From b1a2191fbe738fa71b2d9228e8212a6ffe3d5c07 Mon Sep 17 00:00:00 2001 From: Ole Loots Date: Sun, 13 May 2012 15:31:30 +0000 Subject: [PATCH] Use safe string functions. svn path=/trunk/netsurf/; revision=13923 --- atari/download.c | 9 +++++---- atari/gui.h | 1 - atari/hotlist.c | 2 +- atari/osspec.c | 2 +- atari/settings.c | 52 ++++++++++++++++++++++++------------------------ 5 files changed, 33 insertions(+), 33 deletions(-) diff --git a/atari/download.c b/atari/download.c index e8f916515..8ced4c31d 100755 --- a/atari/download.c +++ b/atari/download.c @@ -137,7 +137,7 @@ static char * select_filepath( const char * path, const char * filename ) if( mt_FselInput( &app, res_path, res_file, (char*)"*", (char*)messages_get("SaveAsNS"), res_path, NULL ) ) { assert( (strlen( res_path ) + strlen( res_file ) + 2) < PATH_MAX ); - sprintf(tmp, "%s%s", res_path, res_file ); + snprintf(tmp, PATH_MAX, "%s%s", res_path, res_file ); ret = malloc( strlen(tmp)+1 ); strcpy( ret, tmp ); } @@ -173,10 +173,11 @@ struct gui_download_window *gui_download_window_create(download_context *ctx, return( NULL ); destination = tmp; } else { + int dstsize=0; gemdos_realpath(nsoption_charp(downloads_path), gdos_path); - destination = malloc( strlen(gdos_path)+1 - + strlen(filename)+1 ); - sprintf( destination, "%s/%s", gdos_path, filename ); + dstsize = strlen(gdos_path) + strlen(filename) + 2; + destination = malloc( dstsize ); + snprintf( destination, dstsize, "%s/%s", gdos_path, filename ); } gdw = calloc( 1, sizeof(struct gui_download_window) ); diff --git a/atari/gui.h b/atari/gui.h index cc7a92f2a..76de07f37 100755 --- a/atari/gui.h +++ b/atari/gui.h @@ -103,7 +103,6 @@ struct s_gui_win_root MFORM_EX cursor; struct s_focus_info focus; float scale; - bool throbbing; char * title; /* current size of window on screen: */ GRECT loc; diff --git a/atari/hotlist.c b/atari/hotlist.c index 115534e56..345c6d87f 100755 --- a/atari/hotlist.c +++ b/atari/hotlist.c @@ -98,7 +98,7 @@ void hotlist_init(void) OBJECT * tree = get_tree(TOOLBAR_HOTLIST); assert( tree ); hl.open = false; - hl.window = WindCreate( flags,40, 40, app.w, app.h ); + hl.window = WindCreate( flags, 40, 40, app.w, app.h ); if( hl.window == NULL ) { LOG(("Failed to allocate Hotlist")); return; diff --git a/atari/osspec.c b/atari/osspec.c index 2fbb32fc6..6dcc34b9e 100644 --- a/atari/osspec.c +++ b/atari/osspec.c @@ -182,7 +182,7 @@ char * gemdos_realpath(const char * path, char * rpath) if( rpath[l-1] == 0x5C || rpath[l-1] == '/' ) rpath[l-1] = 0; } else { - strcpy( rpath, work_ptr ); + strncpy( rpath, work_ptr, PATH_MAX ); } l = strlen( rpath ); LOG(("gdos rpath out: %s\n", rpath)); diff --git a/atari/settings.c b/atari/settings.c index 661ac0902..639f1b463 100644 --- a/atari/settings.c +++ b/atari/settings.c @@ -308,7 +308,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) tmp_option_memory_cache_size = 0.5; if( tmp_option_memory_cache_size > 999.9 ) tmp_option_memory_cache_size = 999.9; - sprintf( spare, "%03.1f", tmp_option_memory_cache_size ); + snprintf( spare, 255, "%03.1f", tmp_option_memory_cache_size ); set_text( CHOICES_STR_MAX_MEM_CACHE, spare, 5 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_STR_MAX_MEM_CACHE, 2, 1 ); @@ -323,7 +323,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_max_cached_fetch_handles > 31 ) tmp_option_max_cached_fetch_handles = 31; - sprintf( spare, "%02d", tmp_option_max_cached_fetch_handles ); + snprintf( spare, 255, "%02d", tmp_option_max_cached_fetch_handles ); set_text( CHOICES_EDIT_MAX_CACHED_CONNECTIONS, spare, 2 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MAX_CACHED_CONNECTIONS, @@ -339,7 +339,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_max_fetchers > 31 ) tmp_option_max_fetchers = 31; - sprintf( spare, "%02d", tmp_option_max_fetchers ); + snprintf( spare, 255, "%02d", tmp_option_max_fetchers ); set_text( CHOICES_EDIT_MAX_FETCHERS, spare, 2 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MAX_FETCHERS, @@ -355,7 +355,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_max_fetchers_per_host > 31 ) tmp_option_max_fetchers_per_host = 31; - sprintf( spare, "%02d", tmp_option_max_fetchers_per_host ); + snprintf( spare, 255, "%02d", tmp_option_max_fetchers_per_host ); set_text( CHOICES_EDIT_MAX_FETCHERS_PER_HOST, spare, 2 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MAX_FETCHERS_PER_HOST, @@ -372,7 +372,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_expire_url > 99 ) tmp_option_expire_url = 0; - sprintf( spare, "%02d", tmp_option_expire_url ); + snprintf( spare, 255, "%02d", tmp_option_expire_url ); set_text( CHOICES_EDIT_HISTORY_AGE, spare, 2 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_HISTORY_AGE, @@ -390,7 +390,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) tmp_option_minimum_gif_delay = 0.1; if( tmp_option_minimum_gif_delay > 9.0 ) tmp_option_minimum_gif_delay = 9.0; - sprintf( spare, "%01.1f", tmp_option_minimum_gif_delay ); + snprintf( spare, 255, "%01.1f", tmp_option_minimum_gif_delay ); set_text( CHOICES_EDIT_MIN_GIF_DELAY, spare, 3 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MIN_GIF_DELAY, 3, 1 ); @@ -408,7 +408,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_font_min_size < 10 ) tmp_option_font_min_size = 10; - sprintf( spare, "%03d", tmp_option_font_min_size ); + snprintf( spare, 255, "%03d", tmp_option_font_min_size ); set_text( CHOICES_EDIT_MIN_FONT_SIZE, spare, 3 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MIN_FONT_SIZE, @@ -427,7 +427,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_font_size < 50 ) tmp_option_font_size = 50; - sprintf( spare, "%03d", tmp_option_font_size ); + snprintf( spare, 255, "%03d", tmp_option_font_size ); set_text( CHOICES_EDIT_DEF_FONT_SIZE, spare, 3 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_DEF_FONT_SIZE, @@ -445,7 +445,7 @@ form_event( WINDOW *win, int index, int external, void *unused2) if( tmp_option_min_reflow_period > 9999 ) tmp_option_min_reflow_period = 10; - sprintf( spare, "%04d", tmp_option_min_reflow_period ); + snprintf( spare, 255, "%04d", tmp_option_min_reflow_period ); set_text( CHOICES_EDIT_MIN_REFLOW_PERIOD, spare, 4 ); is_button = true; ObjcDrawParent(OC_FORM, dlgwin, CHOICES_EDIT_MIN_REFLOW_PERIOD, @@ -502,12 +502,12 @@ static void display_settings( void ) INPUT_LOCALE_MAX_LEN ); tmp_option_expire_url = nsoption_int(expire_url); - sprintf( spare, "%02d", nsoption_int(expire_url) ); + snprintf( spare, 255, "%02d", nsoption_int(expire_url) ); set_text( CHOICES_EDIT_HISTORY_AGE, spare, 2 ); /* "Cache" tab: */ tmp_option_memory_cache_size = nsoption_int(memory_cache_size) / 100000; - sprintf( spare, "%03.1f", tmp_option_memory_cache_size ); + snprintf( spare, 255, "%03.1f", tmp_option_memory_cache_size ); set_text( CHOICES_STR_MAX_MEM_CACHE, spare, 5 ); /* "Paths" tab: */ @@ -535,18 +535,18 @@ static void display_settings( void ) SELECTED, nsoption_int(atari_font_monochrom) ? 0 : 1 ); tmp_option_min_reflow_period = nsoption_int(min_reflow_period); - sprintf( spare, "%04d", tmp_option_min_reflow_period ); + snprintf( spare, 255, "%04d", tmp_option_min_reflow_period ); set_text( CHOICES_EDIT_MIN_REFLOW_PERIOD, spare, INPUT_MIN_REFLOW_PERIOD_MAX_LEN ); tmp_option_minimum_gif_delay = (float)nsoption_int(minimum_gif_delay) / (float)100; - sprintf( spare, "%01.1f", tmp_option_minimum_gif_delay ); + snprintf( spare, 255, "%01.1f", tmp_option_minimum_gif_delay ); set_text( CHOICES_EDIT_MIN_GIF_DELAY, spare, 3 ); /* "Network" tab: */ set_text( CHOICES_EDIT_PROXY_HOST, nsoption_charp(http_proxy_host), INPUT_PROXY_HOST_MAX_LEN ); - sprintf( spare, "%5d", nsoption_int(http_proxy_port) ); + snprintf( spare, 255, "%5d", nsoption_int(http_proxy_port) ); set_text( CHOICES_EDIT_PROXY_PORT, spare, INPUT_PROXY_PORT_MAX_LEN ); @@ -564,25 +564,25 @@ static void display_settings( void ) SELECTED, nsoption_bool(background_images) ? 1 : 0 ); tmp_option_max_cached_fetch_handles = nsoption_int(max_cached_fetch_handles); - sprintf( spare, "%2d", nsoption_int(max_cached_fetch_handles) ); + snprintf( spare, 255, "%2d", nsoption_int(max_cached_fetch_handles) ); set_text( CHOICES_EDIT_MAX_CACHED_CONNECTIONS, spare , 2 ); tmp_option_max_fetchers = nsoption_int(max_fetchers); - sprintf( spare, "%2d", nsoption_int(max_fetchers) ); + snprintf( spare, 255, "%2d", nsoption_int(max_fetchers) ); set_text( CHOICES_EDIT_MAX_FETCHERS, spare , 2 ); tmp_option_max_fetchers_per_host = nsoption_int(max_fetchers_per_host); - sprintf( spare, "%2d", nsoption_int(max_fetchers_per_host) ); + snprintf( spare, 255, "%2d", nsoption_int(max_fetchers_per_host) ); set_text( CHOICES_EDIT_MAX_FETCHERS_PER_HOST, spare , 2 ); /* "Style" tab: */ tmp_option_font_min_size = nsoption_int(font_min_size); - sprintf( spare, "%3d", nsoption_int(font_min_size) ); + snprintf( spare, "%3d", nsoption_int(font_min_size) ); set_text( CHOICES_EDIT_MIN_FONT_SIZE, spare , 3 ); tmp_option_font_size = nsoption_int(font_size); - sprintf( spare, "%3d", nsoption_int(font_size) ); + snprintf( spare, 255, "%3d", nsoption_int(font_size) ); set_text( CHOICES_EDIT_DEF_FONT_SIZE, spare , 3 ); /* Only first tab is refreshed: */ @@ -617,7 +617,7 @@ static void apply_settings( void ) atoi( ObjcString( dlgtree, CHOICES_EDIT_MAX_FETCHERS, NULL) )); nsoption_set_bool(foreground_images, OBJ_SELECTED( CHOICES_CB_FG_IMAGES )); - nsoption_set_bool(background_images, + nsoption_set_bool(background_images, OBJ_SELECTED( CHOICES_CB_BG_IMAGES )); /* "Style" tab: */ @@ -636,15 +636,15 @@ static void apply_settings( void ) nsoption_set_bool(incremental_reflow, OBJ_SELECTED(CHOICES_CB_INCREMENTAL_REFLOW)); nsoption_set_int(min_reflow_period, tmp_option_min_reflow_period); - nsoption_set_int(atari_font_monochrom, + nsoption_set_int(atari_font_monochrom, !OBJ_SELECTED( CHOICES_CB_ANTI_ALIASING )); /* "Paths" tabs: */ nsoption_set_charp(ca_bundle, ObjcString( dlgtree, CHOICES_EDIT_CA_BUNDLE, NULL)); - nsoption_set_charp(ca_path, + nsoption_set_charp(ca_path, ObjcString( dlgtree, CHOICES_EDIT_CA_CERTS_PATH, NULL)); - nsoption_set_charp(homepage_url, + nsoption_set_charp(homepage_url, ObjcString( dlgtree, CHOICES_EDIT_CA_CERTS_PATH, NULL)); nsoption_set_charp(hotlist_file, ObjcString( dlgtree, CHOICES_EDIT_HOTLIST_FILE, NULL)); @@ -660,11 +660,11 @@ static void apply_settings( void ) /* "Browser" tab: */ nsoption_set_bool(target_blank, !OBJ_SELECTED(CHOICES_CB_DISABLE_POPUP_WINDOWS)); - nsoption_set_bool(block_ads, + nsoption_set_bool(block_ads, OBJ_SELECTED(CHOICES_CB_HIDE_ADVERTISEMENT)); - nsoption_set_charp(accept_language, + nsoption_set_charp(accept_language, ObjcString( dlgtree, CHOICES_BT_SEL_LOCALE, NULL)); - nsoption_set_int(expire_url, + nsoption_set_int(expire_url, atoi(ObjcString( dlgtree, CHOICES_EDIT_HISTORY_AGE, NULL))); nsoption_set_bool(send_referer, OBJ_SELECTED(CHOICES_CB_SEND_HTTP_REFERRER));