Extensive rewrite of various parts of the file name/version handling code. Converts a lot of unsafe string handling functions to safer variants. Passes buffer sizes in various places to enable overflow checks. Removes some unused variable declarations. Updates comments. Improves performance with alarm timeout setting when sequences of alarm set/cancel operations are performed. Adds GETFILEINFO processing for INODE_LO and INODE_HI attributes.
* implements these as functions rather than #define macros
* moves definitions to ufs.c
* adds parameter to UnixVersionToLispVersion for the storage
size of the buffer being passed
* removes inc/lispver2.h
* adjusts makefile-dos an makefile-tail to update dependencies
* Avoids unnecessary alarm(0) when it is about to be set again, only
cleans up after it’s all done.
* Renames DIRCHAR to LISPDIRCHAR to be more descriptive, adds LISPDIRSTR
for contexts where a string is required rather than a character.
* Avoids leaks of directory structures by ensuring that any opendir()
has a matching closedir(), with a timeout check, on the return path
* Ensures that closedir() calls that could smash errno happen after
errno is saved for Lisp’s consumption
* Simplifies code to take advantage of strlcpy()/strlcat() guarantee
that destination string is NUL terminated
* Reduces number of unnecessary copies into scratch buffer for file name
processing
* Removes some commented out code left over from copy/paste of functions
Unchecked strcpy/strcat can result in memory smashes if provided with
overly long source arguments. Replacing these with the strl... functions
protects against overruns of the destination memory.
Requires changing the signature of various functions to pass destination
storage size when destination argument is a pointer rather than something
amenable to sizeof() operator.
Unchecked writes to strings using strcpy and strcat can cause memory smashes,
replacing them with (destination) bounds checked strl... equivalents can
avoid this.
Incidentally, fix construction of file name for $HOME/.Xdefaults
Moves definitions of the quote_xxx functions from ufs.c where they are not
used to dir.c where they are used.
Adds a parameter to each of the quote_xxx functions to supply the length
of the storage allocated for the result string, and change strcpy() to
strlcpy() to avoid potential memory smash if used carelessly.
Replaces ConcNameAndVersion and ConcDirAndName macros with
conc_name_and_version and conc_dir_and_name functions respectively,
moves the definitions from locfile.h to dsk.c, and adds them to
dskdefs.h for use by other source files.
If the Lisp string passed to LispStringToCString were longer than
the destination buffer's MaxLen the could would have written the
terminating nul past the end of the array.
Fixes formatting of LispStringToCString
Corrects English grammar in some comments.
Removes StrNCpyFromLispToC and the single use of it in
LispStringToCString in the BYTESWAP implementation case.
Rename StrNCpyFromCToLisp, which does NOT follow "strncpy" semantics,
to be MemCpyToLispFromNative, where the types in the name match the
types of the arguments, and the semantics (and argument order) are
those of the C library "memcpy".
