[GitHub] [nuttx-apps] pkarashchenko commented on a diff in pull request #1623: Replace the unsafe function(strcat, sprintf) with the safe one(strlcat, snprintf)

via GitHub Sat, 29 Apr 2023 23:54:06 -0700


pkarashchenko commented on code in PR #1623:
URL: https://github.com/apache/nuttx-apps/pull/1623#discussion_r1181174253



##########
examples/chat/chat_main.c:
##########
@@ -256,9 +256,9 @@ static int chat_parse_args(FAR struct chat_app *priv)
 
               /* set the TTY device node */
 
-              strncpy(priv->tty,
+              strlcpy(priv->tty,
                       (FAR char *)priv->argv[i] + 2,

Review Comment:
   Not related to this PR, just notice: `priv->argv[I]` is already a `char *`, 
so cast is not needed



##########
netutils/tftpc/tftpc_packets.c:
##########
@@ -122,13 +122,16 @@ int tftp_sockinit(struct sockaddr_in *server, in_addr_t 
addr)
  *
  ****************************************************************************/
 
-int tftp_mkreqpacket(uint8_t *buffer, int opcode, const char *path,
-                     bool binary)
+int tftp_mkreqpacket(uint8_t *buffer, size_t len, int opcode,
+                     const char *path, bool binary)
 {
+  int ret;
+
   buffer[0] = opcode >> 8;
   buffer[1] = opcode & 0xff;
-  return sprintf((char *)&buffer[2], "%s%c%s", path, 0,
+  ret = snprintf((char *)&buffer[2], len - 2, "%s%c%s", path, 0,
                  tftp_mode(binary)) + 3;
+  return ret < len ? ret : len;

Review Comment:
   this part should be reworked as in case if there is no enough room to print 
the `snprintf` will return the size needed. So `ret >= len` should be handled 
as an error instead of returning `len`.
   Maybe `return ret < len ? ret : -1;` would be better



##########
examples/ustream/ustream_server.c:
##########
@@ -78,18 +78,18 @@ int main(int argc, FAR char *argv[])
 
   /* Bind the socket to a local address */
 
-  addrlen = strlen(CONFIG_EXAMPLES_USTREAM_ADDR);
-  if (addrlen > UNIX_PATH_MAX - 1)
+  addrlen = strlen(CONFIG_EXAMPLES_USTREAM_ADDR) + 1;
+  if (addrlen > UNIX_PATH_MAX)
     {
-      addrlen = UNIX_PATH_MAX - 1;
+      addrlen = UNIX_PATH_MAX;
     }
 
   myaddr.sun_family = AF_LOCAL;
-  strncpy(myaddr.sun_path, CONFIG_EXAMPLES_USTREAM_ADDR, addrlen);
+  strlcpy(myaddr.sun_path, CONFIG_EXAMPLES_USTREAM_ADDR, addrlen);
   myaddr.sun_path[addrlen] = '\0';
 
   addrlen += sizeof(sa_family_t) + 1;
-  ret = bind(listensd, (struct sockaddr*)&myaddr, addrlen);
+  ret = bind(listensd, (struct sockaddr *)&myaddr, addrlen);

Review Comment:
   ```suggestion
     ret = bind(listensd, (FAR struct sockaddr *)&myaddr, addrlen);
   ```



##########
system/nxplayer/nxplayer.c:
##########
@@ -2167,7 +2167,7 @@ FAR struct nxplayer_s *nxplayer_create(void)
 #endif
 
 #ifdef CONFIG_NXPLAYER_INCLUDE_MEDIADIR
-  strncpy(pplayer->mediadir, CONFIG_NXPLAYER_DEFAULT_MEDIADIR,
+  strlcpy(pplayer->mediadir, CONFIG_NXPLAYER_DEFAULT_MEDIADIR,
       sizeof(pplayer->mediadir));

Review Comment:
   ```suggestion
     strlcpy(pplayer->mediadir, CONFIG_NXPLAYER_DEFAULT_MEDIADIR,
             sizeof(pplayer->mediadir));
   ```



##########
examples/ustream/ustream_server.c:
##########
@@ -60,7 +60,7 @@ int main(int argc, FAR char *argv[])
 
   /* Allocate a BIG buffer */
 
-  buffer = (char*)malloc(2*SENDSIZE);
+  buffer = (char *)malloc(2 * SENDSIZE);

Review Comment:
   ```suggestion
     buffer = (FAR char *)malloc(2 * SENDSIZE);
   ```



##########
examples/ustream/ustream_server.c:
##########
@@ -131,7 +132,7 @@ int main(int argc, FAR char *argv[])
     }
 #endif
 
-  acceptsd = accept(listensd, (struct sockaddr*)&myaddr, &addrlen);
+  acceptsd = accept(listensd, (struct sockaddr *)&myaddr, &addrlen);

Review Comment:
   ```suggestion
     acceptsd = accept(listensd, (FAR struct sockaddr *)&myaddr, &addrlen);
   ```



##########
system/vi/vi.c:
##########
@@ -1958,7 +1959,7 @@ static void vi_showlinecol(FAR struct vi_s *vi)
   len = snprintf(vi->scratch, SCRATCH_BUFSIZE, "%jd,%d",

Review Comment:
   `SCRATCH_BUFSIZE` -> `sizeof(vi->scratch)`?



##########
system/sched_note/note_main.c:
##########
@@ -729,7 +729,9 @@ static void dump_notes(size_t nread)
 
                     for (i = 0; i < count; i++)
                       {
-                        ret += sprintf(&out[ret], " 0x%x", 
note_binary->nbi_data[i]);
+                        snprintf(&out[ret], sizeof(out) - ret,
+                                 " 0x%x", note_binary->nbi_data[i]);
+                        ret = strlen(out);

Review Comment:
   why not
   ```suggestion
                           ret += strlen(out);
   ```
   ?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[GitHub] [nuttx-apps] pkarashchenko commented on a diff in pull request #1623: Replace the unsafe function(strcat, sprintf) with the safe one(strlcat, snprintf)

Reply via email to