From 41f60bd669cba3ae080cf94e905cfd80f5dd9c43 Mon Sep 17 00:00:00 2001 From: lilei19 Date: Thu, 9 Feb 2023 19:01:32 +0800 Subject: [PATCH] change strcpy to strlcpy Change-Id: I8b9429a3c225a82842fce136bdb14b8b135066d3 Signed-off-by: lilei19 --- canutils/candump/candump.c | 2 +- examples/pdcurses/tui.c | 66 +++++++++----- examples/pdcurses/tui_main.c | 30 +++++-- examples/timer/timer_main.c | 4 +- examples/timer_gpio/timer_gpio_main.c | 10 ++- examples/watchdog/watchdog_main.c | 5 +- examples/watcher/wdt.c | 3 +- examples/xmlrpc/calls.c | 14 +-- fsutils/mkfatfs/writefat.c | 2 +- graphics/ft80x/ft80x_dl.c | 12 +-- interpreters/bas/bas_auto.c | 2 +- interpreters/bas/bas_global.c | 6 +- interpreters/bas/bas_value.c | 7 +- interpreters/minibasic/basic.c | 29 +++---- netutils/ftpd/ftpd.c | 2 +- netutils/netlib/netlib_iptables.c | 9 +- netutils/pppd/pppd.c | 2 +- netutils/thttpd/cgi-src/ssi.c | 38 ++++---- netutils/thttpd/libhttpd.c | 86 ++++++++++--------- netutils/webserver/httpd.c | 2 +- netutils/xmlrpc/response.c | 13 +-- netutils/xmlrpc/xmlparser.c | 5 +- nshlib/nsh_dbgcmds.c | 6 +- system/cfgdata/cfgdata_main.c | 6 +- system/hexed/src/bfile.c | 32 +++---- system/lzf/lzf_main.c | 2 +- system/termcurses/tcurses_vt100.c | 4 +- system/vi/vi.c | 2 +- testing/fstest/fstest_main.c | 5 +- .../mtd_config_fs/mtd_config_fs_test_main.c | 3 +- wireless/bluetooth/btsak/btsak_advertise.c | 2 +- wireless/ieee802154/i8sak/i8sak_main.c | 2 +- wireless/ieee802154/i8shark/i8shark_main.c | 5 +- 33 files changed, 238 insertions(+), 180 deletions(-) diff --git a/canutils/candump/candump.c b/canutils/candump/candump.c index 7b3074cc3..0c5cf17e0 100644 --- a/canutils/candump/candump.c +++ b/canutils/candump/candump.c @@ -203,7 +203,7 @@ int idx2dindex(int ifidx, int socket) { if (max_devname_len < (int)strlen(ifr.ifr_name)) max_devname_len = strlen(ifr.ifr_name); - strcpy(devname[i], ifr.ifr_name); + strlcpy(devname[i], ifr.ifr_name, sizeof(devname[i])); #ifdef DEBUG printf("new index %d (%s)\n", i, devname[i]); diff --git a/examples/pdcurses/tui.c b/examples/pdcurses/tui.c index a124ac2c3..c927aed7e 100644 --- a/examples/pdcurses/tui.c +++ b/examples/pdcurses/tui.c @@ -41,7 +41,7 @@ ****************************************************************************/ #ifdef A_COLOR -# define TITLECOLOR 1 /* color pair indices */ +# define TITLECOLOR 1 /* color pair indices */ # define MAINMENUCOLOR (2 | A_BOLD) # define MAINMENUREVCOLOR (3 | A_BOLD | A_REVERSE) # define SUBMENUCOLOR (4 | A_BOLD) @@ -51,7 +51,7 @@ # define INPUTBOXCOLOR 8 # define EDITBOXCOLOR (9 | A_BOLD | A_REVERSE) #else -# define TITLECOLOR 0 /* color pair indices */ +# define TITLECOLOR 0 /* color pair indices */ # define MAINMENUCOLOR (A_BOLD) # define MAINMENUREVCOLOR (A_BOLD | A_REVERSE) # define SUBMENUCOLOR (A_BOLD) @@ -62,11 +62,11 @@ # define EDITBOXCOLOR (A_BOLD | A_REVERSE) #endif -#define th 1 /* title window height */ -#define mh 1 /* main menu height */ -#define sh 2 /* status window height */ +#define th 1 /* title window height */ +#define mh 1 /* main menu height */ +#define sh 2 /* status window height */ #define bh (LINES - th - mh - sh) /* body window height */ -#define bw COLS /* body window width */ +#define bw COLS /* body window width */ /**************************************************************************** * Private Data @@ -298,7 +298,12 @@ static void mainhelp(void) static void mainmenu(menu *mp) { - int nitems, barlen, old = -1, cur = 0, c, cur0; + int nitems; + int barlen; + int c; + int cur0; + int old = -1; + int cur = 0; menudim(mp, &nitems, &barlen); repaintmainmenu(barlen, mp); @@ -599,13 +604,12 @@ void domenu(const menu *mp) do { cur = (cur + 1) % nitems; - } - while ((cur != cur0) && (hotkey(mp[cur].name) != toupper((int)key))); + while ((cur != cur0) && (hotkey(mp[cur].name) + != toupper((int)key))); key = (hotkey(mp[cur].name) == toupper((int)key)) ? '\n' : ERR; } - } rmerror(); @@ -692,18 +696,27 @@ static void repainteditbox(WINDOW *win, int x, char *buf) int weditstr(WINDOW *win, char *buf, int field) { - char org[MAXSTRLEN], *tp, *bp = buf; - bool defdisp = true, stop = false, insert = false; - int cury, curx, begy, begx, oldattr; - WINDOW *wedit; + char org[MAXSTRLEN]; + char *tp; + char *bp = buf; + bool defdisp = true; + bool stop = false; + bool insert = false; + int cury; + int curx; + int begy; + int begx; + int oldattr; int c = 0; + WINDOW *wedit; - if ((field >= MAXSTRLEN) || (buf == NULL) || ((int)strlen(buf) > field - 1)) + if ((field >= MAXSTRLEN) || (buf == NULL) || + ((int)strlen(buf) > field - 1)) { return ERR; } - strcpy(org, buf); /* save original */ + strlcpy(org, buf, sizeof(org)); /* save original */ wrefresh(win); getyx(win, cury, curx); @@ -760,7 +773,7 @@ int weditstr(WINDOW *win, char *buf, int field) case KEY_DC: if (*bp != 0) { - memmove((void *)(bp), (const void *)(bp+1), strlen(bp)); + memmove((void *)(bp), (const void *)(bp + 1), strlen(bp)); } break; @@ -769,7 +782,8 @@ int weditstr(WINDOW *win, char *buf, int field) { if (bp > buf) { - memmove((void *)(bp - 1), (const void *)bp, strlen(bp) + 1); + memmove((void *)(bp - 1), (const void *)bp, + strlen(bp) + 1); bp--; } } @@ -834,7 +848,10 @@ int weditstr(WINDOW *win, char *buf, int field) WINDOW *winputbox(WINDOW *win, int nlines, int ncols) { WINDOW *winp; - int cury, curx, begy, begx; + int cury; + int curx; + int begy; + int begx; getyx(win, cury, curx); getbegyx(win, begy, begx); @@ -848,7 +865,16 @@ WINDOW *winputbox(WINDOW *win, int nlines, int ncols) int getstrings(const char *desc[], char *buf[], int field) { WINDOW *winput; - int oldy, oldx, maxy, maxx, nlines, ncols, i, n, l, mmax = 0; + int oldy; + int oldx; + int maxy; + int maxx; + int nlines; + int ncols; + int i; + int n; + int l; + int mmax = 0; int c = 0; bool stop = false; diff --git a/examples/pdcurses/tui_main.c b/examples/pdcurses/tui_main.c index 9d7a5531d..128955ef7 100644 --- a/examples/pdcurses/tui_main.c +++ b/examples/pdcurses/tui_main.c @@ -1,5 +1,5 @@ /**************************************************************************** - * apps/examples/pdcurses/tui.c + * apps/examples/pdcurses/tui_main.c * * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with @@ -70,11 +70,21 @@ static const char *g_fieldname[6] = menu g_mainmenu[] = { - {"Asub", sub0, "Go inside first submenu"}, - {"Bsub", sub1, "Go inside second submenu"}, - {"Csub", sub2, "Go inside third submenu"}, - {"Dsub", sub3, "Go inside fourth submenu"}, - {"", (FUNC)0, ""} /* always add this as the last item! */ +{ + "Asub", sub0, "Go inside first submenu" +}, +{ + "Bsub", sub1, "Go inside second submenu" +}, +{ + "Csub", sub2, "Go inside third submenu" +}, +{ + "Dsub", sub3, "Go inside fourth submenu" +}, +{ + "", (FUNC)0, "" /* always add this as the last item! */ +} }; static const menu g_submenu0[] = @@ -145,7 +155,8 @@ static char *getfname(char *desc, char *fname, int field) fieldname[1] = 0; fieldbuf[0] = fname; - return (getstrings((const char **)fieldname, fieldbuf, field) == KEY_ESC) ? NULL : fname; + return (getstrings((const char **)fieldname, + fieldbuf, field) == KEY_ESC) ? NULL : fname; } static void showfile(char *fname) @@ -240,7 +251,7 @@ static void subfunc2(void) { char fname[MAXSTRLEN]; - strcpy(fname, FNAME); + strlcpy(fname, FNAME, sizeof(fname)); if (getfname("File to browse:", fname, 50)) { showfile(fname); @@ -262,6 +273,7 @@ int main(int argc, FAR char *argv[]) setlocale(LC_ALL, ""); #endif - startmenu(g_mainmenu, "TUI - 'textual user interface' demonstration program"); + startmenu(g_mainmenu, + "TUI - 'textual user interface' demonstration program"); return 0; } diff --git a/examples/timer/timer_main.c b/examples/timer/timer_main.c index ccdfa1481..a7ffb07b5 100644 --- a/examples/timer/timer_main.c +++ b/examples/timer/timer_main.c @@ -137,14 +137,14 @@ int main(int argc, FAR char *argv[]) int i; int opt; char devname[DEVNAME_SIZE]; - strcpy(devname, CONFIG_EXAMPLES_TIMER_DEVNAME); + strlcpy(devname, CONFIG_EXAMPLES_TIMER_DEVNAME, sizeof(devname)); while ((opt = getopt(argc, argv, ":d:")) != -1) { switch (opt) { case 'd': - strcpy(devname, optarg); + strlcpy(devname, optarg, sizeof(devname)); break; case ':': fprintf(stderr, "ERROR: Option needs a value\n"); diff --git a/examples/timer_gpio/timer_gpio_main.c b/examples/timer_gpio/timer_gpio_main.c index f08e26843..8ea830d06 100644 --- a/examples/timer_gpio/timer_gpio_main.c +++ b/examples/timer_gpio/timer_gpio_main.c @@ -267,8 +267,10 @@ int main(int argc, FAR char *argv[]) /* Use the ones configured on menuconfig */ - strcpy(g_devtim, CONFIG_EXAMPLES_TIMER_GPIO_TIM_DEVNAME); - strcpy(g_devgpio, CONFIG_EXAMPLES_TIMER_GPIO_GPIO_DEVNAME); + strlcpy(g_devtim, CONFIG_EXAMPLES_TIMER_GPIO_TIM_DEVNAME, + sizeof(g_devtim)); + strlcpy(g_devgpio, CONFIG_EXAMPLES_TIMER_GPIO_GPIO_DEVNAME, + sizeof(g_devgpio)); /* Or the ones passed as arguments */ @@ -277,10 +279,10 @@ int main(int argc, FAR char *argv[]) switch (opt) { case 't': - strcpy(g_devtim, optarg); + strlcpy(g_devtim, optarg, sizeof(g_devtim)); break; case 'g': - strcpy(g_devgpio, optarg); + strlcpy(g_devgpio, optarg, sizeof(g_devgpio)); break; case ':': fprintf(stderr, "ERROR: Option needs a value\n"); diff --git a/examples/watchdog/watchdog_main.c b/examples/watchdog/watchdog_main.c index d65b5532d..5a8cefcbb 100644 --- a/examples/watchdog/watchdog_main.c +++ b/examples/watchdog/watchdog_main.c @@ -136,7 +136,8 @@ static void parse_args(FAR struct wdog_example_s *wdog, int argc, wdog->pingtime = CONFIG_EXAMPLES_WATCHDOG_PINGTIME; wdog->pingdelay = CONFIG_EXAMPLES_WATCHDOG_PINGDELAY; wdog->timeout = CONFIG_EXAMPLES_WATCHDOG_TIMEOUT; - strcpy(wdog->devname, CONFIG_EXAMPLES_WATCHDOG_DEVPATH); + strlcpy(wdog->devname, CONFIG_EXAMPLES_WATCHDOG_DEVPATH, + sizeof(wdog->devname)); for (index = 1; index < argc; ) { @@ -163,7 +164,7 @@ static void parse_args(FAR struct wdog_example_s *wdog, int argc, case 'i': nargs = arg_string(&argv[index], &string); - strcpy(wdog->devname, string); + strlcpy(wdog->devname, string, sizeof(wdog->devname)); index += nargs; break; diff --git a/examples/watcher/wdt.c b/examples/watcher/wdt.c index 6bb3dd5e5..0d055c527 100644 --- a/examples/watcher/wdt.c +++ b/examples/watcher/wdt.c @@ -111,7 +111,8 @@ int wdt_init(void) { int fd; int ret; - strcpy(wdog.devname, CONFIG_EXAMPLES_WATCHER_DEVPATH); + strlcpy(wdog.devname, CONFIG_EXAMPLES_WATCHER_DEVPATH, + sizeof(wdog.devname)); /* Open the watchdog device for reading */ diff --git a/examples/xmlrpc/calls.c b/examples/xmlrpc/calls.c index aedb94006..d7cef9172 100644 --- a/examples/xmlrpc/calls.c +++ b/examples/xmlrpc/calls.c @@ -69,9 +69,13 @@ struct xmlrpc_entry_s get_device_stats = static int calls_get_device_stats(struct xmlrpc_s *xmlcall) { - char username[80], password[80]; - char lastCommand[80], curState[80]; - int request = 0, status, ret; + char username[80]; + char password[80]; + char lastCommand[80]; + char curState[80]; + int request = 0; + int status; + int ret; do { @@ -100,8 +104,8 @@ static int calls_get_device_stats(struct xmlrpc_s *xmlcall) /* Dummy up some data... */ status = 1; - strcpy(lastCommand, "reboot"); - strcpy(curState, "Normal Operation"); + strlcpy(lastCommand, "reboot", sizeof(lastCommand)); + strlcpy(curState, "Normal Operation", sizeof(curState)); ret = xmlrpc_buildresponse(xmlcall, "{iss}", "status", status, diff --git a/fsutils/mkfatfs/writefat.c b/fsutils/mkfatfs/writefat.c index 63bb38210..cc303cc3c 100644 --- a/fsutils/mkfatfs/writefat.c +++ b/fsutils/mkfatfs/writefat.c @@ -138,7 +138,7 @@ static inline void mkfatfs_initmbr(FAR struct fat_format_s *fmt, /* 8@3: Usually "MSWIN4.1" */ - strcpy((FAR char *)&var->fv_sect[MBR_OEMNAME], "NUTTX "); + memcpy(&var->fv_sect[MBR_OEMNAME], "NUTTX ", 8); /* 2@11: Bytes per sector: 512, 1024, 2048, 4096 */ diff --git a/graphics/ft80x/ft80x_dl.c b/graphics/ft80x/ft80x_dl.c index 146f86e5b..34b924c2d 100644 --- a/graphics/ft80x/ft80x_dl.c +++ b/graphics/ft80x/ft80x_dl.c @@ -357,7 +357,8 @@ int ft80x_dl_data(int fd, FAR struct ft80x_dlbuffer_s *buffer, size_t padlen; int ret; - ft80x_info("fd=%d buffer=%p data=%p datlen=%u\n", fd, buffer, data, datlen); + ft80x_info("fd=%d buffer=%p data=%p datlen=%u\n", + fd, buffer, data, datlen); DEBUGASSERT(fd >= 0 && buffer != NULL && data != NULL && datlen > 0); if (datlen > 0) @@ -441,7 +442,7 @@ int ft80x_dl_data(int fd, FAR struct ft80x_dlbuffer_s *buffer, bufptr += datlen; buffer->dloffset += datlen; - /* Then append zero bytes as necessary to achieve alignment */ + /* Then append zero bytes as necessary to achieve alignment */ while (datlen < padlen) { @@ -573,7 +574,8 @@ int ft80x_dl_string(int fd, FAR struct ft80x_dlbuffer_s *buffer, bufptr = (FAR uint8_t *)buffer->dlbuffer; bufptr += buffer->dloffset; - strcpy((FAR char *)bufptr, str); + strlcpy((FAR char *)bufptr, str, + sizeof(buffer->dlbuffer) - buffer->dloffset); /* NOTE: that strcpy will copy the NUL terminator too */ @@ -605,8 +607,8 @@ int ft80x_dl_string(int fd, FAR struct ft80x_dlbuffer_s *buffer, * hardware and reset the local display list buffer offset to zero. * * Input Parameters: - * fd - The file descriptor of the FT80x device. Opened by the caller with - * write access. + * fd - The file descriptor of the FT80x device. Opened by the caller + * with write access. * buffer - An instance of struct ft80x_dlbuffer_s allocated by the caller. * wait - True: wait until data has been consumed by the co-processor * (only for co-processor destination); false: Send to hardware diff --git a/interpreters/bas/bas_auto.c b/interpreters/bas/bas_auto.c index 92ff57340..4a58a6517 100644 --- a/interpreters/bas/bas_auto.c +++ b/interpreters/bas/bas_auto.c @@ -289,7 +289,7 @@ int Auto_variable(struct Auto *this, const struct Identifier *ident) (*tail) = malloc(sizeof(struct Symbol)); (*tail)->next = (struct Symbol *)0; - (*tail)->name = strcpy(malloc(strlen(ident->name) + 1), ident->name); + (*tail)->name = strdup(ident->name); (*tail)->type = LOCALVAR; (*tail)->u.local.type = ident->defaultType; diff --git a/interpreters/bas/bas_global.c b/interpreters/bas/bas_global.c index 78515c653..995a1dce7 100644 --- a/interpreters/bas/bas_global.c +++ b/interpreters/bas/bas_global.c @@ -2000,7 +2000,7 @@ static void builtin(struct Global *this, const char *ident, enum ValueType type, if (*r == (struct Symbol *)0) { *r = malloc(sizeof(struct Symbol)); - (*r)->name = strcpy(malloc(strlen(ident) + 1), ident); + (*r)->name = strdup(ident); (*r)->next = (struct Symbol *)0; s = (*r); } @@ -2223,7 +2223,7 @@ int Global_variable(struct Global *this, struct Identifier *ident, if (*r == (struct Symbol *)0) { *r = malloc(sizeof(struct Symbol)); - (*r)->name = strcpy(malloc(strlen(ident->name) + 1), ident->name); + (*r)->name = strdup(ident->name); (*r)->next = (struct Symbol *)0; (*r)->type = symbolType; Var_new(&((*r)->u.var), type, 0, (unsigned int *)0, 0); @@ -2275,7 +2275,7 @@ int Global_function(struct Global *this, struct Identifier *ident, } *r = malloc(sizeof(struct Symbol)); - (*r)->name = strcpy(malloc(strlen(ident->name) + 1), ident->name); + (*r)->name = strdup(ident->name); (*r)->next = (struct Symbol *)0; (*r)->type = USERFUNCTION; (*r)->u.sub.u.def.scope.start = *deffn; diff --git a/interpreters/bas/bas_value.c b/interpreters/bas/bas_value.c index 3ecf92a5e..70fad4c05 100644 --- a/interpreters/bas/bas_value.c +++ b/interpreters/bas/bas_value.c @@ -234,7 +234,7 @@ struct Value *Value_new_ERROR(struct Value *this, int code, const char *error, va_end(ap); this->type = V_ERROR; this->u.error.code = code; - this->u.error.msg = strcpy(malloc(strlen(buf) + 1), buf); + this->u.error.msg = strdup(buf); return this; } @@ -364,13 +364,12 @@ struct Value *Value_clone(struct Value *this, const struct Value *original) { assert(this != (struct Value *)0); assert(original != (struct Value *)0); + switch (original->type) { case V_ERROR: { - strcpy(this->u.error.msg = - malloc(strlen(original->u.error.msg) + 1), - original->u.error.msg); + this->u.error.msg = strdup(original->u.error.msg); this->u.error.code = original->u.error.code; break; } diff --git a/interpreters/minibasic/basic.c b/interpreters/minibasic/basic.c index e9de97c03..7edaa25bb 100644 --- a/interpreters/minibasic/basic.c +++ b/interpreters/minibasic/basic.c @@ -1096,7 +1096,7 @@ static int dofor(void) } else { - strcpy(g_forstack[nfors].id, id); + strlcpy(g_forstack[nfors].id, id, sizeof(g_forstack[nfors].id)); g_forstack[nfors].nextline = getnextline(g_string); g_forstack[nfors].step = stepval; g_forstack[nfors].toval = toval; @@ -2507,7 +2507,8 @@ static FAR struct mb_variable_s *addfloat(FAR const char *id) if (vars) { g_variables = vars; - strcpy(g_variables[g_nvariables].id, id); + strlcpy(g_variables[g_nvariables].id, id, + sizeof(g_variables[g_nvariables].id)); g_variables[g_nvariables].dval = 0.0; g_variables[g_nvariables].sval = NULL; g_nvariables++; @@ -2540,7 +2541,8 @@ static FAR struct mb_variable_s *addstring(FAR const char *id) if (vars) { g_variables = vars; - strcpy(g_variables[g_nvariables].id, id); + strlcpy(g_variables[g_nvariables].id, id, + sizeof(g_variables[g_nvariables].id)); g_variables[g_nvariables].sval = NULL; g_variables[g_nvariables].dval = 0.0; g_nvariables++; @@ -2573,7 +2575,8 @@ static FAR struct mb_dimvar_s *adddimvar(FAR const char *id) if (vars) { g_dimvariables = vars; - strcpy(g_dimvariables[g_ndimvariables].id, id); + strlcpy(g_dimvariables[g_ndimvariables].id, id, + sizeof(g_dimvariables[g_ndimvariables].id)); g_dimvariables[g_ndimvariables].dval = NULL; g_dimvariables[g_ndimvariables].str = NULL; g_dimvariables[g_ndimvariables].ndims = 0; @@ -2970,7 +2973,7 @@ static FAR char *stringstring(void) for (i = 0; i < N; i++) { - strcpy(answer + len * i, str); + strlcpy(answer + len * i, str, (N - i) * len + 1); } free(str); @@ -4009,15 +4012,7 @@ static int mystrcount(FAR const char *str, char ch) static FAR char *mystrdup(FAR const char *str) { - FAR char *answer; - - answer = malloc(strlen(str) + 1); - if (answer) - { - strcpy(answer, str); - } - - return answer; + return strdup(str); } /**************************************************************************** @@ -4036,11 +4031,11 @@ static FAR char *mystrconcat(FAR const char *str, FAR const char *cat) int len; FAR char *answer; - len = strlen(str) + strlen(cat); - answer = malloc(len + 1); + len = strlen(str) + strlen(cat) + 1; + answer = malloc(len); if (answer) { - strcpy(answer, str); + strlcpy(answer, str, len); strcat(answer, cat); } diff --git a/netutils/ftpd/ftpd.c b/netutils/ftpd/ftpd.c index f9c10adb1..d58136586 100644 --- a/netutils/ftpd/ftpd.c +++ b/netutils/ftpd/ftpd.c @@ -317,7 +317,7 @@ static FAR struct ftpd_account_s *ftpd_account_new(FAR const char *user, if (user != NULL) { ret->user = (FAR char *)&ret[1]; - strcpy(ret->user, user); + strlcpy(ret->user, user, usersize); } return ret; diff --git a/netutils/netlib/netlib_iptables.c b/netutils/netlib/netlib_iptables.c index 854e9891f..a8579d86a 100644 --- a/netutils/netlib/netlib_iptables.c +++ b/netutils/netlib/netlib_iptables.c @@ -237,7 +237,7 @@ FAR struct ipt_replace *netlib_ipt_prepare(FAR const char *table) return NULL; } - strcpy(info.name, table); + strlcpy(info.name, table, sizeof(info.name)); len = sizeof(info); if (getsockopt(sockfd, IPPROTO_IP, IPT_SO_GET_INFO, &info, &len) < 0) @@ -253,7 +253,7 @@ FAR struct ipt_replace *netlib_ipt_prepare(FAR const char *table) goto errout; } - strcpy(entries->name, table); + strlcpy(entries->name, table, sizeof(entries->name)); entries->size = info.size; if (getsockopt(sockfd, IPPROTO_IP, IPT_SO_GET_ENTRIES, entries, &len) < 0) { @@ -268,7 +268,7 @@ FAR struct ipt_replace *netlib_ipt_prepare(FAR const char *table) goto errout_with_entries; } - strcpy(repl->name, table); + strlcpy(repl->name, table, sizeof(repl->name)); repl->valid_hooks = info.valid_hooks; repl->num_entries = info.num_entries; @@ -562,7 +562,8 @@ FAR struct ipt_entry *netlib_ipt_masquerade_entry(FAR const char *ifname) IPT_FILL_ENTRY(entry, XT_MASQUERADE_TARGET); - strcpy(entry->entry.ip.outiface, ifname); + strlcpy(entry->entry.ip.outiface, ifname, + sizeof(entry->entry.ip.outiface)); memset(entry->entry.ip.outiface_mask, 0xff, len + 1); return &entry->entry; diff --git a/netutils/pppd/pppd.c b/netutils/pppd/pppd.c index 7ebeab348..cc3d2b047 100644 --- a/netutils/pppd/pppd.c +++ b/netutils/pppd/pppd.c @@ -323,7 +323,7 @@ int pppd(const struct pppd_settings_s *pppd_settings) ctx = (struct ppp_context_s *)malloc(sizeof(struct ppp_context_s)); memset(ctx, 0, sizeof(struct ppp_context_s)); - strcpy((char *)ctx->ifname, "ppp%d"); + strlcpy((char *)ctx->ifname, "ppp%d", sizeof(ctx->ifname)); ctx->settings = pppd_settings; ctx->if_fd = tun_alloc((char *)ctx->ifname); diff --git a/netutils/thttpd/cgi-src/ssi.c b/netutils/thttpd/cgi-src/ssi.c index 9a2bb729f..521ee040b 100644 --- a/netutils/thttpd/cgi-src/ssi.c +++ b/netutils/thttpd/cgi-src/ssi.c @@ -182,6 +182,7 @@ static int get_filename(char *vfilename, char *filename, int fnsize) { char *cp; + int size; int vl; int fl; @@ -193,6 +194,7 @@ static int get_filename(char *vfilename, char *filename, vl = strlen(vfilename); fl = strlen(filename); + size = fl - vl; if (strcmp(tag, "virtual") == 0) { @@ -204,18 +206,18 @@ static int get_filename(char *vfilename, char *filename, /* Figure out root using difference between vfilename and filename. */ - if (vl > fl || strcmp(vfilename, &filename[fl - vl]) != 0) + if (vl > fl || strcmp(vfilename, &filename[size]) != 0) { return -1; } - if (fl - vl + strlen(val) >= fnsize) + if (size + strlen(val) >= fnsize) { return -1; } - strncpy(fn, filename, fl - vl); - strcpy(&fn[fl - vl], val); + strncpy(fn, filename, size); + strlcpy(&fn[size], val, fnsize - size); } else if (strcmp(tag, "file") == 0) { @@ -230,7 +232,7 @@ static int get_filename(char *vfilename, char *filename, return -1; } - strcpy(fn, filename); + strlcpy(fn, filename, fnsize); cp = strrchr(fn, '/'); if (cp == (char *)0) { @@ -238,7 +240,8 @@ static int get_filename(char *vfilename, char *filename, *cp = '/'; } - strcpy(++cp, val); + cp++; + strlcpy(cp, val, fnsize - (cp - fn)); } else { @@ -314,7 +317,7 @@ static int check_filename(char *filename) cp = strrchr(dirname, '/'); if (cp == (char *)0) { - strcpy(dirname, "."); + strlcpy(dirname, ".", fnl + 1); } else { @@ -354,18 +357,18 @@ static int check_filename(char *filename) static void show_time(time_t t, int gmt) { - struct tm *tmP; + struct tm *tmp; if (gmt) { - tmP = gmtime(&t); + tmp = gmtime(&t); } else { - tmP = localtime(&t); + tmp = localtime(&t); } - if (strftime(g_iobuffer2, BUFFER_SIZE, g_timeformat, tmP) > 0) + if (strftime(g_iobuffer2, BUFFER_SIZE, g_timeformat, tmp) > 0) { puts(g_iobuffer2); } @@ -471,11 +474,11 @@ static void do_include(FILE *instream, char *vfilename, char *filename, { if (strlen(val) < BUFFER_SIZE) { - strcpy(g_iobuffer2, val); + strlcpy(g_iobuffer2, val, sizeof(g_iobuffer2)); } else { - strcpy(g_iobuffer2, g_iobuffer1); /* same size, has to fit */ + strlcpy(g_iobuffer2, g_iobuffer1, sizeof(g_iobuffer2)); /* same size, has to fit */ } } else @@ -483,7 +486,7 @@ static void do_include(FILE *instream, char *vfilename, char *filename, if (strlen(vfilename) + 1 + strlen(val) < BUFFER_SIZE) { char *cp; - strcpy(g_iobuffer2, vfilename); + strlcpy(g_iobuffer2, vfilename, sizeof(g_iobuffer2)); cp = strrchr(g_iobuffer2, '/'); if (cp == (char *)0) { @@ -491,11 +494,12 @@ static void do_include(FILE *instream, char *vfilename, char *filename, *cp = '/'; } - strcpy(++cp, val); + cp++; + strlcpy(cp, val, sizeof(g_iobuffer2) - (cp - g_iobuffer2)); } else { - strcpy(g_iobuffer2, g_iobuffer1); /* same size, has to fit */ + strlcpy(g_iobuffer2, g_iobuffer1, sizeof(g_iobuffer2)); /* same size, has to fit */ } } @@ -907,7 +911,7 @@ int main(int argc, char *argv[]) /* Default formats. */ - strcpy(g_timeformat, "%a %b %e %T %Z %Y"); + strlcpy(g_timeformat, "%a %b %e %T %Z %Y", sizeof(g_timeformat)); g_sizefmt = SF_BYTES; /* The MIME type has to be text/html. */ diff --git a/netutils/thttpd/libhttpd.c b/netutils/thttpd/libhttpd.c index 555817177..f4ea6f7c3 100644 --- a/netutils/thttpd/libhttpd.c +++ b/netutils/thttpd/libhttpd.c @@ -74,6 +74,10 @@ #ifdef CONFIG_THTTPD +/* Include MIME encodings and types */ + +#include "mime_types.h" + /**************************************************************************** * Pre-processor Definitions ****************************************************************************/ @@ -104,6 +108,8 @@ extern CODE char *crypt(const char *key, const char *setting); # define ERROR_FORM(a,b) a #endif +#define rfc1123fmtstring ("%a, %d %b %Y %H:%M:%S GMT") + /**************************************************************************** * Private Types ****************************************************************************/ @@ -182,10 +188,6 @@ static size_t sockaddr_len(httpd_sockaddr *sap); static pid_t main_thread; -/* Include MIME encodings and types */ - -#include "mime_types.h" - /* Names for index file */ static const char *index_names[] = @@ -309,7 +311,7 @@ static void send_mime(httpd_conn *hc, int status, const char *title, const char *type, off_t length, time_t mod) { struct timeval now; - const char *rfc1123fmt = "%a, %d %b %Y %H:%M:%S GMT"; + const char *rfc1123fmt = rfc1123fmtstring; char tmbuf[72]; #ifdef CONFIG_THTTPD_MAXAGE time_t expires; @@ -770,7 +772,7 @@ static int auth_check2(httpd_conn *hc, char *dirname) httpd_realloc_str(&hc->remoteuser, &hc->maxremoteuser, strlen(authinfo)); - strcpy(hc->remoteuser, authinfo); + strlcpy(hc->remoteuser, authinfo, hc->maxremoteuser + 1); return 1; } else @@ -839,18 +841,18 @@ static int auth_check2(httpd_conn *hc, char *dirname) httpd_realloc_str(&hc->remoteuser, &hc->maxremoteuser, strlen(line)); - strcpy(hc->remoteuser, line); + strlcpy(hc->remoteuser, line, hc->maxremoteuser + 1); /* And cache this user's info for next time. */ httpd_realloc_str(&prevauthpath, &maxprevauthpath, strlen(authpath)); - strcpy(prevauthpath, authpath); + strlcpy(prevauthpath, authpath, maxprevauthpath + 1); prevmtime = sb.st_mtime; httpd_realloc_str(&prevuser, &maxprevuser, strlen(authinfo)); - strcpy(prevuser, authinfo); + strlcpy(prevuser, authinfo, maxprevuser + 1); httpd_realloc_str(&prevcryp, &maxprevcryp, strlen(cryp)); - strcpy(prevcryp, cryp); + strlcpy(prevcryp, cryp, maxprevcryp + 1); return 1; } else @@ -914,11 +916,11 @@ static int httpd_tilde_map1(httpd_conn *hc) len = strlen(hc->expnfilename) - 1; httpd_realloc_str(&temp, &maxtemp, len); - strcpy(temp, &hc->expnfilename[1]); + strlcpy(temp, &hc->expnfilename[1], maxtemp + 1); httpd_realloc_str(&hc->expnfilename, &hc->maxexpnfilename, strlen(prefix) + 1 + len); - strcpy(hc->expnfilename, prefix); + strlcpy(hc->expnfilename, prefix, hc->maxexpnfilename + 1); if (prefix[0] != '\0') { @@ -946,7 +948,7 @@ static int httpd_tilde_map2(httpd_conn *hc) /* Get the username. */ httpd_realloc_str(&temp, &maxtemp, strlen(hc->expnfilename) - 1); - strcpy(temp, &hc->expnfilename[1]); + strlcpy(temp, &hc->expnfilename[1], maxtemp + 1); cp = strchr(temp, '/'); if (cp) @@ -970,7 +972,7 @@ static int httpd_tilde_map2(httpd_conn *hc) httpd_realloc_str(&hc->altdir, &hc->maxaltdir, strlen(pw->pw_dir) + 1 + strlen(postfix)); - strcpy(hc->altdir, pw->pw_dir); + strlcpy(hc->altdir, pw->pw_dir, hc->maxaltdir + 1); if (postfix[0] != '\0') { strcat(hc->altdir, "/"); @@ -984,7 +986,7 @@ static int httpd_tilde_map2(httpd_conn *hc) } httpd_realloc_str(&hc->altdir, &hc->maxaltdir, strlen(alt)); - strcpy(hc->altdir, alt); + strlcpy(hc->altdir, alt, hc->maxaltdir + 1); /* And the filename becomes altdir plus the post-~ part of the original. */ @@ -1097,12 +1099,12 @@ static int vhost_map(httpd_conn *hc) *cp2++ = '/'; } - strcpy(cp2, hc->vhostname); + strlcpy(cp2, hc->vhostname, hc->maxhostdir + 1 - (cp2 - hc->hostdir)); #else /* VHOST_DIRLEVELS */ httpd_realloc_str(&hc->hostdir, &hc->maxhostdir, strlen(hc->vhostname)); - strcpy(hc->hostdir, hc->vhostname); + strlcpy(hc->hostdir, hc->vhostname, hc->maxhostdir + 1); #endif /* VHOST_DIRLEVELS */ @@ -1110,10 +1112,10 @@ static int vhost_map(httpd_conn *hc) len = strlen(hc->expnfilename); httpd_realloc_str(&tempfilename, &maxtempfilename, len); - strcpy(tempfilename, hc->expnfilename); + strlcpy(tempfilename, hc->expnfilename, maxtempfilename + 1); httpd_realloc_str(&hc->expnfilename, &hc->maxexpnfilename, strlen(hc->hostdir) + 1 + len); - strcpy(hc->expnfilename, hc->hostdir); + strlcpy(hc->expnfilename, hc->hostdir, hc->maxexpnfilename + 1); strcat(hc->expnfilename, "/"); strcat(hc->expnfilename, tempfilename); return 1; @@ -1153,7 +1155,7 @@ static char *expand_filename(char *path, char **restp, bool tildemapped) { checkedlen = strlen(path); httpd_realloc_str(&checked, &maxchecked, checkedlen); - strcpy(checked, path); + strlcpy(checked, path, maxchecked + 1); /* Trim trailing slashes. */ @@ -1182,7 +1184,7 @@ static char *expand_filename(char *path, char **restp, bool tildemapped) checkedlen = strlen(httpd_root); httpd_realloc_str(&checked, &maxchecked, checkedlen + 2); - strcpy(checked, httpd_root); + strlcpy(checked, httpd_root, maxchecked + 1); /* Skip over leading '.' */ @@ -1212,7 +1214,7 @@ static char *expand_filename(char *path, char **restp, bool tildemapped) restlen = strlen(path); httpd_realloc_str(&rest, &maxrest, restlen + 1); - strcpy(rest, path); + strlcpy(rest, path, maxrest + 1); /* trim trailing slash */ @@ -1314,7 +1316,7 @@ static char *expand_filename(char *path, char **restp, bool tildemapped) checked[checkedlen++] = '/'; } - strcpy(&checked[checkedlen], r); + strlcpy(&checked[checkedlen], r, maxchecked + 1 - checkedlen); checkedlen += restlen; } @@ -1328,7 +1330,7 @@ static char *expand_filename(char *path, char **restp, bool tildemapped) *restp = r; if (checked[0] == '\0') { - strcpy(checked, httpd_root); + strlcpy(checked, httpd_root, maxchecked + 1); } ninfo("checked: \"%s\"\n", checked); @@ -1388,7 +1390,7 @@ static void de_dotdot(char *file) while ((cp = strstr(file, "/./")) != NULL) { - strcpy(cp, cp + 2); + strcpy(cp, cp + 2); } /* Alternate between removing leading ../ and removing xxx/../ */ @@ -1565,11 +1567,13 @@ done: encodings_len + enc_tab[me_indexes[i]].val_len + 1); if (hc->encodings[0] != '\0') { - strcpy(&hc->encodings[encodings_len], ","); + strlcpy(&hc->encodings[encodings_len], ",", + hc->maxencodings + 1 - encodings_len); ++encodings_len; } - strcpy(&hc->encodings[encodings_len], enc_tab[me_indexes[i]].val); + strlcpy(&hc->encodings[encodings_len], enc_tab[me_indexes[i]].val, + hc->maxencodings + 1 - encodings_len); encodings_len += enc_tab[me_indexes[i]].val_len; } } @@ -1705,8 +1709,8 @@ static void ls_child(int argc, char **argv) if (hc->expnfilename[0] == '\0' || strcmp(hc->expnfilename, ".") == 0) { - strcpy(name, nameptrs[i]); - strcpy(rname, nameptrs[i]); + strlcpy(name, nameptrs[i], maxname + 1); + strlcpy(rname, nameptrs[i], maxrname + 1); } else { @@ -2739,7 +2743,7 @@ int httpd_parse_request(httpd_conn *hc) } httpd_realloc_str(&hc->reqhost, &hc->maxreqhost, strlen(reqhost)); - strcpy(hc->reqhost, reqhost); + strlcpy(hc->reqhost, reqhost, hc->maxreqhost + 1); *url = '/'; } @@ -2776,13 +2780,13 @@ int httpd_parse_request(httpd_conn *hc) httpd_realloc_str(&hc->origfilename, &hc->maxorigfilename, strlen(hc->decodedurl)); - strcpy(hc->origfilename, &hc->decodedurl[1]); + strlcpy(hc->origfilename, &hc->decodedurl[1], hc->maxorigfilename + 1); /* Special case for top-level URL. */ if (hc->origfilename[0] == '\0') { - strcpy(hc->origfilename, "."); + strlcpy(hc->origfilename, ".", hc->maxorigfilename + 1); } /* Extract query string from encoded URL. */ @@ -2792,7 +2796,7 @@ int httpd_parse_request(httpd_conn *hc) { ++cp; httpd_realloc_str(&hc->query, &hc->maxquery, strlen(cp)); - strcpy(hc->query, cp); + strlcpy(hc->query, cp, hc->maxquery + 1); /* Remove query from (decoded) origfilename. */ @@ -2903,7 +2907,7 @@ int httpd_parse_request(httpd_conn *hc) strlen(cp)); } - strcpy(hc->accepte, cp); + strlcpy(hc->accepte, cp, hc->maxaccepte + 1); } else if (strncasecmp(buf, "Accept-Language:", 16) == 0) { @@ -3065,7 +3069,7 @@ int httpd_parse_request(httpd_conn *hc) httpd_realloc_str(&hc->expnfilename, &hc->maxexpnfilename, strlen(hc->origfilename)); - strcpy(hc->expnfilename, hc->origfilename); + strlcpy(hc->expnfilename, hc->origfilename, hc->maxexpnfilename + 1); /* Tilde mapping. */ @@ -3113,9 +3117,9 @@ int httpd_parse_request(httpd_conn *hc) } httpd_realloc_str(&hc->expnfilename, &hc->maxexpnfilename, strlen(cp)); - strcpy(hc->expnfilename, cp); + strlcpy(hc->expnfilename, cp, hc->maxexpnfilename + 1); httpd_realloc_str(&hc->pathinfo, &hc->maxpathinfo, strlen(pi)); - strcpy(hc->pathinfo, pi); + strlcpy(hc->pathinfo, pi, hc->maxpathinfo + 1); ninfo("expnfilename: \"%s\" pathinfo: \"%s\"\n", hc->expnfilename, hc->pathinfo); @@ -3288,7 +3292,7 @@ int httpd_start_request(httpd_conn *hc, struct timeval *nowp) { httpd_realloc_str(&indexname, &maxindexname, expnlen + 1 + strlen(index_names[i])); - strcpy(indexname, hc->expnfilename); + strlcpy(indexname, hc->expnfilename, maxindexname + 1); indxlen = strlen(indexname); if (indxlen == 0 || indexname[indxlen - 1] != '/') { @@ -3375,7 +3379,7 @@ int httpd_start_request(httpd_conn *hc, struct timeval *nowp) expnlen = strlen(cp); httpd_realloc_str(&hc->expnfilename, &hc->maxexpnfilename, expnlen); - strcpy(hc->expnfilename, cp); + strlcpy(hc->expnfilename, cp, hc->maxexpnfilename + 1); /* Now, is the index version world-readable or world-executable? */ @@ -3397,11 +3401,11 @@ int httpd_start_request(httpd_conn *hc, struct timeval *nowp) #ifdef CONFIG_THTTPD_AUTH_FILE httpd_realloc_str(&dirname, &maxdirname, expnlen); - strcpy(dirname, hc->expnfilename); + strlcpy(dirname, hc->expnfilename, maxdirname + 1); cp = strrchr(dirname, '/'); if (!cp) { - strcpy(dirname, httpd_root); + strlcpy(dirname, httpd_root, maxdirname + 1); } else { diff --git a/netutils/webserver/httpd.c b/netutils/webserver/httpd.c index 6e7483664..75b0fa7b1 100644 --- a/netutils/webserver/httpd.c +++ b/netutils/webserver/httpd.c @@ -609,7 +609,7 @@ static inline int httpd_parse(struct httpd_state *pstate) } *v = '\0'; - strcpy(pstate->ht_filename, start); + strlcpy(pstate->ht_filename, start, sizeof(pstate->ht_filename)); state = STATE_HEADER; break; diff --git a/netutils/xmlrpc/response.c b/netutils/xmlrpc/response.c index d274abf6d..a3f77b9ba 100644 --- a/netutils/xmlrpc/response.c +++ b/netutils/xmlrpc/response.c @@ -177,12 +177,13 @@ int xmlrpc_buildresponse(struct xmlrpc_s *xmlcall, char *args, ...) return -1; } - strcpy(xmlcall->response, "HTTP/1.1 200 OK\n" - "Connection: close\n" - "Content-length: xyza\n" - "Content-Type: text/xml\n" - "Server: Lightweight XMLRPC\n\n" - "\n" "\n"); + strlcpy(xmlcall->response, "HTTP/1.1 200 OK\n" + "Connection: close\n" + "Content-length: xyza\n" + "Content-Type: text/xml\n" + "Server: Lightweight XMLRPC\n\n" + "\n" "\n", + sizeof(xmlcall->response)); if (xmlcall->error) { diff --git a/netutils/xmlrpc/xmlparser.c b/netutils/xmlrpc/xmlparser.c index 51e283cd6..a7276e734 100644 --- a/netutils/xmlrpc/xmlparser.c +++ b/netutils/xmlrpc/xmlparser.c @@ -236,7 +236,8 @@ static int xmlrpc_parseparam(struct parsebuf_s *pbuf) break; case 's': - strcpy(g_xmlcall.arguments[g_xmlcall.argsize].u.string, g_data); + strlcpy(g_xmlcall.arguments[g_xmlcall.argsize].u.string, g_data, + sizeof(g_xmlcall.arguments[g_xmlcall.argsize].u.string)); break; default: @@ -324,7 +325,7 @@ static int xmlrpc_parsemethod(struct parsebuf_s *pbuf) { /* Save the method name */ - strcpy(g_xmlcall.name, g_data); + strlcpy(g_xmlcall.name, g_data, sizeof(g_xmlcall.name)); /* Find the closing /methodCall */ diff --git a/nshlib/nsh_dbgcmds.c b/nshlib/nsh_dbgcmds.c index 52b6a3be4..85a6718ee 100644 --- a/nshlib/nsh_dbgcmds.c +++ b/nshlib/nsh_dbgcmds.c @@ -288,6 +288,7 @@ void nsh_dumpbuffer(FAR struct nsh_vtbl_s *vtbl, FAR const char *msg, FAR const uint8_t *buffer, ssize_t nbytes) { char line[128]; + size_t size; int ch; int i; int j; @@ -299,13 +300,14 @@ void nsh_dumpbuffer(FAR struct nsh_vtbl_s *vtbl, FAR const char *msg, for (j = 0; j < 16; j++) { + size = strlen(line); if (i + j < nbytes) { - sprintf(&line[strlen(line)], "%02x ", buffer[i + j]); + sprintf(&line[size], "%02x ", buffer[i + j]); } else { - strcpy(&line[strlen(line)], " "); + strlcpy(&line[size], " ", sizeof(line) - size); } } diff --git a/system/cfgdata/cfgdata_main.c b/system/cfgdata/cfgdata_main.c index c32913e1b..a4278cc4f 100644 --- a/system/cfgdata/cfgdata_main.c +++ b/system/cfgdata/cfgdata_main.c @@ -566,9 +566,9 @@ static void cfgdatacmd_show_all_config_items(void) printf(fmtstr, "Name", "Len"); sprintf(fmtstr, "%%-%ds%%-6d", CONFIG_MTD_CONFIG_NAME_LEN); #else - strcpy(fmtstr, "%-6s%-6s%-6sData\n"); + strlcpy(fmtstr, "%-6s%-6s%-6sData\n", sizeof(fmtstr)); printf(fmtstr, "ID", "Inst", "Len"); - strcpy(fmtstr, "%-6d%-6d%-6d"); + strlcpy(fmtstr, "%-6d%-6d%-6d", sizeof(fmtstr)); #endif /* Get the first config item */ @@ -620,7 +620,7 @@ static void cfgdatacmd_show_all_config_items(void) #ifdef CONFIG_MTD_CONFIG_NAMED sprintf(fmtstr2, "\n%ds", CONFIG_MTD_CONFIG_NAME_LEN + 6); #else - strcpy(fmtstr2, "\n%18s"); + strlcpy(fmtstr2, "\n%18s", sizeof(fmtstr2)); #endif /* Loop though all bytes and display them */ diff --git a/system/hexed/src/bfile.c b/system/hexed/src/bfile.c index c12de2640..5039f0c9e 100644 --- a/system/hexed/src/bfile.c +++ b/system/hexed/src/bfile.c @@ -5,7 +5,8 @@ * Copyright (c) 2011, B.ZaaR, All rights reserved. * * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: + * modification, are permitted provided that the following conditions + * are met: * * Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. @@ -18,17 +19,17 @@ * products derived from this software without specific prior written * permission. * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * OR BUSINESS PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER INCONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * ****************************************************************************/ @@ -114,7 +115,8 @@ static int bffree(FAR struct bfile_s *bf) long fsize(FILE * fp) { - long off, sz; + long off; + long sz; if (fp == NULL) { @@ -211,14 +213,12 @@ FAR struct bfile_s *bfopen(char *name, char *mode) /* Set file name */ - if ((bf->name = malloc(strlen(name) + 1)) == NULL) + if ((bf->name = strdup(name)) == NULL) { bffree(bf); return NULL; } - strcpy(bf->name, name); - /* Open file */ if ((bf->fp = fopen(bf->name, mode)) == NULL) diff --git a/system/lzf/lzf_main.c b/system/lzf/lzf_main.c index 3c488f302..b25b14257 100644 --- a/system/lzf/lzf_main.c +++ b/system/lzf/lzf_main.c @@ -350,7 +350,7 @@ static int compose_name(FAR const char *fname, FAR char *oname, int namelen) return -1; } - strcpy(oname, fname); + strlcpy(oname, fname, namelen); p = strstr(oname, ".lzf"); if (p == NULL) { diff --git a/system/termcurses/tcurses_vt100.c b/system/termcurses/tcurses_vt100.c index 3ee01d4c7..98c8ed881 100644 --- a/system/termcurses/tcurses_vt100.c +++ b/system/termcurses/tcurses_vt100.c @@ -1080,11 +1080,11 @@ static int tcurses_vt100_setattributes(FAR struct termcurses_s *dev, if (attrib & TCURS_ATTRIB_BOLD) { - strcpy(str, g_setbold); + strlcpy(str, g_setbold, sizeof(str)); } else { - strcpy(str, g_setnobold); + strlcpy(str, g_setnobold, sizeof(str)); } if (attrib & TCURS_ATTRIB_BLINK) diff --git a/system/vi/vi.c b/system/vi/vi.c index 369a3937a..95f20b724 100644 --- a/system/vi/vi.c +++ b/system/vi/vi.c @@ -4035,7 +4035,7 @@ static void vi_cmd_mode(FAR struct vi_s *vi) { /* Emulate :wq */ - strcpy(vi->scratch, "wq"); + strlcpy(vi->scratch, "wq", sizeof(vi->scratch)); vi->cmdlen = 2; vi_parsecolon(vi); diff --git a/testing/fstest/fstest_main.c b/testing/fstest/fstest_main.c index 2fbcc46b4..0c701309a 100644 --- a/testing/fstest/fstest_main.c +++ b/testing/fstest/fstest_main.c @@ -983,7 +983,8 @@ int main(int argc, FAR char *argv[]) loop_num = CONFIG_TESTING_FSTEST_NLOOPS; ctx->max_file = CONFIG_TESTING_FSTEST_MAXFILE; ctx->max_open = CONFIG_TESTING_FSTEST_MAXOPEN; - strcpy(ctx->mountdir, CONFIG_TESTING_FSTEST_MOUNTPT); + strlcpy(ctx->mountdir, CONFIG_TESTING_FSTEST_MOUNTPT, + sizeof(ctx->mountdir)); /* Opt Parse */ @@ -992,7 +993,7 @@ int main(int argc, FAR char *argv[]) switch (option) { case 'm': - strcpy(ctx->mountdir, optarg); + strlcpy(ctx->mountdir, optarg, sizeof(ctx->mountdir)); break; case 'h': show_useage(); diff --git a/testing/mtd_config_fs/mtd_config_fs_test_main.c b/testing/mtd_config_fs/mtd_config_fs_test_main.c index 2d8c36631..a424b8e47 100644 --- a/testing/mtd_config_fs/mtd_config_fs_test_main.c +++ b/testing/mtd_config_fs/mtd_config_fs_test_main.c @@ -2479,7 +2479,8 @@ int main(int argc, FAR char *argv[]) switch (option) { case 'm': - strcpy(ctx->mountdir, optarg); + strlcpy(ctx->mountdir, optarg, + sizeof(ctx->mountdir)); break; case 'h': show_useage(); diff --git a/wireless/bluetooth/btsak/btsak_advertise.c b/wireless/bluetooth/btsak/btsak_advertise.c index a2efb6b27..c36ed0291 100644 --- a/wireless/bluetooth/btsak/btsak_advertise.c +++ b/wireless/bluetooth/btsak/btsak_advertise.c @@ -123,7 +123,7 @@ static void btsak_cmd_advertisestart(FAR struct btsak_s *btsak, memset(&sd, 0, 2 * sizeof(struct bt_eir_s)); sd[1].len = sizeof("btsak"); sd[1].type = BT_EIR_NAME_COMPLETE; - strcpy((FAR char *)sd[1].data, "btsak"); + strlcpy((FAR char *)sd[1].data, "btsak", sizeof(sd[1].data)); memset(&btreq, 0, sizeof(struct btreq_s)); strlcpy(btreq.btr_name, btsak->ifname, IFNAMSIZ); diff --git a/wireless/ieee802154/i8sak/i8sak_main.c b/wireless/ieee802154/i8sak/i8sak_main.c index f5a4482fe..e6f8da28a 100644 --- a/wireless/ieee802154/i8sak/i8sak_main.c +++ b/wireless/ieee802154/i8sak/i8sak_main.c @@ -592,7 +592,7 @@ static int i8sak_setup(FAR struct i8sak_s *i8sak, FAR const char *ifname) return ERROR; } - strcpy(&i8sak->ifname[0], ifname); + strlcpy(i8sak->ifname, ifname, sizeof(i8sak->ifname)); i8sak->chan = 11; i8sak->chpage = 0; diff --git a/wireless/ieee802154/i8shark/i8shark_main.c b/wireless/ieee802154/i8shark/i8shark_main.c index e03c87fe6..d7992a9bd 100644 --- a/wireless/ieee802154/i8shark/i8shark_main.c +++ b/wireless/ieee802154/i8shark/i8shark_main.c @@ -126,7 +126,8 @@ static int i8shark_init(FAR struct i8shark_state_s *i8shark) /* Set the default settings using config options */ - strcpy(i8shark->devpath, CONFIG_IEEE802154_I8SHARK_DEVPATH); + strlcpy(i8shark->devpath, CONFIG_IEEE802154_I8SHARK_DEVPATH, + sizeof(i8shark->devpath)); /* Flags for synchronzing with daemon state */ @@ -419,7 +420,7 @@ int main(int argc, FAR char *argv[]) /* Copy the path into our state structure */ - strcpy(g_i8shark.devpath, argv[1]); + strlcpy(g_i8shark.devpath, argv[1], sizeof(g_i8shark.devpath)); } argind++;