From 7d2c81a4e1d530b8d77b6da1f6c11b4ccfa39602 Mon Sep 17 00:00:00 2001 From: Yolan Uyttenhove Date: Wed, 11 May 2022 16:19:11 +0200 Subject: [PATCH 1/3] fix stringop-overread errors (cherry picked from commit 452d01c8c3938a991123325d6581836dd9f2bf8d) --- src/io_properties.h | 86 ++++++++++++++++++++++----------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/src/io_properties.h b/src/io_properties.h index db0f836cc..fd77aa171 100644 --- a/src/io_properties.h +++ b/src/io_properties.h @@ -226,7 +226,7 @@ struct io_props { * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_input_field_( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum DATA_IMPORTANCE importance, enum unit_conversion_factor units, char* field, size_t partSize, const float default_value) { struct io_props r; @@ -273,9 +273,9 @@ INLINE static struct io_props io_make_input_field_( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, char* field, - size_t partSize, const char description[DESCRIPTION_BUFFER_SIZE]) { + size_t partSize, const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -324,11 +324,11 @@ INLINE static struct io_props io_make_output_field_( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_part_INT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t partSize, const struct part* parts, const struct xpart* xparts, conversion_func_part_int functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -370,11 +370,11 @@ INLINE static struct io_props io_make_output_field_convert_part_INT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_part_FLOAT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t partSize, const struct part* parts, const struct xpart* xparts, conversion_func_part_float functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -416,11 +416,11 @@ INLINE static struct io_props io_make_output_field_convert_part_FLOAT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_part_DOUBLE( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t partSize, const struct part* parts, const struct xpart* xparts, conversion_func_part_double functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -462,11 +462,11 @@ INLINE static struct io_props io_make_output_field_convert_part_DOUBLE( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_part_LONGLONG( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t partSize, const struct part* parts, const struct xpart* xparts, conversion_func_part_long_long functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -516,10 +516,10 @@ INLINE static struct io_props io_make_output_field_convert_part_LONGLONG( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_gpart_INT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t gpartSize, const struct gpart* gparts, conversion_func_gpart_int functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -559,10 +559,10 @@ INLINE static struct io_props io_make_output_field_convert_gpart_INT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_gpart_FLOAT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t gpartSize, const struct gpart* gparts, conversion_func_gpart_float functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -602,10 +602,10 @@ INLINE static struct io_props io_make_output_field_convert_gpart_FLOAT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_gpart_DOUBLE( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t gpartSize, const struct gpart* gparts, conversion_func_gpart_double functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -645,10 +645,10 @@ INLINE static struct io_props io_make_output_field_convert_gpart_DOUBLE( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_gpart_LONGLONG( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t gpartSize, const struct gpart* gparts, conversion_func_gpart_long_long functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -697,10 +697,10 @@ INLINE static struct io_props io_make_output_field_convert_gpart_LONGLONG( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_spart_INT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t spartSize, const struct spart* sparts, conversion_func_spart_int functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -740,10 +740,10 @@ INLINE static struct io_props io_make_output_field_convert_spart_INT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_spart_FLOAT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t spartSize, const struct spart* sparts, conversion_func_spart_float functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -783,10 +783,10 @@ INLINE static struct io_props io_make_output_field_convert_spart_FLOAT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_spart_DOUBLE( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t spartSize, const struct spart* sparts, conversion_func_spart_double functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -826,10 +826,10 @@ INLINE static struct io_props io_make_output_field_convert_spart_DOUBLE( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_spart_LONGLONG( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t spartSize, const struct spart* sparts, conversion_func_spart_long_long functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -878,10 +878,10 @@ INLINE static struct io_props io_make_output_field_convert_spart_LONGLONG( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_bpart_INT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t bpartSize, const struct bpart* bparts, conversion_func_bpart_int functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -921,10 +921,10 @@ INLINE static struct io_props io_make_output_field_convert_bpart_INT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_bpart_FLOAT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t bpartSize, const struct bpart* bparts, conversion_func_bpart_float functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -964,10 +964,10 @@ INLINE static struct io_props io_make_output_field_convert_bpart_FLOAT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_bpart_DOUBLE( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t bpartSize, const struct bpart* bparts, conversion_func_bpart_double functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -1007,10 +1007,10 @@ INLINE static struct io_props io_make_output_field_convert_bpart_DOUBLE( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_bpart_LONGLONG( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t bpartSize, const struct bpart* bparts, conversion_func_bpart_long_long functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -1059,10 +1059,10 @@ INLINE static struct io_props io_make_output_field_convert_bpart_LONGLONG( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_sink_INT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t sinkSize, const struct sink* sinks, conversion_func_sink_int functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -1102,10 +1102,10 @@ INLINE static struct io_props io_make_output_field_convert_sink_INT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_sink_FLOAT( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t sinkSize, const struct sink* sinks, conversion_func_sink_float functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -1145,10 +1145,10 @@ INLINE static struct io_props io_make_output_field_convert_sink_FLOAT( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_sink_DOUBLE( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t sinkSize, const struct sink* sinks, conversion_func_sink_double functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); @@ -1188,10 +1188,10 @@ INLINE static struct io_props io_make_output_field_convert_sink_DOUBLE( * Do not call this function directly. Use the macro defined above. */ INLINE static struct io_props io_make_output_field_convert_sink_LONGLONG( - const char name[FIELD_BUFFER_SIZE], enum IO_DATA_TYPE type, int dimension, + const char *name, enum IO_DATA_TYPE type, int dimension, enum unit_conversion_factor units, float a_exponent, size_t sinkSize, const struct sink* sinks, conversion_func_sink_long_long functionPtr, - const char description[DESCRIPTION_BUFFER_SIZE]) { + const char *description) { struct io_props r; bzero(&r, sizeof(struct io_props)); -- GitLab From 853a60fd61630db76b0f836cd36f1f8aa0c02e35 Mon Sep 17 00:00:00 2001 From: Yolan Uyttenhove Date: Thu, 12 May 2022 09:59:10 +0200 Subject: [PATCH 2/3] more buffer overrun safety --- src/io_properties.h | 102 +++++++++++++++++++++++++------------------- 1 file changed, 59 insertions(+), 43 deletions(-) diff --git a/src/io_properties.h b/src/io_properties.h index fd77aa171..7d72e8bf8 100644 --- a/src/io_properties.h +++ b/src/io_properties.h @@ -27,6 +27,7 @@ #include "error.h" #include "inline.h" #include "io_compression.h" +#include "minmax.h" #include "part.h" #include "units.h" @@ -178,6 +179,21 @@ struct io_props { conversion_func_sink_long_long convert_sink_l; }; +/** + * @brief Copies a string safely (avoids buffer overrun). + * + * @param dst Pointer to the destination array where the content is to be + * copied. + * @param src String to copy. + * @param dst_len Length of the destination array. + */ +INLINE static void safe_strcpy(char *restrict dst, const char *restrict src, + size_t dst_len) { + size_t len = min(dst_len, strlen(src)); + strncpy(dst, src, len); + dst[len-1] = '\0'; +} + /** * @brief Constructs an #io_props from its parameters * @@ -232,7 +248,7 @@ INLINE static struct io_props io_make_input_field_( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); r.type = type; r.dimension = dimension; r.importance = importance; @@ -280,11 +296,11 @@ INLINE static struct io_props io_make_output_field_( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -333,11 +349,11 @@ INLINE static struct io_props io_make_output_field_convert_part_INT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -379,11 +395,11 @@ INLINE static struct io_props io_make_output_field_convert_part_FLOAT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -425,11 +441,11 @@ INLINE static struct io_props io_make_output_field_convert_part_DOUBLE( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -471,11 +487,11 @@ INLINE static struct io_props io_make_output_field_convert_part_LONGLONG( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -524,11 +540,11 @@ INLINE static struct io_props io_make_output_field_convert_gpart_INT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -567,11 +583,11 @@ INLINE static struct io_props io_make_output_field_convert_gpart_FLOAT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -610,11 +626,11 @@ INLINE static struct io_props io_make_output_field_convert_gpart_DOUBLE( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -653,11 +669,11 @@ INLINE static struct io_props io_make_output_field_convert_gpart_LONGLONG( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -705,11 +721,11 @@ INLINE static struct io_props io_make_output_field_convert_spart_INT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -748,11 +764,11 @@ INLINE static struct io_props io_make_output_field_convert_spart_FLOAT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -791,11 +807,11 @@ INLINE static struct io_props io_make_output_field_convert_spart_DOUBLE( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -834,11 +850,11 @@ INLINE static struct io_props io_make_output_field_convert_spart_LONGLONG( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -886,11 +902,11 @@ INLINE static struct io_props io_make_output_field_convert_bpart_INT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -929,11 +945,11 @@ INLINE static struct io_props io_make_output_field_convert_bpart_FLOAT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -972,11 +988,11 @@ INLINE static struct io_props io_make_output_field_convert_bpart_DOUBLE( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -1015,11 +1031,11 @@ INLINE static struct io_props io_make_output_field_convert_bpart_LONGLONG( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -1067,11 +1083,11 @@ INLINE static struct io_props io_make_output_field_convert_sink_INT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -1110,11 +1126,11 @@ INLINE static struct io_props io_make_output_field_convert_sink_FLOAT( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -1153,11 +1169,11 @@ INLINE static struct io_props io_make_output_field_convert_sink_DOUBLE( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; @@ -1196,11 +1212,11 @@ INLINE static struct io_props io_make_output_field_convert_sink_LONGLONG( struct io_props r; bzero(&r, sizeof(struct io_props)); - strcpy(r.name, name); + safe_strcpy(r.name, name, FIELD_BUFFER_SIZE); if (strlen(description) == 0) { sprintf(r.description, "No description given"); } else { - strcpy(r.description, description); + safe_strcpy(r.description, description, DESCRIPTION_BUFFER_SIZE); } r.type = type; r.dimension = dimension; -- GitLab From 16d3fbd089526a8333bb712f46eee162bf9cf42b Mon Sep 17 00:00:00 2001 From: Yolan Uyttenhove Date: Thu, 12 May 2022 10:33:35 +0200 Subject: [PATCH 3/3] more buffer overrun safety (fix for optimized builds) --- src/io_properties.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/io_properties.h b/src/io_properties.h index 7d72e8bf8..34414eb8f 100644 --- a/src/io_properties.h +++ b/src/io_properties.h @@ -27,7 +27,6 @@ #include "error.h" #include "inline.h" #include "io_compression.h" -#include "minmax.h" #include "part.h" #include "units.h" @@ -189,9 +188,8 @@ struct io_props { */ INLINE static void safe_strcpy(char *restrict dst, const char *restrict src, size_t dst_len) { - size_t len = min(dst_len, strlen(src)); - strncpy(dst, src, len); - dst[len-1] = '\0'; + strncpy(dst, src, dst_len - 1); + dst[dst_len-1] = '\0'; } /** -- GitLab