209 lines
8.0 KiB
Diff
209 lines
8.0 KiB
Diff
|
--- cscope-15.5/src/display.c.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/display.c 2006-08-23 10:19:41.000000000 -0400
|
||
|
@@ -217,7 +217,7 @@
|
||
|
disprefs < mdisprefs && screenline <= lastdispline;
|
||
|
++disprefs, ++screenline) {
|
||
|
/* read the reference line */
|
||
|
- if (fscanf(refsfound, "%s%s%s %[^\n]", file, function,
|
||
|
+ if (fscanf(refsfound, "%" PATHLEN_STR "s%" PATHLEN_STR "s%" NUMLEN_STR "s %" TEMPSTRING_LEN_STR "[^\n]", file, function,
|
||
|
linenum, tempstring) < 4) {
|
||
|
break;
|
||
|
}
|
||
|
--- cscope-15.5/src/input.c.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/input.c 2006-08-23 10:57:01.000000000 -0400
|
||
|
@@ -293,16 +293,15 @@
|
||
|
/* if the login name is null, then use $HOME */
|
||
|
if (*out == '\0') {
|
||
|
v = getenv("HOME");
|
||
|
- }
|
||
|
- else { /* get the home directory of the login name */
|
||
|
+ } else { /* get the home directory of the login name */
|
||
|
v = logdir(out);
|
||
|
}
|
||
|
- /* copy the directory name */
|
||
|
- if (v != NULL) {
|
||
|
+ /* copy the directory name if it isn't too big */
|
||
|
+ if (v != NULL && strlen(v) < (lastchar - out)) {
|
||
|
(void) strcpy(out - 1, v);
|
||
|
out += strlen(v) - 1;
|
||
|
- }
|
||
|
- else { /* login not found, so ~ must be part of the file name */
|
||
|
+ } else {
|
||
|
+ /* login not found, so ~ must be part of the file name */
|
||
|
out += strlen(out);
|
||
|
}
|
||
|
}
|
||
|
@@ -322,11 +321,11 @@
|
||
|
*s = '\0';
|
||
|
|
||
|
/* get its value */
|
||
|
- if ((v = getenv(out)) != NULL) {
|
||
|
+ if ((v = getenv(out)) != NULL && strlen(v) < (lastchar - out)) {
|
||
|
(void) strcpy(out - 1, v);
|
||
|
out += strlen(v) - 1;
|
||
|
- }
|
||
|
- else { /* var not found, so $ must be part of the file name */
|
||
|
+ } else {
|
||
|
+ /* var not found, so $ must be part of the file name */
|
||
|
out += strlen(out);
|
||
|
}
|
||
|
}
|
||
|
--- cscope-15.5/src/edit.c.orig 2001-07-18 09:49:01.000000000 -0400
|
||
|
+++ cscope-15.5/src/edit.c 2006-08-23 10:16:30.000000000 -0400
|
||
|
@@ -60,7 +60,7 @@
|
||
|
seekline(i + topline);
|
||
|
|
||
|
/* get the file name and line number */
|
||
|
- if (fscanf(refsfound, "%s%*s%s", file, linenum) == 2) {
|
||
|
+ if (fscanf(refsfound, "%" PATHLEN_STR "s%*s%" NUMLEN_STR "s", file, linenum) == 2) {
|
||
|
edit(file, linenum); /* edit it */
|
||
|
}
|
||
|
seekline(topline); /* restore the line pointer */
|
||
|
@@ -83,7 +83,7 @@
|
||
|
seekline(1);
|
||
|
|
||
|
/* get each file name and line number */
|
||
|
- while (fscanf(refsfound, "%s%*s%s%*[^\n]", file, linenum) == 2) {
|
||
|
+ while (fscanf(refsfound, "%" PATHLEN_STR "s%*s%" NUMLEN_STR "s%*[^\n]", file, linenum) == 2) {
|
||
|
edit(file, linenum); /* edit it */
|
||
|
if (editallprompt == YES) {
|
||
|
addstr("Type ^D to stop editing all lines, or any other character to continue: ");
|
||
|
--- cscope-15.5/src/command.c.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/command.c 2006-08-23 10:08:50.000000000 -0400
|
||
|
@@ -727,7 +727,7 @@
|
||
|
(void) fprintf(script, "ed - <<\\!\n");
|
||
|
*oldfile = '\0';
|
||
|
seekline(1);
|
||
|
- for (i = 0; fscanf(refsfound, "%s%*s%s%*[^\n]", newfile, linenum) == 2;
|
||
|
+ for (i = 0; fscanf(refsfound, "%" PATHLEN_STR "s%*s%" NUMLEN_STR "s%*[^\n]", newfile, linenum) == 2;
|
||
|
++i) {
|
||
|
/* see if the line is to be changed */
|
||
|
if (change[i] == YES) {
|
||
|
--- cscope-15.5/src/dir.c.orig 2003-06-02 06:43:00.000000000 -0400
|
||
|
+++ cscope-15.5/src/dir.c 2006-08-23 10:09:20.000000000 -0400
|
||
|
@@ -319,7 +319,7 @@
|
||
|
|
||
|
/* Parse whitespace-terminated strings in line: */
|
||
|
point_in_line = line;
|
||
|
- while (sscanf(point_in_line, "%s", path) == 1) {
|
||
|
+ while (sscanf(point_in_line, "%" PATHLEN_STR "s", path) == 1) {
|
||
|
/* Have to store this length --- inviewpath() will
|
||
|
* modify path, later! */
|
||
|
length_of_name = strlen(path);
|
||
|
--- cscope-15.5/src/main.c.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/main.c 2006-08-23 11:26:48.000000000 -0400
|
||
|
@@ -102,10 +102,10 @@
|
||
|
#endif
|
||
|
char temp1[PATHLEN + 1]; /* temporary file name */
|
||
|
char temp2[PATHLEN + 1]; /* temporary file name */
|
||
|
-char tempdirpv[PATHLEN +1]; /* private temp directory */
|
||
|
+char tempdirpv[PATHLEN + 1]; /* private temp directory */
|
||
|
long totalterms; /* total inverted index terms */
|
||
|
BOOL trun_syms; /* truncate symbols to 8 characters */
|
||
|
-char tempstring[8192]; /* use this as a buffer, instead of 'yytext',
|
||
|
+char tempstring[TEMPSTRING_LEN + 1]; /* use this as a buffer, instead of 'yytext',
|
||
|
* which had better be left alone */
|
||
|
char *tmpdir; /* temporary directory */
|
||
|
|
||
|
@@ -270,6 +270,13 @@
|
||
|
s[11] = '\0';
|
||
|
}
|
||
|
#endif
|
||
|
+ if (strlen(reffile) > sizeof(path) - 1) {
|
||
|
+ char buffer[512];
|
||
|
+ sprintf(buffer,"cscope: reffile too long, cannot be > %d characters\n", sizeof(path) - 1);
|
||
|
+ postmsg(buffer);
|
||
|
+ myexit(1);
|
||
|
+ /* NOTREACHED */
|
||
|
+ }
|
||
|
s = path + strlen(path);
|
||
|
(void) strcpy(s, ".in");
|
||
|
invname = stralloc(path);
|
||
|
@@ -491,11 +498,11 @@
|
||
|
|| (names = vpfopen(NAMEFILE, "r")) != NULL) {
|
||
|
|
||
|
/* read any -p option from it */
|
||
|
- while (fscanf(names, "%s", path) == 1 && *path == '-') {
|
||
|
+ while (fgets(path, sizeof(path), names) != NULL && *path == '-') {
|
||
|
i = path[1];
|
||
|
s = path + 2; /* for "-Ipath" */
|
||
|
if (*s == '\0') { /* if "-I path" */
|
||
|
- (void) fscanf(names, "%s", path);
|
||
|
+ fgets(path, sizeof(path), names);
|
||
|
s = path;
|
||
|
}
|
||
|
switch (i) {
|
||
|
@@ -512,7 +519,7 @@
|
||
|
}
|
||
|
else {
|
||
|
for (i = 0; i < nsrcfiles; ++i) {
|
||
|
- if (fscanf(oldrefs, "%s", path) != 1) {
|
||
|
+ if (!fgets(path, sizeof(path), oldrefs) ) {
|
||
|
posterr("cscope: cannot read source file name from file %s\n", reffile);
|
||
|
myexit(1);
|
||
|
}
|
||
|
--- cscope-15.5/src/constants.h.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/constants.h 2006-08-23 10:16:30.000000000 -0400
|
||
|
@@ -68,6 +68,7 @@
|
||
|
#define NUMLEN 5 /* line number length */
|
||
|
#define PATHLEN 250 /* file pathname length */
|
||
|
#define PATLEN 250 /* symbol pattern length */
|
||
|
+#define TEMPSTRING_LEN 8191 /* max strlen() of the global temp string */
|
||
|
#define REFFILE "cscope.out" /* cross-reference output file */
|
||
|
#define NAMEFILE "cscope.files" /* default list-of-files file */
|
||
|
#define INVNAME "cscope.in.out" /* inverted index to the database */
|
||
|
@@ -77,6 +78,13 @@
|
||
|
|
||
|
#define STMTMAX 10000 /* maximum source statement length */
|
||
|
|
||
|
+#define STR2(x) #x
|
||
|
+#define STRINGIZE(x) STR2(x)
|
||
|
+#define PATLEN_STR STRINGIZE(PATLEN)
|
||
|
+#define PATHLEN_STR STRINGIZE(PATHLEN)
|
||
|
+#define NUMLEN_STR STRINGIZE(NUMLEN)
|
||
|
+#define TEMPSTRING_LEN_STR STRINGIZE(TEMPSTRING_LEN)
|
||
|
+
|
||
|
/* screen lines */
|
||
|
#define FLDLINE (LINES - FIELDS - 1) /* first input field line */
|
||
|
#define MSGLINE 0 /* message line */
|
||
|
--- cscope-15.5/src/build.c.orig 2006-08-23 07:08:40.000000000 -0400
|
||
|
+++ cscope-15.5/src/build.c 2006-08-23 11:17:57.000000000 -0400
|
||
|
@@ -115,7 +115,7 @@
|
||
|
}
|
||
|
/* see if the name list is the same */
|
||
|
for (i = 0; i < count; ++i) {
|
||
|
- if (fscanf(oldrefs, "%s", oldname) != 1 ||
|
||
|
+ if (! fgets(oldname, sizeof(oldname), oldrefs)||
|
||
|
strnotequal(oldname, names[i])) {
|
||
|
return(NO);
|
||
|
}
|
||
|
@@ -223,8 +223,8 @@
|
||
|
/* if there is an old cross-reference and its current directory matches */
|
||
|
/* or this is an unconditional build */
|
||
|
if ((oldrefs = vpfopen(reffile, "rb")) != NULL && unconditional == NO &&
|
||
|
- fscanf(oldrefs, "cscope %d %s", &fileversion, olddir) == 2 &&
|
||
|
- (strcmp(olddir, currentdir) == 0 || /* remain compatible */
|
||
|
+ fscanf(oldrefs, "cscope %d %" PATHLEN_STR "s", &fileversion, olddir) == 2
|
||
|
+ && (strcmp(olddir, currentdir) == 0 || /* remain compatible */
|
||
|
strcmp(olddir, newdir) == 0)) {
|
||
|
/* get the cross-reference file's modification time */
|
||
|
(void) fstat(fileno(oldrefs), &statstruct);
|
||
|
@@ -292,7 +292,7 @@
|
||
|
/* see if the list of source files is the same and
|
||
|
none have been changed up to the included files */
|
||
|
for (i = 0; i < nsrcfiles; ++i) {
|
||
|
- if (fscanf(oldrefs, "%s", oldname) != 1 ||
|
||
|
+ if (! fgets(oldname, sizeof(oldname), oldrefs) ||
|
||
|
strnotequal(oldname, srcfiles[i]) ||
|
||
|
lstat(srcfiles[i], &statstruct) != 0 ||
|
||
|
statstruct.st_mtime > reftime) {
|
||
|
@@ -301,7 +301,7 @@
|
||
|
}
|
||
|
/* the old cross-reference is up-to-date */
|
||
|
/* so get the list of included files */
|
||
|
- while (i++ < oldnum && fscanf(oldrefs, "%s", oldname) == 1) {
|
||
|
+ while (i++ < oldnum && fgets(oldname, sizeof(oldname), oldrefs)) {
|
||
|
addsrcfile(oldname);
|
||
|
}
|
||
|
(void) fclose(oldrefs);
|