Replace use of unsafe string functions with snprintf if available.

This avoids warnings in OpenBSD that apparently can't be turned off whenever you link strcpy, strcat, or sprintf. When snprintf isn't available, the use of the "unsafe" string functions has always in fact been safe, since the lengths are all checked before those functions are called. We do not use strlcpy or strlcat, since they are not (yet) found on all systems. snprintf on the other hand is part of the C standard library and is very common.

Replace use of unsafe string functions with snprintf if available.
This avoids warnings in OpenBSD that apparently can't be turned off whenever you link strcpy, strcat, or sprintf. When snprintf isn't available, the use of the "unsafe" string functions has always in fact been safe, since the lengths are all checked before those functions are called. We do not use strlcpy or strlcat, since they are not (yet) found on all systems. snprintf on the other hand is part of the C standard library and is very common.
c58f7ab2 · Mark Adler · 2689b3cc · c58f7ab2 · c58f7ab2
隐藏空白更改
内联并排

Showing with 29 addition and 0 deletion

gzlib.c gzlib.c +13 -0

test/minigzip.c test/minigzip.c +16 -0

未找到文件。
--- a/gzlib.c
+++ b/gzlib.c
@@ -208,7 +208,11 @@ local gzFile gz_open(path, fd, mode)
            *(state->path) = 0;
    else
 #endif
+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+        snprintf(state->path, len + 1, "%s", (const char *)path);
+#else
        strcpy(state->path, path);
+#endif

    /* compute the flags for open() */
    oflag =
@@ -284,7 +288,11 @@ gzFile ZEXPORT gzdopen(fd, mode)

    if (fd == -1 || (path = malloc(7 + 3 * sizeof(int))) == NULL)
        return NULL;
+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+    snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); /* for debugging */
+#else
    sprintf(path, "<fd:%d>", fd);   /* for debugging */
+#endif
    gz = gz_open(path, fd, mode);
    free(path);
    return gz;
@@ -594,9 +602,14 @@ void ZLIB_INTERNAL gz_error(state, err, msg)
        state->msg = (char *)"out of memory";
        return;
    }
+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+    snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
+             "%s%s%s", state->path, ": ", msg);
+#else
    strcpy(state->msg, state->path);
    strcat(state->msg, ": ");
    strcat(state->msg, msg);
+#endif
    return;
 }


--- a/test/minigzip.c
+++ b/test/minigzip.c
@@ -463,8 +463,12 @@ void file_compress(file, mode)
        exit(1);
    }

+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+    snprintf(outfile, sizeof(outfile), "%s%s", file, GZ_SUFFIX);
+#else
    strcpy(outfile, file);
    strcat(outfile, GZ_SUFFIX);
+#endif

    in = fopen(file, "rb");
    if (in == NULL) {
@@ -499,7 +503,11 @@ void file_uncompress(file)
        exit(1);
    }

+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+    snprintf(buf, sizeof(buf), "%s", file);
+#else
    strcpy(buf, file);
+#endif

    if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
        infile = file;
@@ -508,7 +516,11 @@ void file_uncompress(file)
    } else {
        outfile = file;
        infile = buf;
+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+        snprintf(buf + len, sizeof(buf) - len, "%s", GZ_SUFFIX);
+#else
        strcat(infile, GZ_SUFFIX);
+#endif
    }
    in = gzopen(infile, "rb");
    if (in == NULL) {
@@ -546,7 +558,11 @@ int main(argc, argv)
    gzFile file;
    char *bname, outmode[20];

+#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
+    snprintf(outmode, sizeof(outmode), "%s", "wb6 ");
+#else
    strcpy(outmode, "wb6 ");
+#endif

    prog = argv[0];
    bname = strrchr(argv[0], '/');