forked from lda/telodendria
Use strncpy() instead of strcpy().
The OpenBSD linker is complaining about it. Even though every single case strcpy() was used is safe, strncpy() provides a little bit of extra security, and makes the linker happy.
This commit is contained in:
parent
d933d12e1b
commit
d83db35df0
5 changed files with 15 additions and 10 deletions
11
src/Http.c
11
src/Http.c
|
@ -567,6 +567,7 @@ HttpParseHeaders(Stream * fp)
|
||||||
char *headerPtr;
|
char *headerPtr;
|
||||||
|
|
||||||
ssize_t i;
|
ssize_t i;
|
||||||
|
size_t len;
|
||||||
|
|
||||||
if (strcmp(line, "\r\n") == 0 || strcmp(line, "\n") == 0)
|
if (strcmp(line, "\r\n") == 0 || strcmp(line, "\n") == 0)
|
||||||
{
|
{
|
||||||
|
@ -584,13 +585,14 @@ HttpParseHeaders(Stream * fp)
|
||||||
line[i] = tolower((unsigned char) line[i]);
|
line[i] = tolower((unsigned char) line[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
headerKey = Malloc((i + 1) * sizeof(char));
|
len = i + 1;
|
||||||
|
headerKey = Malloc(len * sizeof(char));
|
||||||
if (!headerKey)
|
if (!headerKey)
|
||||||
{
|
{
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
strcpy(headerKey, line);
|
strncpy(headerKey, line, len);
|
||||||
|
|
||||||
headerPtr = line + i + 1;
|
headerPtr = line + i + 1;
|
||||||
|
|
||||||
|
@ -608,14 +610,15 @@ HttpParseHeaders(Stream * fp)
|
||||||
line[i] = '\0';
|
line[i] = '\0';
|
||||||
}
|
}
|
||||||
|
|
||||||
headerValue = Malloc(strlen(headerPtr) + 1);
|
len = strlen(headerPtr) + 1;
|
||||||
|
headerValue = Malloc(len * sizeof(char));
|
||||||
if (!headerValue)
|
if (!headerValue)
|
||||||
{
|
{
|
||||||
Free(headerKey);
|
Free(headerKey);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
strcpy(headerValue, headerPtr);
|
strncpy(headerValue, headerPtr, len);
|
||||||
|
|
||||||
HashMapSet(headers, headerKey, headerValue);
|
HashMapSet(headers, headerKey, headerValue);
|
||||||
Free(headerKey);
|
Free(headerKey);
|
||||||
|
|
|
@ -535,7 +535,7 @@ HttpServerWorkerThread(void *args)
|
||||||
|
|
||||||
requestPathLen = i;
|
requestPathLen = i;
|
||||||
requestPath = Malloc(((requestPathLen + 1) * sizeof(char)));
|
requestPath = Malloc(((requestPathLen + 1) * sizeof(char)));
|
||||||
strcpy(requestPath, pathPtr);
|
strncpy(requestPath, pathPtr, requestPathLen + 1);
|
||||||
|
|
||||||
requestProtocol = &pathPtr[i + 1];
|
requestProtocol = &pathPtr[i + 1];
|
||||||
line[lineLen - 2] = '\0'; /* Get rid of \r and \n */
|
line[lineLen - 2] = '\0'; /* Get rid of \r and \n */
|
||||||
|
|
|
@ -523,7 +523,7 @@ JsonDecodeString(Stream * in)
|
||||||
|
|
||||||
/* Move the output of StrUtf8Encode() into our
|
/* Move the output of StrUtf8Encode() into our
|
||||||
* local buffer */
|
* local buffer */
|
||||||
strcpy(a, utf8Ptr);
|
strncpy(a, utf8Ptr, sizeof(a));
|
||||||
Free(utf8Ptr);
|
Free(utf8Ptr);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
@ -1080,7 +1080,7 @@ JsonDecodeValue(JsonParserState * state)
|
||||||
{
|
{
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
strcpy(strValue, state->token);
|
strncpy(strValue, state->token, state->tokenLen + 1);
|
||||||
value = JsonValueString(strValue);
|
value = JsonValueString(strValue);
|
||||||
Free(strValue);
|
Free(strValue);
|
||||||
break;
|
break;
|
||||||
|
@ -1127,7 +1127,7 @@ JsonDecodeObject(JsonParserState * state)
|
||||||
{
|
{
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
strcpy(key, state->token);
|
strncpy(key, state->token, state->tokenLen + 1);
|
||||||
|
|
||||||
JsonTokenSeek(state);
|
JsonTokenSeek(state);
|
||||||
if (!JsonExpect(state, TOKEN_COLON))
|
if (!JsonExpect(state, TOKEN_COLON))
|
||||||
|
|
|
@ -32,10 +32,12 @@
|
||||||
|
|
||||||
ROUTE_IMPL(RouteCapabilities, path, argp)
|
ROUTE_IMPL(RouteCapabilities, path, argp)
|
||||||
{
|
{
|
||||||
RouteArgs *args = argp;
|
|
||||||
HashMap *response;
|
HashMap *response;
|
||||||
HashMap *capabilities;
|
HashMap *capabilities;
|
||||||
|
|
||||||
|
(void) path;
|
||||||
|
(void) argp;
|
||||||
|
|
||||||
response = HashMapCreate();
|
response = HashMapCreate();
|
||||||
capabilities = HashMapCreate();
|
capabilities = HashMapCreate();
|
||||||
|
|
||||||
|
|
|
@ -101,7 +101,7 @@ StrDuplicate(const char *inStr)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
strcpy(outStr, inStr);
|
strncpy(outStr, inStr, len + 1);
|
||||||
|
|
||||||
return outStr;
|
return outStr;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue