diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2014-04-23 16:08:33 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-04-23 16:08:33 +0000 |
commit | e1bb09be17d41880b391cdcbe9d968f8964928ff (patch) | |
tree | eeb097d0331817dc1ea9f7b52f2930635bda4387 /mdoc_term.c | |
parent | 1f555653eb03957679b5749f7ac779126c3c2627 (diff) | |
download | mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.tar.gz mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.tar.zst mandoc-e1bb09be17d41880b391cdcbe9d968f8964928ff.zip |
Audit strlcpy(3)/strlcat(3) usage.
* Repair three instances of silent truncation, use asprintf(3).
* Change two instances of strlen(3)+malloc(3)+strlcpy(3)+strlcat(3)+...
to use asprintf(3) instead to make them less error prone.
* Cast the return value of four instances where the destination
buffer is known to be large enough to (void).
* Completely remove three useless instances of strlcpy(3)/strlcat(3).
* Mark two places in -Thtml with XXX that can cause information loss
and crashes but are not easy to fix, requiring design changes of
some internal interfaces.
* The file mandocdb.c remains to be audited.
Diffstat (limited to 'mdoc_term.c')
-rw-r--r-- | mdoc_term.c | 33 |
1 files changed, 15 insertions, 18 deletions
diff --git a/mdoc_term.c b/mdoc_term.c index fac902bc..93bb05ea 100644 --- a/mdoc_term.c +++ b/mdoc_term.c @@ -1,4 +1,4 @@ -/* $Id: mdoc_term.c,v 1.266 2014/04/20 20:18:12 schwarze Exp $ */ +/* $Id: mdoc_term.c,v 1.267 2014/04/23 16:08:33 schwarze Exp $ */ /* * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2010, 2012, 2013, 2014 Ingo Schwarze <schwarze@openbsd.org> @@ -442,10 +442,9 @@ print_mdoc_foot(struct termp *p, const void *arg) static void print_mdoc_head(struct termp *p, const void *arg) { - char buf[BUFSIZ]; const struct mdoc_meta *meta; - char *title; - size_t buflen, titlen; + char *volume, *title; + size_t vollen, titlen; meta = (const struct mdoc_meta *)arg; @@ -466,14 +465,12 @@ print_mdoc_head(struct termp *p, const void *arg) p->rmargin = p->maxrmargin; assert(meta->vol); - strlcpy(buf, meta->vol, BUFSIZ); - buflen = term_strlen(p, buf); - - if (meta->arch) { - strlcat(buf, " (", BUFSIZ); - strlcat(buf, meta->arch, BUFSIZ); - strlcat(buf, ")", BUFSIZ); - } + if (NULL == meta->arch) + volume = mandoc_strdup(meta->vol); + else + mandoc_asprintf(&volume, "%s (%s)", + meta->vol, meta->arch); + vollen = term_strlen(p, volume); mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec); titlen = term_strlen(p, title); @@ -481,20 +478,19 @@ print_mdoc_head(struct termp *p, const void *arg) p->flags |= TERMP_NOBREAK | TERMP_NOSPACE; p->trailspace = 1; p->offset = 0; - p->rmargin = 2 * (titlen+1) + buflen < p->maxrmargin ? - (p->maxrmargin - - term_strlen(p, buf) + term_len(p, 1)) / 2 : - p->maxrmargin - buflen; + p->rmargin = 2 * (titlen+1) + vollen < p->maxrmargin ? + (p->maxrmargin - vollen + term_len(p, 1)) / 2 : + p->maxrmargin - vollen; term_word(p, title); term_flushln(p); p->flags |= TERMP_NOSPACE; p->offset = p->rmargin; - p->rmargin = p->offset + buflen + titlen < p->maxrmargin ? + p->rmargin = p->offset + vollen + titlen < p->maxrmargin ? p->maxrmargin - titlen : p->maxrmargin; - term_word(p, buf); + term_word(p, volume); term_flushln(p); p->flags &= ~TERMP_NOBREAK; @@ -511,6 +507,7 @@ print_mdoc_head(struct termp *p, const void *arg) p->offset = 0; p->rmargin = p->maxrmargin; free(title); + free(volume); } static size_t |