Implement safe_strncpy() as strlcpy() and use it more.

Signed-off-by: Peter Eriksen <s022018@student.dtu.dk>
Signed-off-by: Junio C Hamano <junkio@cox.net>

diff --git a/builtin-log.c b/builtin-log.c
index 29a885121dd81f1e6288835d12374acc19a751f4..5b0ea28346ece27c37a3036660dc87e456fb9a13 100644 (file)
--- a/builtin-log.c
+++ b/builtin-log.c
@@ -112,7 +112,7 @@ static void reopen_stdout(struct commit *commit, int nr, int keep_subject)
        int len = 0;
 
        if (output_directory) {
-               strncpy(filename, output_directory, 1010);
+               safe_strncpy(filename, output_directory, 1010);
                len = strlen(filename);
                if (filename[len - 1] != '/')
                        filename[len++] = '/';

diff --git a/builtin-tar-tree.c b/builtin-tar-tree.c
index 58a8ccd4d6af0d755fca28b06a12ca9b8efa5300..f6310b9032374d6fd262b807d85987465887cdbf 100644 (file)
--- a/builtin-tar-tree.c
+++ b/builtin-tar-tree.c
@@ -240,8 +240,8 @@ static void write_entry(const unsigned char *sha1, struct strbuf *path,
        /* XXX: should we provide more meaningful info here? */
        sprintf(header.uid, "%07o", 0);
        sprintf(header.gid, "%07o", 0);
-       strncpy(header.uname, "git", 31);
-       strncpy(header.gname, "git", 31);
+       safe_strncpy(header.uname, "git", sizeof(header.uname));
+       safe_strncpy(header.gname, "git", sizeof(header.gname));
        sprintf(header.devmajor, "%07o", 0);
        sprintf(header.devminor, "%07o", 0);
 

diff --git a/cache.h b/cache.h
index d5d7fe4f8c66b2fa39a33361b8efae56e3dbf742..f630cf4bfa92e45600a83d2c3bac05a855deb847 100644 (file)
--- a/cache.h
+++ b/cache.h
@@ -210,7 +210,7 @@ int git_mkstemp(char *path, size_t n, const char *template);
 
 int adjust_shared_perm(const char *path);
 int safe_create_leading_directories(char *path);
-char *safe_strncpy(char *, const char *, size_t);
+size_t safe_strncpy(char *, const char *, size_t);
 char *enter_repo(char *path, int strict);
 
 /* Read and unpack a sha1 file into memory, write memory to a sha1 file */

diff --git a/config.c b/config.c
index c47497001e172060abdcd08e4a606bec89303232..984c75f5dd06bd1d53eda206a2b57eea093dfd58 100644 (file)
--- a/config.c
+++ b/config.c
@@ -280,17 +280,17 @@ int git_default_config(const char *var, const char *value)
        }
 
        if (!strcmp(var, "user.name")) {
-               strncpy(git_default_name, value, sizeof(git_default_name));
+               safe_strncpy(git_default_name, value, sizeof(git_default_name));
                return 0;
        }
 
        if (!strcmp(var, "user.email")) {
-               strncpy(git_default_email, value, sizeof(git_default_email));
+               safe_strncpy(git_default_email, value, sizeof(git_default_email));
                return 0;
        }
 
        if (!strcmp(var, "i18n.commitencoding")) {
-               strncpy(git_commit_encoding, value, sizeof(git_commit_encoding));
+               safe_strncpy(git_commit_encoding, value, sizeof(git_commit_encoding));
                return 0;
        }
 

diff --git a/http-fetch.c b/http-fetch.c
index d3602b7d7d820a37b6395a7aeb96a8dc8368a646..da1a7f5416a4bf3a633d3577382984f528694a78 100644 (file)
--- a/http-fetch.c
+++ b/http-fetch.c
@@ -584,10 +584,8 @@ static void process_alternates_response(void *callback_data)
                        // skip 'objects' at end
                        if (okay) {
                                target = xmalloc(serverlen + posn - i - 6);
-                               strncpy(target, base, serverlen);
-                               strncpy(target + serverlen, data + i,
-                                       posn - i - 7);
-                               target[serverlen + posn - i - 7] = '\0';
+                               safe_strncpy(target, base, serverlen);
+                               safe_strncpy(target + serverlen, data + i, posn - i - 6);
                                if (get_verbosely)
                                        fprintf(stderr,
                                                "Also look at %s\n", target);
@@ -728,8 +726,8 @@ xml_cdata(void *userData, const XML_Char *s, int len)
        struct xml_ctx *ctx = (struct xml_ctx *)userData;
        if (ctx->cdata)
                free(ctx->cdata);
-       ctx->cdata = xcalloc(len+1, 1);
-       strncpy(ctx->cdata, s, len);
+       ctx->cdata = xmalloc(len + 1);
+       safe_strncpy(ctx->cdata, s, len + 1);
 }
 
 static int remote_ls(struct alt_base *repo, const char *path, int flags,

diff --git a/http-push.c b/http-push.c
index b39b36b7679d5c5d928d711895ccfc5f66c353d4..2d9441ec60222be6806eddbd5e515b2233a4f06d 100644 (file)
--- a/http-push.c
+++ b/http-push.c
@@ -1269,8 +1269,8 @@ xml_cdata(void *userData, const XML_Char *s, int len)
        struct xml_ctx *ctx = (struct xml_ctx *)userData;
        if (ctx->cdata)
                free(ctx->cdata);
-       ctx->cdata = xcalloc(len+1, 1);
-       strncpy(ctx->cdata, s, len);
+       ctx->cdata = xmalloc(len + 1);
+       safe_strncpy(ctx->cdata, s, len + 1);
 }
 
 static struct remote_lock *lock_remote(char *path, long timeout)
@@ -1472,7 +1472,7 @@ static void process_ls_object(struct remote_ls_ctx *ls)
                return;
        path += 8;
        obj_hex = xmalloc(strlen(path));
-       strncpy(obj_hex, path, 2);
+       safe_strncpy(obj_hex, path, 3);
        strcpy(obj_hex + 2, path + 3);
        one_remote_object(obj_hex);
        free(obj_hex);
@@ -2160,8 +2160,8 @@ static void fetch_symref(char *path, char **symref, unsigned char *sha1)
 
        /* If it's a symref, set the refname; otherwise try for a sha1 */
        if (!strncmp((char *)buffer.buffer, "ref: ", 5)) {
-               *symref = xcalloc(buffer.posn - 5, 1);
-               strncpy(*symref, (char *)buffer.buffer + 5, buffer.posn - 6);
+               *symref = xmalloc(buffer.posn - 5);
+               safe_strncpy(*symref, (char *)buffer.buffer + 5, buffer.posn - 5);
        } else {
                get_sha1_hex(buffer.buffer, sha1);
        }

diff --git a/ident.c b/ident.c
index 7c81fe8d8bfc4c76324277dc7daa39c76ed12cd3..7b44cbd2cc54c049518b9fb1cb681a88c7aaa6c4 100644 (file)
--- a/ident.c
+++ b/ident.c
@@ -71,10 +71,9 @@ int setup_ident(void)
                len = strlen(git_default_email);
                git_default_email[len++] = '.';
                if (he && (domainname = strchr(he->h_name, '.')))
-                       strncpy(git_default_email + len, domainname + 1, sizeof(git_default_email) - len);
+                       safe_strncpy(git_default_email + len, domainname + 1, sizeof(git_default_email) - len);
                else
-                       strncpy(git_default_email + len, "(none)", sizeof(git_default_email) - len);
-               git_default_email[sizeof(git_default_email) - 1] = 0;
+                       safe_strncpy(git_default_email + len, "(none)", sizeof(git_default_email) - len);
        }
        /* And set the default date */
        datestamp(git_default_date, sizeof(git_default_date));

diff --git a/path.c b/path.c
index 5168b5f17dfc63bfaf5386e779806fba052edf49..194e0b553f7a5c4fd99b348228112b308c5419b6 100644 (file)
--- a/path.c
+++ b/path.c
@@ -83,14 +83,19 @@ int git_mkstemp(char *path, size_t len, const char *template)
 }
 
 
-char *safe_strncpy(char *dest, const char *src, size_t n)
+size_t safe_strncpy(char *dest, const char *src, size_t size)
 {
-       strncpy(dest, src, n);
-       dest[n - 1] = '\0';
+       size_t ret = strlen(src);
 
-       return dest;
+       if (size) {
+               size_t len = (ret >= size) ? size - 1 : ret;
+               memcpy(dest, src, len);
+               dest[len] = '\0';
+       }
+       return ret;
 }
 
+
 int validate_symref(const char *path)
 {
        struct stat st;

diff --git a/sha1_name.c b/sha1_name.c
index fbbde1cf7d388527c88720a511532d93aa769cc0..8fe9b7a75f0f8c43744ce6c031d953f51481ecab 100644 (file)
--- a/sha1_name.c
+++ b/sha1_name.c
@@ -262,8 +262,7 @@ static int get_sha1_basic(const char *str, int len, unsigned char *sha1)
                if (str[am] == '@' && str[am+1] == '{' && str[len-1] == '}') {
                        int date_len = len - am - 3;
                        char *date_spec = xmalloc(date_len + 1);
-                       strncpy(date_spec, str + am + 2, date_len);
-                       date_spec[date_len] = 0;
+                       safe_strncpy(date_spec, str + am + 2, date_len + 1);
                        at_time = approxidate(date_spec);
                        free(date_spec);
                        len = am;