From 3300ef00cbbf99c53a0669011ae27c6043b820f1 Mon Sep 17 00:00:00 2001 From: Lew Rossman Date: Mon, 30 Sep 2019 14:05:38 -0400 Subject: [PATCH] getTmpName() and xstrcpy() made safer --- src/funcs.h | 2 +- src/project.c | 44 ++++++++++++++++++-------------------------- 2 files changed, 19 insertions(+), 27 deletions(-) diff --git a/src/funcs.h b/src/funcs.h index e520b29..95aa66a 100755 --- a/src/funcs.h +++ b/src/funcs.h @@ -49,7 +49,7 @@ int getcomment(Network *, int, int, char *); int setcomment(Network *, int, int, const char *); int namevalid(const char *); -char *getTmpName(char *); +void getTmpName(char *); char *xstrcpy(char **, const char *, const size_t n); int strcomp(const char *, const char *); double interp(int, double [], double [], double); diff --git a/src/project.c b/src/project.c index 039065f..349e6ed 100644 --- a/src/project.c +++ b/src/project.c @@ -18,8 +18,6 @@ //*** For the Windows SDK _tempnam function ***// #ifdef _WIN32 #include -//#else -//#include #endif #include "types.h" @@ -855,8 +853,8 @@ void adjustpattern(int *pat, int index) **---------------------------------------------------------------- */ { - if (*pat == index) *pat = 0; - else if (*pat > index) (*pat)--; + if (*pat == index) *pat = 0; + else if (*pat > index) (*pat)--; } void adjustpatterns(Network *network, int index) @@ -1067,11 +1065,12 @@ int namevalid(const char *name) return TRUE; } -char *getTmpName(char *fname) +void getTmpName(char *fname) //---------------------------------------------------------------- // Input: fname = file name string -// Output: returns pointer to file name -// Purpose: creates a temporary file name with path prepended to it. +// Output: an unused file name +// Purpose: creates a temporary file name with an "en" prefix +// or a blank name if an error occurs. //---------------------------------------------------------------- { #ifdef _WIN32 @@ -1080,32 +1079,25 @@ char *getTmpName(char *fname) // --- use Windows _tempnam function to get a pointer to an // unused file name that begins with "en" + strcpy(fname, ""); name = _tempnam(NULL, "en"); - if (name == NULL) return NULL; - - // --- copy the file name to fname - if (strlen(name) < MAXFNAME) strncpy(fname, name, MAXFNAME); - else fname = NULL; - - // --- free the pointer returned by _tempnam - if (name) free(name); + if (name) + { + // --- copy the file name to fname + if (strlen(name) < MAXFNAME) strncpy(fname, name, MAXFNAME); + // --- free the pointer returned by _tempnam + free(name); + } // --- for non-Windows systems: #else // --- use system function mkstemp() to create a temporary file name -/* - int f = -1; - strcpy(fname, "enXXXXXX"); - f = mkstemp(fname); - close(f); - remove(fname); -*/ strcpy(fname, "enXXXXXX"); FILE *f = fdopen(mkstemp(fname), "r"); - fclose(f); - remove(fname); + if (f == NULL) strcpy(fname, ""); + else fclose(f); + remove(fname); #endif - return fname; } char *xstrcpy(char **s1, const char *s2, const size_t n) @@ -1144,7 +1136,7 @@ char *xstrcpy(char **s1, const char *s2, const size_t n) if (n2 > n1) *s1 = realloc(*s1, (n2 + 1) * sizeof(char)); // Copy the source string into the destination string - strcpy(*s1, s2); + strncpy(*s1, s2, n2); return *s1; }