLE[i].name); - strcpy(pAddin->cSubsystem, subsystems[j].name); + sprintf_s(pAddin->cName, ARRAYSIZE(pAddin->cName), "%s", CLIENT_STATIC_ADDIN_TABLE[i].name); + _snprintf(pAddin->cSubsystem, ARRAYSIZE(pAddin->cSubsystem), "%s", subsystems[j].name); pAddin->dwFlags = FREERDP_ADDIN_CLIENT; pAddin->dwFlags |= FREERDP_ADDIN_STATIC; pAddin->dwFlags |= FREERDP_ADDIN_NAME; diff --git a/channels/cliprdr/client/cliprdr_main.c b/channels/cliprdr/client/cliprdr_main.c index bce4996e8..8ab090365 100644 --- a/channels/cliprdr/client/cliprdr_main.c +++ b/channels/cliprdr/client/cliprdr_main.c @@ -1259,7 +1259,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP | CHANNEL_OPTION_SHOW_PROTOCOL; - strcpy(cliprdr->channelDef.name, "cliprdr"); + sprintf_s(cliprdr->channelDef.name, ARRAYSIZE(cliprdr->channelDef.name), "cliprdr"); pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; if ((pEntryPointsEx->cbSize >= sizeof(CHANNEL_ENTRY_POINTS_FREERDP_EX)) && diff --git a/channels/drdynvc/client/drdynvc_main.c b/channels/drdynvc/client/drdynvc_main.c index 8dd0a353b..631b6f1cc 100644 --- a/channels/drdynvc/client/drdynvc_main.c +++ b/channels/drdynvc/client/drdynvc_main.c @@ -1615,7 +1615,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS_EX pEntryPoints, PVOI CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP; - strcpy(drdynvc->channelDef.name, "drdynvc"); + sprintf_s(drdynvc->channelDef.name, ARRAYSIZE(drdynvc->channelDef.name), "drdynvc"); drdynvc->state = DRDYNVC_STATE_INITIAL; pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; diff --git a/channels/encomsp/client/encomsp_main.c b/channels/encomsp/client/encomsp_main.c index 5cc462f57..d595fefc2 100644 --- a/channels/encomsp/client/encomsp_main.c +++ b/channels/encomsp/client/encomsp_main.c @@ -1219,7 +1219,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS_EX pEntryPoints, PVOI CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP | CHANNEL_OPTION_SHOW_PROTOCOL; - strcpy(encomsp->channelDef.name, "encomsp"); + sprintf_s(encomsp->channelDef.name, ARRAYSIZE(encomsp->channelDef.name), "encomsp"); pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; if ((pEntryPointsEx->cbSize >= sizeof(CHANNEL_ENTRY_POINTS_FREERDP_EX)) && diff --git a/channels/rail/client/rail_main.c b/channels/rail/client/rail_main.c index 71761f903..5766e34c3 100644 --- a/channels/rail/client/rail_main.c +++ b/channels/rail/client/rail_main.c @@ -897,7 +897,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP | CHANNEL_OPTION_SHOW_PROTOCOL; - strcpy(rail->channelDef.name, "rail"); + sprintf_s(rail->channelDef.name, ARRAYSIZE(rail->channelDef.name), "rail"); pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; if ((pEntryPointsEx->cbSize >= sizeof(CHANNEL_ENTRY_POINTS_FREERDP_EX)) && diff --git a/channels/rdpdr/client/rdpdr_main.c b/channels/rdpdr/client/rdpdr_main.c index 520bb551c..86daabcc4 100644 --- a/channels/rdpdr/client/rdpdr_main.c +++ b/channels/rdpdr/client/rdpdr_main.c @@ -1866,7 +1866,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP; - strcpy(rdpdr->channelDef.name, "rdpdr"); + sprintf_s(rdpdr->channelDef.name, ARRAYSIZE(rdpdr->channelDef.name), "rdpdr"); rdpdr->sequenceId = 0; pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; diff --git a/channels/rdpsnd/client/rdpsnd_main.c b/channels/rdpsnd/client/rdpsnd_main.c index bd595d680..da0fb673a 100644 --- a/channels/rdpsnd/client/rdpsnd_main.c +++ b/channels/rdpsnd/client/rdpsnd_main.c @@ -1331,7 +1331,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p rdpsnd->channelDef.options = CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_ENCRYPT_RDP; - strcpy(rdpsnd->channelDef.name, "rdpsnd"); + sprintf_s(rdpsnd->channelDef.name, ARRAYSIZE(rdpsnd->channelDef.name), "rdpsnd"); pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; if ((pEntryPointsEx->cbSize >= sizeof(CHANNEL_ENTRY_POINTS_FREERDP_EX)) && diff --git a/channels/remdesk/client/remdesk_main.c b/channels/remdesk/client/remdesk_main.c index ca573de3f..925292931 100644 --- a/channels/remdesk/client/remdesk_main.c +++ b/channels/remdesk/client/remdesk_main.c @@ -220,7 +220,7 @@ static UINT remdesk_prepare_ctl_header(REMDESK_CTL_HEADER* ctlHeader, UINT32 msgType, UINT32 msgSize) { ctlHeader->msgType = msgType; - strcpy(ctlHeader->ChannelName, REMDESK_CHANNEL_CTL_NAME); + sprintf_s(ctlHeader->ChannelName, ARRAYSIZE(ctlHeader->ChannelName), REMDESK_CHANNEL_CTL_NAME); ctlHeader->DataLength = 4 + msgSize; return CHANNEL_RC_OK; } @@ -1022,7 +1022,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP | CHANNEL_OPTION_SHOW_PROTOCOL; - strcpy(remdesk->channelDef.name, "remdesk"); + sprintf_s(remdesk->channelDef.name, ARRAYSIZE(remdesk->channelDef.name), "remdesk"); remdesk->Version = 2; pEntryPointsEx = (CHANNEL_ENTRY_POINTS_FREERDP_EX*) pEntryPoints; diff --git a/channels/remdesk/server/remdesk_main.c b/channels/remdesk/server/remdesk_main.c index 16e745389..447ede4f4 100644 --- a/channels/remdesk/server/remdesk_main.c +++ b/channels/remdesk/server/remdesk_main.c @@ -152,7 +152,7 @@ static UINT remdesk_prepare_ctl_header(REMDESK_CTL_HEADER* ctlHeader, UINT32 msgType, UINT32 msgSize) { ctlHeader->msgType = msgType; - strcpy(ctlHeader->ChannelName, REMDESK_CHANNEL_CTL_NAME); + sprintf_s(ctlHeader->ChannelName, ARRAYSIZE(ctlHeader->ChannelName), REMDESK_CHANNEL_CTL_NAME); ctlHeader->DataLength = 4 + msgSize; return CHANNEL_RC_OK; } @@ -592,7 +592,6 @@ static DWORD WINAPI remdesk_server_thread(LPVOID arg) RemdeskServerContext* context; UINT error; context = (RemdeskServerContext*) arg; - buffer = NULL; BytesReturned = 0; ChannelEvent = NULL; @@ -727,7 +726,7 @@ static UINT remdesk_server_start(RemdeskServerContext* context) } if (!(context->priv->Thread = CreateThread(NULL, 0, - remdesk_server_thread, (void*) context, 0, NULL))) + remdesk_server_thread, (void*) context, 0, NULL))) { WLog_ERR(TAG, "CreateThread failed!"); CloseHandle(context->priv->StopEvent); @@ -790,7 +789,7 @@ void remdesk_server_context_free(RemdeskServerContext* context) { if (context->priv->ChannelHandle != INVALID_HANDLE_VALUE) WTSVirtualChannelClose(context->priv->ChannelHandle); - + free(context->priv); free(context); } diff --git a/channels/urbdrc/client/libusb/libusb_udevice.c b/channels/urbdrc/client/libusb/libusb_udevice.c index 94e1d0486..a0d31ade5 100644 --- a/channels/urbdrc/client/libusb/libusb_udevice.c +++ b/channels/urbdrc/client/libusb/libusb_udevice.c @@ -661,8 +661,7 @@ static int udev_get_hub_handle(UDEVICE* pdev, UINT16 bus_number, UINT16 dev_numb } while (p1 != NULL); - memset(pdev->path, 0, 17); - strcpy(pdev->path, p2); + _snprintf(pdev->path, ARRAYSIZE(pdev->path), "%s", p2); WLog_DBG(TAG, " DevPath: %s", pdev->path); /* query parent hub info */ dev = udev_device_get_parent(dev); diff --git a/channels/urbdrc/client/libusb/libusb_udevman.c b/channels/urbdrc/client/libusb/libusb_udevman.c index fda27d46a..3bf0f0358 100644 --- a/channels/urbdrc/client/libusb/libusb_udevman.c +++ b/channels/urbdrc/client/libusb/libusb_udevman.c @@ -484,7 +484,7 @@ static void urbdrc_udevman_register_devices(UDEVMAN* udevman, char* devices) dev_number = 0; idVendor = 0; idProduct = 0; - strcpy(hardware_id, token); + _snprintf(hardware_id, ARRAYSIZE(hardware_id), "%s", token); token = strtok(NULL, "#"); if (udevman->flags & UDEVMAN_FLAG_ADD_BY_VID_PID) diff --git a/channels/urbdrc/client/urbdrc_main.c b/channels/urbdrc/client/urbdrc_main.c index 3212d2685..19b78b177 100644 --- a/channels/urbdrc/client/urbdrc_main.c +++ b/channels/urbdrc/client/urbdrc_main.c @@ -59,9 +59,9 @@ static int func_hardware_id_format(IUDEVICE* pdev, char(*HardwareIds)[DEVICE_HAR idProduct = (UINT16)pdev->query_device_descriptor(pdev, ID_PRODUCT); bcdDevice = (UINT16)pdev->query_device_descriptor(pdev, BCD_DEVICE); sprintf_s(str, sizeof(str), "USB\\VID_%04"PRIX16"&PID_%04"PRIX16"", idVendor, idProduct); - strcpy(HardwareIds[1], str); + strncpy(HardwareIds[1], str, DEVICE_HARDWARE_ID_SIZE); sprintf_s(str, sizeof(str), "%s&REV_%04"PRIX16"", HardwareIds[1], bcdDevice); - strcpy(HardwareIds[0], str); + strncpy(HardwareIds[0], str, DEVICE_HARDWARE_ID_SIZE); return 0; } @@ -77,20 +77,20 @@ static int func_compat_id_format(IUDEVICE* pdev, if (!(pdev->isCompositeDevice(pdev))) { sprintf_s(str, sizeof(str), "USB\\Class_%02"PRIX8"", bDeviceClass); - strcpy(CompatibilityIds[2], str); + strncpy(CompatibilityIds[2], str, DEVICE_COMPATIBILITY_ID_SIZE); sprintf_s(str, sizeof(str), "%s&SubClass_%02"PRIX8"", CompatibilityIds[2], bDeviceSubClass); - strcpy(CompatibilityIds[1], str); + strncpy(CompatibilityIds[1], str, DEVICE_COMPATIBILITY_ID_SIZE); sprintf_s(str, sizeof(str), "%s&Prot_%02"PRIX8"", CompatibilityIds[1], bDeviceProtocol); - strcpy(CompatibilityIds[0], str); + strncpy(CompatibilityIds[0], str, DEVICE_COMPATIBILITY_ID_SIZE); } else { sprintf_s(str, sizeof(str), "USB\\DevClass_00"); - strcpy(CompatibilityIds[2], str); + strncpy(CompatibilityIds[2], str, DEVICE_COMPATIBILITY_ID_SIZE); sprintf_s(str, sizeof(str), "%s&SubClass_00", CompatibilityIds[2]); - strcpy(CompatibilityIds[1], str); + strncpy(CompatibilityIds[1], str, DEVICE_COMPATIBILITY_ID_SIZE); sprintf_s(str, sizeof(str), "%s&Prot_00", CompatibilityIds[1]); - strcpy(CompatibilityIds[0], str); + strncpy(CompatibilityIds[0], str, DEVICE_COMPATIBILITY_ID_SIZE); } return 0; diff --git a/client/Mac/MRDPView.m b/client/Mac/MRDPView.m index 840ae8931..8448a67f2 100644 --- a/client/Mac/MRDPView.m +++ b/client/Mac/MRDPView.m @@ -988,18 +988,34 @@ BOOL mac_authenticate(freerdp* instance, char** username, char** password, if (ok) { + size_t ulen, plen, dlen; const char* submittedUsername = [dialog.username cStringUsingEncoding: NSUTF8StringEncoding]; - *username = malloc((strlen(submittedUsername) + 1) * sizeof(char)); - strcpy(*username, submittedUsername); + ulen = (strlen(submittedUsername) + 1) * sizeof(char); + *username = malloc(ulen); + + if (!(*username)) + return FALSE; + + sprintf_s(*username, ulen, "%s", submittedUsername); const char* submittedPassword = [dialog.password cStringUsingEncoding: NSUTF8StringEncoding]; - *password = malloc((strlen(submittedPassword) + 1) * sizeof(char)); - strcpy(*password, submittedPassword); + plen = (strlen(submittedPassword) + 1) * sizeof(char); + *password = malloc(plen); + + if (!(*password)) + return FALSE; + + sprintf_s(*password, plen, "%s", submittedPassword); const char* submittedDomain = [dialog.domain cStringUsingEncoding: NSUTF8StringEncoding]; - *domain = malloc((strlen(submittedDomain) + 1) * sizeof(char)); - strcpy(*domain, submittedDomain); + dlen = (strlen(submittedDomain) + 1) * sizeof(char); + *domain = malloc(dlen); + + if (!(*domain)) + return FALSE; + + sprintf_s(*domain, dlen, "%s", submittedDomain); } return ok; diff --git a/client/Mac/cli/AppDelegate.m b/client/Mac/cli/AppDelegate.m index ed5bfcac8..9d4432b6c 100644 --- a/client/Mac/cli/AppDelegate.m +++ b/client/Mac/cli/AppDelegate.m @@ -124,7 +124,7 @@ void mac_set_view_size(rdpContext* context, MRDPView* view); length = (int)([str length] + 1); cptr = (char*) malloc(length); - strcpy(cptr, [str UTF8String]); + sprintf_s(cptr, length, "%s", [str UTF8String]); context->argv[i++] = cptr; } diff --git a/client/X11/xf_keyboard.c b/client/X11/xf_keyboard.c index d41e70e1a..ffc220ae9 100644 --- a/client/X11/xf_keyboard.c +++ b/client/X11/xf_keyboard.c @@ -359,7 +359,7 @@ static int xf_keyboard_execute_action_script(xfContext* xfc, BOOL match = FALSE; char* keyCombination; char buffer[1024] = { 0 }; - char command[1024] = { 0 }; + char command[2048] = { 0 }; char combination[1024] = { 0 }; if (!xfc->actionScriptExists) diff --git a/client/common/cmdline.c b/client/common/cmdline.c index 7190c4415..6489a2b8e 100644 --- a/client/common/cmdline.c +++ b/client/common/cmdline.c @@ -586,13 +586,13 @@ static char** freerdp_command_line_parse_comma_separated_values_ex(const char* n if (name) { size_t len = strlen(name); - p = (char**) calloc(1UL + len, sizeof(char*)); + p = (char**) calloc(2UL + len, sizeof(char*)); if (p) { char* dst = (char*)&p[1]; p[0] = dst; - strncpy(dst, name, len); + sprintf_s(dst, len, "%s", name); *count = 1; return p; } diff --git a/libfreerdp/common/addin.c b/libfreerdp/common/addin.c index 916e7f8d0..8179735e2 100644 --- a/libfreerdp/common/addin.c +++ b/libfreerdp/common/addin.c @@ -27,6 +27,7 @@ #include #include +#include #include #include diff --git a/libfreerdp/core/tcp.c b/libfreerdp/core/tcp.c index 45c3ed5ba..7c655cdc7 100644 --- a/libfreerdp/core/tcp.c +++ b/libfreerdp/core/tcp.c @@ -690,7 +690,7 @@ static char* freerdp_tcp_address_to_string(const struct sockaddr_storage* addr, break; case AF_UNIX: - strcpy(ipAddress, "127.0.0.1"); + sprintf_s(ipAddress, ARRAYSIZE(ipAddress), "127.0.0.1"); break; default: diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c index fe25274bd..d3cab5000 100644 --- a/libfreerdp/crypto/tls.c +++ b/libfreerdp/crypto/tls.c @@ -26,6 +26,7 @@ #include #include +#include #include #include @@ -622,9 +623,9 @@ static SecPkgContext_Bindings* tls_get_channel_bindings(X509* cert) ChannelBindings->dwApplicationDataOffset = sizeof(SEC_CHANNEL_BINDINGS); ChannelBindingToken = &((BYTE*) ChannelBindings)[ChannelBindings->dwApplicationDataOffset]; - strcpy((char*) ChannelBindingToken, TLS_SERVER_END_POINT); - CopyMemory(&ChannelBindingToken[PrefixLength], CertificateHash, - CertificateHashLength); + sprintf_s((char*) ChannelBindingToken, + ContextBindings->BindingsLength - ChannelBindings->dwApplicationDataOffset, "%s%s", + TLS_SERVER_END_POINT, CertificateHash); return ContextBindings; out_free: free(ContextBindings); diff --git a/rdtk/librdtk/rdtk_font.c b/rdtk/librdtk/rdtk_font.c index cf7ec6404..884c48285 100644 --- a/rdtk/librdtk/rdtk_font.c +++ b/rdtk/librdtk/rdtk_font.c @@ -603,15 +603,13 @@ rdtkFont* rdtk_font_new(rdtkEngine* engine, const char* path, const char* file) if (!fontImageFile) goto cleanup; - strcpy(fontImageFile, fontBaseFile); - strcpy(&fontImageFile[length], ".png"); + sprintf_s(fontImageFile, length + 8, "%s.png", fontBaseFile); fontDescriptorFile = (char*) malloc(length + 8); if (!fontDescriptorFile) goto cleanup; - strcpy(fontDescriptorFile, fontBaseFile); - strcpy(&fontDescriptorFile[length], ".xml"); + sprintf_s(fontDescriptorFile, length + 8, "%s.xml", fontBaseFile); if (!PathFileExistsA(fontImageFile)) goto cleanup; diff --git a/uwac/libuwac/uwac-os.c b/uwac/libuwac/uwac-os.c index 212e19548..135c5cd00 100644 --- a/uwac/libuwac/uwac-os.c +++ b/uwac/libuwac/uwac-os.c @@ -42,6 +42,7 @@ #include #include #include +#include #include #include @@ -56,6 +57,7 @@ static int set_cloexec_or_close(int fd) return -1; flags = fcntl(fd, F_GETFD); + if (flags == -1) goto err; @@ -63,7 +65,6 @@ static int set_cloexec_or_close(int fd) goto err; return fd; - err: close(fd); return -1; @@ -72,10 +73,11 @@ err: int uwac_os_socket_cloexec(int domain, int type, int protocol) { int fd; - fd = socket(domain, type | SOCK_CLOEXEC, protocol); + if (fd >= 0) return fd; + if (errno != EINVAL) return -1; @@ -86,10 +88,11 @@ int uwac_os_socket_cloexec(int domain, int type, int protocol) int uwac_os_dupfd_cloexec(int fd, long minfd) { int newfd; - newfd = fcntl(fd, F_DUPFD_CLOEXEC, minfd); + if (newfd >= 0) return newfd; + if (errno != EINVAL) return -1; @@ -97,15 +100,15 @@ int uwac_os_dupfd_cloexec(int fd, long minfd) return set_cloexec_or_close(newfd); } -static ssize_t recvmsg_cloexec_fallback(int sockfd, struct msghdr *msg, int flags) +static ssize_t recvmsg_cloexec_fallback(int sockfd, struct msghdr* msg, int flags) { ssize_t len; - struct cmsghdr *cmsg; - unsigned char *data; - int *fd; - int *end; - + struct cmsghdr* cmsg; + unsigned char* data; + int* fd; + int* end; len = recvmsg(sockfd, msg, flags); + if (len == -1) return -1; @@ -113,27 +116,31 @@ static ssize_t recvmsg_cloexec_fallback(int sockfd, struct msghdr *msg, int flag return len; cmsg = CMSG_FIRSTHDR(msg); - for (; cmsg != NULL; cmsg = CMSG_NXTHDR(msg, cmsg)) { + + for (; cmsg != NULL; cmsg = CMSG_NXTHDR(msg, cmsg)) + { if (cmsg->cmsg_level != SOL_SOCKET || cmsg->cmsg_type != SCM_RIGHTS) continue; data = CMSG_DATA(cmsg); - end = (int *)(data + cmsg->cmsg_len - CMSG_LEN(0)); - for (fd = (int *)data; fd < end; ++fd) + end = (int*)(data + cmsg->cmsg_len - CMSG_LEN(0)); + + for (fd = (int*)data; fd < end; ++fd) *fd = set_cloexec_or_close(*fd); } return len; } -ssize_t uwac_os_recvmsg_cloexec(int sockfd, struct msghdr *msg, int flags) +ssize_t uwac_os_recvmsg_cloexec(int sockfd, struct msghdr* msg, int flags) { ssize_t len; - len = recvmsg(sockfd, msg, flags | MSG_CMSG_CLOEXEC); + if (len >= 0) return len; + if (errno != EINVAL) return -1; @@ -143,37 +150,41 @@ ssize_t uwac_os_recvmsg_cloexec(int sockfd, struct msghdr *msg, int flags) int uwac_os_epoll_create_cloexec(void) { int fd; - #ifdef EPOLL_CLOEXEC fd = epoll_create1(EPOLL_CLOEXEC); + if (fd >= 0) return fd; + if (errno != EINVAL) return -1; -#endif +#endif fd = epoll_create(1); return set_cloexec_or_close(fd); } -static int create_tmpfile_cloexec(char *tmpname) +static int create_tmpfile_cloexec(char* tmpname) { int fd; - #ifdef USE_SHM fd = shm_open(SHM_ANON, O_CREAT | O_RDWR, 0600); #elif defined(HAVE_MKOSTEMP) fd = mkostemp(tmpname, O_CLOEXEC); + if (fd >= 0) unlink(tmpname); + #else fd = mkstemp(tmpname); - if (fd >= 0) { + + if (fd >= 0) + { fd = set_cloexec_or_close(fd); unlink(tmpname); } -#endif +#endif return fd; } @@ -201,26 +212,27 @@ static int create_tmpfile_cloexec(char *tmpname) int uwac_create_anonymous_file(off_t size) { static const char template[] = "/weston-shared-XXXXXX"; - const char *path; - char *name; + const char* path; + char* name; int fd; int ret; - + size_t length; path = getenv("XDG_RUNTIME_DIR"); - if (!path) { + + if (!path) + { errno = ENOENT; return -1; } - name = malloc(strlen(path) + sizeof(template)); + length = strlen(path) + sizeof(template); + name = malloc(length); + if (!name) return -1; - strcpy(name, path); - strcat(name, template); - + snprintf(name, length, "%s%s", path, template); fd = create_tmpfile_cloexec(name); - free(name); if (fd < 0) @@ -228,18 +240,23 @@ int uwac_create_anonymous_file(off_t size) #ifdef HAVE_POSIX_FALLOCATE ret = posix_fallocate(fd, 0, size); - if (ret != 0) { + + if (ret != 0) + { close(fd); errno = ret; return -1; } + #else ret = ftruncate(fd, size); - if (ret < 0) { + + if (ret < 0) + { close(fd); return -1; } -#endif +#endif return fd; } diff --git a/winpr/libwinpr/clipboard/synthetic.c b/winpr/libwinpr/clipboard/synthetic.c index a5d3c60fa..981cc566e 100644 --- a/winpr/libwinpr/clipboard/synthetic.c +++ b/winpr/libwinpr/clipboard/synthetic.c @@ -331,7 +331,7 @@ static void* clipboard_synthesize_html_format(wClipboard* clipboard, UINT32 form { char* body; BYTE bom[2]; - char num[11]; + char num[20]; WCHAR* wstr; if (SrcSize > 2) @@ -369,12 +369,12 @@ static void* clipboard_synthesize_html_format(wClipboard* clipboard, UINT32 form return NULL; } - strcpy(pDstData, - "Version:0.9\r\n" - "StartHTML:0000000000\r\n" - "EndHTML:0000000000\r\n" - "StartFragment:0000000000\r\n" - "EndFragment:0000000000\r\n"); + sprintf_s(pDstData, SrcSize + 200, + "Version:0.9\r\n" + "StartHTML:0000000000\r\n" + "EndHTML:0000000000\r\n" + "StartFragment:0000000000\r\n" + "EndFragment:0000000000\r\n"); body = strstr(pSrcData, "lpFilePath); free(pNamedPipe->name); free(pNamedPipe); - return TRUE; } static int NamedPipeClientGetFd(HANDLE handle) { - WINPR_NAMED_PIPE *file = (WINPR_NAMED_PIPE *)handle; + WINPR_NAMED_PIPE* file = (WINPR_NAMED_PIPE*)handle; if (!NamedPipeClientIsHandled(handle)) return -1; @@ -105,31 +104,33 @@ static int NamedPipeClientGetFd(HANDLE handle) return file->clientfd; } -static HANDLE_OPS ops = { - NamedPipeClientIsHandled, - NamedPipeClientCloseHandle, - NamedPipeClientGetFd, - NULL, /* CleanupHandle */ - NamedPipeRead, - NULL, /* FileReadEx */ - NULL, /* FileReadScatter */ - NamedPipeWrite, - NULL, /* FileWriteEx */ - NULL, /* FileWriteGather */ - NULL, /* FileGetFileSize */ - NULL, /* FlushFileBuffers */ - NULL, /* FileSetEndOfFile */ - NULL, /* FileSetFilePointer */ - NULL, /* SetFilePointerEx */ - NULL, /* FileLockFile */ - NULL, /* FileLockFileEx */ - NULL, /* FileUnlockFile */ - NULL, /* FileUnlockFileEx */ - NULL /* SetFileTime */ +static HANDLE_OPS ops = +{ + NamedPipeClientIsHandled, + NamedPipeClientCloseHandle, + NamedPipeClientGetFd, + NULL, /* CleanupHandle */ + NamedPipeRead, + NULL, /* FileReadEx */ + NULL, /* FileReadScatter */ + NamedPipeWrite, + NULL, /* FileWriteEx */ + NULL, /* FileWriteGather */ + NULL, /* FileGetFileSize */ + NULL, /* FlushFileBuffers */ + NULL, /* FileSetEndOfFile */ + NULL, /* FileSetFilePointer */ + NULL, /* SetFilePointerEx */ + NULL, /* FileLockFile */ + NULL, /* FileLockFileEx */ + NULL, /* FileUnlockFile */ + NULL, /* FileUnlockFileEx */ + NULL /* SetFileTime */ }; -static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, - DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile) +static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, + DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, + DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile) { char* name; int status; @@ -157,6 +158,7 @@ static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAcces free(name); pNamedPipe = (WINPR_NAMED_PIPE*) calloc(1, sizeof(WINPR_NAMED_PIPE)); + if (!pNamedPipe) { SetLastError(ERROR_NOT_ENOUGH_MEMORY); @@ -166,12 +168,14 @@ static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAcces hNamedPipe = (HANDLE) pNamedPipe; WINPR_HANDLE_SET_TYPE_AND_MODE(pNamedPipe, HANDLE_TYPE_NAMED_PIPE, WINPR_FD_READ); pNamedPipe->name = _strdup(lpFileName); + if (!pNamedPipe->name) { SetLastError(ERROR_NOT_ENOUGH_MEMORY); free(pNamedPipe); return INVALID_HANDLE_VALUE; } + pNamedPipe->dwOpenMode = 0; pNamedPipe->dwPipeMode = 0; pNamedPipe->nMaxInstances = 0; @@ -180,30 +184,31 @@ static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAcces pNamedPipe->nDefaultTimeOut = 0; pNamedPipe->dwFlagsAndAttributes = dwFlagsAndAttributes; pNamedPipe->lpFileName = GetNamedPipeNameWithoutPrefixA(lpFileName); + if (!pNamedPipe->lpFileName) { - free((void *)pNamedPipe->name); + free((void*)pNamedPipe->name); free(pNamedPipe); return INVALID_HANDLE_VALUE; - } + pNamedPipe->lpFilePath = GetNamedPipeUnixDomainSocketFilePathA(lpFileName); + if (!pNamedPipe->lpFilePath) { - free((void *)pNamedPipe->lpFileName); - free((void *)pNamedPipe->name); + free((void*)pNamedPipe->lpFileName); + free((void*)pNamedPipe->name); free(pNamedPipe); return INVALID_HANDLE_VALUE; - } + pNamedPipe->clientfd = socket(PF_LOCAL, SOCK_STREAM, 0); pNamedPipe->serverfd = -1; pNamedPipe->ServerMode = FALSE; ZeroMemory(&s, sizeof(struct sockaddr_un)); s.sun_family = AF_UNIX; - strcpy(s.sun_path, pNamedPipe->lpFilePath); + sprintf_s(s.sun_path, ARRAYSIZE(s.sun_path), "%s", pNamedPipe->lpFilePath); status = connect(pNamedPipe->clientfd, (struct sockaddr*) &s, sizeof(struct sockaddr_un)); - pNamedPipe->ops = &ops; if (status != 0) @@ -230,7 +235,7 @@ static HANDLE NamedPipeClientCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAcces return hNamedPipe; } -HANDLE_CREATOR *GetNamedPipeClientHandleCreator(void) +HANDLE_CREATOR* GetNamedPipeClientHandleCreator(void) { _NamedPipeClientHandleCreator.IsHandled = IsNamedPipeFileNameA; _NamedPipeClientHandleCreator.CreateFileA = NamedPipeClientCreateFileA; @@ -270,8 +275,10 @@ char* GetNamedPipeUnixDomainSocketBaseFilePathA() char* lpTempPath; char* lpPipePath; lpTempPath = GetKnownPath(KNOWN_PATH_TEMP); + if (!lpTempPath) return NULL; + lpPipePath = GetCombinedPath(lpTempPath, ".pipe"); free(lpTempPath); return lpPipePath; diff --git a/winpr/libwinpr/pipe/pipe.c b/winpr/libwinpr/pipe/pipe.c index d606a2767..e49d5a090 100644 --- a/winpr/libwinpr/pipe/pipe.c +++ b/winpr/libwinpr/pipe/pipe.c @@ -653,7 +653,7 @@ HANDLE CreateNamedPipeA(LPCSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD ZeroMemory(&s, sizeof(struct sockaddr_un)); s.sun_family = AF_UNIX; - strcpy(s.sun_path, pNamedPipe->lpFilePath); + sprintf_s(s.sun_path, ARRAYSIZE(s.sun_path), "%s", pNamedPipe->lpFilePath); if (bind(serverfd, (struct sockaddr*) &s, sizeof(struct sockaddr_un)) == -1) { diff --git a/winpr/libwinpr/shell/shell.c b/winpr/libwinpr/shell/shell.c index bcbf5b04b..f921b4c7d 100644 --- a/winpr/libwinpr/shell/shell.c +++ b/winpr/libwinpr/shell/shell.c @@ -54,7 +54,6 @@ BOOL GetUserProfileDirectoryA(HANDLE hToken, LPSTR lpProfileDir, LPDWORD lpcchSi struct passwd pwd; struct passwd* pw = NULL; WINPR_ACCESS_TOKEN* token; - token = (WINPR_ACCESS_TOKEN*) hToken; if (!token || (token->Type != HANDLE_TYPE_ACCESS_TOKEN) || !lpcchSize) @@ -78,7 +77,7 @@ BOOL GetUserProfileDirectoryA(HANDLE hToken, LPSTR lpProfileDir, LPDWORD lpcchSi if ((status != 0) || !pw) { SetLastError(ERROR_INVALID_PARAMETER); - free (buf); + free(buf); return FALSE; } @@ -93,10 +92,9 @@ BOOL GetUserProfileDirectoryA(HANDLE hToken, LPSTR lpProfileDir, LPDWORD lpcchSi } ZeroMemory(lpProfileDir, *lpcchSize); - strcpy(lpProfileDir, pw->pw_dir); + sprintf_s(lpProfileDir, *lpcchSize, "%s", pw->pw_dir); *lpcchSize = cchDirSize; free(buf); - return TRUE; } @@ -139,7 +137,6 @@ BOOL GetUserProfileDirectoryW(HANDLE hToken, LPWSTR lpProfileDir, LPDWORD lpcchS } *lpcchSize = cchSizeA; - return bStatus; } diff --git a/winpr/tools/makecert/makecert.c b/winpr/tools/makecert/makecert.c index d302a7d61..f5c9e3ece 100644 --- a/winpr/tools/makecert/makecert.c +++ b/winpr/tools/makecert/makecert.c @@ -580,6 +580,7 @@ int makecert_context_output_certificate_file(MAKECERT_CONTEXT* context, char* pa int offset; char* filename = NULL; char* fullpath = NULL; + char* ext; int ret = -1; BIO* bio = NULL; BYTE* x509_str = NULL; @@ -604,14 +605,16 @@ int makecert_context_output_certificate_file(MAKECERT_CONTEXT* context, char* pa if (!filename) return -1; - strcpy(filename, context->output_file); - if (context->crtFormat) - strcpy(&filename[length], ".crt"); + ext = "crt"; else if (context->pemFormat) - strcpy(&filename[length], ".pem"); + ext = "pem"; else if (context->pfxFormat) - strcpy(&filename[length], ".pfx"); + ext = "pfx"; + else + return -1; + + sprintf_s(filename, length + 8, "%s.%s", context->output_file, ext); if (path) fullpath = GetCombinedPath(path, filename); @@ -877,8 +880,7 @@ int makecert_context_output_private_key_file(MAKECERT_CONTEXT* context, char* pa if (!filename) return -1; - strcpy(filename, context->output_file); - strcpy(&filename[length], ".key"); + sprintf_s(filename, length + 8, "%s.key", context->output_file); if (path) fullpath = GetCombinedPath(path, filename);