From 9b4b82c1f0a5cab85f68bea88d0cd566d566b588 Mon Sep 17 00:00:00 2001 From: Peter Howkins Date: Fri, 13 Apr 2018 20:26:23 +0100 Subject: [PATCH] dthelp: coverity fixes --- cde/programs/dthelp/dthelpdemo/HelpCache.c | 2 +- cde/programs/dthelp/dthelpgen/helpgen.c | 24 ++++++++-------- cde/programs/dthelp/dthelpprint/Initialize.c | 25 ++++++----------- cde/programs/dthelp/parser/canon1/build/out.c | 2 ++ .../dthelp/parser/canon1/helptag/help.if | 4 +-- .../dthelp/parser/canon1/util/conutil.c | 7 ++++- .../dthelp/parser/canon1/util/fclndir.c | 1 + .../dthelp/parser/pass1/eltdef/eltdef.c | 2 +- .../dthelp/parser/pass1/helptag/help.c | 28 ++++++++----------- .../dthelp/parser/pass1/helptag/help.if | 4 +-- .../dthelp/parser/pass1/helptag/out.c | 4 +-- .../dthelp/parser/pass1/util/entout.c | 3 +- .../dthelp/parser/pass2/htag2/custom.c | 5 +++- 13 files changed, 53 insertions(+), 58 deletions(-) diff --git a/cde/programs/dthelp/dthelpdemo/HelpCache.c b/cde/programs/dthelp/dthelpdemo/HelpCache.c index 0bdef5b9..172fee1b 100644 --- a/cde/programs/dthelp/dthelpdemo/HelpCache.c +++ b/cde/programs/dthelp/dthelpdemo/HelpCache.c @@ -194,7 +194,7 @@ static void CloseHelpCB ( pTemp = pCacheListHead; /* Search our Cache List for the closed help dialog */ - while ((pTemp->helpDialog != helpDialog) && (pTemp != NULL)) + while ((pTemp != NULL) && (pTemp->helpDialog != helpDialog)) pTemp = pTemp->pNext; diff --git a/cde/programs/dthelp/dthelpgen/helpgen.c b/cde/programs/dthelp/dthelpgen/helpgen.c index 1ce60bc3..05b74af6 100644 --- a/cde/programs/dthelp/dthelpgen/helpgen.c +++ b/cde/programs/dthelp/dthelpgen/helpgen.c @@ -531,13 +531,13 @@ CreateFamily ( */ if (NULL != bitmap && *bitmap != '/') { - strcpy (bitmapName, family_name); + snprintf(bitmapName, sizeof(bitmapName), "%s", family_name); ptr = strrchr (bitmapName, '/'); if (ptr) { ptr++; *ptr = '\0'; - strcat (bitmapName, bitmap); + snprintf(bitmapName, sizeof(bitmapName), "%s%s", bitmapName, bitmap); bitmap = bitmapName; } else @@ -652,8 +652,7 @@ ScanDirectory ( if (pDir == NULL) return; - strcpy (fullName, directory); - strcat (fullName, SlashString); + snprintf(fullName, sizeof(fullName), "%s%s", directory, SlashString); ptr = fullName + strlen (fullName); /* @@ -1058,11 +1057,10 @@ main( myName, errno); exit (1); } - strcat (baseName, "/"); - strcat (baseName, App_args.dir); + snprintf(baseName, sizeof(baseName), "%s/%s", baseName, App_args.dir); } else - strcpy (baseName, App_args.dir); + snprintf(baseName, sizeof(baseName), "%s", App_args.dir); /* * make sure the directory exists @@ -1077,9 +1075,9 @@ main( exit (1); } - (void) strcpy (tmpVolume, ptr); + snprintf(tmpVolume, sizeof(tmpVolume), "%s", ptr); if (tmpVolume[strlen (tmpVolume) - 1] != '/') - strcat(tmpVolume, SlashString); + snprintf(tmpVolume, sizeof(tmpVolume), "%s", SlashString); free (ptr); @@ -1101,7 +1099,7 @@ main( * remember the rest of the string (including the slash) * and strip the trailing slash from the directory path. */ - strcpy (tmpVolume2, endDir); + snprintf(tmpVolume2, sizeof(tmpVolume2), "%s", endDir); *endDir = '\0'; /* @@ -1110,7 +1108,7 @@ main( ptr = _DtHelpCeTracePathName(tmpVolume); if (ptr != NULL) { - strcpy (tmpVolume, ptr); + snprintf(tmpVolume, sizeof(tmpVolume), "%s", ptr); free (ptr); } @@ -1187,12 +1185,12 @@ main( /* * get temporary files for the volume and topic file. */ - (void) strcat (tmpVolume, App_args.file); + snprintf(tmpVolume, sizeof(tmpVolume), "%s%s", tmpVolume, App_args.file); (void) strcpy (tmpHeader, tmpVolume); (void) strcpy (tmpTopic, tmpVolume); - (void) strcat (tmpVolume, Ext_Hv); + snprintf(tmpVolume, sizeof(tmpVolume), "%s%s", tmpVolume, Ext_Hv); (void) strcat (tmpHeader, "00.ht"); (void) strcat (tmpTopic , "01.ht"); diff --git a/cde/programs/dthelp/dthelpprint/Initialize.c b/cde/programs/dthelp/dthelpprint/Initialize.c index 25c5f76a..381f16a5 100644 --- a/cde/programs/dthelp/dthelpprint/Initialize.c +++ b/cde/programs/dthelp/dthelpprint/Initialize.c @@ -810,30 +810,23 @@ static float dphm = 300.*2540.; int i; /* build printer resource name and class */ - strcpy(name_prefix, appname); /* e.g. dthelpprint */ - strcat(name_prefix, RN_printer); /* e.g. dthelpprint.printer */ - - strcpy(class_prefix, appclass); /* e.g. Dthelpprint */ - strcat(class_prefix, RC_printer); /* e.g. Dthelpprint.Printer */ + snprintf(name_prefix, sizeof(name_prefix), "%s%s", appname, RN_printer); /* e.g. dthelpprint.printer */ + snprintf(class_prefix, sizeof(class_prefix), "%s%s", appclass, RC_printer); /* e.g. Dthelpprint.Printer */ /********************/ /* Get printer name */ /********************/ - strcpy(resource_name, name_prefix); /* e.g. dthelpprint.printer */ - strcat(resource_name, RN_rsrcname); /* e.g. dthelpprint.printer.name */ - strcpy(resource_class, class_prefix); /* e.g. Dthelpprint.Printer */ - strcat(resource_class, RC_rsrcname); /* e.g. Dthelpprint.Printer.Name */ + snprintf(resource_name, sizeof(resource_name), "%s%s", name_prefix, RN_rsrcname); /* e.g. dthelpprint.printer.name */ + snprintf(resource_class, sizeof(resource_class), "%s%s", class_prefix, RC_rsrcname); /* e.g. Dthelpprint.Printer.Name */ if (XrmGetResource(appDB, resource_name, resource_class, str_type, &value) == True) name = value.addr; else name = EMPTY_STR; if (name[0] != EOS) { - strcat(name_prefix, DOT_STR); - strcat(name_prefix, name); /* e.g. dthelpprint.printer. */ - strcat(class_prefix, DOT_STR); - strcat(class_prefix, name); /* e.g. Dthelpprint.Printer. */ + snprintf(name_prefix, sizeof(name_prefix), "%s%s%s", name_prefix, DOT_STR, name); /* e.g. dthelpprint.printer. */ + snprintf(class_prefix, sizeof(class_prefix), "%s%s%s", class_prefix, DOT_STR, name); /* e.g. Dthelpprint.Printer. */ } /**************************/ @@ -1459,10 +1452,8 @@ void _DtHPrGetResources( cnt > 0; cnt--, rsrc++ ) { - strcpy(resource_name, name_prefix); - strcat(resource_name, rsrc->resource_name); - strcpy(resource_class, class_prefix); - strcat(resource_class, rsrc->resource_class); + snprintf(resource_name, sizeof(resource_name), "%s%s", name_prefix, rsrc->resource_name); + snprintf(resource_class, sizeof(resource_class), "%s%s", class_prefix, rsrc->resource_class); if (XrmGetResource(db, resource_name, resource_class, str_type, &value) == True) *XtRefOffset(options,rsrc->resource_offset) = value.addr; diff --git a/cde/programs/dthelp/parser/canon1/build/out.c b/cde/programs/dthelp/parser/canon1/build/out.c index 3bf73313..c8a3a8e9 100644 --- a/cde/programs/dthelp/parser/canon1/build/out.c +++ b/cde/programs/dthelp/parser/canon1/build/out.c @@ -544,6 +544,8 @@ void srefout(M_NOPAR) fputs(ndif, dtd) ; } SUBONE + + free(mapbysref); } /* Output one element block in a template */ diff --git a/cde/programs/dthelp/parser/canon1/helptag/help.if b/cde/programs/dthelp/parser/canon1/helptag/help.if index 420dca3d..d8ec9ce0 100644 --- a/cde/programs/dthelp/parser/canon1/helptag/help.if +++ b/cde/programs/dthelp/parser/canon1/helptag/help.if @@ -681,11 +681,11 @@ static char ident6[]="@(#) (c) Copyright 1993, 1994 Unix System Labs, Inc., a su thisnodelevel = 2; sprintf(id, "%s%s", sdlReservedName, glossary_string); mb_starthelpnode("_GLOSSARY", id, thisnodelevel); - strcpy(chapstring, string) ; - if (strlen(chapstring) + 1 > sizeof(chapstring)) { + if (strlen(string) + 1 > sizeof(chapstring)) { m_error("Program error: exceeded chapstring") ; m_exit(TRUE) ; } + sprintf(chapstring, sizeof(chapstring), "%s", string) ; fputs("\nGlossary\n", stderr) ; glossary = TRUE ; fprintf(outfile, "%s\n", string); diff --git a/cde/programs/dthelp/parser/canon1/util/conutil.c b/cde/programs/dthelp/parser/canon1/util/conutil.c index 71ae5ad1..45b3b14f 100644 --- a/cde/programs/dthelp/parser/canon1/util/conutil.c +++ b/cde/programs/dthelp/parser/canon1/util/conutil.c @@ -424,8 +424,13 @@ if (loading) newdlm = (char **) calloc(trysize, sizeof(M_WCHAR *)); if (! newtransit || (loading && ! newdlm)) { trysize = NUMDELIM + 1; + free(newtransit); newtransit = (int *) calloc(NUMCON * trysize, sizeof(int)); - if (loading) newdlm = (char **) calloc(trysize, sizeof(M_WCHAR *)); + if (loading) + { + free(newdlm); + newdlm = (char **) calloc(trysize, sizeof(M_WCHAR *)); + } } if (! newtransit || (loading && ! newdlm)) { diff --git a/cde/programs/dthelp/parser/canon1/util/fclndir.c b/cde/programs/dthelp/parser/canon1/util/fclndir.c index 8bc8f59e..c0ed123d 100644 --- a/cde/programs/dthelp/parser/canon1/util/fclndir.c +++ b/cde/programs/dthelp/parser/canon1/util/fclndir.c @@ -144,6 +144,7 @@ void copyfile(pfile1,pfile2) ret = system(pcmd); ret = snprintf(pcmd, slen, "touch %s",pfile2); ret = system(pcmd); + free(pcmd); } int nextchar(file, data) diff --git a/cde/programs/dthelp/parser/pass1/eltdef/eltdef.c b/cde/programs/dthelp/parser/pass1/eltdef/eltdef.c index af49e3ba..fef2f2e9 100644 --- a/cde/programs/dthelp/parser/pass1/eltdef/eltdef.c +++ b/cde/programs/dthelp/parser/pass1/eltdef/eltdef.c @@ -75,7 +75,7 @@ int main(argc, argv) fprintf(stderr, "**** Specify interface file ****\n") ; exit(TRUE) ; } - strncpy(iffile, argv[1], IFLEN) ; + snprintf(iffile, IFLEN, "%s", argv[1]) ; initialize() ; while (TRUE) { m_token = scan() ; diff --git a/cde/programs/dthelp/parser/pass1/helptag/help.c b/cde/programs/dthelp/parser/pass1/helptag/help.c index 474a6a0d..9c6c235c 100644 --- a/cde/programs/dthelp/parser/pass1/helptag/help.c +++ b/cde/programs/dthelp/parser/pass1/helptag/help.c @@ -125,7 +125,7 @@ if ( *(m_argv[0]) == '/' ) else { /* not fully specified, check each component of path for ourself */ - strcpy(patbuf, getenv("PATH")); + snprintf(patbuf, sizeof(patbuf), "%s", getenv("PATH")); path = patbuf; cp = path; @@ -822,9 +822,7 @@ if (listtype == ORDER) switch (lastlist->lastlist->order) { case UROMAN: - strcpy(orderString, ROMAN100[count / 100]); - strcat(orderString, ROMAN10[(count / 10) % 10]); - strcat(orderString, ROMAN0[count % 10]); + snprintf(orderString, sizeof(orderString), "%s%s%s", ROMAN100[count / 100], ROMAN10[(count / 10) % 10], ROMAN0[count % 10]); type = romanString; break; case UALPHA: @@ -846,9 +844,7 @@ if (listtype == ORDER) type = arabicString; break; case LROMAN: - strcpy(orderString, roman100[count / 100]); - strcat(orderString, roman10[(count / 10) % 10]); - strcat(orderString, roman0[count % 10]); + snprintf(orderString, sizeof(orderString), "%s%s%s", roman100[count / 100], roman10[(count / 10) % 10], roman0[count % 10]); type = romanString; break; case LALPHA: @@ -1512,11 +1508,10 @@ int execVer; int compVer; int isStd; -strcpy(myLocale, pLang); +snprintf(myLocale, sizeof(myLocale), "%s", pLang); if (*pCharset) { - strcat(myLocale, "."); - strcat(myLocale, pCharset); + snprintf(myLocale, sizeof(myLocale), "%s.%s", myLocale, pCharset); } if ((_DtLcxOpenAllDbs(&myDb) != 0) || @@ -1604,14 +1599,14 @@ else else strcpy(pLang, cString); - if (*charset) + if ( *charset) { strcpy(pCharset, charset); - mb_free(&charset); } else strcpy(pCharset, isoString); } + mb_free(&charset); _DtLcxCloseDb(&myDb); free(charset); @@ -1772,9 +1767,9 @@ if (!charset) if (dotPtr) *dotPtr = '\0'; -strcpy(stdLang, locale); +snprintf(stdLang, sizeof(stdLang), "%s", locale); if (charset) - strcpy(stdCharset, charset); + snprintf(stdCharset, sizeof(stdCharset), "%s", charset); SetStdLocale(stdLang, stdCharset); if (*stdCharset) @@ -2751,7 +2746,7 @@ if (! notehead) } icon = GetDefaultHeaderString(iconFile, M_SYSTEM, ""); -if (*icon) +if (icon && *icon) { char id[32]; @@ -2762,8 +2757,8 @@ if (*icon) fputs("CLASS=\"ICON\" SSI=\"NCW-ICON\">", outfile); fputs("\n\n", outfile); AddToSNB(id, icon); - m_free(icon, "icon name"); } +m_free(icon, "icon name"); } @@ -2876,6 +2871,7 @@ else } if (try != pathbuf) mb_free(&try); +mb_free(&mb_inputname); } /* Below is a modified version of m_cyclent() that returns a pointer diff --git a/cde/programs/dthelp/parser/pass1/helptag/help.if b/cde/programs/dthelp/parser/pass1/helptag/help.if index 1a98f3ee..a18fe110 100644 --- a/cde/programs/dthelp/parser/pass1/helptag/help.if +++ b/cde/programs/dthelp/parser/pass1/helptag/help.if @@ -775,11 +775,11 @@ static char ident6[]="@(#) (c) Copyright 1993, 1994 Unix System Labs, Inc., a su thisnodelevel = 2; sprintf(id, "%s%s", sdlReservedName, glossary_string); mb_starthelpnode("_GLOSSARY", id, thisnodelevel); - strcpy(chapstring, string) ; - if (strlen(chapstring) + 1 > sizeof(chapstring)) { + if (strlen(string) + 1 > sizeof(chapstring)) { m_error("Program error: exceeded chapstring") ; m_exit(TRUE) ; } + snprintf(chapstring, sizeof(chapstring), "%s", string) ; fputs("\nGlossary\n", stderr) ; glossary = TRUE ; fprintf(outfile, "%s\n", string); diff --git a/cde/programs/dthelp/parser/pass1/helptag/out.c b/cde/programs/dthelp/parser/pass1/helptag/out.c index f4e39146..13154fba 100644 --- a/cde/programs/dthelp/parser/pass1/helptag/out.c +++ b/cde/programs/dthelp/parser/pass1/helptag/out.c @@ -198,7 +198,7 @@ if (bufflen == 1) exLineNum++; if (special[index]) { - strcpy(exbuff, special[index]); + snprintf(exbuff, sizeof(exbuff), "%s", special[index]); bufflen = strlen(exbuff); } } @@ -230,7 +230,7 @@ if (bufflen == 1) index = (unsigned char) imbuff[0]; if (special[index]) { - strcpy(imbuff, special[index]); + snprintf(imbuff, sizeof(imbuff), "%s", special[index]); bufflen = strlen(imbuff); } mb_strcode(imbuff, outfile); diff --git a/cde/programs/dthelp/parser/pass1/util/entout.c b/cde/programs/dthelp/parser/pass1/util/entout.c index 82461864..820afb52 100644 --- a/cde/programs/dthelp/parser/pass1/util/entout.c +++ b/cde/programs/dthelp/parser/pass1/util/entout.c @@ -72,8 +72,7 @@ void entout(fname) int nameindex ; LOGICAL start ; - strncpy(efilename, fname, ENTFILENAME) ; - strncpy(&efilename[strlen(efilename)], ".h", 2) ; + snprintf(efilename, sizeof(efilename), "%s.h", fname) ; m_openchk(&entfile, efilename, "w") ; fprintf(entfile, "#include \"entdef.h\"\n") ; diff --git a/cde/programs/dthelp/parser/pass2/htag2/custom.c b/cde/programs/dthelp/parser/pass2/htag2/custom.c index 2a64bb61..27e62b47 100644 --- a/cde/programs/dthelp/parser/pass2/htag2/custom.c +++ b/cde/programs/dthelp/parser/pass2/htag2/custom.c @@ -231,7 +231,10 @@ SEARCH *searchp; char *mb_entcontent; mb_entcontent = MakeMByteString(entcontent); -if (!mb_entcontent || !*mb_entcontent) return NULL; /* null file name, don't open a directory */ +if (!mb_entcontent || !*mb_entcontent) { + m_free(mb_entcontent, "multi-byte string"); + return NULL; /* null file name, don't open a directory */ +} open = fopen(mb_entcontent, "r"); if (open) -- 2.25.1