[openoffice] branch AOO42X updated: Use of strcpy is problematic esp when we don't check bounds. Ugg. Instead use memmove(); Increase buffer sizes due to larger requirements.

[ji...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

jim pushed a commit to branch AOO42X
in repository https://gitbox.apache.org/repos/asf/openoffice.git


The following commit(s) were added to refs/heads/AOO42X by this push:
     new c56f8ff  Use of strcpy is problematic esp when we don't check bounds. Ugg. Instead use memmove(); Increase buffer sizes due to larger requirements.
c56f8ff is described below

commit c56f8ff52acab2e8b128306b12cd162fb5915913
Author: Jim Jagielski <ji...@gmail.com>
AuthorDate: Thu Dec 3 08:40:55 2020 -0500

    Use of strcpy is problematic esp when we don't check bounds. Ugg. Instead use memmove();
    Increase buffer sizes due to larger requirements.
---
 main/soltools/mkdepend/cppsetup.c | 2 +-
 main/soltools/mkdepend/def.h      | 5 +++--
 main/soltools/mkdepend/main.c     | 9 +++++----
 main/soltools/mkdepend/parse.c    | 6 +++++-
 main/soltools/mkdepend/pr.c       | 2 +-
 5 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/main/soltools/mkdepend/cppsetup.c b/main/soltools/mkdepend/cppsetup.c
index 810f6b9..131f889 100644
--- a/main/soltools/mkdepend/cppsetup.c
+++ b/main/soltools/mkdepend/cppsetup.c
@@ -150,7 +150,7 @@ _my_if_errors (ip, cp, expecting)
 }
 
 
-#define MAXNAMELEN 256
+#define MAXNAMELEN 1024
 
 char *
 _lookup_variable (var, len)
diff --git a/main/soltools/mkdepend/def.h b/main/soltools/mkdepend/def.h
index 1217c6c..07a5941 100644
--- a/main/soltools/mkdepend/def.h
+++ b/main/soltools/mkdepend/def.h
@@ -59,11 +59,12 @@ in this Software without prior written authorization from the X Consortium.
 #define        S_IFREG  0100000 
 #endif
 
-#define MAXDEFINES	512
+#define MAXDEFINES	2048
 #define MAXFILES	( 1<<16 ) /* Increased from 512. -mcafee */
 						      /* Increased from 1024. -mh */
 						      /* Increased from 2048. -b_michaelsen */
-#define MAXDIRS		64
+#define MAXDIRS		128
+#define OURBUFSIZ ( 1<<16 )
 #define SYMHASHSEED     131  /* 131 1313 13131 ... */
 #define SYMHASHMEMBERS	64	/* must be 2^x to work right */
 #define	TRUE		1
diff --git a/main/soltools/mkdepend/main.c b/main/soltools/mkdepend/main.c
index 8082214..fc9aecc 100644
--- a/main/soltools/mkdepend/main.c
+++ b/main/soltools/mkdepend/main.c
@@ -140,6 +140,7 @@ catch (sig)
     int sig;
 {
 	fflush (stdout);
+	abort();
 	fatalerr ("got signal %d\n", sig);
 }
 
@@ -659,8 +660,8 @@ void redirect(line, makefile)
 {
 	struct stat	st;
 	FILE	*fdin, *fdout;
-	char	backup[ BUFSIZ ],
-		buf[ BUFSIZ ];
+	char	backup[ OURBUFSIZ ],
+		buf[ OURBUFSIZ ];
 	boolean	found = FALSE;
 	int	len;
 
@@ -699,7 +700,7 @@ void redirect(line, makefile)
 	if ((fdout = freopen(makefile, "w", stdout)) == NULL)
 		fatalerr("cannot open \"%s\"\n", backup);
 	len = strlen(line);
-	while (!found && fgets(buf, BUFSIZ, fdin)) {
+	while (!found && fgets(buf, OURBUFSIZ, fdin)) {
 		if (*buf == '#' && strncmp(line, buf, len) == 0)
 			found = TRUE;
 		fputs(buf, fdout);
@@ -710,7 +711,7 @@ void redirect(line, makefile)
 			line);
 		puts(line); /* same as fputs(fdout); but with newline */
 	} else if (append) {
-	    while (fgets(buf, BUFSIZ, fdin)) {
+	    while (fgets(buf, OURBUFSIZ, fdin)) {
 		fputs(buf, fdout);
 	    }
 	}
diff --git a/main/soltools/mkdepend/parse.c b/main/soltools/mkdepend/parse.c
index f27a04e..5f60f73 100644
--- a/main/soltools/mkdepend/parse.c
+++ b/main/soltools/mkdepend/parse.c
@@ -346,7 +346,11 @@ int deftype (line, filep, file_red, file, parse_it, symbols)
 		/*
 		 * copy the definition back to the beginning of the line.
 		 */
-		strcpy (line, p);
+		{
+			int len = strlen(line);
+			memmove (line, p, len);
+			line[len] = '\0';
+		}
 		break;
 	case ELSE:
 	case ENDIF:
diff --git a/main/soltools/mkdepend/pr.c b/main/soltools/mkdepend/pr.c
index 2c4731e..ac0f994 100644
--- a/main/soltools/mkdepend/pr.c
+++ b/main/soltools/mkdepend/pr.c
@@ -107,7 +107,7 @@ void pr(ip, file, base)
 	static char	*lastfile;
 	static int	current_len;
 	register int	len, i;
-	char	buf[ BUFSIZ ];
+	char	buf[ OURBUFSIZ ];
 
 	printed = TRUE;
 	len = strlen(ip->i_file)+1;