Skip to content

Commit

Permalink
Avoid use of snprintf() in test/minigzip.c.
Browse files Browse the repository at this point in the history
It was being used only as a safe version of strcpy(). Instead, use
a safe alternative to strcpy().
  • Loading branch information
madler committed Feb 7, 2024
1 parent 1382e66 commit 915a3d5
Showing 1 changed file with 27 additions and 29 deletions.
56 changes: 27 additions & 29 deletions test/minigzip.c
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,6 @@
# define SET_BINARY_MODE(file)
#endif

#if defined(_MSC_VER) && _MSC_VER < 1900
# define snprintf _snprintf
#endif

#ifdef VMS
# define unlink delete
# define GZ_SUFFIX "-gz"
Expand Down Expand Up @@ -148,6 +144,25 @@ static void pwinerror (s)
# define local
#endif

/* ===========================================================================
* Safe string copy. Copy up to len bytes from src to dst, if src terminates
* with a null by then. If not, copy len-1 bytes from src, terminating it with
* a null in dst[len-1], cutting src short. Return a pointer to the terminating
* null. If len is zero, nothing is written to *dst and NULL is returned.
*/
static char *string_copy(char *dst, char const *src, z_size_t len) {
if (len == 0)
return NULL;
while (--len) {
*dst = *src++;
if (*dst == 0)
return dst;
dst++;
}
*dst = 0;
return dst;
}

#ifdef Z_SOLO
/* for Z_SOLO, create simplified gz* functions using deflate and inflate */

Expand Down Expand Up @@ -397,7 +412,7 @@ static void gz_uncompress(gzFile in, FILE *out) {
* original.
*/
static void file_compress(char *file, char *mode) {
local char outfile[MAX_NAME_LEN];
local char outfile[MAX_NAME_LEN+1], *end;
FILE *in;
gzFile out;

Expand All @@ -406,12 +421,8 @@ static void file_compress(char *file, char *mode) {
exit(1);
}

#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(outfile, sizeof(outfile), "%s%s", file, GZ_SUFFIX);
#else
strcpy(outfile, file);
strcat(outfile, GZ_SUFFIX);
#endif
end = string_copy(outfile, file, sizeof(outfile));
string_copy(end, GZ_SUFFIX, (outfile + sizeof(outfile)) - end);

in = fopen(file, "rb");
if (in == NULL) {
Expand All @@ -433,7 +444,7 @@ static void file_compress(char *file, char *mode) {
* Uncompress the given file and remove the original.
*/
static void file_uncompress(char *file) {
local char buf[MAX_NAME_LEN];
local char buf[MAX_NAME_LEN+1];
char *infile, *outfile;
FILE *out;
gzFile in;
Expand All @@ -444,11 +455,7 @@ static void file_uncompress(char *file) {
exit(1);
}

#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(buf, sizeof(buf), "%s", file);
#else
strcpy(buf, file);
#endif
string_copy(buf, file, sizeof(buf));

if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
infile = file;
Expand All @@ -457,11 +464,7 @@ static void file_uncompress(char *file) {
} else {
outfile = file;
infile = buf;
#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(buf + len, sizeof(buf) - len, "%s", GZ_SUFFIX);
#else
strcat(infile, GZ_SUFFIX);
#endif
string_copy(buf + len, GZ_SUFFIX, sizeof(buf) - len);
}
in = gzopen(infile, "rb");
if (in == NULL) {
Expand Down Expand Up @@ -494,14 +497,9 @@ int main(int argc, char *argv[]) {
int copyout = 0;
int uncompr = 0;
gzFile file;
char *bname, outmode[20];

#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
snprintf(outmode, sizeof(outmode), "%s", "wb6 ");
#else
strcpy(outmode, "wb6 ");
#endif
char *bname, outmode[5];

string_copy(outmode, "wb6 ", sizeof(outmode));
prog = argv[0];
bname = strrchr(argv[0], '/');
if (bname)
Expand Down

0 comments on commit 915a3d5

Please sign in to comment.