/*
* NOTE: it is assumed that _DtCreateDtDirs() returns a buffer of
- * size MAXPATHLEN+1. This allows us to avoid a extra alloc
+ * size MAXPATHLEN. This allows us to avoid a extra alloc
* and copy -- at the expense of code maintainability.
+ *
+ * JET - 2020. This is stupid. At least account for the strings
+ * you are adding further on down... This "solution" isn't great
+ * either. Real fix would be to have all callers pass in bufptr
+ * and len all the way down the chain instead of tmpPath.
*/
- if ((strlen(tmpPath) + 1 + strlen(property)) > MAXPATHLEN) goto abort;
+ if ((strlen(tmpPath)
+ + 1 /* "/" */
+ + strlen(property)
+ + 1 /* "/" */
+ + ((*saveFile == NULL) ? strlen("dtXXXXXX") + 1 : strlen(*saveFile))
+ ) >= MAXPATHLEN)
+ {
+ goto abort;
+ }
/*
* parse the property string and create directory if needed
_DtCreateDtDirs(
Display *display )
{
- char *tmpPath;
+ char *tmpPath = NULL;
Boolean needSessionsDir = False;
Boolean useOldSession = False;
struct stat buf;
int status;
- char *home;
- char *sessionDir;
- char *displayName;
+ char *home = NULL;
+ char *sessionDir = NULL;
+ char *displayName = NULL;
/*
* Sanity check - make sure there's an existing display
*/
if(!display)
return(NULL);
-
- if ((home =getenv("HOME")) == NULL)
+
+ if ((home = getenv("HOME")) == NULL)
home = "";
-
- tmpPath = XtCalloc(1, MAXPATHLEN + 1);
+
+ tmpPath = XtCalloc(1, MAXPATHLEN);
if(tmpPath == NULL)
return(NULL);
/*
* If the $HOME/.dt directory does not exist, create it
*/
- strncpy(tmpPath, home, MAXPATHLEN);
- strncat(tmpPath, "/" DtPERSONAL_CONFIG_DIRECTORY, MAXPATHLEN);
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s", home, DtPERSONAL_CONFIG_DIRECTORY);
status = stat(tmpPath, &buf);
if (status == -1) {
}
/*
- * Create the personal DB directory if it does not exist.
+ * Create the personal DB directory if it does not exist.
*/
- strncpy(tmpPath, home, MAXPATHLEN);
- strncat(tmpPath, "/" DtPERSONAL_DB_DIRECTORY, MAXPATHLEN);
-
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s", home, DtPERSONAL_DB_DIRECTORY);
+
if ((status = stat (tmpPath, &buf)) == -1) {
if ((status = mkdir (tmpPath, 0000)) != -1)
(void) chmod (tmpPath, 0755);
/*
* Create the personal tmp dir if it does not exist.
*/
- strncpy(tmpPath, home, MAXPATHLEN);
- strncat(tmpPath, "/" DtPERSONAL_TMP_DIRECTORY, MAXPATHLEN);
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s", home, DtPERSONAL_TMP_DIRECTORY);
if ((status = stat (tmpPath, &buf)) == -1) {
if ((status = mkdir (tmpPath, 0000)) != -1)
*/
if ((displayName = GetDisplayName (display)) != NULL) {
- strncpy (tmpPath, home, MAXPATHLEN);
- strncat (tmpPath, "/" DtPERSONAL_CONFIG_DIRECTORY, MAXPATHLEN);
- strncat (tmpPath, "/", MAXPATHLEN);
- strncat (tmpPath, displayName, MAXPATHLEN);
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s/%s",
+ home,
+ DtPERSONAL_CONFIG_DIRECTORY,
+ displayName);
free(displayName); /* CDExc22771 */
+ displayName = NULL;
if ((status = stat (tmpPath, &buf)) == -1) {
if ((status = mkdir (tmpPath, 0000)) != -1)
*/
if ((displayName = GetDisplayName (display)) != NULL) {
- strncpy (tmpPath, home, MAXPATHLEN);
- strncat (tmpPath, "/" DtPERSONAL_CONFIG_DIRECTORY, MAXPATHLEN);
- strncat (tmpPath, "/", MAXPATHLEN);
- strncat (tmpPath, displayName, MAXPATHLEN);
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s/%s",
+ home,
+ DtPERSONAL_CONFIG_DIRECTORY,
+ displayName);
free(displayName); /* CDExc22771 */
+ displayName = NULL;
if ((status = stat(tmpPath, &buf)) != 0)
/*
* If we don't have an old style directory - we check for a sessions
* directory, and create it if it doesn't exist
*/
- strncpy (tmpPath, home, MAXPATHLEN);
- strncat (tmpPath, "/" DtPERSONAL_CONFIG_DIRECTORY, MAXPATHLEN);
- strncat (tmpPath, "/" DtSM_SESSION_DIRECTORY, MAXPATHLEN);
+ snprintf(tmpPath, MAXPATHLEN, "%s/%s/%s",
+ home,
+ DtPERSONAL_CONFIG_DIRECTORY,
+ DtSM_SESSION_DIRECTORY);
if ((status = stat(tmpPath, &buf)) == -1) {
if ((status = mkdir(tmpPath, 0000)) == -1) {
int n, screen_number, result;
Arg args[4];
char screenStr[5], cust_msg[24];
- char *tmpStr;
- char tmpPalette[SRVBUFSIZE];
- char *token1;
- char *xrdb_string;
+ char *tmpStr = NULL;
+ char tmpPalette[SRVBUFSIZE];
+ char *token1 = NULL;
+ char *xrdb_string = NULL;
Widget mainShell;
XtAppContext app_context;
/* cycle through each screen */
for(screen_number=0;screen_number != colorSrv.NumOfScreens;screen_number++)
{
- sprintf(screenStr,"%d",screen_number);
+ snprintf(screenStr, sizeof(screenStr), "%d", screen_number);
n = 0;
XtSetArg(args[n], XmNbackground,
BlackPixelOfScreen(DefaultScreenOfDisplay(dpy))); n++;
XtRealizeWidget(shell[screen_number]);
- sprintf(cust_msg,"%s%d", XmSCUSTOMIZE_DATA, screen_number);
+ snprintf(cust_msg, sizeof(cust_msg), "%s%d",
+ XmSCUSTOMIZE_DATA, screen_number);
colorSrv.XA_CUSTOMIZE[screen_number] =
XInternAtom(dpy, cust_msg, FALSE);
/*
* Don't forget to add length for the extra characters.
*/
- tmpStr = (char *)SRV_MALLOC(strlen(MSG1) + 25 + 5 + 1 + 1);
- sprintf(tmpStr,"%s colorSrv.XA_CUSTOMIZE[%d].\n",
- MSG1, screen_number);
- _DtSimpleError(XmSCOLOR_SRV_NAME, DtWarning, NULL, tmpStr, NULL);
- SRV_FREE(tmpStr);
+ int len = strlen(MSG1) + 25 + 5 + 1 + 1;
+ tmpStr = (char *)SRV_MALLOC(len);
+ if (tmpStr)
+ {
+ snprintf(tmpStr, len, "%s colorSrv.XA_CUSTOMIZE[%d].\n",
+ MSG1, screen_number);
+ _DtSimpleError(XmSCOLOR_SRV_NAME, DtWarning, NULL, tmpStr, NULL);
+ SRV_FREE(tmpStr);
+ tmpStr = NULL;
+ }
return(-1);
}
(struct _palette *) SRV_MALLOC( sizeof(struct _palette) + 1 );
/* allocate enough space for the name */
- strcpy(tmpPalette, pColorSrvRsrc.MonochromePalette);
- for (token1=tmpPalette; *token1; token1++);
- while (token1!=tmpPalette && *token1!='.') token1--;
- if (!strcmp(token1,PALETTE_SUFFIX)) *token1 = '\0';
+ snprintf(tmpPalette, SRVBUFSIZE, "%s",
+ pColorSrvRsrc.MonochromePalette);
+ for (token1=tmpPalette; *token1; token1++)
+ ;
+ while (token1 != tmpPalette && *token1 != '.')
+ token1--;
+ if (!strcmp(token1, PALETTE_SUFFIX))
+ *token1 = '\0';
colorSrv.pCurrentPalette[screen_number]->name =
(char *)SRV_MALLOC(strlen(tmpPalette) + 1);
strcpy(colorSrv.pCurrentPalette[screen_number]->name,
(char *) tmpPalette);
- colorSrv.pCurrentPalette[screen_number]->converted=NULL;
+ colorSrv.pCurrentPalette[screen_number]->converted = NULL;
}
if (colorSrv.pCurrentPalette[screen_number] == (struct _palette *) NULL)
/* write out the color or monochrome palette resource for the screen */
xrdb_string = XtMalloc(BUFSIZ);
+ if (!xrdb_string)
+ return -1;
if (colorSrv.TypeOfMonitor[0] == XmCO_HIGH_COLOR ||
colorSrv.TypeOfMonitor[0] == XmCO_MEDIUM_COLOR ||
colorSrv.TypeOfMonitor[0] == XmCO_LOW_COLOR)
{
- sprintf(xrdb_string, "*%d*ColorPalette: %s%s\n",
+ snprintf(xrdb_string, BUFSIZ, "*%d*ColorPalette: %s%s\n",
screen_number,
colorSrv.pCurrentPalette[screen_number]->name,
PALETTE_SUFFIX);
}
else /* XmCO_BLACK_WHITE */
{
- sprintf(xrdb_string, "*%d*MonochromePalette: %s%s\n",
+ snprintf(xrdb_string, BUFSIZ, "*%d*MonochromePalette: %s%s\n",
screen_number,
colorSrv.pCurrentPalette[screen_number]->name,
PALETTE_SUFFIX);
_DtAddToResource(dpy, xrdb_string);
XtFree(xrdb_string);
-
+
} /* for each screen */
return(0);
}
projects / oweals / cde.git / commitdiff