From 87779a8c85eec0b71703ed3090a3949761396a15 Mon Sep 17 00:00:00 2001 From: Joseph Hunkeler Date: Wed, 15 Apr 2026 10:10:15 -0400 Subject: Replace sprintf with snprintf * A few strcpy and strcat changes as well --- tests/test_utils.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'tests/test_utils.c') diff --git a/tests/test_utils.c b/tests/test_utils.c index cfe79e0..5766f6c 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -129,7 +129,7 @@ void test_isempty_dir() { STASIS_ASSERT(isempty_dir(dname) > 0, "empty directory went undetected"); char path[PATH_MAX]; - sprintf(path, "%s/file.txt", dname); + snprintf(path, sizeof(path), "%s/file.txt", dname); touch(path); STASIS_ASSERT(isempty_dir(dname) == 0, "populated directory went undetected"); @@ -193,7 +193,7 @@ void test_git_clone_and_describe() { // initialize a bare repo so we can clone it char init_cmd[PATH_MAX]; - sprintf(init_cmd, "git init --bare %s", repo_git); + snprintf(init_cmd, sizeof(init_cmd), "git init --bare %s", repo_git); system(init_cmd); // clone the bare repo @@ -366,8 +366,8 @@ void test_rmtree() { for (size_t i = 0; i < sizeof(tree) / sizeof(*tree); i++) { char path[PATH_MAX]; char mockfile[PATH_MAX + 10]; - sprintf(path, "%s/%s", root, tree[i]); - sprintf(mockfile, "%s/%zu.txt", path, i); + snprintf(path, sizeof(path), "%s/%s", root, tree[i]); + snprintf(mockfile, sizeof(mockfile), "%s/%zu.txt", path, i); if (mkdir(path, 0755)) { perror(path); STASIS_ASSERT(false, NULL); -- cgit From dc6b871b419159097c272fe21cdef6acece40a99 Mon Sep 17 00:00:00 2001 From: Joseph Hunkeler Date: Thu, 16 Apr 2026 11:52:11 -0400 Subject: Convert more strcat and strcpy to strn variants --- tests/test_utils.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'tests/test_utils.c') diff --git a/tests/test_utils.c b/tests/test_utils.c index 5766f6c..1ad2335 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -329,8 +329,7 @@ void test_path_basename() { } void test_expandpath() { - char *home; - + char *home = NULL; const char *homes[] = { "HOME", "USERPROFILE", @@ -341,10 +340,11 @@ void test_expandpath() { break; } } + STASIS_ASSERT_FATAL(home != NULL, "cannot expand without knowing the user's home directory path"); char path[PATH_MAX] = {0}; - strcat(path, "~"); - strcat(path, DIR_SEP); + strncat(path, "~", sizeof(path) - strlen(path) - 1); + strncat(path, DIR_SEP, sizeof(path) - strlen(path) - 1); char *expanded = expandpath(path); STASIS_ASSERT(startswith(expanded, home) > 0, expanded); -- cgit From fdad37bc1854a973424459026cc32698ff5fe532 Mon Sep 17 00:00:00 2001 From: Joseph Hunkeler Date: Thu, 16 Apr 2026 12:54:34 -0400 Subject: Convert more strcpy to strn variant --- tests/test_utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/test_utils.c') diff --git a/tests/test_utils.c b/tests/test_utils.c index 1ad2335..79bca43 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -65,7 +65,7 @@ void test_fix_tox_conf() { if (fp) { fprintf(fp, "%s", data); fclose(fp); - STASIS_ASSERT(fix_tox_conf(filename, &result) == 0, "fix_tox_conf failed"); + STASIS_ASSERT(fix_tox_conf(filename, &result, PATH_MAX) == 0, "fix_tox_conf failed"); } else { STASIS_ASSERT(false, "writing mock tox.ini failed"); } @@ -308,7 +308,7 @@ void test_path_dirname() { const char *input = data[i]; const char *expected = data[i + 1]; char tmp[PATH_MAX] = {0}; - strcpy(tmp, input); + strncpy(tmp, input, sizeof(tmp) - 1); char *result = path_dirname(tmp); STASIS_ASSERT(strcmp(expected, result) == 0, NULL); -- cgit From 0c6bcfb345075dc042b139bcdfbc11cd862c7258 Mon Sep 17 00:00:00 2001 From: Joseph Hunkeler Date: Fri, 17 Apr 2026 12:05:20 -0400 Subject: Fix incorrect usage of maxlen argument in snprintf calls --- tests/test_utils.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'tests/test_utils.c') diff --git a/tests/test_utils.c b/tests/test_utils.c index 79bca43..7361139 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -147,7 +147,9 @@ void test_xmkstemp() { char buf[100] = {0}; tempfp = fopen(tempfile, "r"); - fgets(buf, sizeof(buf) - 1, tempfp); + const char *line = fgets(buf, sizeof(buf) - 1, tempfp); + STASIS_ASSERT_FATAL(line != NULL, "file should contain data written earlier"); + STASIS_ASSERT(strcmp(line, buf) == 0, "file should contain the correct data"); fclose(tempfp); STASIS_ASSERT(strcmp(buf, data) == 0, "data written to temp file is incorrect"); -- cgit