mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
checksrc: ban unsafe functions
The list of unsafe functions currently consists of sprintf, vsprintf, strcat, strncat and gets. Subsequently, some existing code needed updating to avoid warnings on this.
This commit is contained in:
parent
9ceee69ff7
commit
7f963a19ec
@ -7,7 +7,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -58,7 +58,7 @@ CURL_EXTERN char *curl_mvaprintf(const char *format, va_list args);
|
|||||||
# define printf curl_mprintf
|
# define printf curl_mprintf
|
||||||
# define fprintf curl_mfprintf
|
# define fprintf curl_mfprintf
|
||||||
#ifdef CURLDEBUG
|
#ifdef CURLDEBUG
|
||||||
/* When built with CURLDEBUG we define away the sprintf() functions since we
|
/* When built with CURLDEBUG we define away the sprintf functions since we
|
||||||
don't want internal code to be using them */
|
don't want internal code to be using them */
|
||||||
# define sprintf sprintf_was_used
|
# define sprintf sprintf_was_used
|
||||||
# define vsprintf vsprintf_was_used
|
# define vsprintf vsprintf_was_used
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
# | (__| |_| | _ <| |___
|
# | (__| |_| | _ <| |___
|
||||||
# \___|\___/|_| \_\_____|
|
# \___|\___/|_| \_\_____|
|
||||||
#
|
#
|
||||||
# Copyright (C) 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
|
# Copyright (C) 2011 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
#
|
#
|
||||||
# This software is licensed as described in the file COPYING, which
|
# This software is licensed as described in the file COPYING, which
|
||||||
# you should have received as part of this distribution. The terms
|
# you should have received as part of this distribution. The terms
|
||||||
@ -153,6 +153,12 @@ sub scanfile {
|
|||||||
checkwarn($line, length($1)+1, $file, $l, "missing space after close paren");
|
checkwarn($line, length($1)+1, $file, $l, "missing space after close paren");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# scan for use of banned functions
|
||||||
|
if($l =~ /^(.*\W)(sprintf|vsprintf|strcat|strncat|gets)\s*\(/) {
|
||||||
|
checkwarn($line, length($1), $file, $l,
|
||||||
|
"use of $2 is banned");
|
||||||
|
}
|
||||||
|
|
||||||
# check for open brace first on line but not first column
|
# check for open brace first on line but not first column
|
||||||
# only alert if previous line ended with a close paren and wasn't a cpp
|
# only alert if previous line ended with a close paren and wasn't a cpp
|
||||||
# line
|
# line
|
||||||
|
19
lib/ftp.c
19
lib/ftp.c
@ -3978,16 +3978,11 @@ static CURLcode wc_statemach(struct connectdata *conn)
|
|||||||
/* filelist has at least one file, lets get first one */
|
/* filelist has at least one file, lets get first one */
|
||||||
struct ftp_conn *ftpc = &conn->proto.ftpc;
|
struct ftp_conn *ftpc = &conn->proto.ftpc;
|
||||||
struct curl_fileinfo *finfo = wildcard->filelist->head->ptr;
|
struct curl_fileinfo *finfo = wildcard->filelist->head->ptr;
|
||||||
char *tmp_path = malloc(strlen(conn->data->state.path) +
|
|
||||||
strlen(finfo->filename) + 1);
|
|
||||||
if(!tmp_path) {
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
|
||||||
}
|
|
||||||
|
|
||||||
tmp_path[0] = 0;
|
char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename);
|
||||||
/* make full path to matched file */
|
if(!tmp_path)
|
||||||
strcat(tmp_path, wildcard->path);
|
return CURLE_OUT_OF_MEMORY;
|
||||||
strcat(tmp_path, finfo->filename);
|
|
||||||
/* switch default "state.pathbuffer" and tmp_path, good to see
|
/* switch default "state.pathbuffer" and tmp_path, good to see
|
||||||
ftp_parse_url_path function to understand this trick */
|
ftp_parse_url_path function to understand this trick */
|
||||||
Curl_safefree(conn->data->state.pathbuffer);
|
Curl_safefree(conn->data->state.pathbuffer);
|
||||||
@ -4124,13 +4119,13 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
|
|||||||
|
|
||||||
va_list ap;
|
va_list ap;
|
||||||
va_start(ap, fmt);
|
va_start(ap, fmt);
|
||||||
vsnprintf(s, SBUF_SIZE-3, fmt, ap);
|
write_len = vsnprintf(s, SBUF_SIZE-3, fmt, ap);
|
||||||
va_end(ap);
|
va_end(ap);
|
||||||
|
|
||||||
strcat(s, "\r\n"); /* append a trailing CRLF */
|
strcpy(&s[write_len], "\r\n"); /* append a trailing CRLF */
|
||||||
|
write_len +=2;
|
||||||
|
|
||||||
bytes_written=0;
|
bytes_written=0;
|
||||||
write_len = strlen(s);
|
|
||||||
|
|
||||||
res = Curl_convert_to_network(conn->data, s, write_len);
|
res = Curl_convert_to_network(conn->data, s, write_len);
|
||||||
/* Curl_convert_to_network calls failf if unsuccessful */
|
/* Curl_convert_to_network calls failf if unsuccessful */
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -287,6 +287,7 @@ CURLcode Curl_output_digest(struct connectdata *conn,
|
|||||||
struct timeval now;
|
struct timeval now;
|
||||||
|
|
||||||
char **allocuserpwd;
|
char **allocuserpwd;
|
||||||
|
size_t userlen;
|
||||||
const char *userp;
|
const char *userp;
|
||||||
const char *passwdp;
|
const char *passwdp;
|
||||||
struct auth *authp;
|
struct auth *authp;
|
||||||
@ -533,10 +534,11 @@ CURLcode Curl_output_digest(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* append CRLF + zero (3 bytes) to the userpwd header */
|
/* append CRLF + zero (3 bytes) to the userpwd header */
|
||||||
tmp = realloc(*allocuserpwd, strlen(*allocuserpwd) + 3);
|
userlen = strlen(*allocuserpwd);
|
||||||
|
tmp = realloc(*allocuserpwd, userlen + 3);
|
||||||
if(!tmp)
|
if(!tmp)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
strcat(tmp, "\r\n");
|
strcpy(&tmp[userlen], "\r\n"); /* append the data */
|
||||||
*allocuserpwd = tmp;
|
*allocuserpwd = tmp;
|
||||||
|
|
||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
|
117
lib/mprintf.c
117
lib/mprintf.c
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1999 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1999 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -203,101 +203,6 @@ static int dprintf_IsQualifierNoDollar(char c)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DPRINTF_DEBUG2
|
|
||||||
static void dprintf_Pass1Report(va_stack_t *vto, int max)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
char buffer[256];
|
|
||||||
int bit;
|
|
||||||
int flags;
|
|
||||||
|
|
||||||
for(i=0; i<max; i++) {
|
|
||||||
char *type;
|
|
||||||
switch(vto[i].type) {
|
|
||||||
case FORMAT_UNKNOWN:
|
|
||||||
type = "unknown";
|
|
||||||
break;
|
|
||||||
case FORMAT_STRING:
|
|
||||||
type ="string";
|
|
||||||
break;
|
|
||||||
case FORMAT_PTR:
|
|
||||||
type ="pointer";
|
|
||||||
break;
|
|
||||||
case FORMAT_INT:
|
|
||||||
type = "int";
|
|
||||||
break;
|
|
||||||
case FORMAT_INTPTR:
|
|
||||||
type = "intptr";
|
|
||||||
break;
|
|
||||||
case FORMAT_LONG:
|
|
||||||
type = "long";
|
|
||||||
break;
|
|
||||||
case FORMAT_LONGLONG:
|
|
||||||
type = "long long";
|
|
||||||
break;
|
|
||||||
case FORMAT_DOUBLE:
|
|
||||||
type = "double";
|
|
||||||
break;
|
|
||||||
case FORMAT_LONGDOUBLE:
|
|
||||||
type = "long double";
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
buffer[0]=0;
|
|
||||||
|
|
||||||
for(bit=0; bit<31; bit++) {
|
|
||||||
flags = vto[i].flags & (1<<bit);
|
|
||||||
|
|
||||||
if(flags & FLAGS_SPACE)
|
|
||||||
strcat(buffer, "space ");
|
|
||||||
else if(flags & FLAGS_SHOWSIGN)
|
|
||||||
strcat(buffer, "plus ");
|
|
||||||
else if(flags & FLAGS_LEFT)
|
|
||||||
strcat(buffer, "left ");
|
|
||||||
else if(flags & FLAGS_ALT)
|
|
||||||
strcat(buffer, "alt ");
|
|
||||||
else if(flags & FLAGS_SHORT)
|
|
||||||
strcat(buffer, "short ");
|
|
||||||
else if(flags & FLAGS_LONG)
|
|
||||||
strcat(buffer, "long ");
|
|
||||||
else if(flags & FLAGS_LONGLONG)
|
|
||||||
strcat(buffer, "longlong ");
|
|
||||||
else if(flags & FLAGS_LONGDOUBLE)
|
|
||||||
strcat(buffer, "longdouble ");
|
|
||||||
else if(flags & FLAGS_PAD_NIL)
|
|
||||||
strcat(buffer, "padnil ");
|
|
||||||
else if(flags & FLAGS_UNSIGNED)
|
|
||||||
strcat(buffer, "unsigned ");
|
|
||||||
else if(flags & FLAGS_OCTAL)
|
|
||||||
strcat(buffer, "octal ");
|
|
||||||
else if(flags & FLAGS_HEX)
|
|
||||||
strcat(buffer, "hex ");
|
|
||||||
else if(flags & FLAGS_UPPER)
|
|
||||||
strcat(buffer, "upper ");
|
|
||||||
else if(flags & FLAGS_WIDTH)
|
|
||||||
strcat(buffer, "width ");
|
|
||||||
else if(flags & FLAGS_WIDTHPARAM)
|
|
||||||
strcat(buffer, "widthparam ");
|
|
||||||
else if(flags & FLAGS_PREC)
|
|
||||||
strcat(buffer, "precision ");
|
|
||||||
else if(flags & FLAGS_PRECPARAM)
|
|
||||||
strcat(buffer, "precparam ");
|
|
||||||
else if(flags & FLAGS_CHAR)
|
|
||||||
strcat(buffer, "char ");
|
|
||||||
else if(flags & FLAGS_FLOATE)
|
|
||||||
strcat(buffer, "floate ");
|
|
||||||
else if(flags & FLAGS_FLOATG)
|
|
||||||
strcat(buffer, "floatg ");
|
|
||||||
}
|
|
||||||
printf("REPORT: %d. %s [%s]\n", i, type, buffer);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/******************************************************************
|
/******************************************************************
|
||||||
*
|
*
|
||||||
* Pass 1:
|
* Pass 1:
|
||||||
@ -537,10 +442,6 @@ static long dprintf_Pass1(const char *format, va_stack_t *vto, char **endpos,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DPRINTF_DEBUG2
|
|
||||||
dprintf_Pass1Report(vto, max_param);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Read the arg list parameters into our data list */
|
/* Read the arg list parameters into our data list */
|
||||||
for(i=0; i<max_param; i++) {
|
for(i=0; i<max_param; i++) {
|
||||||
if((i + 1 < max_param) && (vto[i + 1].type == FORMAT_WIDTH)) {
|
if((i + 1 < max_param) && (vto[i + 1].type == FORMAT_WIDTH)) {
|
||||||
@ -919,7 +820,7 @@ static int dprintf_formatf(
|
|||||||
case FORMAT_DOUBLE:
|
case FORMAT_DOUBLE:
|
||||||
{
|
{
|
||||||
char formatbuf[32]="%";
|
char formatbuf[32]="%";
|
||||||
char *fptr;
|
char *fptr = &formatbuf[1];
|
||||||
size_t left = sizeof(formatbuf)-strlen(formatbuf);
|
size_t left = sizeof(formatbuf)-strlen(formatbuf);
|
||||||
int len;
|
int len;
|
||||||
|
|
||||||
@ -936,15 +837,15 @@ static int dprintf_formatf(
|
|||||||
prec = (long)vto[p->precision].data.num.as_signed;
|
prec = (long)vto[p->precision].data.num.as_signed;
|
||||||
|
|
||||||
if(p->flags & FLAGS_LEFT)
|
if(p->flags & FLAGS_LEFT)
|
||||||
strcat(formatbuf, "-");
|
*fptr++ = '-';
|
||||||
if(p->flags & FLAGS_SHOWSIGN)
|
if(p->flags & FLAGS_SHOWSIGN)
|
||||||
strcat(formatbuf, "+");
|
*fptr++ = '+';
|
||||||
if(p->flags & FLAGS_SPACE)
|
if(p->flags & FLAGS_SPACE)
|
||||||
strcat(formatbuf, " ");
|
*fptr++ = ' ';
|
||||||
if(p->flags & FLAGS_ALT)
|
if(p->flags & FLAGS_ALT)
|
||||||
strcat(formatbuf, "#");
|
*fptr++ = '#';
|
||||||
|
|
||||||
fptr=&formatbuf[strlen(formatbuf)];
|
*fptr = 0;
|
||||||
|
|
||||||
if(width >= 0) {
|
if(width >= 0) {
|
||||||
/* RECURSIVE USAGE */
|
/* RECURSIVE USAGE */
|
||||||
@ -969,8 +870,8 @@ static int dprintf_formatf(
|
|||||||
|
|
||||||
*fptr = 0; /* and a final zero termination */
|
*fptr = 0; /* and a final zero termination */
|
||||||
|
|
||||||
/* NOTE NOTE NOTE!! Not all sprintf() implementations returns number
|
/* NOTE NOTE NOTE!! Not all sprintf implementations return number of
|
||||||
of output characters */
|
output characters */
|
||||||
(sprintf)(work, formatbuf, p->data.dnum);
|
(sprintf)(work, formatbuf, p->data.dnum);
|
||||||
|
|
||||||
for(fptr=work; *fptr; fptr++)
|
for(fptr=work; *fptr; fptr++)
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -98,12 +98,14 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE *errors)
|
|||||||
char *outdup;
|
char *outdup;
|
||||||
char *dirbuildup;
|
char *dirbuildup;
|
||||||
CURLcode result = CURLE_OK;
|
CURLcode result = CURLE_OK;
|
||||||
|
size_t outlen;
|
||||||
|
|
||||||
|
outlen = strlen(outfile);
|
||||||
outdup = strdup(outfile);
|
outdup = strdup(outfile);
|
||||||
if(!outdup)
|
if(!outdup)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
dirbuildup = malloc(strlen(outfile) + 1);
|
dirbuildup = malloc(outlen + 1);
|
||||||
if(!dirbuildup) {
|
if(!dirbuildup) {
|
||||||
Curl_safefree(outdup);
|
Curl_safefree(outdup);
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
@ -119,12 +121,12 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE *errors)
|
|||||||
if(tempdir2 != NULL) {
|
if(tempdir2 != NULL) {
|
||||||
size_t dlen = strlen(dirbuildup);
|
size_t dlen = strlen(dirbuildup);
|
||||||
if(dlen)
|
if(dlen)
|
||||||
sprintf(&dirbuildup[dlen], "%s%s", DIR_CHAR, tempdir);
|
snprintf(&dirbuildup[dlen], outlen - dlen, "%s%s", DIR_CHAR, tempdir);
|
||||||
else {
|
else {
|
||||||
if(0 != strncmp(outdup, DIR_CHAR, 1))
|
if(0 != strncmp(outdup, DIR_CHAR, 1))
|
||||||
strcpy(dirbuildup, tempdir);
|
strcpy(dirbuildup, tempdir);
|
||||||
else
|
else
|
||||||
sprintf(dirbuildup, "%s%s", DIR_CHAR, tempdir);
|
snprintf(dirbuildup, outlen, "%s%s", DIR_CHAR, tempdir);
|
||||||
}
|
}
|
||||||
if(access(dirbuildup, F_OK) == -1) {
|
if(access(dirbuildup, F_OK) == -1) {
|
||||||
if(-1 == mkdir(dirbuildup,(mode_t)0000750)) {
|
if(-1 == mkdir(dirbuildup,(mode_t)0000750)) {
|
||||||
|
@ -805,18 +805,18 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[])
|
|||||||
/*
|
/*
|
||||||
* Then append ? followed by the get fields to the url.
|
* Then append ? followed by the get fields to the url.
|
||||||
*/
|
*/
|
||||||
urlbuffer = malloc(strlen(this_url) + strlen(httpgetfields) + 3);
|
|
||||||
if(!urlbuffer) {
|
|
||||||
res = CURLE_OUT_OF_MEMORY;
|
|
||||||
goto show_error;
|
|
||||||
}
|
|
||||||
if(pc)
|
if(pc)
|
||||||
sprintf(urlbuffer, "%s%c%s", this_url, sep, httpgetfields);
|
urlbuffer = aprintf("%s%c%s", this_url, sep, httpgetfields);
|
||||||
else
|
else
|
||||||
/* Append / before the ? to create a well-formed url
|
/* Append / before the ? to create a well-formed url
|
||||||
if the url contains a hostname only
|
if the url contains a hostname only
|
||||||
*/
|
*/
|
||||||
sprintf(urlbuffer, "%s/?%s", this_url, httpgetfields);
|
urlbuffer = aprintf("%s/?%s", this_url, httpgetfields);
|
||||||
|
|
||||||
|
if(!urlbuffer) {
|
||||||
|
res = CURLE_OUT_OF_MEMORY;
|
||||||
|
goto show_error;
|
||||||
|
}
|
||||||
|
|
||||||
Curl_safefree(this_url); /* free previous URL */
|
Curl_safefree(this_url); /* free previous URL */
|
||||||
this_url = urlbuffer; /* use our new URL instead! */
|
this_url = urlbuffer; /* use our new URL instead! */
|
||||||
|
@ -123,22 +123,20 @@ char *add_file_name_to_url(CURL *curl, char *url, const char *filename)
|
|||||||
/* URL encode the file name */
|
/* URL encode the file name */
|
||||||
encfile = curl_easy_escape(curl, filep, 0 /* use strlen */);
|
encfile = curl_easy_escape(curl, filep, 0 /* use strlen */);
|
||||||
if(encfile) {
|
if(encfile) {
|
||||||
char *urlbuffer = malloc(strlen(url) + strlen(encfile) + 3);
|
char *urlbuffer;
|
||||||
if(!urlbuffer) {
|
|
||||||
curl_free(encfile);
|
|
||||||
Curl_safefree(url);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
if(ptr)
|
if(ptr)
|
||||||
/* there is a trailing slash on the URL */
|
/* there is a trailing slash on the URL */
|
||||||
sprintf(urlbuffer, "%s%s", url, encfile);
|
urlbuffer = aprintf("%s%s", url, encfile);
|
||||||
else
|
else
|
||||||
/* there is no trailing slash on the URL */
|
/* there is no trailing slash on the URL */
|
||||||
sprintf(urlbuffer, "%s/%s", url, encfile);
|
urlbuffer = aprintf("%s/%s", url, encfile);
|
||||||
|
|
||||||
curl_free(encfile);
|
curl_free(encfile);
|
||||||
Curl_safefree(url);
|
Curl_safefree(url);
|
||||||
|
|
||||||
|
if(!urlbuffer)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
url = urlbuffer; /* use our new URL instead! */
|
url = urlbuffer; /* use our new URL instead! */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -275,32 +275,33 @@ static char *my_get_line(FILE *fp)
|
|||||||
{
|
{
|
||||||
char buf[4096];
|
char buf[4096];
|
||||||
char *nl = NULL;
|
char *nl = NULL;
|
||||||
char *retval = NULL;
|
char *line = NULL;
|
||||||
|
|
||||||
do {
|
do {
|
||||||
if(NULL == fgets(buf, sizeof(buf), fp))
|
if(NULL == fgets(buf, sizeof(buf), fp))
|
||||||
break;
|
break;
|
||||||
if(!retval) {
|
if(!line) {
|
||||||
retval = strdup(buf);
|
line = strdup(buf);
|
||||||
if(!retval)
|
if(!line)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
char *ptr;
|
char *ptr;
|
||||||
ptr = realloc(retval, strlen(retval) + strlen(buf) + 1);
|
size_t linelen = strlen(line);
|
||||||
|
ptr = realloc(line, linelen + strlen(buf) + 1);
|
||||||
if(!ptr) {
|
if(!ptr) {
|
||||||
Curl_safefree(retval);
|
Curl_safefree(line);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
retval = ptr;
|
line = ptr;
|
||||||
strcat(retval, buf);
|
strcpy(&line[linelen], buf);
|
||||||
}
|
}
|
||||||
nl = strchr(retval, '\n');
|
nl = strchr(line, '\n');
|
||||||
} while(!nl);
|
} while(!nl);
|
||||||
|
|
||||||
if(nl)
|
if(nl)
|
||||||
*nl = '\0';
|
*nl = '\0';
|
||||||
|
|
||||||
return retval;
|
return line;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -199,7 +199,7 @@ static char *c_escape(const char *str)
|
|||||||
e += 2;
|
e += 2;
|
||||||
}
|
}
|
||||||
else if(! isprint(c)) {
|
else if(! isprint(c)) {
|
||||||
sprintf(e, "\\%03o", c);
|
snprintf(e, 4, "\\%03o", c);
|
||||||
e += 4;
|
e += 4;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -270,7 +270,7 @@ CURLcode tool_setopt_flags(CURL *curl, struct Configurable *config,
|
|||||||
if(!rest)
|
if(!rest)
|
||||||
break; /* handled them all */
|
break; /* handled them all */
|
||||||
/* replace with all spaces for continuation line */
|
/* replace with all spaces for continuation line */
|
||||||
sprintf(preamble, "%*s", strlen(preamble), "");
|
snprintf(preamble, sizeof(preamble), "%*s", strlen(preamble), "");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* If any bits have no definition, output an explicit value.
|
/* If any bits have no definition, output an explicit value.
|
||||||
@ -313,7 +313,7 @@ CURLcode tool_setopt_bitmask(CURL *curl, struct Configurable *config,
|
|||||||
if(!rest)
|
if(!rest)
|
||||||
break; /* handled them all */
|
break; /* handled them all */
|
||||||
/* replace with all spaces for continuation line */
|
/* replace with all spaces for continuation line */
|
||||||
sprintf(preamble, "%*s", strlen(preamble), "");
|
snprintf(preamble, sizeof(preamble), "%*s", strlen(preamble), "");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* If any bits have no definition, output an explicit value.
|
/* If any bits have no definition, output an explicit value.
|
||||||
|
Loading…
Reference in New Issue
Block a user