提交 c58f7ab2 编写于 作者: M Mark Adler

Replace use of unsafe string functions with snprintf if available.

This avoids warnings in OpenBSD that apparently can't be turned
off whenever you link strcpy, strcat, or sprintf.  When snprintf
isn't available, the use of the "unsafe" string functions has
always in fact been safe, since the lengths are all checked before
those functions are called.

We do not use strlcpy or strlcat, since they are not (yet) found on
all systems.  snprintf on the other hand is part of the C standard
library and is very common.
上级 2689b3cc
......@@ -208,7 +208,11 @@ local gzFile gz_open(path, fd, mode)
*(state->path) = 0;
else
#endif
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(state->path, len + 1, "%s", (const char *)path);
#else
strcpy(state->path, path);
#endif
/* compute the flags for open() */
oflag =
......@@ -284,7 +288,11 @@ gzFile ZEXPORT gzdopen(fd, mode)
if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL)
return NULL;
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); /* for debugging */
#else
sprintf(path, "<fd:%d>", fd); /* for debugging */
#endif
gz = gz_open(path, fd, mode);
free(path);
return gz;
......@@ -594,9 +602,14 @@ void ZLIB_INTERNAL gz_error(state, err, msg)
state->msg = (char *)"out of memory";
return;
}
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
"%s%s%s", state->path, ": ", msg);
#else
strcpy(state->msg, state->path);
strcat(state->msg, ": ");
strcat(state->msg, msg);
#endif
return;
}
......
......@@ -463,8 +463,12 @@ void file_compress(file, mode)
exit(1);
}
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(outfile, sizeof(outfile), "%s%s", file, GZ_SUFFIX);
#else
strcpy(outfile, file);
strcat(outfile, GZ_SUFFIX);
#endif
in = fopen(file, "rb");
if (in == NULL) {
......@@ -499,7 +503,11 @@ void file_uncompress(file)
exit(1);
}
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(buf, sizeof(buf), "%s", file);
#else
strcpy(buf, file);
#endif
if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
infile = file;
......@@ -508,7 +516,11 @@ void file_uncompress(file)
} else {
outfile = file;
infile = buf;
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(buf + len, sizeof(buf) - len, "%s", GZ_SUFFIX);
#else
strcat(infile, GZ_SUFFIX);
#endif
}
in = gzopen(infile, "rb");
if (in == NULL) {
......@@ -546,7 +558,11 @@ int main(argc, argv)
gzFile file;
char *bname, outmode[20];
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(outmode, sizeof(outmode), "%s", "wb6 ");
#else
strcpy(outmode, "wb6 ");
#endif
prog = argv[0];
bname = strrchr(argv[0], '/');
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册