[evolution-data-server] Bug 710989 - Replace most uses of strcpy()



commit 61bf9fb860ecb4c6ace37cf3414d68d298ec26cf
Author: Murray Cumming <murrayc murrayc com>
Date:   Fri Nov 1 10:32:23 2013 -0400

    Bug 710989 - Replace most uses of strcpy()
    
    Because strcpy() can overwrite its buffer.  As with the previous
    replacement of sprintf(), some of these could probably be replaced by
    g_strdup(), but there could be some performance impact.
    
    This also replaces a use of ICU's austrcpy() with austrncpy().

 calendar/libedata-cal/e-data-cal-view.c         |   10 ++++++----
 camel/camel-debug.c                             |    6 ++++--
 camel/camel-folder-summary.c                    |    8 +++++---
 camel/camel-iconv.c                             |    6 ++++--
 camel/camel-lock-helper.c                       |    2 +-
 camel/camel-mempool.c                           |    6 ++++--
 camel/camel-multipart.c                         |    2 +-
 camel/camel-net-utils.c                         |    2 +-
 camel/camel-sasl-digest-md5.c                   |    2 +-
 camel/camel-text-index.c                        |    2 +-
 camel/camel-vee-store.c                         |   12 ++++++++----
 camel/providers/imapx/camel-imapx-utils.c       |   12 ++++++++----
 camel/providers/nntp/camel-nntp-folder.c        |   18 ++++++++++++------
 camel/providers/nntp/camel-nntp-store-summary.c |    8 +++++---
 camel/providers/nntp/camel-nntp-summary.c       |    7 +++++--
 libedataserver/e-collator.c                     |    2 +-
 16 files changed, 67 insertions(+), 38 deletions(-)
---
diff --git a/calendar/libedata-cal/e-data-cal-view.c b/calendar/libedata-cal/e-data-cal-view.c
index e2e14af..28ff013 100644
--- a/calendar/libedata-cal/e-data-cal-view.c
+++ b/calendar/libedata-cal/e-data-cal-view.c
@@ -762,6 +762,7 @@ notify_remove (EDataCalView *view,
                ECalComponentId *id)
 {
        gchar *ids;
+       gsize ids_len, ids_offset;
        gchar *uid, *rid;
        gsize uid_len, rid_len;
 
@@ -792,12 +793,13 @@ notify_remove (EDataCalView *view,
                uid = NULL;
        } else {
                /* concatenate */
-               ids = g_malloc (uid_len + rid_len + (rid_len ? 2 : 1));
+               ids_len = uid_len + rid_len + (rid_len ? 2 : 1);
+               ids = g_malloc (ids_len);
                if (uid_len)
-                       strcpy (ids, uid);
+                       g_strlcpy (ids, uid, ids_len);
                if (rid_len) {
-                       ids[uid_len] = '\n';
-                       strcpy (ids + uid_len + 1, rid);
+                       ids_offset = uid_len + 1;
+                       g_strlcpy (ids + ids_offset, rid, ids_len - ids_offset);
                }
        }
        g_array_append_val (view->priv->removes, ids);
diff --git a/camel/camel-debug.c b/camel/camel-debug.c
index cbcd77a..787a7da 100644
--- a/camel/camel-debug.c
+++ b/camel/camel-debug.c
@@ -98,6 +98,7 @@ gboolean camel_debug (const gchar *mode)
        if (debug_table) {
                gchar *colon;
                gchar *fallback;
+               gsize fallback_len;
 
                if (g_hash_table_lookup (debug_table, mode))
                        return TRUE;
@@ -105,8 +106,9 @@ gboolean camel_debug (const gchar *mode)
                /* Check for fully qualified debug */
                colon = strchr (mode, ':');
                if (colon) {
-                       fallback = g_alloca (strlen (mode) + 1);
-                       strcpy (fallback, mode);
+                       fallback_len = strlen (mode) + 1;
+                       fallback = g_alloca (fallback_len);
+                       g_strlcpy (fallback, mode, fallback_len);
                        colon = (colon - mode) + fallback;
                        /* Now check 'module[:*]' */
                        *colon = 0;
diff --git a/camel/camel-folder-summary.c b/camel/camel-folder-summary.c
index b54d276..d125515 100644
--- a/camel/camel-folder-summary.c
+++ b/camel/camel-folder-summary.c
@@ -4035,6 +4035,7 @@ camel_flag_set (CamelFlag **list,
                 gboolean value)
 {
        CamelFlag *flag, *tmp;
+       gsize tmp_len = 0;
 
        if (!name)
                return TRUE;
@@ -4054,8 +4055,9 @@ camel_flag_set (CamelFlag **list,
        }
 
        if (value) {
-               tmp = g_malloc (sizeof (*tmp) + strlen (name));
-               strcpy (tmp->name, name);
+               tmp_len = sizeof (*tmp) + strlen (name);
+               tmp = g_malloc (tmp_len);
+               g_strlcpy (tmp->name, name, tmp_len);
                tmp->next = NULL;
                flag->next = tmp;
        }
@@ -4208,7 +4210,7 @@ camel_tag_set (CamelTag **list,
 
        if (value) {
                tmp = g_malloc (sizeof (*tmp) + strlen (name));
-               strcpy (tmp->name, name);
+               g_strlcpy (tmp->name, name, sizeof (tmp->name));
                tmp->value = g_strdup (value);
                tmp->next = NULL;
                tag->next = tmp;
diff --git a/camel/camel-iconv.c b/camel/camel-iconv.c
index 3cbf712..21f29ca 100644
--- a/camel/camel-iconv.c
+++ b/camel/camel-iconv.c
@@ -282,12 +282,14 @@ const gchar *
 camel_iconv_charset_name (const gchar *charset)
 {
        gchar *name, *ret, *tmp;
+       gsize name_len;
 
        if (charset == NULL)
                return NULL;
 
-       name = g_alloca (strlen (charset) + 1);
-       strcpy (name, charset);
+       name_len = strlen (charset) + 1;
+       name = g_alloca (name_len);
+       g_strlcpy (name, charset, name_len);
        e_strdown (name);
 
        iconv_init (TRUE);
diff --git a/camel/camel-lock-helper.c b/camel/camel-lock-helper.c
index 9efe35b..835d4e8 100644
--- a/camel/camel-lock-helper.c
+++ b/camel/camel-lock-helper.c
@@ -176,7 +176,7 @@ lock_path (const gchar *path,
                info->uid = lock_real_uid;
        }
 
-       strcpy (info->path, path);
+       g_strlcpy (info->path, path, sizeof (info->path));
        info->id = lock_id;
        info->depth = 1;
        info->next = lock_info_list;
diff --git a/camel/camel-mempool.c b/camel/camel-mempool.c
index e1b6f2f..c65c495 100644
--- a/camel/camel-mempool.c
+++ b/camel/camel-mempool.c
@@ -150,9 +150,11 @@ camel_mempool_strdup (CamelMemPool *pool,
                       const gchar *str)
 {
        gchar *out;
+       gsize out_len;
 
-       out = camel_mempool_alloc (pool, strlen (str) + 1);
-       strcpy (out, str);
+       out_len = strlen (str) + 1;
+       out = camel_mempool_alloc (pool, out_len);
+       g_strlcpy (out, str, out_len);
 
        return out;
 }
diff --git a/camel/camel-multipart.c b/camel/camel-multipart.c
index dc62287..1fce49a 100644
--- a/camel/camel-multipart.c
+++ b/camel/camel-multipart.c
@@ -233,7 +233,7 @@ multipart_set_boundary (CamelMultipart *multipart,
                g_checksum_free (checksum);
 
                g_free (bgen);
-               strcpy (bbuf, "=-");
+               g_strlcpy (bbuf, "=-", sizeof (bbuf));
                p = bbuf + 2;
                state = save = 0;
                p += g_base64_encode_step (
diff --git a/camel/camel-net-utils.c b/camel/camel-net-utils.c
index 7b9f555..c428c15 100644
--- a/camel/camel-net-utils.c
+++ b/camel/camel-net-utils.c
@@ -236,7 +236,7 @@ camel_gethostbyname_r (const gchar *name,
                return ERANGE;
 
        /* h_name */
-       strcpy (buf, res->ai_canonname);
+       g_strlcpy (buf, res->ai_canonname, buflen);
        host->h_name = buf;
        buf += len;
 
diff --git a/camel/camel-sasl-digest-md5.c b/camel/camel-sasl-digest-md5.c
index bf81570..12bf48c 100644
--- a/camel/camel-sasl-digest-md5.c
+++ b/camel/camel-sasl-digest-md5.c
@@ -614,7 +614,7 @@ generate_response (struct _DigestChallenge *challenge,
        resp->cnonce = g_base64_encode ((guchar *) digest, 8);
 
        /* we don't support re-auth so the nonce count is always 1 */
-       strcpy (resp->nc, "00000001");
+       g_strlcpy (resp->nc, "00000001", sizeof (resp->nc));
 
        /* choose the QOP */
        /* FIXME: choose - probably choose "auth" ??? */
diff --git a/camel/camel-text-index.c b/camel/camel-text-index.c
index 23f02c5..b756bed 100644
--- a/camel/camel-text-index.c
+++ b/camel/camel-text-index.c
@@ -457,7 +457,7 @@ text_index_compress_nosync (CamelIndex *idx)
        newpath = alloca (i);
        savepath = alloca (i);
 
-       strcpy (oldpath, idx->path);
+       g_strlcpy (oldpath, idx->path, i);
        oldpath[strlen (oldpath) - strlen (".index")] = 0;
 
        tmp_name (oldpath, newpath, i);
diff --git a/camel/camel-vee-store.c b/camel/camel-vee-store.c
index 57f48f5..2d1220f 100644
--- a/camel/camel-vee-store.c
+++ b/camel/camel-vee-store.c
@@ -209,6 +209,7 @@ vee_store_get_folder_sync (CamelStore *store,
        CamelVeeFolder *vf;
        CamelFolder *folder;
        gchar *name, *p;
+       gsize name_len;
 
        vf = (CamelVeeFolder *) camel_vee_folder_new (store, folder_name, flags);
        if (vf && ((vf->flags & CAMEL_STORE_FOLDER_PRIVATE) == 0)) {
@@ -217,8 +218,9 @@ vee_store_get_folder_sync (CamelStore *store,
                full_name = camel_folder_get_full_name (CAMEL_FOLDER (vf));
 
                /* Check that parents exist, if not, create dummy ones */
-               name = alloca (strlen (full_name) + 1);
-               strcpy (name, full_name);
+               name_len = strlen (full_name) + 1;
+               name = alloca (name_len);
+               g_strlcpy (name, full_name, name_len);
                p = name;
                while ( (p = strchr (p, '/'))) {
                        *p = 0;
@@ -456,6 +458,7 @@ vee_store_rename_folder_sync (CamelStore *store,
 {
        CamelFolder *folder, *oldfolder;
        gchar *p, *name;
+       gsize name_len;
 
        d (printf ("vee rename folder '%s' '%s'\n", old, new));
 
@@ -478,8 +481,9 @@ vee_store_rename_folder_sync (CamelStore *store,
        }
 
        /* Check that new parents exist, if not, create dummy ones */
-       name = alloca (strlen (new) + 1);
-       strcpy (name, new);
+       name_len = strlen (new) + 1;
+       name = alloca (name_len);
+       g_strlcpy (name, new, name_len);
        p = name;
        while ( (p = strchr (p, '/'))) {
                *p = 0;
diff --git a/camel/providers/imapx/camel-imapx-utils.c b/camel/providers/imapx/camel-imapx-utils.c
index 18032ec..c8ca2b4 100644
--- a/camel/providers/imapx/camel-imapx-utils.c
+++ b/camel/providers/imapx/camel-imapx-utils.c
@@ -741,6 +741,7 @@ imapx_parse_param_list (CamelIMAPXStream *is,
        guint len;
        guchar *token;
        gchar *param;
+       gsize param_len;
 
        p (is->tagprefix, "body_fld_param\n");
 
@@ -754,8 +755,9 @@ imapx_parse_param_list (CamelIMAPXStream *is,
                        camel_imapx_stream_ungettoken (is, tok, token, len);
 
                        camel_imapx_stream_astring (is, &token, cancellable, NULL);
-                       param = alloca (strlen ((gchar *) token) + 1);
-                       strcpy (param, (gchar *) token);
+                       param_len = strlen ((gchar *) token) + 1;
+                       param = alloca (param_len);
+                       g_strlcpy (param, (gchar *) token, param_len);
                        camel_imapx_stream_astring (is, &token, cancellable, NULL);
                        camel_header_set_param (plist, param, (gchar *) token);
                }
@@ -864,6 +866,7 @@ imapx_parse_body_fields (CamelIMAPXStream *is,
 {
        guchar *token;
        gchar  *type;
+       gsize type_len;
        guint64 number;
        struct _CamelMessageContentInfo *cinfo;
 
@@ -878,8 +881,9 @@ imapx_parse_body_fields (CamelIMAPXStream *is,
        /* this should be string not astring */
        if (!camel_imapx_stream_astring (is, &token, cancellable, error))
                goto error;
-       type = alloca (strlen ((gchar *) token) + 1);
-       strcpy (type, (gchar *) token);
+       type_len = strlen ((gchar *) token) + 1;
+       type = alloca (type_len);
+       g_strlcpy (type, (gchar *) token, type_len);
        if (!camel_imapx_stream_astring (is, &token, cancellable, error))
                goto error;
        cinfo->type = camel_content_type_new (type, (gchar *) token);
diff --git a/camel/providers/nntp/camel-nntp-folder.c b/camel/providers/nntp/camel-nntp-folder.c
index d467a6a..1406296 100644
--- a/camel/providers/nntp/camel-nntp-folder.c
+++ b/camel/providers/nntp/camel-nntp-folder.c
@@ -271,13 +271,15 @@ nntp_get_filename (CamelFolder *folder,
        CamelDataCache *nntp_cache;
        CamelNNTPStore *nntp_store;
        gchar *article, *msgid;
+       gsize article_len;
        gchar *filename;
 
        parent_store = camel_folder_get_parent_store (folder);
        nntp_store = CAMEL_NNTP_STORE (parent_store);
 
-       article = alloca (strlen (uid) + 1);
-       strcpy (article, uid);
+       article_len = strlen (uid) + 1;
+       article = alloca (article_len);
+       g_strlcpy (article, uid, article_len);
        msgid = strchr (article, ',');
        if (msgid == NULL) {
                g_set_error (
@@ -377,10 +379,12 @@ nntp_folder_cache_message (CamelDiscoFolder *disco_folder,
 {
        CamelStream *stream;
        gchar *article, *msgid;
+       gsize article_len;
        gboolean success = TRUE;
 
-       article = alloca (strlen (uid) + 1);
-       strcpy (article, uid);
+       article_len = strlen (uid) + 1;
+       article = alloca (article_len);
+       g_strlcpy (article, uid, article_len);
        msgid = strchr (article, ',');
        if (!msgid) {
                g_set_error (
@@ -495,14 +499,16 @@ nntp_folder_get_message_sync (CamelFolder *folder,
        CamelNNTPFolder *nntp_folder;
        CamelStream *stream = NULL;
        gchar *article, *msgid;
+       gsize article_len;
 
        parent_store = camel_folder_get_parent_store (folder);
 
        nntp_folder = CAMEL_NNTP_FOLDER (folder);
        nntp_store = CAMEL_NNTP_STORE (parent_store);
 
-       article = alloca (strlen (uid) + 1);
-       strcpy (article, uid);
+       article_len = strlen (uid) + 1;
+       article = alloca (article_len);
+       g_strlcpy (article, uid, article_len);
        msgid = strchr (article, ',');
        if (msgid == NULL) {
                g_set_error (
diff --git a/camel/providers/nntp/camel-nntp-store-summary.c b/camel/providers/nntp/camel-nntp-store-summary.c
index 4f618bd..4fbf0fd 100644
--- a/camel/providers/nntp/camel-nntp-store-summary.c
+++ b/camel/providers/nntp/camel-nntp-store-summary.c
@@ -176,11 +176,13 @@ camel_nntp_store_summary_path_to_full (CamelNNTPStoreSummary *s,
        const gchar *p;
        gint state = 0;
        gchar *subpath, *last = NULL;
+       gsize subpath_len = 0;
        CamelStoreInfo *si;
 
        /* check to see if we have a subpath of path already defined */
-       subpath = g_alloca (strlen (path) + 1);
-       strcpy (subpath, path);
+       subpath_len = strlen (path) + 1;
+       subpath = g_alloca (subpath_len);
+       g_strlcpy (subpath, path, subpath_len);
        do {
                si = camel_store_summary_path ((CamelStoreSummary *) s, subpath);
                if (si == NULL) {
@@ -253,7 +255,7 @@ camel_nntp_store_summary_add_from_full (CamelNNTPStoreSummary *s,
 
        len = strlen (full);
        full_name = g_alloca (len + 1);
-       strcpy (full_name, full);
+       g_strlcpy (full_name, full, len + 1);
        if (full_name[len - 1] == dir_sep)
                full_name[len - 1] = 0;
 
diff --git a/camel/providers/nntp/camel-nntp-summary.c b/camel/providers/nntp/camel-nntp-summary.c
index cb837e4..bfd8de7 100644
--- a/camel/providers/nntp/camel-nntp-summary.c
+++ b/camel/providers/nntp/camel-nntp-summary.c
@@ -456,13 +456,16 @@ camel_nntp_summary_check (CamelNNTPSummary *cns,
        l = strtoul (line, &line, 10);
        if (line[0] == ' ') {
                gchar *tmp;
+               gsize tmp_len;
 
                folder = line + 1;
                tmp = strchr (folder, ' ');
                if (tmp)
                        *tmp = 0;
-               tmp = g_alloca (strlen (folder) + 1);
-               strcpy (tmp, folder);
+
+               tmp_len = strlen (folder) + 1;
+               tmp = g_alloca (tmp_len);
+               g_strlcpy (tmp, folder, tmp_len);
                folder = tmp;
        }
 
diff --git a/libedataserver/e-collator.c b/libedataserver/e-collator.c
index 6885e5b..88c8709 100644
--- a/libedataserver/e-collator.c
+++ b/libedataserver/e-collator.c
@@ -98,7 +98,7 @@ print_available_locales (void)
 
                uloc_getDisplayName(uloc_getAvailable(i), NULL, result, 100, &status);
 
-               u_austrcpy (printable, result);
+               u_austrncpy (printable, result, sizeof (printable));
 
                /* print result */
                g_printerr ("\t%s - %s", uloc_getAvailable(i), printable);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]