From f232298b2b99a7683c8331f48296911ae440ff66 Mon Sep 17 00:00:00 2001 From: nomad Date: Thu, 16 Nov 2023 06:10:12 -0600 Subject: [PATCH] remove strcpy and sprintf --- pkg/noun/allocate.c | 8 ++++---- pkg/noun/allocate.h | 2 +- pkg/noun/manage.c | 19 ++++++++++++++++--- pkg/noun/nock.c | 4 ++-- pkg/vere/disk.c | 17 +++++++---------- pkg/vere/foil.c | 10 ++++++---- pkg/vere/io/term.c | 6 +++--- pkg/vere/io/unix.c | 39 ++++++++++++++++----------------------- pkg/vere/king.c | 10 +++++----- pkg/vere/lord.c | 12 ++++++------ pkg/vere/main.c | 12 +++++++----- pkg/vere/ward.c | 14 ++++++++------ 12 files changed, 81 insertions(+), 72 deletions(-) diff --git a/pkg/noun/allocate.c b/pkg/noun/allocate.c index 8ca5085397..d69a3c9cbd 100644 --- a/pkg/noun/allocate.c +++ b/pkg/noun/allocate.c @@ -1939,7 +1939,7 @@ u3a_discount_noun(u3_noun som) /* u3a_print_time: print microsecond time. */ void -u3a_print_time(c3_c* str_c, c3_c* cap_c, c3_d mic_d) +u3a_print_time(c3_c* str_c, c3_c* cap_c, c3_d mic_d, c3_w str_c_size) { u3_assert( 0 != str_c ); @@ -1948,13 +1948,13 @@ u3a_print_time(c3_c* str_c, c3_c* cap_c, c3_d mic_d) c3_w mic_w = (mic_d % 1000); if ( sec_w ) { - sprintf(str_c, "%s s/%d.%03d.%03d", cap_c, sec_w, mec_w, mic_w); + snprintf(str_c, str_c_size, "%s s/%d.%03d.%03d", cap_c, sec_w, mec_w, mic_w); } else if ( mec_w ) { - sprintf(str_c, "%s ms/%d.%03d", cap_c, mec_w, mic_w); + snprintf(str_c, str_c_size, "%s ms/%d.%03d", cap_c, mec_w, mic_w); } else { - sprintf(str_c, "%s \xc2\xb5s/%d", cap_c, mic_w); + snprintf(str_c, str_c_size, "%s \xc2\xb5s/%d", cap_c, mic_w); } } diff --git a/pkg/noun/allocate.h b/pkg/noun/allocate.h index b851b64c98..b7a7410b29 100644 --- a/pkg/noun/allocate.h +++ b/pkg/noun/allocate.h @@ -700,7 +700,7 @@ /* u3a_print_time: print microsecond time. */ void - u3a_print_time(c3_c* str_c, c3_c* cap_c, c3_d mic_d); + u3a_print_time(c3_c* str_c, c3_c* cap_c, c3_d mic_d, c3_w str_c_size); /* u3a_print_memory(): print memory amount. */ diff --git a/pkg/noun/manage.c b/pkg/noun/manage.c index 3c87b42e56..49224c81c1 100644 --- a/pkg/noun/manage.c +++ b/pkg/noun/manage.c @@ -1546,9 +1546,17 @@ _cm_in_pretty(u3_noun som, c3_o sel_o, c3_c* str_c) c3_w len_w; snprintf(buf_c, 6, "%d", som); - len_w = strlen(buf_c); + len_w = strnlen(buf_c, 6); - if ( str_c ) { strcpy(str_c, buf_c); str_c += len_w; } + if ( str_c ) { + snprintf(str_c, len_w, "%s", buf_c); + + // this line appears to do nothing, + // since str_c is a local variable, + // and we return immediately after. + // Can we just delete this? + str_c += len_w; + } return len_w; } else { @@ -1595,7 +1603,12 @@ _cm_in_pretty(u3_noun som, c3_o sel_o, c3_c* str_c) buf_c[a_w] = 0; len_w = a_w; - if ( str_c ) { strcpy(str_c, buf_c); str_c += len_w; } + if ( str_c ) { + snprintf(str_c, len_w, "%s", buf_c); + + // The line below appears to be unnecessary + str_c += len_w; + } c3_free(buf_c); return len_w; diff --git a/pkg/noun/nock.c b/pkg/noun/nock.c index 452b04c309..ae3e870c0e 100644 --- a/pkg/noun/nock.c +++ b/pkg/noun/nock.c @@ -1892,7 +1892,7 @@ _n_hilt_hind(u3_noun tok, u3_noun pro) if ( (c3y == u3r_cell(tok, &p_tok, &q_tok)) && (c3__bout == p_tok) ) { u3_atom delta = u3ka_sub(u3i_chub(u3t_trace_time()), u3k(q_tok)); c3_c str_c[64]; - u3a_print_time(str_c, "took", u3r_chub(0, delta)); + u3a_print_time(str_c, "took", u3r_chub(0, delta), 64); u3t_slog(u3nc(0, u3i_string(str_c))); u3z(delta); } @@ -1996,7 +1996,7 @@ _n_hint_hind(u3_noun tok, u3_noun pro) // format the timing report c3_c str_c[64]; - u3a_print_time(str_c, "took", u3r_chub(0, delta)); + u3a_print_time(str_c, "took", u3r_chub(0, delta), 64); // join the timing report with the original tank from q_q_tok like so: // "q_q_tok: report" diff --git a/pkg/vere/disk.c b/pkg/vere/disk.c index de141988bd..fd2315832a 100644 --- a/pkg/vere/disk.c +++ b/pkg/vere/disk.c @@ -1576,10 +1576,9 @@ u3_disk_init(c3_c* pax_c, u3_disk_cb cb_u) // create/load $pier/.urb // { - c3_c* urb_c = c3_malloc(6 + strlen(pax_c)); - - strcpy(urb_c, pax_c); - strcat(urb_c, "/.urb"); + c3_w urb_c_size = 6 + strlen(pax_c); + c3_c* urb_c = c3_malloc(urb_c_size); + snprintf(urb_c, urb_c_size, "%s/.urb", pax_c); if ( 0 == (log_u->urb_u = u3_foil_folder(urb_c)) ) { fprintf(stderr, "disk: failed to load /.urb in %s\r\n", pax_c); @@ -1593,14 +1592,12 @@ u3_disk_init(c3_c* pax_c, u3_disk_cb cb_u) // create/load $pier/.urb/put and $pier/.urb/get // { - c3_c* dir_c = c3_malloc(10 + strlen(pax_c)); - - strcpy(dir_c, pax_c); - strcat(dir_c, "/.urb/put"); + c3_w c3_c_size = 10 + strlen(pax_c); + c3_c* dir_c = c3_malloc(c3_c_size); + snprintf(dir_c, 10 + strlen(pax_c), "%s/.urb/put", pax_c); c3_mkdir(dir_c, 0700); - strcpy(dir_c, pax_c); - strcat(dir_c, "/.urb/get"); + snprintf(dir_c, 10 + strlen(pax_c), "%s/.urb/get", pax_c); c3_mkdir(dir_c, 0700); c3_free(dir_c); diff --git a/pkg/vere/foil.c b/pkg/vere/foil.c index 9fae86973f..54032dccef 100644 --- a/pkg/vere/foil.c +++ b/pkg/vere/foil.c @@ -62,11 +62,13 @@ _foil_path(u3_dire* dir_u, { c3_w len_w = strlen(dir_u->pax_c); c3_c* pax_c; - - pax_c = c3_malloc(1 + len_w + 1 + strlen(nam_c)); - strcpy(pax_c, dir_u->pax_c); + c3_w pax_c_size = 1 + len_w + 1 + strlen(nam_c); + pax_c = c3_malloc(pax_c_size); + snprintf(pax_c, pax_c_size, "%s", dir_u->pax_c); pax_c[len_w] = '/'; - strcpy(pax_c + len_w + 1, nam_c); + c3_c* pax_c_epilogue = pax_c + len_w + 1; + c3_w pax_c_epilogue_size = pax_c_size - len_w - 1; + snprintf(pax_c_epilogue, pax_c_epilogue_size, "%s", nam_c); return pax_c; } diff --git a/pkg/vere/io/term.c b/pkg/vere/io/term.c index ff3f11efd2..41b908a8f7 100644 --- a/pkg/vere/io/term.c +++ b/pkg/vere/io/term.c @@ -339,8 +339,8 @@ _term_it_send_csi(u3_utty *uty_u, c3_c cmd_c, c3_w num_w, ...) // allocate for escape sequence (2), command char (1), // argument digits (5 per arg) and separators (1 per arg, minus 1). // freed via _term_it_write. - // - c3_c* pas_c = c3_malloc( 2 + num_w * 6 ); + c3_w pas_c_size = 2 + num_w * 6; + c3_c* pas_c = c3_malloc(pas_c_size); c3_y len_y = 0; pas_c[len_y++] = '\033'; @@ -348,7 +348,7 @@ _term_it_send_csi(u3_utty *uty_u, c3_c cmd_c, c3_w num_w, ...) while ( num_w-- ) { c3_w par_w = va_arg(ap, c3_w); - len_y += sprintf(pas_c+len_y, "%d", par_w); + len_y += snprintf(pas_c+len_y, pas_c_size - len_y, "%d", par_w); if ( num_w ) { pas_c[len_y++] = ';'; diff --git a/pkg/vere/io/unix.c b/pkg/vere/io/unix.c index 9d92e81e02..cb44a48603 100644 --- a/pkg/vere/io/unix.c +++ b/pkg/vere/io/unix.c @@ -228,12 +228,10 @@ _unix_down(c3_c* pax_c, c3_c* sub_c) { c3_w pax_w = strlen(pax_c); c3_w sub_w = strlen(sub_c); - c3_c* don_c = c3_malloc(pax_w + sub_w + 2); + c3_w don_c_size = pax_w + sub_w + 2; + c3_c* don_c = c3_malloc(don_c_size); - strcpy(don_c, pax_c); - don_c[pax_w] = '/'; - strcpy(don_c + pax_w + 1, sub_c); - don_c[pax_w + 1 + sub_w] = '\0'; + snprintf(don_c, don_c_size, "%s/%s", pax_c, sub_c); return don_c; } @@ -818,8 +816,9 @@ _unix_watch_file(u3_unix* unx_u, u3_ufil* fil_u, u3_udir* par_u, c3_c* pax_c) fil_u->dir = c3n; fil_u->dry = c3n; - fil_u->pax_c = c3_malloc(1 + strlen(pax_c)); - strcpy(fil_u->pax_c, pax_c); + c3_w fil_u_pax_c_size = 1 + strlen(pax_c); + fil_u->pax_c = c3_malloc(fil_u_pax_c_size); + snprintf(fil_u->pax_c, fil_u_pax_c_size, "%s", pax_c); fil_u->par_u = par_u; fil_u->nex_u = NULL; fil_u->gum_w = 0; @@ -839,8 +838,9 @@ _unix_watch_dir(u3_udir* dir_u, u3_udir* par_u, c3_c* pax_c) dir_u->dir = c3y; dir_u->dry = c3n; - dir_u->pax_c = c3_malloc(1 + strlen(pax_c)); - strcpy(dir_u->pax_c, pax_c); + c3_w dir_u_pax_c_size = 1 + strlen(pax_c); + dir_u->pax_c = c3_malloc(dir_u_pax_c_size); + snprintf(dir_u->pax_c, dir_u_pax_c_size, "%s", pax_c); dir_u->par_u = par_u; dir_u->nex_u = NULL; dir_u->kid_u = NULL; @@ -859,12 +859,9 @@ _unix_create_dir(u3_udir* dir_u, u3_udir* par_u, u3_noun nam) c3_c* nam_c = _unix_knot_to_string(nam); c3_w nam_w = strlen(nam_c); c3_w pax_w = strlen(par_u->pax_c); - c3_c* pax_c = c3_malloc(pax_w + 1 + nam_w + 1); - - strcpy(pax_c, par_u->pax_c); - pax_c[pax_w] = '/'; - strcpy(pax_c + pax_w + 1, nam_c); - pax_c[pax_w + 1 + nam_w] = '\0'; + c3_w pax_c_size = pax_w + 1 + nam_w + 1; + c3_c* pax_c = c3_malloc(pax_c_size); + snprintf(pax_c, pax_c_size, "%s/%s", par_u->pax_c, nam_c); c3_free(nam_c); u3z(nam); @@ -1300,14 +1297,10 @@ _unix_sync_file(u3_unix* unx_u, u3_udir* par_u, u3_noun nam, u3_noun ext, u3_nou c3_w par_w = strlen(par_u->pax_c); c3_w nam_w = strlen(nam_c); c3_w ext_w = strlen(ext_c); - c3_c* pax_c = c3_malloc(par_w + 1 + nam_w + 1 + ext_w + 1); - - strcpy(pax_c, par_u->pax_c); - pax_c[par_w] = '/'; - strcpy(pax_c + par_w + 1, nam_c); - pax_c[par_w + 1 + nam_w] = '.'; - strcpy(pax_c + par_w + 1 + nam_w + 1, ext_c); - pax_c[par_w + 1 + nam_w + 1 + ext_w] = '\0'; + c3_w pax_c_size = par_w + 1 + nam_w + 1 + ext_w + 1; + c3_c* pax_c = c3_malloc(pax_c_size); + + snprintf(pax_c, pax_c_size, "%s/%s.%s", par_u->pax_c, nam_c, ext_c); c3_free(nam_c); c3_free(ext_c); u3z(nam); u3z(ext); diff --git a/pkg/vere/king.c b/pkg/vere/king.c index 7446ae7199..1560430f35 100644 --- a/pkg/vere/king.c +++ b/pkg/vere/king.c @@ -448,7 +448,7 @@ _arvo_hash(c3_c *out_c, c3_c *arv_c) { c3_c cmd_c[2048]; - sprintf(cmd_c, "git -C %s log -1 HEAD --format=%%H -- sys/", arv_c); + snprintf(cmd_c, 2048, "git -C %s log -1 HEAD --format=%%H -- sys/", arv_c); _get_cmd_output(cmd_c, out_c, 11); out_c[10] = 0; // end with null-byte @@ -458,7 +458,7 @@ _arvo_hash(c3_c *out_c, c3_c *arv_c) based on the location of an arvo git repository. */ static void -_git_pill_url(c3_c *out_c, c3_c *arv_c) +_git_pill_url(c3_c *out_c, c3_c *arv_c, c3_w out_c_size) { c3_c hax_c[11]; @@ -470,7 +470,7 @@ _git_pill_url(c3_c *out_c, c3_c *arv_c) } _arvo_hash(hax_c, arv_c); - sprintf(out_c, "https://bootstrap.urbit.org/git-%s.pill", hax_c); + snprintf(out_c, out_c_size, "https://bootstrap.urbit.org/git-%s.pill", hax_c); } /* _boothack_pill(): parse CLI pill arguments into +pill specifier @@ -491,11 +491,11 @@ _boothack_pill(void) if ( (c3y == u3_Host.ops_u.git) && (0 != u3_Host.ops_u.arv_c) ) { - _git_pill_url(url_c, u3_Host.ops_u.arv_c); + _git_pill_url(url_c, u3_Host.ops_u.arv_c, 2048); } else { u3_assert( 0 != u3_Host.ops_u.url_c ); - strcpy(url_c, u3_Host.ops_u.url_c); + snprintf(url_c, 2048, "%s", u3_Host.ops_u.url_c); } u3l_log("boot: downloading pill %s", url_c); diff --git a/pkg/vere/lord.c b/pkg/vere/lord.c index a63824ae9b..5b26927a47 100644 --- a/pkg/vere/lord.c +++ b/pkg/vere/lord.c @@ -1170,21 +1170,21 @@ u3_lord_init(c3_c* pax_c, c3_w wag_w, c3_d key_d[4], u3_lord_cb cb_u) c3_c tos_c[11]; c3_i err_i; - sprintf(key_c, "%" PRIx64 ":%" PRIx64 ":%" PRIx64 ":%" PRIx64, + snprintf(key_c, 256, "%" PRIx64 ":%" PRIx64 ":%" PRIx64 ":%" PRIx64, god_u->key_d[0], god_u->key_d[1], god_u->key_d[2], god_u->key_d[3]); - sprintf(wag_c, "%u", god_u->wag_w); + snprintf(wag_c, 11, "%u", god_u->wag_w); - sprintf(hap_c, "%u", u3_Host.ops_u.hap_w); + snprintf(hap_c, 11, "%u", u3_Host.ops_u.hap_w); - sprintf(per_c, "%u", u3_Host.ops_u.per_w); + snprintf(per_c, 11, "%u", u3_Host.ops_u.per_w); - sprintf(lom_c, "%u", u3_Host.ops_u.lom_y); + snprintf(lom_c, 11, "%u", u3_Host.ops_u.lom_y); - sprintf(tos_c, "%u", u3C.tos_w); + snprintf(tos_c, 11, "%u", u3C.tos_w); arg_c[0] = god_u->bin_c; // executable arg_c[1] = "serf"; // protocol diff --git a/pkg/vere/main.c b/pkg/vere/main.c index 930d8981ad..4e490d0642 100644 --- a/pkg/vere/main.c +++ b/pkg/vere/main.c @@ -100,13 +100,14 @@ _main_readw_loom(const c3_c* arg_c, c3_y* out_y) c3_c* _main_presig(c3_c* txt_c) { - c3_c* new_c = c3_malloc(2 + strlen(txt_c)); + c3_w new_c_size = 2 + strlen(txt_c); + c3_c* new_c = c3_malloc(new_c_size); if ( '~' == *txt_c ) { - strcpy(new_c, txt_c); + snprintf(new_c, new_c_size, "%s", txt_c); } else { new_c[0] = '~'; - strcpy(new_c + 1, txt_c); + snprintf(new_c + 1, new_c_size - 1, "%s", txt_c); } return new_c; } @@ -594,8 +595,9 @@ _main_getopt(c3_i argc, c3_c** argv) && u3_Host.ops_u.url_c == 0 && u3_Host.ops_u.git == c3n ) { - c3_c version_c[strlen(URBIT_VERSION) + 1]; - strcpy(version_c, URBIT_VERSION); + c3_w version_c_size = strlen(URBIT_VERSION) + 1; + c3_c version_c[version_c_size]; + snprintf(version_c, version_c_size, "%s", URBIT_VERSION); c3_c* hyphen_c = strchr(version_c, '-'); // URBIT_VERSION has the form {version}-{commit_sha} when built on // non-"live" channels, which means we need to strip off the trailing commit diff --git a/pkg/vere/ward.c b/pkg/vere/ward.c index 9d6c8cbed3..b98e67bc33 100644 --- a/pkg/vere/ward.c +++ b/pkg/vere/ward.c @@ -15,10 +15,11 @@ u3_dent* u3_dent_init(const c3_c* nam_c) { - u3_dent *det_u = c3_malloc(sizeof(*det_u)); - det_u->nex_u = 0; - det_u->nam_c = c3_malloc(1 + strlen(nam_c)); - strcpy(det_u->nam_c, nam_c); + u3_dent *det_u = c3_malloc(sizeof(*det_u)); + det_u->nex_u = 0; + c3_w det_u_nam_c_size = 1 + strlen(nam_c); + det_u->nam_c = c3_malloc(det_u_nam_c_size); + snprintf(det_u->nam_c, det_u_nam_c_size, "%s", nam_c); return det_u; } @@ -40,8 +41,9 @@ u3_dire_init(const c3_c* pax_c) u3_dire *dir_u = c3_malloc(sizeof *dir_u); dir_u->all_u = 0; dir_u->dil_u = 0; - dir_u->pax_c = c3_malloc(1 + strlen(pax_c)); - strcpy(dir_u->pax_c, pax_c); + c3_w dir_u_pax_c_size = 1 + strlen(pax_c); + dir_u->pax_c = c3_malloc(dir_u_pax_c_size); + snprintf(dir_u->pax_c, dir_u_pax_c_size, "%s", pax_c); return dir_u; }