diff options
Diffstat (limited to 'src')
26 files changed, 172 insertions, 172 deletions
diff --git a/src/cli/stasis/args.c b/src/cli/stasis/args.c index 696f3a6..98b4479 100644 --- a/src/cli/stasis/args.c +++ b/src/cli/stasis/args.c @@ -89,20 +89,20 @@ void usage(char *progname) { char opt_long[50] = {0}; // --? [ARG]? char opt_short[50] = {0}; // -? [ARG]? - strcat(opt_long, "--"); - strcat(opt_long, long_options[x].name); + strncat(opt_long, "--", sizeof(opt_long) - strlen(opt_long) - 1); + strncat(opt_long, long_options[x].name, sizeof(opt_long) - strlen(opt_long) - 1); if (long_options[x].has_arg) { - strcat(opt_long, " ARG"); + strncat(opt_long, " ARG", sizeof(opt_long) - strlen(opt_long) - 1); } if (long_options[x].val <= 'z') { - strcat(opt_short, "-"); + strncat(opt_short, "-", sizeof(opt_short) - strlen(opt_short) - 1); opt_short[1] = (char) long_options[x].val; if (long_options[x].has_arg) { - strcat(opt_short, " ARG"); + strncat(opt_short, " ARG", sizeof(opt_short) - strlen(opt_short) - 1); } } else { - strcat(opt_short, " "); + strncat(opt_short, " ", sizeof(opt_short) - strlen(opt_short) - 1); } const char *opt_fmt = " %%-%ds\t%%s\t\t%%s"; diff --git a/src/cli/stasis/stasis_main.c b/src/cli/stasis/stasis_main.c index 9b3c6ba..328d825 100644 --- a/src/cli/stasis/stasis_main.c +++ b/src/cli/stasis/stasis_main.c @@ -532,7 +532,7 @@ int main(int argc, char *argv[]) { globals.continue_on_error = true; break; case 'p': - strcpy(python_override_version, optarg); + strncpy(python_override_version, optarg, sizeof(python_override_version) - 1); break; case 'l': globals.cpu_limit = strtol(optarg, NULL, 10); @@ -652,9 +652,9 @@ int main(int argc, char *argv[]) { configure_jfrog_cli(&ctx); runtime_apply(ctx.runtime.environ); - strcpy(env_name, ctx.info.release_name); - strcpy(env_name_testing, env_name); - strcat(env_name_testing, "-test"); + strncpy(env_name, ctx.info.release_name, sizeof(env_name) - 1); + strncpy(env_name_testing, env_name, sizeof(env_name_testing) - 1); + strncat(env_name_testing, "-test", sizeof(env_name_testing) - strlen(env_name_testing) - 1); char *envs[] = { "release", env_name, "testing", env_name_testing, diff --git a/src/cli/stasis_indexer/helpers.c b/src/cli/stasis_indexer/helpers.c index 6dc653d..2ecdc74 100644 --- a/src/cli/stasis_indexer/helpers.c +++ b/src/cli/stasis_indexer/helpers.c @@ -96,44 +96,44 @@ int pandoc_exec(const char *in_file, const char *out_file, const char *css_file, if (!get_pandoc_version(&pandoc_version)) { // < 2.19 if (pandoc_version < 0x02130000) { - strcat(pandoc_versioned_args, "--self-contained "); + strncat(pandoc_versioned_args, "--self-contained ", sizeof(pandoc_versioned_args) - strlen(pandoc_versioned_args) - 1); } else { // >= 2.19 - strcat(pandoc_versioned_args, "--embed-resources "); + strncat(pandoc_versioned_args, "--embed-resources ", sizeof(pandoc_versioned_args) - strlen(pandoc_versioned_args) - 1); } // >= 1.15.0.4 if (pandoc_version >= 0x010f0004) { - strcat(pandoc_versioned_args, "--standalone "); + strncat(pandoc_versioned_args, "--standalone ", sizeof(pandoc_versioned_args) - strlen(pandoc_versioned_args) - 1); } // >= 1.10.0.1 if (pandoc_version >= 0x010a0001) { - strcat(pandoc_versioned_args, "-f gfm+autolink_bare_uris "); + strncat(pandoc_versioned_args, "-f gfm+autolink_bare_uris ", sizeof(pandoc_versioned_args) - strlen(pandoc_versioned_args) - 1); } // > 3.1.9 if (pandoc_version > 0x03010900) { - strcat(pandoc_versioned_args, "-f gfm+alerts "); + strncat(pandoc_versioned_args, "-f gfm+alerts ", sizeof(pandoc_versioned_args) - strlen(pandoc_versioned_args) - 1); } } // Converts a markdown file to html char cmd[STASIS_BUFSIZ] = {0}; - strcpy(cmd, "pandoc "); - strcat(cmd, pandoc_versioned_args); + strncpy(cmd, "pandoc ", sizeof(cmd) - 1); + strncat(cmd, pandoc_versioned_args, sizeof(cmd) - strlen(cmd) - 1); if (css_file && strlen(css_file)) { - strcat(cmd, "--css "); - strcat(cmd, css_file); + strncat(cmd, "--css ", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, css_file, sizeof(cmd) - strlen(cmd) - 1); } - strcat(cmd, " "); - strcat(cmd, "--metadata title=\""); - strcat(cmd, title); - strcat(cmd, "\" "); - strcat(cmd, "-o "); - strcat(cmd, out_file); - strcat(cmd, " "); - strcat(cmd, in_file); + strncat(cmd, " ", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, "--metadata title=\"", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, title, sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, "\" ", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, "-o ", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, out_file, sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, " ", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, in_file, sizeof(cmd) - strlen(cmd) - 1); if (globals.verbose) { puts(cmd); @@ -377,8 +377,8 @@ int write_manifest(const char *path, char **exclude_path, FILE *fp) { } char filepath[PATH_MAX] = {0}; strncpy(filepath, path, PATH_MAX - 1); - strcat(filepath, "/"); - strcat(filepath, rec->d_name); + strncat(filepath, "/", sizeof(filepath) - strlen(filepath) - 1); + strncat(filepath, rec->d_name, sizeof(filepath) - strlen(filepath) - 1); if (rec->d_type == DT_DIR) { write_manifest(filepath, exclude_path, fp); continue; diff --git a/src/cli/stasis_indexer/stasis_indexer_main.c b/src/cli/stasis_indexer/stasis_indexer_main.c index 5f7ded4..63fb45c 100644 --- a/src/cli/stasis_indexer/stasis_indexer_main.c +++ b/src/cli/stasis_indexer/stasis_indexer_main.c @@ -13,9 +13,9 @@ int indexer_combine_rootdirs(const char *dest, char **rootdirs, const size_t roo char destdir_with_output[PATH_MAX] = {0}; char *destdir = destdir_bare; - strcpy(destdir_bare, dest); - strcpy(destdir_with_output, dest); - strcat(destdir_with_output, "/output"); + strncpy(destdir_bare, dest, sizeof(destdir_bare) - 1); + strncpy(destdir_with_output, dest, sizeof(destdir_with_output) - 1); + strncat(destdir_with_output, "/output", sizeof(destdir_with_output) - strlen(destdir_with_output) - 1); if (!access(destdir_with_output, F_OK)) { destdir = destdir_with_output; @@ -26,9 +26,9 @@ int indexer_combine_rootdirs(const char *dest, char **rootdirs, const size_t roo char srcdir_bare[PATH_MAX] = {0}; char srcdir_with_output[PATH_MAX] = {0}; char *srcdir = srcdir_bare; - strcpy(srcdir_bare, rootdirs[i]); - strcpy(srcdir_with_output, rootdirs[i]); - strcat(srcdir_with_output, "/output"); + strncpy(srcdir_bare, rootdirs[i], sizeof(srcdir_bare) - 1); + strncpy(srcdir_with_output, rootdirs[i], sizeof(srcdir_with_output) - 1); + strncat(srcdir_with_output, "/output", sizeof(srcdir_with_output) - strlen(srcdir_with_output) - 1); if (access(srcdir_bare, F_OK)) { fprintf(stderr, "%s does not exist\n", srcdir_bare); @@ -261,11 +261,11 @@ int main(const int argc, char *argv[]) { char workdir_template[PATH_MAX] = {0}; const char *system_tmp = getenv("TMPDIR"); if (system_tmp) { - strcat(workdir_template, system_tmp); + strncat(workdir_template, system_tmp, sizeof(workdir_template) - strlen(workdir_template) - 1); } else { - strcat(workdir_template, "/tmp"); + strncat(workdir_template, "/tmp", sizeof(workdir_template) - strlen(workdir_template) - 1); } - strcat(workdir_template, "/stasis-combine.XXXXXX"); + strncat(workdir_template, "/stasis-combine.XXXXXX", sizeof(workdir_template) - strlen(workdir_template) - 1); char *workdir = mkdtemp(workdir_template); if (!workdir) { SYSERROR("Unable to create temporary directory: %s", workdir_template); diff --git a/src/cli/stasis_indexer/website.c b/src/cli/stasis_indexer/website.c index e758d47..8a5126d 100644 --- a/src/cli/stasis_indexer/website.c +++ b/src/cli/stasis_indexer/website.c @@ -36,7 +36,7 @@ int indexer_make_website(struct Delivery **ctx) { // Replace *.md extension with *.html. strncpy(fullpath_dest, fullpath_src, sizeof(fullpath_dest) - 1); - gen_file_extension_str(fullpath_dest, ".html"); + gen_file_extension_str(fullpath_dest, sizeof(fullpath_dest), ".html"); // Convert markdown to html if (pandoc_exec(fullpath_src, fullpath_dest, have_css ? css_filename : NULL, "STASIS")) { diff --git a/src/lib/core/artifactory.c b/src/lib/core/artifactory.c index 6a01620..918b24e 100644 --- a/src/lib/core/artifactory.c +++ b/src/lib/core/artifactory.c @@ -14,31 +14,31 @@ int artifactory_download_cli(char *dest, char arch_ident[STASIS_NAME_MAX] = {0}; // convert platform string to lower-case - strcpy(os_ident, os); + strncpy(os_ident, os, sizeof(os_ident) - 1); tolower_s(os_ident); // translate OS identifier if (!strcmp(os_ident, "darwin") || startswith(os_ident, "macos")) { - strcpy(os_ident, "mac"); + strncpy(os_ident, "mac", sizeof(os_ident) - 1); } else if (!strcmp(os_ident, "linux")) { - strcpy(os_ident, "linux"); + strncpy(os_ident, "linux", sizeof(os_ident) - 1); } else { fprintf(stderr, "%s: unknown operating system: %s\n", __FUNCTION__, os_ident); return -1; } // translate ARCH identifier - strcpy(arch_ident, arch); + strncpy(arch_ident, arch, sizeof(arch_ident) - 1); if (startswith(arch_ident, "i") && endswith(arch_ident, "86")) { - strcpy(arch_ident, "386"); + strncpy(arch_ident, "386", sizeof(arch_ident) - 1); } else if (!strcmp(arch_ident, "amd64") || !strcmp(arch_ident, "x86_64") || !strcmp(arch_ident, "x64")) { if (!strcmp(os_ident, "mac")) { - strcpy(arch_ident, "386"); + strncpy(arch_ident, "386", sizeof(arch_ident) - 1); } else { - strcpy(arch_ident, "amd64"); + strncpy(arch_ident, "amd64", sizeof(arch_ident) - 1); } } else if (!strcmp(arch_ident, "arm64") || !strcmp(arch_ident, "aarch64")) { - strcpy(arch_ident, "arm64"); + strncpy(arch_ident, "arm64", sizeof(arch_ident) - 1); } else { fprintf(stderr, "%s: unknown architecture: %s\n", __FUNCTION__, arch_ident); return -1; @@ -53,7 +53,7 @@ int artifactory_download_cli(char *dest, os_ident, // ... arch_ident, // jfrog-cli-linux-x86_64 remote_filename); // jf - strcpy(path, dest); + strncpy(path, dest, sizeof(path) - 1); if (mkdirs(path, 0755)) { fprintf(stderr, "%s: %s: %s", __FUNCTION__, path, strerror(errno)); @@ -244,8 +244,8 @@ int jfrog_cli(struct JFRT_Auth *auth, const char *subsystem, const char *task, c } if (!globals.verbose) { - strcpy(proc.f_stdout, "/dev/null"); - strcpy(proc.f_stderr, "/dev/null"); + strncpy(proc.f_stdout, "/dev/null", sizeof(proc.f_stdout) - 1); + strncpy(proc.f_stderr, "/dev/null", sizeof(proc.f_stderr) - 1); } return shell(&proc, cmd); } @@ -413,7 +413,7 @@ int jfrog_cli_rt_upload(struct JFRT_Auth *auth, struct JFRT_Upload *ctx, char *s if (base) { src = base; } else { - strcat(src, "/"); + strncat(src, "/", sizeof(src) - strlen(src) - 1); } pushd(new_src); } diff --git a/src/lib/core/conda.c b/src/lib/core/conda.c index dd336bc..3ef4d62 100644 --- a/src/lib/core/conda.c +++ b/src/lib/core/conda.c @@ -10,11 +10,11 @@ int micromamba(const struct MicromambaInfo *info, char *command, ...) { tolower_s(sys.sysname); if (!strcmp(sys.sysname, "darwin")) { - strcpy(sys.sysname, "osx"); + strncpy(sys.sysname, "osx", sizeof(sys.sysname) - 1); } if (!strcmp(sys.machine, "x86_64")) { - strcpy(sys.machine, "64"); + strncpy(sys.machine, "64", sizeof(sys.machine) - 1); } char url[PATH_MAX]; @@ -149,7 +149,7 @@ int pkg_index_provides(int mode, const char *index, const char *spec) { int status = 0; struct Process proc = {0}; proc.redirect_stderr = 1; - strcpy(proc.f_stdout, logfile); + strncpy(proc.f_stdout, logfile, sizeof(proc.f_stdout) - 1); if (mode == PKG_USE_PIP) { // Do an installation in dry-run mode to see if the package exists in the given index. @@ -226,12 +226,12 @@ int conda_exec(const char *args) { "deactivate", NULL }; - char conda_as[6] = {0}; + char conda_as[10] = {0}; - strcpy(conda_as, "conda"); + strncpy(conda_as, "conda", sizeof(conda_as) - 1); for (size_t i = 0; mamba_commands[i] != NULL; i++) { if (startswith(args, mamba_commands[i])) { - strcpy(conda_as, "mamba"); + strncpy(conda_as, "mamba", sizeof(conda_as) - 1); break; } } @@ -419,15 +419,15 @@ int conda_check_required() { // Construct a "conda list" command that searches for all required packages // using conda's (python's) regex matching - strcat(cmd, "conda list '"); + strncat(cmd, "conda list '", sizeof(cmd) - strlen(cmd) - 1); for (size_t i = 0; conda_minimum_viable_tools[i] != NULL; i++) { - strcat(cmd, "^"); - strcat(cmd, conda_minimum_viable_tools[i]); + strncat(cmd, "^", sizeof(cmd) - strlen(cmd) - 1); + strncat(cmd, conda_minimum_viable_tools[i], sizeof(cmd) - strlen(cmd) - 1); if (conda_minimum_viable_tools[i + 1] != NULL) { - strcat(cmd, "|"); + strncat(cmd, "|", sizeof(cmd) - strlen(cmd) - 1); } } - strcat(cmd, "' | cut -d ' ' -f 1"); + strncat(cmd, "' | cut -d ' ' -f 1", sizeof(cmd) - strlen(cmd) - 1); // Verify all required packages are installed char *cmd_out = shell_output(cmd, &status); @@ -483,7 +483,7 @@ int conda_setup_headless() { const char *cmd_fmt = "'%s'"; if (globals.conda_packages && strlist_count(globals.conda_packages)) { memset(cmd, 0, sizeof(cmd)); - strcpy(cmd, "install "); + strncpy(cmd, "install ", sizeof(cmd) - 1); total = strlist_count(globals.conda_packages); for (size_t i = 0; i < total; i++) { @@ -506,7 +506,7 @@ int conda_setup_headless() { if (globals.pip_packages && strlist_count(globals.pip_packages)) { memset(cmd, 0, sizeof(cmd)); - strcpy(cmd, "install "); + strncpy(cmd, "install ", sizeof(cmd) - 1); total = strlist_count(globals.pip_packages); for (size_t i = 0; i < total; i++) { @@ -565,7 +565,7 @@ int conda_env_create_from_uri(char *name, char *uri, char *python_version) { unlink(tempfile); // We'll create a new file with the same random bits, ending with .yml - strcat(tempfile, ".yml"); + strncat(tempfile, ".yml", sizeof(tempfile) - strlen(tempfile) - 1); char *errmsg = NULL; const long http_code = download(uri_fs ? uri_fs : uri, tempfile, &errmsg); if (HTTP_ERROR(http_code)) { diff --git a/src/lib/core/copy.c b/src/lib/core/copy.c index 25eede3..ba52507 100644 --- a/src/lib/core/copy.c +++ b/src/lib/core/copy.c @@ -14,7 +14,7 @@ int copy2(const char *src, const char *dest, unsigned int op) { } char dname[1024] = {0}; - strcpy(dname, dest); + strncpy(dname, dest, sizeof(dname) - 1); char *dname_endptr = strrchr(dname, '/'); if (dname_endptr != NULL) { diff --git a/src/lib/core/docker.c b/src/lib/core/docker.c index fd0a2e2..37ef48d 100644 --- a/src/lib/core/docker.c +++ b/src/lib/core/docker.c @@ -18,10 +18,10 @@ int docker_exec(const char *args, const unsigned flags) { } if (final_flags & STASIS_DOCKER_QUIET_STDOUT) { - strcpy(proc.f_stdout, "/dev/null"); + strncpy(proc.f_stdout, "/dev/null", sizeof(proc.f_stdout) - 1); } if (final_flags & STASIS_DOCKER_QUIET_STDERR) { - strcpy(proc.f_stderr, "/dev/null"); + strncpy(proc.f_stderr, "/dev/null", sizeof(proc.f_stderr) - 1); } if (!final_flags) { @@ -68,12 +68,12 @@ int docker_build(const char *dirpath, const char *args, int engine) { memset(cmd, 0, sizeof(cmd)); if (engine & STASIS_DOCKER_BUILD) { - strcpy(build, "build"); + strncpy(build, "build", sizeof(build) - 1); } if (engine & STASIS_DOCKER_BUILD_X) { - strcpy(build, "buildx build"); + strncpy(build, "buildx build", sizeof(build) - 1); } - snprintf(cmd, sizeof(cmd) - 1, "%s %s %s", build, args, dirpath); + snprintf(cmd, sizeof(cmd), "%s %s %s", build, args, dirpath); return docker_exec(cmd, 0); } @@ -83,13 +83,13 @@ int docker_save(const char *image, const char *destdir, const char *compression_ if (compression_program && strlen(compression_program)) { char ext[255] = {0}; if (startswith(compression_program, "zstd")) { - strcpy(ext, "zst"); + strncpy(ext, "zst", sizeof(ext) - 1); } else if (startswith(compression_program, "xz")) { - strcpy(ext, "xz"); + strncpy(ext, "xz", sizeof(ext) - 1); } else if (startswith(compression_program, "gzip")) { - strcpy(ext, "gz"); + strncpy(ext, "gz", sizeof(ext) - 1); } else if (startswith(compression_program, "bzip2")) { - strcpy(ext, "bz2"); + strncpy(ext, "bz2", sizeof(ext) - 1); } else { strncpy(ext, compression_program, sizeof(ext) - 1); } @@ -120,8 +120,8 @@ static char *docker_ident() { } memset(&proc, 0, sizeof(proc)); - strcpy(proc.f_stdout, tempfile); - strcpy(proc.f_stderr, "/dev/null"); + strncpy(proc.f_stdout, tempfile, sizeof(proc.f_stdout) - 1); + strncpy(proc.f_stderr, "/dev/null", sizeof(proc.f_stderr) - 1); shell(&proc, "docker --version"); if (!freopen(tempfile, "r", fp)) { diff --git a/src/lib/core/environment.c b/src/lib/core/environment.c index 7ece5e6..3c94d33 100644 --- a/src/lib/core/environment.c +++ b/src/lib/core/environment.c @@ -70,7 +70,7 @@ void runtime_export(RuntimeEnv *env, char **keys) { NULL, }; - char export_command[7]; // export=6 and setenv=6... convenient + char export_command[10]; // export=6 and setenv=6... convenient char *_sh = getenv("SHELL"); char *sh = path_basename(_sh); if (sh == NULL) { @@ -80,13 +80,13 @@ void runtime_export(RuntimeEnv *env, char **keys) { for (size_t i = 0; borne[i] != NULL; i++) { if (strcmp(sh, borne[i]) == 0) { - strcpy(export_command, "export"); + strncpy(export_command, "export", sizeof(export_command) - 1); break; } } for (size_t i = 0; unborne[i] != NULL; i++) { if (strcmp(sh, unborne[i]) == 0) { - strcpy(export_command, "setenv"); + strncpy(export_command, "setenv", sizeof(export_command) - 1); break; } } diff --git a/src/lib/core/include/utils.h b/src/lib/core/include/utils.h index 335a7e4..c1ee513 100644 --- a/src/lib/core/include/utils.h +++ b/src/lib/core/include/utils.h @@ -293,9 +293,10 @@ int xml_pretty_print_in_place(const char *filename, const char *pretty_print_pro * Applies STASIS fixups to a tox ini config * @param filename path to tox.ini * @param result path to processed configuration + * @param maxlen * @return 0 on success, -1 on error */ -int fix_tox_conf(const char *filename, char **result); +int fix_tox_conf(const char *filename, char **result, size_t maxlen); char *collapse_whitespace(char **s); @@ -420,7 +421,7 @@ int env_manipulate_pathstr(const char *key, char *path, int mode); /** * Append or replace a file extension */ -int gen_file_extension_str(char *filename, const char *extension); +int gen_file_extension_str(char *filename, size_t maxlen, const char *extension); /** * Remove [extra]s from a spec string diff --git a/src/lib/core/ini.c b/src/lib/core/ini.c index cf6f670..ca87de5 100644 --- a/src/lib/core/ini.c +++ b/src/lib/core/ini.c @@ -177,7 +177,7 @@ int ini_getval(struct INIFILE *ini, char *section_name, char *key, int type, int } break; case INIVAL_TYPE_STR_ARRAY: - strcpy(tbufp, data_copy); + strncpy(tbufp, data_copy, sizeof(tbuf) - 1); guard_free(data_copy); data_copy = calloc(STASIS_BUFSIZ, sizeof(*data_copy)); if (!data_copy) { @@ -186,8 +186,8 @@ int ini_getval(struct INIFILE *ini, char *section_name, char *key, int type, int while ((token = strsep(&tbufp, "\n")) != NULL) { //lstrip(token); if (!isempty(token)) { - strcat(data_copy, token); - strcat(data_copy, "\n"); + strncat(data_copy, token, BUFSIZ - strlen(data_copy) - 1); + strncat(data_copy, "\n", BUFSIZ - strlen(data_copy) - 1); } } strip(data_copy); @@ -353,7 +353,7 @@ int ini_data_append(struct INIFILE **ini, char *section_name, char *key, char *v } else { data->value = value_tmp; } - strcat(data->value, value); + strncat(data->value, value, value_len_new - strlen(data->value)); } return 0; } @@ -467,7 +467,7 @@ int ini_write(struct INIFILE *ini, FILE **stream, unsigned mode) { } guard_array_free(parts); strip(outvalue); - strcat(outvalue, LINE_SEP); + strncat(outvalue, LINE_SEP, sizeof(outvalue) - strlen(outvalue) - 1); fprintf(*stream, "%s = %s%s", ini->section[x]->data[y]->key, *hint == INIVAL_TYPE_STR_ARRAY ? LINE_SEP : "", outvalue); guard_free(value); } else { @@ -522,7 +522,7 @@ struct INIFILE *ini_open(const char *filename) { // Create an implicit section. [default] does not need to be present in the INI config ini_section_create(&ini, "default"); - strcpy(current_section, "default"); + strncpy(current_section, "default", sizeof(current_section) - 1); // Open the configuration file for reading FILE *fp = fopen(filename, "r"); @@ -596,7 +596,7 @@ struct INIFILE *ini_open(const char *filename) { // Record the name of the section. This is used until another section is found. memset(current_section, 0, sizeof(current_section)); - strcpy(current_section, section_name); + strncpy(current_section, section_name, sizeof(current_section) - 1); guard_free(section_name); memset(line, 0, sizeof(line)); continue; @@ -621,12 +621,12 @@ struct INIFILE *ini_open(const char *filename) { lstrip(key); strip(key); memset(key_last, 0, sizeof(inikey[1])); - strcpy(key_last, key); + strncpy(key_last, key, sizeof(inikey[1]) - 1); reading_value = 1; if (strlen(operator) > 1) { - strcpy(value, &operator[1]); + strncpy(value, &operator[1], sizeof(value) - 1); } else { - strcpy(value, ""); + strncpy(value, "", sizeof(value) - 1); } if (isempty(value)) { //printf("%s is probably long raw data\n", key); @@ -640,8 +640,8 @@ struct INIFILE *ini_open(const char *filename) { } strip(value); } else { - strcpy(key, key_last); - strcpy(value, line); + strncpy(key, key_last, sizeof(inikey[0]) - 1); + strncpy(value, line, sizeof(value) - 1); } memset(line, 0, sizeof(line)); diff --git a/src/lib/core/multiprocessing.c b/src/lib/core/multiprocessing.c index f694ad6..2bf33dd 100644 --- a/src/lib/core/multiprocessing.c +++ b/src/lib/core/multiprocessing.c @@ -173,17 +173,17 @@ struct MultiProcessingTask *mp_pool_task(struct MultiProcessingPool *pool, const // Set log file path memset(slot->log_file, 0, sizeof(*slot->log_file)); if (globals.enable_task_logging) { - strcat(slot->log_file, pool->log_root); - strcat(slot->log_file, "/"); + strncat(slot->log_file, pool->log_root, sizeof(slot->log_file) - strlen(slot->log_file) - 1); + strncat(slot->log_file, "/", sizeof(slot->log_file) - strlen(slot->log_file) - 1); } else { - strcpy(slot->log_file, "/dev/stdout"); + strncpy(slot->log_file, "/dev/stdout", sizeof(slot->log_file) - 1); } // Set working directory if (isempty(working_dir)) { - strcpy(slot->working_dir, "."); + strncpy(slot->working_dir, ".", sizeof(slot->working_dir) - 1); } else { - strncpy(slot->working_dir, working_dir, PATH_MAX - 1); + strncpy(slot->working_dir, working_dir, sizeof(slot->working_dir) - 1); } // Create a temporary file to act as our intermediate command script @@ -236,14 +236,13 @@ void mp_pool_show_summary(struct MultiProcessingPool *pool) { if (task->status == MP_POOL_TASK_STATUS_INITIAL && task->pid == MP_POOL_PID_UNUSED) { // You will only see this label if the task pool is killed by // MP_POOL_FAIL_FAST and tasks are still queued for execution - strcpy(status_str, "HOLD"); + strncpy(status_str, "HOLD", sizeof(status_str) - 1); } else if (!task->status && !task->signaled_by) { - - strcpy(status_str, "DONE"); + strncpy(status_str, "DONE", sizeof(status_str) - 1); } else if (task->signaled_by) { - strcpy(status_str, "TERM"); + strncpy(status_str, "TERM", sizeof(status_str) - 1); } else { - strcpy(status_str, "FAIL"); + strncpy(status_str, "FAIL", sizeof(status_str) - 1); } char duration[255] = {0}; diff --git a/src/lib/core/relocation.c b/src/lib/core/relocation.c index 58b829d..bd5504b 100644 --- a/src/lib/core/relocation.c +++ b/src/lib/core/relocation.c @@ -50,18 +50,18 @@ int replace_text(char *original, const char *target, const char *replacement, un // replacement is shorter than the target if (rep_len < target_len) { // shrink the string - strcat(buffer, replacement); + strncat(buffer, replacement, sizeof(buffer) - strlen(buffer) - 1); memmove(pos, pos + target_len, strlen(pos) - target_len); memset(pos + (strlen(pos) - target_len), 0, target_len); } else { // replacement is longer than the target // write the replacement value to the buffer - strcat(buffer, replacement); + strncat(buffer, replacement, sizeof(buffer) - strlen(buffer) - 1); // target consumed. jump to the end of the substring. pos += target_len; } if (flags & REPLACE_TRUNCATE_AFTER_MATCH) { if (strstr(pos, LINE_SEP)) { - strcat(buffer, LINE_SEP); + strncat(buffer, LINE_SEP, sizeof(buffer) - strlen(buffer) - 1); } break; } @@ -69,7 +69,7 @@ int replace_text(char *original, const char *target, const char *replacement, un if (!((match = strstr(pos, target)))) { // no more matches // append whatever remains to the buffer - strcat(buffer, pos); + strncat(buffer, pos, sizeof(buffer) - strlen(buffer) - 1); // stop break; } @@ -84,7 +84,7 @@ int replace_text(char *original, const char *target, const char *replacement, un memset(original + buffer_len, 0, original_len - buffer_len); } // replace original with contents of buffer - strcpy(original, buffer); + strncpy(original, buffer, buffer_len + 1); return 0; } diff --git a/src/lib/core/str.c b/src/lib/core/str.c index 9524886..368ab49 100644 --- a/src/lib/core/str.c +++ b/src/lib/core/str.c @@ -119,7 +119,7 @@ char** split(char *_sptr, const char* delim, size_t max) if (!result[i]) { return NULL; } - strcpy(result[i], token); + strncpy(result[i], token, STASIS_BUFSIZ - 1); } // pos is non-zero when maximum split is reached @@ -129,7 +129,7 @@ char** split(char *_sptr, const char* delim, size_t max) if (!result[i]) { return NULL; } - strcpy(result[i], &orig[pos]); + strncpy(result[i], &orig[pos], STASIS_BUFSIZ - 1); } guard_free(sptr); @@ -153,9 +153,9 @@ char *join(char **arr, const char *separator) { result = (char *)calloc(total_bytes, sizeof(char)); for (int i = 0; i < records; i++) { - strcat(result, arr[i]); + strncat(result, arr[i], total_bytes - strlen(result) - 1); if (i < (records - 1)) { - strcat(result, separator); + strncat(result, separator, total_bytes - strlen(result) - 1); } } return result; @@ -207,11 +207,11 @@ char *join_ex(char *separator, ...) { result = calloc(size + 1, sizeof(char)); for (size_t i = 0; i < argc; i++) { // Append argument to string - strcat(result, argv[i]); + strncat(result, argv[i], size - strlen(result)); // no -1 because +1 above // Do not append a trailing separator when we reach the last argument if (i < (argc - 1)) { - strcat(result, separator); + strncat(result, separator, size - strlen(result)); // no -1 because +1 above } guard_free(argv[i]); } @@ -562,7 +562,7 @@ char *normalize_space(char *s) { } // Rewrite the input string - strcpy(result, tmp_orig); + strncpy(result, tmp_orig, strlen(result) + 1); guard_free(tmp_orig); return result; } diff --git a/src/lib/core/strlist.c b/src/lib/core/strlist.c index f3754c3..ff9c098 100644 --- a/src/lib/core/strlist.c +++ b/src/lib/core/strlist.c @@ -84,7 +84,7 @@ int strlist_append_file(struct StrList *pStrList, char *_path, ReaderFn *readerF if (is_url) { int fd; char tempfile[PATH_MAX] = {0}; - strcpy(tempfile, "/tmp/.remote_file.XXXXXX"); + strncpy(tempfile, "/tmp/.remote_file.XXXXXX", sizeof(tempfile) - 1); if ((fd = mkstemp(tempfile)) < 0) { retval = -1; goto fatal; @@ -421,7 +421,7 @@ void strlist_set(struct StrList **pStrList, size_t index, char *value) { } memset((*pStrList)->data[index], '\0', strlen(value) + 1); - strcpy((*pStrList)->data[index], value); + strncpy((*pStrList)->data[index], value, strlen(value)); } } diff --git a/src/lib/core/system.c b/src/lib/core/system.c index 9eff64a..6c18cc2 100644 --- a/src/lib/core/system.c +++ b/src/lib/core/system.c @@ -161,7 +161,7 @@ char *shell_output(const char *command, int *status) { result = tmp; } } - strcat(result, line); + strncat(result, line, current_size - strlen(result) - 1); memset(line, 0, sizeof(line)); } *status = pclose(pp); diff --git a/src/lib/core/template.c b/src/lib/core/template.c index dd3c7a2..623b811 100644 --- a/src/lib/core/template.c +++ b/src/lib/core/template.c @@ -218,7 +218,7 @@ char *tpl_render(char *str) { value = strdup(env_val ? env_val : ""); } else if (do_func) { // {{ func:NAME(a, ...) }} char func_name_temp[STASIS_NAME_MAX] = {0}; - strcpy(func_name_temp, type_stop + 1); + strncpy(func_name_temp, type_stop + 1, sizeof(func_name_temp) - 1); char *param_begin = strchr(func_name_temp, '('); if (!param_begin) { fprintf(stderr, "At position %zu in %s\nfunction name must be followed by a '('\n", off, key); @@ -272,7 +272,7 @@ char *tpl_render(char *str) { // Append replacement value grow(z, &output_bytes, &output); - strcat(output, value); + strncat(output, value, output_bytes - strlen(output) - 1); guard_free(value); output[z] = 0; } diff --git a/src/lib/core/template_func_proto.c b/src/lib/core/template_func_proto.c index d344933..fc58e33 100644 --- a/src/lib/core/template_func_proto.c +++ b/src/lib/core/template_func_proto.c @@ -80,7 +80,7 @@ int get_junitxml_file_entrypoint(void *frame, void *data_out) { return -1; } char nametmp[PATH_MAX] = {0}; - strcpy(nametmp, cwd); + strncpy(nametmp, cwd, sizeof(nametmp) - 1); char *name = path_basename(nametmp); *output = calloc(PATH_MAX, sizeof(**output)); @@ -105,7 +105,7 @@ int get_basetemp_dir_entrypoint(void *frame, void *data_out) { return -1; } char nametmp[PATH_MAX] = {0}; - strcpy(nametmp, cwd); + strncpy(nametmp, cwd, sizeof(nametmp) - 1); char *name = path_basename(nametmp); *output = calloc(PATH_MAX, sizeof(**output)); @@ -126,7 +126,7 @@ int tox_run_entrypoint(void *frame, void *data_out) { // Apply workaround for tox positional arguments char *toxconf = NULL; if (!access("tox.ini", F_OK)) { - if (!fix_tox_conf("tox.ini", &toxconf)) { + if (!fix_tox_conf("tox.ini", &toxconf, PATH_MAX)) { msg(STASIS_MSG_L3, "Fixing tox positional arguments\n"); *output = calloc(STASIS_BUFSIZ, sizeof(**output)); if (!*output) { diff --git a/src/lib/core/utils.c b/src/lib/core/utils.c index 2722585..6795931 100644 --- a/src/lib/core/utils.c +++ b/src/lib/core/utils.c @@ -45,9 +45,9 @@ int rmtree(char *_path) { while ((d_entity = readdir(dir)) != NULL) { char abspath[PATH_MAX] = {0}; - strcat(abspath, path); - strcat(abspath, DIR_SEP); - strcat(abspath, d_entity->d_name); + strncat(abspath, path, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, DIR_SEP, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, d_entity->d_name, sizeof(abspath) - strlen(abspath) - 1); if (!strcmp(d_entity->d_name, ".") || !strcmp(d_entity->d_name, "..") || !strcmp(abspath, path)) { continue; @@ -278,13 +278,13 @@ char *find_program(const char *name) { result[0] = '\0'; while ((path_elem = strsep(&path, PATH_SEP))) { char abspath[PATH_MAX] = {0}; - strcat(abspath, path_elem); - strcat(abspath, DIR_SEP); - strcat(abspath, name); + strncat(abspath, path_elem, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, DIR_SEP, sizeof(abspath) - strlen(abspath) - 1); + strncat(abspath, name, sizeof(abspath) - strlen(abspath) - 1); if (access(abspath, F_OK) < 0) { continue; } - strncpy(result, abspath, sizeof(result)); + strncpy(result, abspath, sizeof(result) - 1); break; } path = path_orig; @@ -444,14 +444,14 @@ void msg(unsigned type, char *fmt, ...) { // for error output stream = stderr; fprintf(stream, "%s", STASIS_COLOR_RED); - strcpy(status, " ERROR: "); + strncpy(status, " ERROR: ", sizeof(status) - 1); } else if (type & STASIS_MSG_WARN) { stream = stderr; fprintf(stream, "%s", STASIS_COLOR_YELLOW); - strcpy(status, " WARNING: "); + strncpy(status, " WARNING: ", sizeof(status) - 1); } else { fprintf(stream, "%s", STASIS_COLOR_GREEN); - strcpy(status, " "); + strncpy(status, " ", sizeof(status) - 1); } if (type & STASIS_MSG_L1) { @@ -484,9 +484,9 @@ char *xmkstemp(FILE **fp, const char *mode) { char t_name[PATH_MAX * 2]; if (globals.tmpdir) { - strcpy(tmpdir, globals.tmpdir); + strncpy(tmpdir, globals.tmpdir, sizeof(tmpdir) - 1); } else { - strcpy(tmpdir, "/tmp"); + strncpy(tmpdir, "/tmp", sizeof(tmpdir) - 1); } memset(t_name, 0, sizeof(t_name)); snprintf(t_name, sizeof(t_name), "%s/%s", tmpdir, "STASIS.XXXXXX"); @@ -638,9 +638,10 @@ int xml_pretty_print_in_place(const char *filename, const char *pretty_print_pro * * @param filename /path/to/tox.ini * @param result path of replacement tox.ini configuration + * @param maxlen * @return 0 on success, -1 on error */ -int fix_tox_conf(const char *filename, char **result) { +int fix_tox_conf(const char *filename, char **result, size_t maxlen) { struct INIFILE *toxini; FILE *fptemp; @@ -652,7 +653,7 @@ int fix_tox_conf(const char *filename, char **result) { // If the result pointer is NULL, allocate enough to store a filesystem path if (!*result) { - *result = calloc(PATH_MAX, sizeof(**result)); + *result = calloc(maxlen, sizeof(**result)); if (!*result) { guard_free(tempfile); return -1; @@ -694,7 +695,7 @@ int fix_tox_conf(const char *filename, char **result) { return -1; } value = tmp; - strcat(value, with_posargs); + strncat(value, with_posargs, (strlen(value) + strlen(with_posargs)) - strlen(value) - 1); ini_setval(&toxini, INI_SETVAL_REPLACE, section_name, key, value); } } @@ -709,7 +710,7 @@ int fix_tox_conf(const char *filename, char **result) { fclose(fptemp); // Store path to modified config - strcpy(*result, tempfile); + strncpy(*result, tempfile, maxlen - 1); guard_free(tempfile); ini_free(&toxini); @@ -758,7 +759,7 @@ int redact_sensitive(const char **to_redact, size_t to_redact_size, char *src, c if (!tmp) { return -1; } - strcpy(tmp, src); + strncpy(tmp, src, strlen(redacted) + strlen(src)); for (size_t i = 0; i < to_redact_size; i++) { if (to_redact[i] && strstr(tmp, to_redact[i])) { @@ -821,16 +822,15 @@ long get_cpu_count() { int mkdirs(const char *_path, mode_t mode) { char *token; char pathbuf[PATH_MAX] = {0}; - char *path; - path = pathbuf; - strcpy(path, _path); + strncpy(pathbuf, _path, sizeof(pathbuf) - 1); + char *path = pathbuf; errno = 0; char result[PATH_MAX] = {0}; int status = 0; while ((token = strsep(&path, "/")) != NULL && !status) { - strcat(result, token); - strcat(result, "/"); + strncat(result, token, sizeof result - strlen(result) - 1); + strncat(result, "/", sizeof result - strlen(result) - 1); status = mkdir(result, mode); if (status && errno == EEXIST) { status = 0; @@ -886,10 +886,10 @@ int env_manipulate_pathstr(const char *key, char *path, int mode) { return 0; } -int gen_file_extension_str(char *filename, const char *extension) { +int gen_file_extension_str(char *filename, const size_t maxlen, const char *extension) { char *ext_orig = strrchr(filename, '.'); if (!ext_orig) { - strcat(filename, extension); + strncat(filename, extension, maxlen - strlen(filename) - 1); return 0; } @@ -919,7 +919,7 @@ void debug_hexdump(char *data, int len) { snprintf(addr + strlen(addr), sizeof(addr) - pos_fmt_len, pos_fmt, pos); } if (count == 8) { - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } if (count > 15) { snprintf(output, sizeof(output), "%s | %s | %s", addr, bytes, ascii); @@ -946,11 +946,11 @@ void debug_hexdump(char *data, int len) { if (count <= 8) { // Add group padding - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } const int padding = 16 - count; for (int i = 0; i < padding; i++) { - strcat(bytes, " "); + strncat(bytes, " ", sizeof(bytes) - strlen(bytes) - 1); } snprintf(output, DEBUG_HEXDUMP_FMT_BYTES + sizeof(addr) + sizeof(bytes) + sizeof(ascii), "%s | %s | %s", addr, bytes, ascii); puts(output); diff --git a/src/lib/core/wheelinfo.c b/src/lib/core/wheelinfo.c index 86b71cf..ce8ea74 100644 --- a/src/lib/core/wheelinfo.c +++ b/src/lib/core/wheelinfo.c @@ -6,7 +6,7 @@ struct WheelInfo *wheelinfo_get(const char *basepath, const char *name, char *to char package_path[PATH_MAX]; char package_name[NAME_MAX]; - strcpy(package_name, name); + strncpy(package_name, name, sizeof(package_name) - 1); tolower_s(package_name); snprintf(package_path, sizeof(package_path), "%s/%s", basepath, package_name); @@ -20,7 +20,7 @@ struct WheelInfo *wheelinfo_get(const char *basepath, const char *name, char *to continue; } char filename[NAME_MAX]; - strcpy(filename, rec->d_name); + strncpy(filename, rec->d_name, sizeof(filename) - 1); char *ext = strstr(filename, ".whl"); if (ext) { *ext = '\0'; diff --git a/src/lib/delivery/delivery.c b/src/lib/delivery/delivery.c index bb96dc3..7d78878 100644 --- a/src/lib/delivery/delivery.c +++ b/src/lib/delivery/delivery.c @@ -338,11 +338,11 @@ void delivery_defer_packages(struct Delivery *ctx, int type) { if (DEFER_CONDA == type) { dataptr = ctx->conda.conda_packages; deferred = ctx->conda.conda_packages_defer; - strcpy(mode, "conda"); + strncpy(mode, "conda", sizeof(mode) - 1); } else if (DEFER_PIP == type) { dataptr = ctx->conda.pip_packages; deferred = ctx->conda.pip_packages_defer; - strcpy(mode, "pip"); + strncpy(mode, "pip", sizeof(mode) - 1); } else { SYSERROR("BUG: type %d does not map to a supported package manager!\n", type); exit(1); diff --git a/src/lib/delivery/delivery_build.c b/src/lib/delivery/delivery_build.c index f3e9630..3ff5df7 100644 --- a/src/lib/delivery/delivery_build.c +++ b/src/lib/delivery/delivery_build.c @@ -37,7 +37,7 @@ int delivery_build_recipes(struct Delivery *ctx) { tag[strlen(ctx->tests->test[i]->repository_info_tag)] = '\0'; } } else { - strcpy(tag, ctx->tests->test[i]->version); + strncpy(tag, ctx->tests->test[i]->version, sizeof(tag) - 1); } //sprintf(recipe_version, "{%% set version = GIT_DESCRIBE_TAG ~ \".dev\" ~ GIT_DESCRIBE_NUMBER ~ \"+\" ~ GIT_DESCRIBE_HASH %%}"); @@ -434,7 +434,7 @@ struct StrList *delivery_build_wheels(struct Delivery *ctx) { COE_CHECK_ABORT(dep_status, "Unreproducible delivery"); } - strcpy(dname, ctx->tests->test[i]->name); + strncpy(dname, ctx->tests->test[i]->name, sizeof(dname) - 1); tolower_s(dname); snprintf(outdir, sizeof(outdir), "%s/%s", ctx->storage.wheel_artifact_dir, dname); if (mkdirs(outdir, 0755)) { diff --git a/src/lib/delivery/delivery_init.c b/src/lib/delivery/delivery_init.c index 2f8b21a..ff877f0 100644 --- a/src/lib/delivery/delivery_init.c +++ b/src/lib/delivery/delivery_init.c @@ -174,13 +174,13 @@ int delivery_init_platform(struct Delivery *ctx) { } if (!strcmp(ctx->system.arch, "x86_64")) { - strcpy(archsuffix, "64"); + strncpy(archsuffix, "64", sizeof(archsuffix) - 1); } else { - strcpy(archsuffix, ctx->system.arch); + strncpy(archsuffix, ctx->system.arch, sizeof(archsuffix) - 1); } SYSDEBUG("%s", "Setting platform"); - strcpy(ctx->system.platform[DELIVERY_PLATFORM], uts.sysname); + strncpy(ctx->system.platform[DELIVERY_PLATFORM], uts.sysname, DELIVERY_PLATFORM_MAXLEN - 1); if (!strcmp(ctx->system.platform[DELIVERY_PLATFORM], "Darwin")) { snprintf(ctx->system.platform[DELIVERY_PLATFORM_CONDA_SUBDIR], DELIVERY_PLATFORM_MAXLEN, "osx-%s", archsuffix); strncpy(ctx->system.platform[DELIVERY_PLATFORM_CONDA_INSTALLER], "MacOSX", DELIVERY_PLATFORM_MAXLEN - 1); diff --git a/src/lib/delivery/delivery_install.c b/src/lib/delivery/delivery_install.c index fe3bc66..1e2b82c 100644 --- a/src/lib/delivery/delivery_install.c +++ b/src/lib/delivery/delivery_install.c @@ -145,16 +145,16 @@ int delivery_purge_packages(struct Delivery *ctx, const char *env_name, int use_ case PKG_USE_CONDA: fn = conda_exec; list = ctx->conda.conda_packages_purge; - strcpy(package_manager, "conda"); + strncpy(package_manager, "conda", sizeof(package_manager) - 1); // conda is already configured for "always_yes" - strcpy(subcommand, "remove"); + strncpy(subcommand, "remove", sizeof(subcommand) - 1); break; case PKG_USE_PIP: fn = pip_exec; list = ctx->conda.pip_packages_purge; - strcpy(package_manager, "pip"); + strncpy(package_manager, "pip", sizeof(package_manager) - 1); // avoid user prompt to remove packages - strcpy(subcommand, "uninstall -y"); + strncpy(subcommand, "uninstall -y", sizeof(subcommand) - 1); break; default: SYSERROR("Unknown package manager: %d", use_pkg_manager); @@ -203,7 +203,7 @@ int delivery_install_packages(struct Delivery *ctx, char *conda_install_dir, cha } memset(command_base, 0, sizeof(command_base)); - strcat(command_base, "install"); + strncat(command_base, "install", sizeof(command_base) - strlen(command_base) - 1); typedef int (*Runner)(const char *); Runner runner = NULL; @@ -214,13 +214,13 @@ int delivery_install_packages(struct Delivery *ctx, char *conda_install_dir, cha } if (INSTALL_PKG_CONDA_DEFERRED & type) { - strcat(command_base, " --use-local"); + strncat(command_base, " --use-local", sizeof(command_base) - strlen(command_base) - 1); } else if (INSTALL_PKG_PIP_DEFERRED & type) { // Don't change the baseline package set unless we're working with a // new build. Release candidates will need to keep packages as stable // as possible between releases. if (!ctx->meta.based_on) { - strcat(command_base, " --upgrade"); + strncat(command_base, " --upgrade", sizeof(command_base) - strlen(command_base) - 1); } const char *command_base_fmt = " --extra-index-url 'file://%s'"; const int len = snprintf(NULL, 0, command_base_fmt, ctx->storage.wheel_artifact_dir); @@ -289,9 +289,9 @@ int delivery_install_packages(struct Delivery *ctx, char *conda_install_dir, cha char req[255] = {0}; if (!strcmp(name, info->name)) { - strcpy(req, info->name); + strncpy(req, info->name, sizeof(req) - 1); } else { - strcpy(req, name); + strncpy(req, name, sizeof(req) - 1); char *spec = find_version_spec(req); if (spec) { *spec = 0; diff --git a/src/lib/delivery/delivery_test.c b/src/lib/delivery/delivery_test.c index a116479..a088cd7 100644 --- a/src/lib/delivery/delivery_test.c +++ b/src/lib/delivery/delivery_test.c @@ -200,11 +200,11 @@ void delivery_tests_run(struct Delivery *ctx) { msg(STASIS_MSG_L3, "Queuing task for %s\n", test->name); memset(&proc, 0, sizeof(proc)); - strcpy(cmd, test->script); + strncpy(cmd, test->script, strlen(test->script) + STASIS_BUFSIZ - 1); char *cmd_rendered = tpl_render(cmd); if (cmd_rendered) { if (strcmp(cmd_rendered, cmd) != 0) { - strcpy(cmd, cmd_rendered); + strncpy(cmd, cmd_rendered, strlen(test->script) + STASIS_BUFSIZ - 1); cmd[strlen(cmd_rendered) ? strlen(cmd_rendered) - 1 : 0] = 0; } guard_free(cmd_rendered); @@ -229,7 +229,7 @@ void delivery_tests_run(struct Delivery *ctx) { if (!globals.enable_parallel || !test->parallel) { selected = SERIAL; memset(pool_name, 0, sizeof(pool_name)); - strcpy(pool_name, "serial"); + strncpy(pool_name, "serial", sizeof(pool_name) - 1); } if (asprintf(&runner_cmd, runner_cmd_fmt, cmd) < 0) { |