shithub: choc

Download patch

ref: 5afef298d6adf6bd6ef852c455647f662a24c995
parent: a9d9335b20a0b708fae1b978f70348aec998356a
author: Simon Howard <fraggle@gmail.com>
date: Tue Apr 1 17:51:18 EDT 2014 

osx: Use safe string functions for launcher.

The OS X launcher used a few unsafe string functions; use snprintf()
or strlcpy,strlcat here - as this is the launcher for OS X we don't
need to care about portability.


--- a/pkg/osx/Execute.m
+++ b/pkg/osx/Execute.m
@@ -75,8 +75,7 @@
 {
     char *argv[3];
 
-    argv[0] = malloc(strlen(executable_path) + strlen(executable) + 3);
-    sprintf(argv[0], "%s/%s", executable_path, executable);
+    asprintf(&argv[0], "%s/%s", executable_path, executable);
 
     if (iwad != NULL || args != NULL)
     {
--- a/pkg/osx/IWADController.m
+++ b/pkg/osx/IWADController.m
@@ -308,15 +308,15 @@
     IWADLocation *iwadList[NUM_IWAD_TYPES];
     NSString *location;
     unsigned int i;
-    unsigned int len;
     BOOL first;
     char *env;
+    size_t env_len;
 
     [self getIWADList: iwadList];
 
     // Calculate length of environment string.
 
-    len = 0;
+    env_len = 0;
 
     for (i=0; i<NUM_IWAD_TYPES; ++i)
     {
@@ -324,14 +324,14 @@
 
         if (location != nil && [location length] > 0)
         {
-            len += [location length] + 1;
+            env_len += [location length] + 1;
         }
     }
 
     // Build string.
 
-    env = malloc(len);
-    strcpy(env, "");
+    env = malloc(env_len);
+    strlcpy(env, "", env_len);
 
     first = YES;
 
@@ -343,10 +343,10 @@
         {
             if (!first)
             {
-                strcat(env, ":");
+                strlcat(env, ":", env_len);
             }
 
-            strcat(env, [location UTF8String]);
+            strlcat(env, [location UTF8String], env_len);
             first = NO;
         }
     }
@@ -366,9 +366,7 @@
 
     doomwadpath = [self doomWadPath];
 
-    env = malloc(strlen(doomwadpath) + 15);
-
-    sprintf(env, "DOOMWADPATH=%s", doomwadpath);
+    asprintf(&env, "DOOMWADPATH=%s", doomwadpath);
 
     free(doomwadpath);
 
--- a/pkg/osx/LauncherManager.m
+++ b/pkg/osx/LauncherManager.m
@@ -297,8 +297,7 @@
     }
 
     game_name = [self->iwadController getGameName];
-    executable_name = malloc(strlen(PROGRAM_PREFIX) + strlen(game_name) + 1);
-    sprintf(executable_name, "%s%s", PROGRAM_PREFIX, game_name);
+    asprintf(&executable_name, "%s%s", PROGRAM_PREFIX, game_name);
 
     ExecuteProgram(executable_name, [iwad UTF8String],
                                     [args UTF8String]);
@@ -319,8 +318,7 @@
     // to configure, based on the game selected in the dropdown.
 
     game_name = [self->iwadController getGameName];
-    arg = malloc(strlen(game_name) + 8);
-    sprintf(arg, "-game %s", game_name);
+    asprintf(&arg, "-game %s", game_name);
 
     ExecuteProgram(PROGRAM_PREFIX "setup", NULL, arg);
 
@@ -355,7 +353,7 @@
 
 - (void) openCMDLINE: (id) sender
 {
-    char *game_name;
+    const char *game_name;
     char filename[32];
 
     // We need to open the appropriate doc file for the currently
@@ -362,7 +360,7 @@
     // selected game.
 
     game_name = [self->iwadController getGameName];
-    sprintf(filename, "CMDLINE-%s", game_name);
+    snprintf(filename, sizeof(filename), "CMDLINE-%s", game_name);
 
     OpenDocumentation(filename);
 }