ref: 040ca1cfb5a3e1be7d05bcd90eaa4f01fb68437a
parent: e76b5678bfcac6fc7a42b2f581192ae08831728e
author: Simon Howard <[email protected]>
date: Sat Mar 29 17:23:29 EDT 2014
doom: Eliminate use of unsafe string functions. Eliminate use of strcpy, strcat, strncpy, and use the new safe alternatives.
--- a/src/doom/d_main.c
+++ b/src/doom/d_main.c
@@ -659,6 +659,7 @@
if (deh_sub != banners[i])
{
+ size_t gamename_size;
int version;
// Has been replaced.
@@ -665,16 +666,21 @@
// We need to expand via printf to include the Doom version number
// We also need to cut off spaces to get the basic name
- gamename = Z_Malloc(strlen(deh_sub) + 10, PU_STATIC, 0);
+ gamename_size = strlen(deh_sub) + 10;
+ gamename = Z_Malloc(gamename_size, PU_STATIC, 0);
version = G_VanillaVersionCode();
sprintf(gamename, deh_sub, version / 100, version % 100);
while (gamename[0] != '\0' && isspace(gamename[0]))
- strcpy(gamename, gamename+1);
+ {
+ memmove(gamename, gamename + 1, gamename_size - 1);
+ }
while (gamename[0] != '\0' && isspace(gamename[strlen(gamename)-1]))
+ {
gamename[strlen(gamename) - 1] = '\0';
-
+ }
+
return gamename;
}
}
--- a/src/doom/d_net.c
+++ b/src/doom/d_net.c
@@ -32,6 +32,7 @@
#include "d_main.h"
#include "m_argv.h"
#include "m_menu.h"
+#include "m_misc.h"
#include "i_system.h"
#include "i_timer.h"
#include "i_video.h"
@@ -59,8 +60,8 @@
// Do this the same way as Vanilla Doom does, to allow dehacked
// replacements of this message
- strncpy(exitmsg, DEH_String("Player 1 left the game"), sizeof(exitmsg));
- exitmsg[sizeof(exitmsg) - 1] = '\0';
+ M_StringCopy(exitmsg, DEH_String("Player 1 left the game"),
+ sizeof(exitmsg));
exitmsg[7] += player_num;
--- a/src/doom/g_game.c
+++ b/src/doom/g_game.c
@@ -955,7 +955,11 @@
case BTS_SAVEGAME:
if (!savedescription[0])
- strcpy (savedescription, "NET GAME");
+ {
+ M_StringCopy(savedescription, "NET GAME",
+ sizeof(savedescription));
+ }
+
savegameslot =
(players[i].cmd.buttons & BTS_SAVEMASK)>>BTS_SAVESHIFT;
gameaction = ga_savegame;
@@ -1512,7 +1516,7 @@
void G_LoadGame (char* name)
{
- strcpy (savename, name);
+ M_StringCopy(savename, name, sizeof(savename));
gameaction = ga_loadgame;
}
@@ -1574,13 +1578,13 @@
void
G_SaveGame
( int slot,
- char* description )
-{
- savegameslot = slot;
- strcpy (savedescription, description);
- sendsave = true;
-}
-
+ char* description )
+{
+ savegameslot = slot;
+ M_StringCopy(savedescription, description, sizeof(savedescription));
+ sendsave = true;
+}
+
void G_DoSaveGame (void)
{
char *savegame_file;
@@ -1631,7 +1635,7 @@
rename(temp_savegame_file, savegame_file);
gameaction = ga_nothing;
- strcpy(savedescription, "");
+ M_StringCopy(savedescription, "", sizeof(savedescription));
players[consoleplayer].message = DEH_String(GGSAVED);
--- a/src/doom/hu_stuff.c
+++ b/src/doom/hu_stuff.c
@@ -38,6 +38,7 @@
#include "hu_stuff.h"
#include "hu_lib.h"
#include "m_controls.h"
+#include "m_misc.h"
#include "w_wad.h"
#include "s_sound.h"
@@ -610,11 +611,11 @@
HU_queueChatChar(*macromessage++);
HU_queueChatChar(KEY_ENTER);
- // leave chat mode and notify that it was sent
- chat_on = false;
- strcpy(lastmessage, chat_macros[c]);
- plr->message = lastmessage;
- eatkey = true;
+ // leave chat mode and notify that it was sent
+ chat_on = false;
+ M_StringCopy(lastmessage, chat_macros[c], sizeof(lastmessage));
+ plr->message = lastmessage;
+ eatkey = true;
}
else
{
@@ -632,11 +633,11 @@
if (c == KEY_ENTER)
{
chat_on = false;
- if (w_chat.l.len)
- {
- strcpy(lastmessage, w_chat.l.l);
- plr->message = lastmessage;
- }
+ if (w_chat.l.len)
+ {
+ M_StringCopy(lastmessage, w_chat.l.l, sizeof(lastmessage));
+ plr->message = lastmessage;
+ }
}
else if (c == KEY_ESCAPE)
chat_on = false;
--- a/src/doom/m_menu.c
+++ b/src/doom/m_menu.c
@@ -41,9 +41,10 @@
#include "i_system.h"
#include "i_timer.h"
#include "i_video.h"
-#include "z_zone.h"
+#include "m_misc.h"
#include "v_video.h"
#include "w_wad.h"
+#include "z_zone.h"
#include "r_local.h"
@@ -515,15 +516,15 @@
for (i = 0;i < load_end;i++)
{
- strcpy(name, P_SaveGameFile(i));
+ M_StringCopy(name, P_SaveGameFile(i), sizeof(name));
handle = fopen(name, "rb");
- if (handle == NULL)
- {
- strcpy(&savegamestrings[i][0], EMPTYSTRING);
- LoadMenu[i].status = 0;
- continue;
- }
+ if (handle == NULL)
+ {
+ M_StringCopy(savegamestrings[i], EMPTYSTRING, SAVESTRINGSIZE);
+ LoadMenu[i].status = 0;
+ continue;
+ }
fread(&savegamestrings[i], 1, SAVESTRINGSIZE, handle);
fclose(handle);
LoadMenu[i].status = 1;
@@ -580,7 +581,7 @@
{
char name[256];
- strcpy(name, P_SaveGameFile(choice));
+ M_StringCopy(name, P_SaveGameFile(choice), sizeof(name));
G_LoadGame (name);
M_ClearMenus ();
@@ -645,8 +646,8 @@
saveStringEnter = 1;
saveSlot = choice;
- strcpy(saveOldString,savegamestrings[choice]);
- if (!strcmp(savegamestrings[choice],EMPTYSTRING))
+ M_StringCopy(saveOldString,savegamestrings[choice], SAVESTRINGSIZE);
+ if (!strcmp(savegamestrings[choice], EMPTYSTRING))
savegamestrings[choice][0] = 0;
saveCharIndex = strlen(savegamestrings[choice]);
}
@@ -1594,12 +1595,13 @@
savegamestrings[saveSlot][saveCharIndex] = 0;
}
break;
-
- case KEY_ESCAPE:
- saveStringEnter = 0;
- strcpy(&savegamestrings[saveSlot][0],saveOldString);
- break;
-
+
+ case KEY_ESCAPE:
+ saveStringEnter = 0;
+ M_StringCopy(savegamestrings[saveSlot], saveOldString,
+ SAVESTRINGSIZE);
+ break;
+
case KEY_ENTER:
saveStringEnter = 0;
if (savegamestrings[saveSlot][0])
@@ -1986,21 +1988,28 @@
{
int foundnewline = 0;
- for (i = 0; i < strlen(messageString + start); i++)
- if (messageString[start + i] == '\n')
- {
- memset(string, 0, sizeof(string));
- strncpy(string, messageString + start, i);
- foundnewline = 1;
- start += i + 1;
- break;
- }
-
- if (!foundnewline)
- {
- strcpy(string, messageString + start);
- start += strlen(string);
- }
+ for (i = 0; i < strlen(messageString + start); i++)
+ {
+ if (messageString[start + i] == '\n')
+ {
+ M_StringCopy(string, messageString + start,
+ sizeof(string));
+ if (i < sizeof(string))
+ {
+ string[i] = '\0';
+ }
+
+ foundnewline = 1;
+ start += i + 1;
+ break;
+ }
+ }
+
+ if (!foundnewline)
+ {
+ M_StringCopy(string, messageString + start, sizeof(string));
+ start += strlen(string);
+ }
x = 160 - M_StringWidth(string) / 2;
M_WriteText(x, y, string);
--- a/src/doom/r_data.c
+++ b/src/doom/r_data.c
@@ -36,6 +36,7 @@
#include "w_wad.h"
#include "doomdef.h"
+#include "m_misc.h"
#include "r_local.h"
#include "p_local.h"
@@ -491,19 +492,19 @@
// Load the patch names from pnames.lmp.
- name[8] = 0;
+ name[8] = 0;
names = W_CacheLumpName (DEH_String("PNAMES"), PU_STATIC);
nummappatches = LONG ( *((int *)names) );
- name_p = names+4;
+ name_p = names + 4;
patchlookup = Z_Malloc(nummappatches*sizeof(*patchlookup), PU_STATIC, NULL);
-
- for (i=0 ; i<nummappatches ; i++)
+
+ for (i = 0; i < nummappatches; i++)
{
- strncpy (name,name_p+i*8, 8);
- patchlookup[i] = W_CheckNumForName (name);
+ M_StringCopy(name, name_p + i * 8, sizeof(name));
+ patchlookup[i] = W_CheckNumForName(name);
}
W_ReleaseLumpName(DEH_String("PNAMES"));
-
+
// Load the map texture definitions from textures.lmp.
// The data is contained in one or two lumps,
// TEXTURE1 for shareware, plus TEXTURE2 for commercial.
--- a/src/doom/wi_stuff.c
+++ b/src/doom/wi_stuff.c
@@ -29,6 +29,7 @@
#include "z_zone.h"
+#include "m_misc.h"
#include "m_random.h"
#include "deh_main.h"
@@ -1692,17 +1693,15 @@
if (gamemode == commercial)
{
- strncpy(name, DEH_String("INTERPIC"), 9);
- name[8] = '\0';
+ M_StringCopy(name, DEH_String("INTERPIC"), sizeof(name));
}
else if (gamemode == retail && wbs->epsd == 3)
{
- strncpy(name, DEH_String("INTERPIC"), 9);
- name[8] = '\0';
+ M_StringCopy(name, DEH_String("INTERPIC"), sizeof(name));
}
else
{
- DEH_snprintf(name, 9, "WIMAP%d", wbs->epsd);
+ DEH_snprintf(name, sizeof(name), "WIMAP%d", wbs->epsd);
}
// Draw backdrop and save to a temporary buffer