You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by sw...@apache.org on 2023/01/23 23:37:10 UTC
[logging-log4cxx] branch master updated: Replace unsafe C functions with C11 standard (ISO/IEC 9899:2011) functions (#187)
This is an automated email from the ASF dual-hosted git repository.
swebb2066 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4cxx.git
The following commit(s) were added to refs/heads/master by this push:
new 1817f147 Replace unsafe C functions with C11 standard (ISO/IEC 9899:2011) functions (#187)
1817f147 is described below
commit 1817f147795586d7b44392db644b466544350f85
Author: Stephen Webb <st...@ieee.org>
AuthorDate: Tue Jan 24 10:37:04 2023 +1100
Replace unsafe C functions with C11 standard (ISO/IEC 9899:2011) functions (#187)
---
src/main/cpp/domconfigurator.cpp | 5 +-
src/main/cpp/exception.cpp | 7 ++-
src/main/cpp/smtpappender.cpp | 4 +-
src/main/include/log4cxx/private/string_c11.h | 66 +++++++++++++++++++++++++
src/test/cpp/helpers/charsetdecodertestcase.cpp | 5 +-
5 files changed, 79 insertions(+), 8 deletions(-)
diff --git a/src/main/cpp/domconfigurator.cpp b/src/main/cpp/domconfigurator.cpp
index f5488fdd..29f7aea4 100644
--- a/src/main/cpp/domconfigurator.cpp
+++ b/src/main/cpp/domconfigurator.cpp
@@ -14,6 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#include <log4cxx/private/string_c11.h>
#include <log4cxx/logstring.h>
#include <log4cxx/xml/domconfigurator.h>
#include <log4cxx/appender.h>
@@ -55,6 +56,8 @@ using namespace log4cxx::spi;
using namespace log4cxx::config;
using namespace log4cxx::rolling;
+#define MAX_ATTRIBUTE_NAME_LEN 200
+
struct DOMConfigurator::DOMConfiguratorPrivate
{
helpers::Properties props;
@@ -1146,7 +1149,7 @@ LogString DOMConfigurator::getAttribute(
{
if (attrName == attr->name)
{
- ByteBuffer buf((char*) attr->value, strlen(attr->value));
+ ByteBuffer buf((char*) attr->value, strnlen_s(attr->value, MAX_ATTRIBUTE_NAME_LEN));
utf8Decoder->decode(buf, attrValue);
}
}
diff --git a/src/main/cpp/exception.cpp b/src/main/cpp/exception.cpp
index ba7c0074..2adf3708 100644
--- a/src/main/cpp/exception.cpp
+++ b/src/main/cpp/exception.cpp
@@ -14,6 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#define __STDC_WANT_LIB_EXT1__ 1
#include <log4cxx/logstring.h>
#include <log4cxx/helpers/exception.h>
#include <string.h>
@@ -61,7 +62,8 @@ Exception::Exception(const Exception& src) : std::exception()
#if defined(__STDC_LIB_EXT1__) || defined(__STDC_SECURE_LIB__)
strcpy_s(msg, sizeof msg, src.msg);
#else
- strcpy(msg, src.msg);
+ strncpy(msg, src.msg, MSG_SIZE);
+ msg[MSG_SIZE] = 0;
#endif
}
@@ -70,7 +72,8 @@ Exception& Exception::operator=(const Exception& src)
#if defined(__STDC_LIB_EXT1__) || defined(__STDC_SECURE_LIB__)
strcpy_s(msg, sizeof msg, src.msg);
#else
- strcpy(msg, src.msg);
+ strncpy(msg, src.msg, MSG_SIZE);
+ msg[MSG_SIZE] = 0;
#endif
return *this;
}
diff --git a/src/main/cpp/smtpappender.cpp b/src/main/cpp/smtpappender.cpp
index e8ffcb48..b295c1cf 100644
--- a/src/main/cpp/smtpappender.cpp
+++ b/src/main/cpp/smtpappender.cpp
@@ -192,6 +192,7 @@ class SMTPMessage
const LogString msg, Pool& p)
{
message = smtp_add_message(session);
+ current_len = str.length();
body = current = toMessage(msg, p);
messagecbState = 0;
smtp_set_reverse_path(message, toAscii(from, p));
@@ -216,6 +217,7 @@ class SMTPMessage
smtp_message_t message;
const char* body;
const char* current;
+ size_t current_len;
int messagecbState;
void addRecipients(const LogString& addresses, const char* field, Pool& p)
{
@@ -333,7 +335,7 @@ class SMTPMessage
if (pThis->current)
{
- *len = strlen(pThis->current);
+ *len = strnlen_s(pThis->current, pThis->current_len);
}
retval = pThis->current;
diff --git a/src/main/include/log4cxx/private/string_c11.h b/src/main/include/log4cxx/private/string_c11.h
new file mode 100644
index 00000000..f7182454
--- /dev/null
+++ b/src/main/include/log4cxx/private/string_c11.h
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef LOG4CXX_STRING_C11_H
+#define LOG4CXX_STRING_C11_H
+#define __STDC_WANT_LIB_EXT1__ 1
+#include <string.h>
+
+#if !defined(__STDC_LIB_EXT1__) && !defined(__STDC_SECURE_LIB__)
+#include <limits.h>
+#if !defined(RSIZE_MAX) && defined(SSIZE_MAX)
+#define RSIZE_MAX (SSIZE_MAX >> 4)
+#else !defined(RSIZE_MAX)
+#define RSIZE_MAX (2 << 20)
+#endif
+
+static size_t strnlen_s( const char *str, size_t strsz )
+{
+ size_t result = 0;
+ if (!str)
+ ;
+ else while (*str++ != 0 && result < strsz)
+ ++result;
+ return result;
+}
+static int strcat_s(char* destArg, size_t destsz, const char* src)
+{
+ if (!src || !destArg || RSIZE_MAX < destsz)
+ return -1;
+ if (0 == destsz)
+ return -2;
+ --destsz;
+ char* dest = destArg;
+ size_t index = 0;
+ while (*dest && index < destsz)
+ ++index, ++dest;
+ while (*src && index < destsz)
+ {
+ *dest++ = *src++;
+ ++index;
+ }
+ *dest = 0;
+ if (*src) // longer than destsz?
+ {
+ *destArg = 0; // Do not return a partial result
+ return -3;
+ }
+ return 0;
+}
+#endif
+
+#endif /* LOG4CXX_STRING_C11_H */
diff --git a/src/test/cpp/helpers/charsetdecodertestcase.cpp b/src/test/cpp/helpers/charsetdecodertestcase.cpp
index 0493ba2e..9fc58a14 100644
--- a/src/test/cpp/helpers/charsetdecodertestcase.cpp
+++ b/src/test/cpp/helpers/charsetdecodertestcase.cpp
@@ -15,6 +15,7 @@
* limitations under the License.
*/
+#include <log4cxx/private/string_c11.h>
#include <log4cxx/helpers/charsetdecoder.h>
#include "../logunit.h"
#include "../insertwide.h"
@@ -63,11 +64,7 @@ public:
char buf[BUFSIZE + 6];
memset(buf, 'A', BUFSIZE);
buf[BUFSIZE - 3] = 0;
-#if defined(__STDC_LIB_EXT1__) || defined(__STDC_SECURE_LIB__)
strcat_s(buf, sizeof buf, "Hello");
-#else
- strcat(buf, "Hello");
-#endif
ByteBuffer src(buf, strlen(buf));
CharsetDecoderPtr dec(CharsetDecoder::getDefaultDecoder());