diff options
| author | Joseph Hunkeler <jhunkeler@gmail.com> | 2026-04-16 11:52:11 -0400 |
|---|---|---|
| committer | Joseph Hunkeler <jhunkeler@gmail.com> | 2026-04-16 11:52:11 -0400 |
| commit | dc6b871b419159097c272fe21cdef6acece40a99 (patch) | |
| tree | 1d2e4ef745106cb4a7a804698b45739a163cbe38 /src/lib | |
| parent | f40adf8259a9f034b6fff7abff047e9a746f7ec1 (diff) | |
| download | stasis-dc6b871b419159097c272fe21cdef6acece40a99.tar.gz | |
Convert more strcat and strcpy to strn variants
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/core/artifactory.c | 2 | ||||
| -rw-r--r-- | src/lib/core/conda.c | 12 | ||||
| -rw-r--r-- | src/lib/core/ini.c | 8 | ||||
| -rw-r--r-- | src/lib/core/multiprocessing.c | 10 | ||||
| -rw-r--r-- | src/lib/core/relocation.c | 8 | ||||
| -rw-r--r-- | src/lib/core/str.c | 8 | ||||
| -rw-r--r-- | src/lib/core/system.c | 2 | ||||
| -rw-r--r-- | src/lib/core/template.c | 2 | ||||
| -rw-r--r-- | src/lib/core/utils.c | 26 | ||||
| -rw-r--r-- | src/lib/delivery/delivery_install.c | 6 |
10 files changed, 42 insertions, 42 deletions
diff --git a/src/lib/core/artifactory.c b/src/lib/core/artifactory.c index 6a01620..415986e 100644 --- a/src/lib/core/artifactory.c +++ b/src/lib/core/artifactory.c @@ -413,7 +413,7 @@ int jfrog_cli_rt_upload(struct JFRT_Auth *auth, struct JFRT_Upload *ctx, char *s if (base) { src = base; } else { - strcat(src, "/"); + strncat(src, "/", sizeof(src) - strlen(src) - 1); } pushd(new_src); } diff --git a/src/lib/core/conda.c b/src/lib/core/conda.c index dd336bc..491eae3 100644 --- a/src/lib/core/conda.c +++ b/src/lib/core/conda.c @@ -419,15 +419,15 @@ int conda_check_required() { // Construct a "conda list" command that searches for all required packages // using conda's (python's) regex matching - strcat(cmd, "conda list '"); + strncat(cmd, "conda list '", sizeof(cmd) - strlen(cmd) - 1); for (size_t i = 0; conda_minimum_viable_tools[i] != NULL; i++) { - strcat(cmd, "^"); - strcat(cmd, conda_minimum_viable_tools[i]); + strncat(cmd, "^", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, conda_minimum_viable_tools[i], sizeof(cmd) - strlen(cmd) - 1); if (conda_minimum_viable_tools[i + 1] != NULL) { - strcat(cmd, "|"); + strncat(cmd, "|", sizeof(cmd) - strlen(cmd) - 1); } } - strcat(cmd, "' | cut -d ' ' -f 1"); + strncat(cmd, "' | cut -d ' ' -f 1", sizeof(cmd) - strlen(cmd) - 1); // Verify all required packages are installed char *cmd_out = shell_output(cmd, &status); @@ -565,7 +565,7 @@ int conda_env_create_from_uri(char *name, char *uri, char *python_version) { unlink(tempfile); // We'll create a new file with the same random bits, ending with .yml - strcat(tempfile, ".yml"); + strncat(tempfile, ".yml", sizeof(tempfile) - strlen(tempfile) - 1); char *errmsg = NULL; const long http_code = download(uri_fs ? uri_fs : uri, tempfile, &errmsg); if (HTTP_ERROR(http_code)) { diff --git a/src/lib/core/ini.c b/src/lib/core/ini.c index cf6f670..6081678 100644 --- a/src/lib/core/ini.c +++ b/src/lib/core/ini.c @@ -186,8 +186,8 @@ int ini_getval(struct INIFILE *ini, char *section_name, char *key, int type, int while ((token = strsep(&tbufp, "\n")) != NULL) { //lstrip(token); if (!isempty(token)) { - strcat(data_copy, token); - strcat(data_copy, "\n"); + strncat(data_copy, token, BUFSIZ - strlen(data_copy) - 1); + strncat(data_copy, "\n", BUFSIZ - strlen(data_copy) - 1); } } strip(data_copy); @@ -353,7 +353,7 @@ int ini_data_append(struct INIFILE **ini, char *section_name, char *key, char *v } else { data->value = value_tmp; } - strcat(data->value, value); + strncat(data->value, value, value_len_new - strlen(data->value)); } return 0; } @@ -467,7 +467,7 @@ int ini_write(struct INIFILE *ini, FILE **stream, unsigned mode) { } guard_array_free(parts); strip(outvalue); - strcat(outvalue, LINE_SEP); + strncat(outvalue, LINE_SEP, sizeof(outvalue) - strlen(outvalue) - 1); fprintf(*stream, "%s = %s%s", ini->section[x]->data[y]->key, *hint == INIVAL_TYPE_STR_ARRAY ? LINE_SEP : "", outvalue); guard_free(value); } else { diff --git a/src/lib/core/multiprocessing.c b/src/lib/core/multiprocessing.c index f694ad6..09f81de 100644 --- a/src/lib/core/multiprocessing.c +++ b/src/lib/core/multiprocessing.c @@ -173,17 +173,17 @@ struct MultiProcessingTask *mp_pool_task(struct MultiProcessingPool *pool, const // Set log file path memset(slot->log_file, 0, sizeof(*slot->log_file)); if (globals.enable_task_logging) { - strcat(slot->log_file, pool->log_root); - strcat(slot->log_file, "/"); + strncat(slot->log_file, pool->log_root, sizeof(slot->log_file) - strlen(slot->log_file) - 1); + strncat(slot->log_file, "/", sizeof(slot->log_file) - strlen(slot->log_file) - 1); } else { - strcpy(slot->log_file, "/dev/stdout"); + strncpy(slot->log_file, "/dev/stdout", sizeof(slot->log_file) - 1); } // Set working directory if (isempty(working_dir)) { - strcpy(slot->working_dir, "."); + strncpy(slot->working_dir, ".", sizeof(slot->working_dir) - 1); } else { - strncpy(slot->working_dir, working_dir, PATH_MAX - 1); + strncpy(slot->working_dir, working_dir, sizeof(slot->working_dir) - 1); } // Create a temporary file to act as our intermediate command script diff --git a/src/lib/core/relocation.c b/src/lib/core/relocation.c index 58b829d..fce74b6 100644 --- a/src/lib/core/relocation.c +++ b/src/lib/core/relocation.c @@ -50,18 +50,18 @@ int replace_text(char *original, const char *target, const char *replacement, un // replacement is shorter than the target if (rep_len < target_len) { // shrink the string - strcat(buffer, replacement); + strncat(buffer, replacement, sizeof(buffer) - strlen(buffer) - 1); memmove(pos, pos + target_len, strlen(pos) - target_len); memset(pos + (strlen(pos) - target_len), 0, target_len); } else { // replacement is longer than the target // write the replacement value to the buffer - strcat(buffer, replacement); + strncat(buffer, replacement, sizeof(buffer) - strlen(buffer) - 1); // target consumed. jump to the end of the substring. pos += target_len; } if (flags & REPLACE_TRUNCATE_AFTER_MATCH) { if (strstr(pos, LINE_SEP)) { - strcat(buffer, LINE_SEP); + strncat(buffer, LINE_SEP, sizeof(buffer) - strlen(buffer) - 1); } break; } @@ -69,7 +69,7 @@ int replace_text(char *original, const char *target, const char *replacement, un if (!((match = strstr(pos, target)))) { // no more matches // append whatever remains to the buffer - strcat(buffer, pos); + strncat(buffer, pos, sizeof(buffer) - strlen(buffer) - 1); // stop break; } diff --git a/src/lib/core/str.c b/src/lib/core/str.c index 9524886..c8f9c7e 100644 --- a/src/lib/core/str.c +++ b/src/lib/core/str.c @@ -153,9 +153,9 @@ char *join(char **arr, const char *separator) { result = (char *)calloc(total_bytes, sizeof(char)); for (int i = 0; i < records; i++) { - strcat(result, arr[i]); + strncat(result, arr[i], total_bytes - strlen(result) - 1); if (i < (records - 1)) { - strcat(result, separator); + strncat(result, separator, total_bytes - strlen(result) - 1); } } return result; @@ -207,11 +207,11 @@ char *join_ex(char *separator, ...) { result = calloc(size + 1, sizeof(char)); for (size_t i = 0; i < argc; i++) { // Append argument to string - strcat(result, argv[i]); + strncat(result, argv[i], size - strlen(result)); // no -1 because +1 above // Do not append a trailing separator when we reach the last argument if (i < (argc - 1)) { - strcat(result, separator); + strncat(result, separator, size - strlen(result)); // no -1 because +1 above } guard_free(argv[i]); } diff --git a/src/lib/core/system.c b/src/lib/core/system.c index 9eff64a..6c18cc2 100644 --- a/src/lib/core/system.c +++ b/src/lib/core/system.c @@ -161,7 +161,7 @@ char *shell_output(const char *command, int *status) { result = tmp; } } - strcat(result, line); + strncat(result, line, current_size - strlen(result) - 1); memset(line, 0, sizeof(line)); } *status = pclose(pp); diff --git a/src/lib/core/template.c b/src/lib/core/template.c index dd3c7a2..67e2e03 100644 --- a/src/lib/core/template.c +++ b/src/lib/core/template.c @@ -272,7 +272,7 @@ char *tpl_render(char *str) { // Append replacement value grow(z, &output_bytes, &output); - strcat(output, value); + strncat(output, value, output_bytes - strlen(output) - 1); guard_free(value); output[z] = 0; } diff --git a/src/lib/core/utils.c b/src/lib/core/utils.c index 76b314e..f478205 100644 --- a/src/lib/core/utils.c +++ b/src/lib/core/utils.c @@ -45,9 +45,9 @@ int rmtree(char *_path) { while ((d_entity = readdir(dir)) != NULL) { char abspath[PATH_MAX] = {0}; - strcat(abspath, path); - strcat(abspath, DIR_SEP); - strcat(abspath, d_entity->d_name); + strncat(abspath, path, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, DIR_SEP, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, d_entity->d_name, sizeof(abspath) - strlen(abspath) - 1); if (!strcmp(d_entity->d_name, ".") || !strcmp(d_entity->d_name, "..") || !strcmp(abspath, path)) { continue; @@ -278,13 +278,13 @@ char *find_program(const char *name) { result[0] = '\0'; while ((path_elem = strsep(&path, PATH_SEP))) { char abspath[PATH_MAX] = {0}; - strcat(abspath, path_elem); - strcat(abspath, DIR_SEP); - strcat(abspath, name); + strncat(abspath, path_elem, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, DIR_SEP, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, name, sizeof(abspath) - strlen(abspath) - 1); if (access(abspath, F_OK) < 0) { continue; } - strncpy(result, abspath, sizeof(result)); + strncpy(result, abspath, sizeof(result) - 1); break; } path = path_orig; @@ -694,7 +694,7 @@ int fix_tox_conf(const char *filename, char **result) { return -1; } value = tmp; - strcat(value, with_posargs); + strncat(value, with_posargs, (strlen(value) + strlen(with_posargs)) - strlen(value) - 1); ini_setval(&toxini, INI_SETVAL_REPLACE, section_name, key, value); } } @@ -829,8 +829,8 @@ int mkdirs(const char *_path, mode_t mode) { char result[PATH_MAX] = {0}; int status = 0; while ((token = strsep(&path, "/")) != NULL && !status) { - strcat(result, token); - strcat(result, "/"); + strncat(result, token, sizeof result - strlen(result) - 1); + strncat(result, "/", sizeof result - strlen(result) - 1); status = mkdir(result, mode); if (status && errno == EEXIST) { status = 0; @@ -919,7 +919,7 @@ void debug_hexdump(char *data, int len) { snprintf(addr + strlen(addr), sizeof(addr) - pos_fmt_len, pos_fmt, pos); } if (count == 8) { - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } if (count > 15) { snprintf(output, sizeof(output), "%s | %s | %s", addr, bytes, ascii); @@ -946,11 +946,11 @@ void debug_hexdump(char *data, int len) { if (count <= 8) { // Add group padding - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } const int padding = 16 - count; for (int i = 0; i < padding; i++) { - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } snprintf(output, DEBUG_HEXDUMP_FMT_BYTES + sizeof(addr) + sizeof(bytes) + sizeof(ascii), "%s | %s | %s", addr, bytes, ascii); puts(output); diff --git a/src/lib/delivery/delivery_install.c b/src/lib/delivery/delivery_install.c index fe3bc66..4970749 100644 --- a/src/lib/delivery/delivery_install.c +++ b/src/lib/delivery/delivery_install.c @@ -203,7 +203,7 @@ int delivery_install_packages(struct Delivery *ctx, char *conda_install_dir, cha } memset(command_base, 0, sizeof(command_base)); - strcat(command_base, "install"); + strncat(command_base, "install", sizeof(command_base) - strlen(command_base) - 1); typedef int (*Runner)(const char *); Runner runner = NULL; @@ -214,13 +214,13 @@ int delivery_install_packages(struct Delivery *ctx, char *conda_install_dir, cha } if (INSTALL_PKG_CONDA_DEFERRED & type) { - strcat(command_base, " --use-local"); + strncat(command_base, " --use-local", sizeof(command_base) - strlen(command_base) - 1); } else if (INSTALL_PKG_PIP_DEFERRED & type) { // Don't change the baseline package set unless we're working with a // new build. Release candidates will need to keep packages as stable // as possible between releases. if (!ctx->meta.based_on) { - strcat(command_base, " --upgrade"); + strncat(command_base, " --upgrade", sizeof(command_base) - strlen(command_base) - 1); } const char *command_base_fmt = " --extra-index-url 'file://%s'"; const int len = snprintf(NULL, 0, command_base_fmt, ctx->storage.wheel_artifact_dir); |