From 7f963a19ecbceef5d7e95e677ccc089d04ef987f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 6 Mar 2013 13:27:51 +0100
Subject: checksrc: ban unsafe functions

The list of unsafe functions currently consists of sprintf, vsprintf,
strcat, strncat and gets.

Subsequently, some existing code needed updating to avoid warnings on
this.
---
 src/tool_dirhie.c   | 10 ++++++----
 src/tool_operate.c  | 14 +++++++-------
 src/tool_operhlp.c  | 14 ++++++--------
 src/tool_parsecfg.c | 23 ++++++++++++-----------
 src/tool_setopt.c   |  8 ++++----
 5 files changed, 35 insertions(+), 34 deletions(-)

(limited to 'src')

diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 4ba1c4375..5965f7a74 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -98,12 +98,14 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE *errors)
   char *outdup;
   char *dirbuildup;
   CURLcode result = CURLE_OK;
+  size_t outlen;
 
+  outlen = strlen(outfile);
   outdup = strdup(outfile);
   if(!outdup)
     return CURLE_OUT_OF_MEMORY;
 
-  dirbuildup = malloc(strlen(outfile) + 1);
+  dirbuildup = malloc(outlen + 1);
   if(!dirbuildup) {
     Curl_safefree(outdup);
     return CURLE_OUT_OF_MEMORY;
@@ -119,12 +121,12 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE *errors)
     if(tempdir2 != NULL) {
       size_t dlen = strlen(dirbuildup);
       if(dlen)
-        sprintf(&dirbuildup[dlen], "%s%s", DIR_CHAR, tempdir);
+        snprintf(&dirbuildup[dlen], outlen - dlen, "%s%s", DIR_CHAR, tempdir);
       else {
         if(0 != strncmp(outdup, DIR_CHAR, 1))
           strcpy(dirbuildup, tempdir);
         else
-          sprintf(dirbuildup, "%s%s", DIR_CHAR, tempdir);
+          snprintf(dirbuildup, outlen, "%s%s", DIR_CHAR, tempdir);
       }
       if(access(dirbuildup, F_OK) == -1) {
         if(-1 == mkdir(dirbuildup,(mode_t)0000750)) {
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 5e73d86d4..3151f416f 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -805,18 +805,18 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[])
           /*
            * Then append ? followed by the get fields to the url.
            */
-          urlbuffer = malloc(strlen(this_url) + strlen(httpgetfields) + 3);
-          if(!urlbuffer) {
-            res = CURLE_OUT_OF_MEMORY;
-            goto show_error;
-          }
           if(pc)
-            sprintf(urlbuffer, "%s%c%s", this_url, sep, httpgetfields);
+            urlbuffer = aprintf("%s%c%s", this_url, sep, httpgetfields);
           else
             /* Append  / before the ? to create a well-formed url
                if the url contains a hostname only
             */
-            sprintf(urlbuffer, "%s/?%s", this_url, httpgetfields);
+            urlbuffer = aprintf("%s/?%s", this_url, httpgetfields);
+
+          if(!urlbuffer) {
+            res = CURLE_OUT_OF_MEMORY;
+            goto show_error;
+          }
 
           Curl_safefree(this_url); /* free previous URL */
           this_url = urlbuffer; /* use our new URL instead! */
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index 631488727..d3c1a88a9 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -123,22 +123,20 @@ char *add_file_name_to_url(CURL *curl, char *url, const char *filename)
     /* URL encode the file name */
     encfile = curl_easy_escape(curl, filep, 0 /* use strlen */);
     if(encfile) {
-      char *urlbuffer = malloc(strlen(url) + strlen(encfile) + 3);
-      if(!urlbuffer) {
-        curl_free(encfile);
-        Curl_safefree(url);
-        return NULL;
-      }
+      char *urlbuffer;
       if(ptr)
         /* there is a trailing slash on the URL */
-        sprintf(urlbuffer, "%s%s", url, encfile);
+        urlbuffer = aprintf("%s%s", url, encfile);
       else
         /* there is no trailing slash on the URL */
-        sprintf(urlbuffer, "%s/%s", url, encfile);
+        urlbuffer = aprintf("%s/%s", url, encfile);
 
       curl_free(encfile);
       Curl_safefree(url);
 
+      if(!urlbuffer)
+        return NULL;
+
       url = urlbuffer; /* use our new URL instead! */
     }
   }
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 561dada11..680688ab7 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -275,32 +275,33 @@ static char *my_get_line(FILE *fp)
 {
   char buf[4096];
   char *nl = NULL;
-  char *retval = NULL;
+  char *line = NULL;
 
   do {
     if(NULL == fgets(buf, sizeof(buf), fp))
       break;
-    if(!retval) {
-      retval = strdup(buf);
-      if(!retval)
+    if(!line) {
+      line = strdup(buf);
+      if(!line)
         return NULL;
     }
     else {
       char *ptr;
-      ptr = realloc(retval, strlen(retval) + strlen(buf) + 1);
+      size_t linelen = strlen(line);
+      ptr = realloc(line, linelen + strlen(buf) + 1);
       if(!ptr) {
-        Curl_safefree(retval);
+        Curl_safefree(line);
         return NULL;
       }
-      retval = ptr;
-      strcat(retval, buf);
+      line = ptr;
+      strcpy(&line[linelen], buf);
     }
-    nl = strchr(retval, '\n');
+    nl = strchr(line, '\n');
   } while(!nl);
 
   if(nl)
     *nl = '\0';
 
-  return retval;
+  return line;
 }
 
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index 4014177f2..4493e5f8d 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -199,7 +199,7 @@ static char *c_escape(const char *str)
       e += 2;
     }
     else if(! isprint(c)) {
-      sprintf(e, "\\%03o", c);
+      snprintf(e, 4, "\\%03o", c);
       e += 4;
     }
     else
@@ -270,7 +270,7 @@ CURLcode tool_setopt_flags(CURL *curl, struct Configurable *config,
         if(!rest)
           break;                /* handled them all */
         /* replace with all spaces for continuation line */
-        sprintf(preamble, "%*s", strlen(preamble), "");
+        snprintf(preamble, sizeof(preamble), "%*s", strlen(preamble), "");
       }
     }
     /* If any bits have no definition, output an explicit value.
@@ -313,7 +313,7 @@ CURLcode tool_setopt_bitmask(CURL *curl, struct Configurable *config,
         if(!rest)
           break;                /* handled them all */
         /* replace with all spaces for continuation line */
-        sprintf(preamble, "%*s", strlen(preamble), "");
+        snprintf(preamble, sizeof(preamble), "%*s", strlen(preamble), "");
       }
     }
     /* If any bits have no definition, output an explicit value.
-- 
cgit v1.2.3