Harden strcpy calls.

2014-08-03 00:02:25 +02:00 · 2014-08-03 00:02:25 +02:00 · 3d091f39bf
parent 8fef8f7bb1
commit 3d091f39bf
3 changed files with 5 additions and 11 deletions
--- a/carray/carray.c++
+++ b/carray/carray.c++
@ -245,11 +245,7 @@ int main(int argc, char* argv[])
 		if ( output_path )
 			guard = strdup(output_path);
 		else if ( 2 <= argc && strcmp(argv[1], "-") != 0 )
-		{
-			guard = (char*) malloc(strlen(argv[1]) + 2 + 1);
-			strcpy(guard, argv[1]);
-			strcat(guard, "_H");
-		}
+			asprintf(&guard, "%s_H", argv[1]);
 		else
 			guard = strdup("CARRAY_H");

--- a/libc/libgen/dirname.cpp
+++ b/libc/libgen/dirname.cpp
@ -43,6 +43,6 @@ extern "C" char* dirname(char* path)
 	while ( 1 <= path_len && path[path_len-1] == '/' )
 		path[--path_len] = '\0';
 	if ( !path[0] )
-		strcpy(path, "/");
+		path[0] = '/', path[1] = '\0';
 	return path;
 }
--- a/utils/ls.cpp
+++ b/utils/ls.cpp
@ -266,12 +266,10 @@ int handle_entry(const char* path, const char* name, unsigned char type)
 		return 0;
 	if ( isdotfile && !option_show_dotfiles && !option_directory )
 		return 0;
-	char* fullpath = new char[strlen(path) + 1 + strlen(name) + 1];
-	strcpy(fullpath, path);
-	strcat(fullpath, "/");
-	strcat(fullpath, name);
+	char* fullpath;
+	asprintf(&fullpath, "%s/%s", path, name);
 	int result = handle_entry_internal(fullpath, name, type);
-	delete[] fullpath;
+	free(fullpath);
 	return result;
 }