github.com/Interlisp.maiko
1
0
Fork 0
mirror of https://github.com/Interlisp/maiko.git synced 2026-03-05 02:35:23 +00:00
Code Issues Projects Releases Wiki Activity

Replaces unchecked strcpy/strcat with strlcpy/strlcat

Browse Source 
Unchecked writes to strings using strcpy and strcat can cause memory smashes,
replacing them with (destination) bounds checked strl... equivalents can
avoid this.

Incidentally, fix construction of file name for $HOME/.Xdefaults
This commit is contained in:
Nick Briggs
2025-05-19 11:45:54 -07:00
parent 353f6d202e
commit 4de8b733fd
1 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/xrdopt.c
View File

@@ -17,7 +17,7 @@
#include <limits.h> // for PATH_MAX
#include <stdio.h> // for fprintf, NULL, stderr, sscanf
#include <stdlib.h> // for getenv, exit, strtol
#include <string.h> // for strncpy, strcat, strcpy, strcmp
#include <string.h> // for strncpy, strlcat, strlcpy, strcmp
#include <sys/types.h> // for u_char
#include <unistd.h> // for access, R_OK
#include "xdefs.h" // for WINDOW_NAME
@@ -211,13 +211,13 @@ void read_Xoption(int *argc, char *argv[])
print_Xusage(argv[0]);
} else {
envname = getenv("DISPLAY");
(void)strcpy(Display_Name, envname);
(void)strlcpy(Display_Name, envname, sizeof(Display_Name));
}
if ((xdisplay = XOpenDisplay(Display_Name)) != NULL) {
/* read the other databases */
/* Start with app-defaults/medley */
(void)strcpy(tmp, "/usr/lib/X11/app-defaults/");
(void)strcat(tmp, "medley");
(void)strlcpy(tmp, "/usr/lib/X11/app-defaults/", sizeof(tmp));
(void)strlcat(tmp, "medley", sizeof(tmp));
applicationDB = XrmGetFileDatabase(tmp);
if (applicationDB != NULL) { (void)XrmMergeDatabases(applicationDB, &rDB); }
/* Then try the displays defaults */
@@ -232,8 +232,8 @@ void read_Xoption(int *argc, char *argv[])
}
envname = getenv("HOME");
(void)strcat(tmp, envname);
(void)strcat(tmp, "/.Xdefaults");
(void)strlcpy(tmp, envname, sizeof(tmp));
(void)strlcat(tmp, "/.Xdefaults", sizeof(tmp));
if (access(tmp, R_OK) != 0) {
serverDB = XrmGetFileDatabase(tmp);
if (serverDB != NULL) { (void)XrmMergeDatabases(serverDB, &rDB); }
@@ -255,7 +255,7 @@ void read_Xoption(int *argc, char *argv[])
if (XrmGetResource(rDB, "ldex.icontitle", "Ldex.icontitle", str_type, &value) == True) {
(void)strncpy(iconTitle, value.addr, value.size);
} else {
(void)strcpy(iconTitle, "Medley");
(void)strlcpy(iconTitle, "Medley", sizeof(iconTitle));
}
if (XrmGetResource(rDB, "ldex.iconbitmap", "Ldex.Iconbitmap", str_type, &value) == True) {
@@ -276,8 +276,6 @@ void read_Xoption(int *argc, char *argv[])
&LispDisplayRequestedWidth, &LispDisplayRequestedHeight);
}
(void)strcpy(tmp, ""); /* Clear the string */
if (XrmGetResource(rDB, "ldex.cursorColor", "Ldex.cursorColor", str_type, &value) == True) {
(void)strncpy(cursorColor, value.addr, sizeof(cursorColor) - 1);
}