hrev51770 adds 1 changeset to branch 'master'
old head: 4f2fac067d0232994fea0841540271280f9b2127
new head: 9c1f9724c24d34523608ea661b253e8d668ef8be
overview:
http://cgit.haiku-os.org/haiku/log/?qt=range&q=9c1f9724c24d+%5E4f2fac067d02
----------------------------------------------------------------------------
9c1f9724c24d: Fix various unsafe usages of strcat/strcpy
Coverity ID: 608930, 743872, 743873, 743874, 608932, 608933, 1424961, 609034
Change-Id: I2702dfb402df7eee500617cb9b8d6f567296fc13
[ Ho Tuan Kiet <tuankiet65@xxxxxxxxx> ]
----------------------------------------------------------------------------
Revision: hrev51770
Commit: 9c1f9724c24d34523608ea661b253e8d668ef8be
URL: http://cgit.haiku-os.org/haiku/commit/?id=9c1f9724c24d
Author: Ho Tuan Kiet <tuankiet65@xxxxxxxxx>
Date: Sun Jan 14 09:40:35 2018 UTC
Committer: Adrien Destugues <pulkomandy@xxxxxxxxx>
Commit-Date: Fri Jan 19 06:32:43 2018 UTC
----------------------------------------------------------------------------
5 files changed, 17 insertions(+), 16 deletions(-)
src/add-ons/kernel/file_systems/ntfs/attributes.c | 14 ++++++--------
src/add-ons/kernel/file_systems/ntfs/fs_func.c | 2 +-
src/add-ons/kernel/file_systems/ntfs/libntfs/reparse.c | 4 ++--
src/bin/top.cpp | 2 +-
src/bin/uptime.cpp | 11 +++++++----
----------------------------------------------------------------------------
diff --git a/src/add-ons/kernel/file_systems/ntfs/attributes.c
b/src/add-ons/kernel/file_systems/ntfs/attributes.c
index 9e58572587..651ff9326b 100644
--- a/src/add-ons/kernel/file_systems/ntfs/attributes.c
+++ b/src/add-ons/kernel/file_systems/ntfs/attributes.c
@@ -244,12 +244,11 @@ fs_create_attrib(fs_volume *_vol, fs_vnode *_node, const
char* name,
// check for EA first... TODO: WRITEME
-
// check for a named stream
if (true) {
char ntfs_attr_name[MAX_PATH] = {0};
- strcat(ntfs_attr_name, kHaikuAttrPrefix);
- strcat(ntfs_attr_name,name);
+ strlcpy(ntfs_attr_name, kHaikuAttrPrefix,
sizeof(ntfs_attr_name));
+ strlcat(ntfs_attr_name, name, sizeof(ntfs_attr_name));
uname = ntfs_calloc(MAX_PATH);
ulen = ntfs_mbstoucs(ntfs_attr_name, &uname);
@@ -350,12 +349,11 @@ fs_open_attrib(fs_volume *_vol, fs_vnode *_node, const
char *name,
// check for EA first... TODO: WRITEME
-
// check for a named stream
if (true) {
char ntfs_attr_name[MAX_PATH] = {0};
- strcat(ntfs_attr_name, kHaikuAttrPrefix);
- strcat(ntfs_attr_name, name);
+ strlcpy(ntfs_attr_name, kHaikuAttrPrefix,
sizeof(ntfs_attr_name));
+ strlcat(ntfs_attr_name, name, sizeof(ntfs_attr_name));
uname = ntfs_calloc(MAX_PATH);
ulen = ntfs_mbstoucs(ntfs_attr_name, &uname);
@@ -693,8 +691,8 @@ fs_remove_attrib(fs_volume *_vol, fs_vnode *_node, const
char* name)
goto exit;
}
- strcat(ntfs_attr_name, kHaikuAttrPrefix);
- strcat(ntfs_attr_name, name);
+ strlcpy(ntfs_attr_name, kHaikuAttrPrefix, sizeof(ntfs_attr_name));
+ strlcat(ntfs_attr_name, name, sizeof(ntfs_attr_name));
uname = ntfs_calloc(MAX_PATH);
ulen = ntfs_mbstoucs(ntfs_attr_name, &uname);
diff --git a/src/add-ons/kernel/file_systems/ntfs/fs_func.c
b/src/add-ons/kernel/file_systems/ntfs/fs_func.c
index 0c7db53c99..394f4a5eb7 100644
--- a/src/add-ons/kernel/file_systems/ntfs/fs_func.c
+++ b/src/add-ons/kernel/file_systems/ntfs/fs_func.c
@@ -365,7 +365,7 @@ fs_mount(fs_volume *_vol, const char *device, ulong flags,
const char *args,
.flags = 0
};
- strcpy(ns->devicePath,device);
+ strlcpy(ns->devicePath, device, sizeof(ns->devicePath));
sprintf(lockname, "ntfs_lock %lx", ns->id);
recursive_lock_init_etc(&(ns->vlock), lockname, MUTEX_FLAG_CLONE_NAME);
diff --git a/src/add-ons/kernel/file_systems/ntfs/libntfs/reparse.c
b/src/add-ons/kernel/file_systems/ntfs/libntfs/reparse.c
index cdabadd2f5..a47b5c8e9c 100644
--- a/src/add-ons/kernel/file_systems/ntfs/libntfs/reparse.c
+++ b/src/add-ons/kernel/file_systems/ntfs/libntfs/reparse.c
@@ -401,8 +401,8 @@ static int ntfs_drive_letter(ntfs_volume *vol, ntfschar
letter)
strcpy(defines,mappingdir);
if ((*drive >= 'a') && (*drive <= 'z'))
*drive += 'A' - 'a';
- strcat(defines,drive);
- strcat(defines,":");
+ strlcat(defines, drive, sizeof(defines));
+ strlcat(defines, ":", sizeof(defines));
olderrno = errno;
ni = ntfs_pathname_to_inode(vol, NULL, defines);
if (ni && !ntfs_inode_close(ni))
diff --git a/src/bin/top.cpp b/src/bin/top.cpp
index bc3b963773..3e245dc257 100644
--- a/src/bin/top.cpp
+++ b/src/bin/top.cpp
@@ -207,7 +207,7 @@ compare(
strcpy(tm.args, "(unknown)");
} else {
if ((p = strrchr(tm.args, '/'))) {
- strcpy(tm.args, p + 1);
+ strlcpy(tm.args, p + 1,
sizeof(tm.args));
}
}
}
diff --git a/src/bin/uptime.cpp b/src/bin/uptime.cpp
index 6e23581949..fb7f0652f2 100644
--- a/src/bin/uptime.cpp
+++ b/src/bin/uptime.cpp
@@ -23,7 +23,7 @@ void Usage( )
int main( int argc, char* argv[] )
{
- char buf[255];
+ char buf[255] = {0};
const char* day_strings[] = { "day", "days" };
const char* hour_strings[] = { "hour", "hours" };
const char* minute_strings[] = { "minute", "minutes" };
@@ -75,9 +75,12 @@ int main( int argc, char* argv[] )
if( !print_uptime_only )
{
- strcpy( buf, ctime( ¤t_time ) );
-
- buf[strlen( buf ) - 1] = '\0';
+ if (ctime_r(¤t_time, buf) != NULL) {
+ // ctime_r returns the date string with a trailing \n
+ // https://linux.die.net/man/3/ctime_r
+ // but we don't need that, so we clear it
+ buf[strlen( buf ) - 1] = '\0';
+ }
}
day_string = (uptime_days == 1) ? day_strings[0] : day_strings[1];