From ebe1df4cb9629f406ea1c6cda425eef89eaebbaf Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Thu, 24 Jan 2019 14:25:58 +0100 Subject: [PATCH] review some flawfinder warnings --- src/util/translation.c | 30 ++++++++++++++---------------- src/vortex.c | 4 ++-- 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/src/util/translation.c b/src/util/translation.c index 4d032911e..44f252790 100644 --- a/src/util/translation.c +++ b/src/util/translation.c @@ -164,10 +164,10 @@ static void free_functions(void) void add_function(const char *symbol, evalfun parse) { - char token[64]; + char token[64]; /* Flawfinder: ignore */ size_t len = strlen(symbol); - assert(len + 1 + sizeof(parse) <= sizeof(token)); + assert(len + sizeof(parse) < sizeof(token)); len = cb_new_kv(symbol, len, &parse, sizeof(parse), token); cb_insert(&functions, token, len); } @@ -193,15 +193,17 @@ static const char *parse_symbol(opstack ** stack, const char *in, */ { bool braces = false; - char symbol[32]; + char symbol[32]; /* Flawfinder: ignore */ char *cp = symbol; /* current position */ if (*in == '{') { braces = true; ++in; } - while (isalnum(*in) || *in == '.') + while (isalnum(*in) || *in == '.') { *cp++ = *in++; + assert(cp < symbol + sizeof(symbol)); + } *cp = '\0'; /* symbol will now contain the symbol name */ if (*in == '(') { @@ -371,7 +373,7 @@ const char *translate(const char *format, const void *userdata, { unsigned int i = 0; const char *ic = vars; - char symbol[32]; + char symbol[32]; /* Flawfinder: ignore */ char *oc = symbol; opstack *stack = NULL; const char *rv; @@ -383,11 +385,15 @@ const char *translate(const char *format, const void *userdata, assert(*ic == 0 || isalnum(*ic)); while (*ic) { *oc++ = *ic++; + assert(oc < symbol + sizeof(symbol)); if (!isalnum(*ic)) { + size_t len; variant x = args[i++]; *oc = '\0'; + len = oc - symbol + 1; + str_strlcpy(oc = balloc(len), symbol, len); + add_variable(oc, x); oc = symbol; - add_variable(strcpy(balloc(strlen(symbol) + 1), symbol), x); while (*ic && !isalnum(*ic)) ++ic; } @@ -452,22 +458,15 @@ static void eval_if(opstack ** stack, const void *userdata) UNUSED_ARG(userdata); } -static void eval_strlen(opstack ** stack, const void *userdata) -{ /* string -> int */ - const char *c = (const char *)opop_v(stack); - opush_i(stack, c ? (int)strlen(c) : 0); - UNUSED_ARG(userdata); -} - #include "base36.h" static void eval_int(opstack ** stack, const void *userdata) { int i = opop_i(stack); const char *c = itoa10(i); - size_t len = strlen(c); + size_t size = strlen(c) + 1; /* Flawfinder: ignore */ variant var; - var.v = strcpy(balloc(len + 1), c); + str_strlcpy(var.v = balloc(size), c, size); opush(stack, var); } @@ -477,7 +476,6 @@ void translation_init(void) add_function("eq", &eval_eq); add_function("int", &eval_int); add_function("add", &eval_add); - add_function("strlen", &eval_strlen); add_function("if", &eval_if); add_function("isnull", &eval_isnull); } diff --git a/src/vortex.c b/src/vortex.c index 36945ca3f..616d8c57a 100644 --- a/src/vortex.c +++ b/src/vortex.c @@ -91,7 +91,7 @@ static int a_readdirection(variant *var, void *owner, struct gamedata *data) { struct storage *store = data->store; spec_direction *d = (spec_direction *)(var->v); - char lbuf[32]; + char lbuf[32]; /* Flawfinder: ignore */ (void)owner; READ_INT(store, &d->x); @@ -130,7 +130,7 @@ region *find_special_direction(const region * r, const char *token) { attrib *a; - if (strlen(token) == 0) + if (*token == '\0') return NULL; for (a = a_find(r->attribs, &at_direction); a && a->type == &at_direction; a = a->next) {