diff --git a/Quake/cfgfile.c b/Quake/cfgfile.c index 68634e7f..29b2a638 100644 --- a/Quake/cfgfile.c +++ b/Quake/cfgfile.c @@ -123,11 +123,10 @@ void CFG_ReadCvarOverrides (const char **vars, int num_vars) return; buff[0] = '+'; - buff[sizeof(buff) - 1] = '\0'; for (i = 0; i < num_vars; i++) { - strncpy (&buff[1], vars[i], sizeof(buff) - 2); + q_strlcpy (&buff[1], vars[i], sizeof(buff) - 1); j = COM_CheckParm(buff); if (j != 0 && j < com_argc - 1) { diff --git a/Quake/cl_demo.c b/Quake/cl_demo.c index 8b306262..103d2506 100644 --- a/Quake/cl_demo.c +++ b/Quake/cl_demo.c @@ -301,7 +301,7 @@ void CL_PlayDemo_f (void) // // open the demo file // - strcpy (name, Cmd_Argv(1)); + q_strlcpy (name, Cmd_Argv(1), sizeof(name)); COM_DefaultExtension (name, ".dem", sizeof(name)); Con_Printf ("Playing demo from %s.\n", name); diff --git a/Quake/cl_parse.c b/Quake/cl_parse.c index de89f683..ac9c47b0 100644 --- a/Quake/cl_parse.c +++ b/Quake/cl_parse.c @@ -290,7 +290,7 @@ void CL_ParseServerInfo (void) // parse signon message str = MSG_ReadString (); - strncpy (cl.levelname, str, sizeof(cl.levelname)-1); + q_strlcpy (cl.levelname, str, sizeof(cl.levelname)); // seperate the printfs so the server message can have a color Con_Printf ("\n%s\n", Con_Quakebar(40)); //johnfitz @@ -315,7 +315,7 @@ void CL_ParseServerInfo (void) Con_Printf ("Server sent too many model precaches\n"); return; } - strcpy (model_precache[nummodels], str); + q_strlcpy (model_precache[nummodels], str, MAX_QPATH); Mod_TouchModel (str); } @@ -336,7 +336,7 @@ void CL_ParseServerInfo (void) Con_Printf ("Server sent too many sound precaches\n"); return; } - strcpy (sound_precache[numsounds], str); + q_strlcpy (sound_precache[numsounds], str, MAX_QPATH); S_TouchSound (str); } @@ -1023,7 +1023,7 @@ void CL_ParseServerMessage (void) i = MSG_ReadByte (); if (i >= MAX_LIGHTSTYLES) Sys_Error ("svc_lightstyle > MAX_LIGHTSTYLES"); - Q_strcpy (cl_lightstyle[i].map, MSG_ReadString()); + q_strlcpy (cl_lightstyle[i].map, MSG_ReadString(), MAX_STYLESTRING); cl_lightstyle[i].length = Q_strlen(cl_lightstyle[i].map); //johnfitz -- save extra info if (cl_lightstyle[i].length) @@ -1056,7 +1056,7 @@ void CL_ParseServerMessage (void) i = MSG_ReadByte (); if (i >= cl.maxclients) Host_Error ("CL_ParseServerMessage: svc_updatename > MAX_SCOREBOARD"); - strcpy (cl.scores[i].name, MSG_ReadString ()); + q_strlcpy (cl.scores[i].name, MSG_ReadString(), MAX_SCOREBOARDNAME); break; case svc_updatefrags: diff --git a/Quake/cmd.c b/Quake/cmd.c index 3735335a..fb0d143c 100644 --- a/Quake/cmd.c +++ b/Quake/cmd.c @@ -349,11 +349,16 @@ void Cmd_Alias_f (void) c = Cmd_Argc(); for (i = 2; i < c; i++) { - strcat (cmd, Cmd_Argv(i)); + q_strlcat (cmd, Cmd_Argv(i), sizeof(cmd)); if (i != c - 1) - strcat (cmd, " "); + q_strlcat (cmd, " ", sizeof(cmd)); + } + if (q_strlcat(cmd, "\n", sizeof(cmd)) >= sizeof(cmd)) + { + Con_Printf("alias value too long!\n"); + cmd[0] = '\n'; // nullify the string + cmd[1] = 0; } - strcat (cmd, "\n"); a->value = Z_Strdup (cmd); break; diff --git a/Quake/common.c b/Quake/common.c index 96c01eb9..a4fdb10f 100644 --- a/Quake/common.c +++ b/Quake/common.c @@ -920,10 +920,7 @@ void COM_StripExtension (const char *in, char *out, size_t outsize) return; } if (in != out) /* copy when not in-place editing */ - { - strncpy (out, in, outsize - 1); - out[outsize - 1] = '\0'; - } + q_strlcpy (out, in, outsize); length = (int)strlen(out) - 1; while (length > 0 && out[length] != '.') { @@ -984,11 +981,7 @@ void COM_FileBase (const char *in, char *out, size_t outsize) dot = s; if (dot - slash < 2) - { - size_t len = outsize - 1; - strncpy (out, "?model?", len); - out[len] = '\0'; - } + q_strlcpy (out, "?model?", outsize); else { size_t len = dot - slash; @@ -1024,12 +1017,7 @@ void COM_DefaultExtension (char *path, const char *extension, size_t len) src--; } - if (l + strlen(extension) >= len) // buf overrun - { - // Sys_Error("bufsize too small"); - return; - } - strcat (path, extension); + q_strlcat(path, extension, len); } @@ -1838,7 +1826,7 @@ pack_t *COM_LoadPackFile (const char *packfile) // parse the directory for (i = 0; i < numpackfiles ; i++) { - strcpy (newfiles[i].name, info[i].name); + q_strlcpy (newfiles[i].name, info[i].name, sizeof(newfiles[i].name)); newfiles[i].filepos = LittleLong(info[i].filepos); newfiles[i].filelen = LittleLong(info[i].filelen); } @@ -1848,7 +1836,7 @@ pack_t *COM_LoadPackFile (const char *packfile) pack = (pack_t *) Z_Malloc (sizeof (pack_t)); //johnfitz - strcpy (pack->filename, packfile); + q_strlcpy (pack->filename, packfile, sizeof(pack->filename)); pack->handle = packhandle; pack->numfiles = numpackfiles; pack->files = newfiles; @@ -1870,7 +1858,7 @@ void COM_AddGameDirectory (const char *dir) pack_t *pak; char pakfile[MAX_OSPATH]; - strcpy (com_gamedir, dir); + q_strlcpy (com_gamedir, dir, sizeof(com_gamedir)); // assign a path_id to this game directory if (com_searchpaths) @@ -1880,7 +1868,7 @@ void COM_AddGameDirectory (const char *dir) // add the directory to the search path search = (searchpath_t *) Z_Malloc(sizeof(searchpath_t)); search->path_id = path_id; - strcpy (search->filename, dir); + q_strlcpy (search->filename, dir, sizeof(search->filename)); search->next = com_searchpaths; com_searchpaths = search; @@ -1935,9 +1923,9 @@ void COM_InitFilesystem (void) //johnfitz -- modified based on topaz's tutorial i = COM_CheckParm ("-basedir"); if (i && i < com_argc-1) - strcpy (com_basedir, com_argv[i + 1]); + q_strlcpy (com_basedir, com_argv[i + 1], sizeof(com_basedir)); else - strcpy (com_basedir, host_parms->basedir); + q_strlcpy (com_basedir, host_parms->basedir, sizeof(com_basedir)); j = strlen (com_basedir); if (j > 0) @@ -1948,7 +1936,7 @@ void COM_InitFilesystem (void) //johnfitz -- modified based on topaz's tutorial // start up with GAMENAME by default (id1) COM_AddGameDirectory (va("%s/"GAMENAME, com_basedir)); - strcpy (com_gamedir, va("%s/"GAMENAME, com_basedir)); + q_strlcpy (com_gamedir, va("%s/"GAMENAME, com_basedir), sizeof(com_gamedir)); #if defined(USE_QS_CONBACK) if (!fitzmode) diff --git a/Quake/gl_model.c b/Quake/gl_model.c index 8c8dab2f..f7aabbc7 100644 --- a/Quake/gl_model.c +++ b/Quake/gl_model.c @@ -219,7 +219,7 @@ model_t *Mod_FindName (const char *name) { if (mod_numknown == MAX_MOD_KNOWN) Sys_Error ("mod_numknown == MAX_MOD_KNOWN"); - strcpy (mod->name, name); + q_strlcpy (mod->name, name, MAX_QPATH); mod->needload = true; mod_numknown++; } @@ -454,7 +454,7 @@ void Mod_LoadTextures (lump_t *l) //now load whatever we found if (data) //load external image { - strcpy (texturename, filename); + q_strlcpy (texturename, filename, sizeof(texturename)); tx->gltexture = TexMgr_LoadImage (loadmodel, texturename, fwidth, fheight, SRC_RGBA, data, filename, 0, TEXPREF_NONE); } @@ -642,9 +642,9 @@ void Mod_LoadLighting (lump_t *l) loadmodel->lightdata = NULL; // LordHavoc: check for a .lit file - strcpy(litfilename, loadmodel->name); + q_strlcpy(litfilename, loadmodel->name, sizeof(litfilename)); COM_StripExtension(litfilename, litfilename, sizeof(litfilename)); - strcat(litfilename, ".lit"); + q_strlcat(litfilename, ".lit", sizeof(litfilename)); mark = Hunk_LowMark(); data = (byte*) COM_LoadHunkFile (litfilename, &path_id); if (data) @@ -727,9 +727,9 @@ void Mod_LoadEntities (lump_t *l) if (! external_ents.value) goto _load_embedded; - strcpy(entfilename, loadmodel->name); + q_strlcpy(entfilename, loadmodel->name, sizeof(entfilename)); COM_StripExtension(entfilename, entfilename, sizeof(entfilename)); - strcat(entfilename, ".ent"); + q_strlcat(entfilename, ".ent", sizeof(entfilename)); Con_DPrintf("trying to load %s\n", entfilename); mark = Hunk_LowMark(); ents = (char *) COM_LoadHunkFile (entfilename, &path_id); diff --git a/Quake/gl_texmgr.c b/Quake/gl_texmgr.c index bb46e65a..738b52b2 100644 --- a/Quake/gl_texmgr.c +++ b/Quake/gl_texmgr.c @@ -236,7 +236,7 @@ void TexMgr_Imagedump_f (void) //loop through textures for (glt=active_gltextures; glt; glt=glt->next) { - Q_strcpy(tempname, glt->name); + q_strlcpy (tempname, glt->name, sizeof(tempname)); while ( (c = strchr(tempname, ':')) ) *c = '_'; while ( (c = strchr(tempname, '/')) ) *c = '_'; while ( (c = strchr(tempname, '*')) ) *c = '_'; @@ -1170,13 +1170,13 @@ gltexture_t *TexMgr_LoadImage (model_t *owner, const char *name, int width, int // copy data glt->owner = owner; - strncpy (glt->name, name, sizeof(glt->name)); + q_strlcpy (glt->name, name, sizeof(glt->name)); glt->width = width; glt->height = height; glt->flags = flags; glt->shirt = -1; glt->pants = -1; - strncpy (glt->source_file, source_file, sizeof(glt->source_file)); + q_strlcpy (glt->source_file, source_file, sizeof(glt->source_file)); glt->source_offset = source_offset; glt->source_format = format; glt->source_width = width; diff --git a/Quake/host_cmd.c b/Quake/host_cmd.c index 7e673458..cb1ec9a9 100644 --- a/Quake/host_cmd.c +++ b/Quake/host_cmd.c @@ -152,7 +152,7 @@ void Host_Game_f (void) return; } - strcpy (pakfile, va("%s/%s", host_parms->basedir, Cmd_Argv(1))); + q_strlcpy (pakfile, va("%s/%s", host_parms->basedir, Cmd_Argv(1)), sizeof(pakfile)); if (!Q_strcasecmp(pakfile, com_gamedir)) //no change { Con_Printf("\"game\" is already \"%s\"\n", COM_SkipPath(com_gamedir)); @@ -172,7 +172,7 @@ void Host_Game_f (void) if (NumGames(com_searchpaths) > 1 + com_nummissionpacks) KillGameDir(com_searchpaths); - strcpy (com_gamedir, pakfile); + q_strlcpy (com_gamedir, pakfile, sizeof(com_gamedir)); if (Q_strcasecmp(Cmd_Argv(1), GAMENAME)) //game is not id1 { @@ -182,7 +182,7 @@ void Host_Game_f (void) else path_id = 1U; search = (searchpath_t *) Z_Malloc(sizeof(searchpath_t)); search->path_id = path_id; - strcpy (search->filename, pakfile); + q_strlcpy (search->filename, pakfile, sizeof(search->filename)); search->next = com_searchpaths; com_searchpaths = search; @@ -242,7 +242,7 @@ void ExtraMaps_Add (const char *name) } level = (extralevel_t *) Z_Malloc(sizeof(extralevel_t)); - strcpy (level->name, name); + q_strlcpy (level->name, name, sizeof(level->name)); // insert each entry in alphabetical order if (extralevels == NULL || @@ -378,7 +378,7 @@ void Modlist_Add (const char *name) } mod = (mod_t *) Z_Malloc(sizeof(mod_t)); - strcpy (mod->name, name); + q_strlcpy (mod->name, name, sizeof(mod->name)); //insert each entry in alphabetical order if (modlist == NULL || @@ -838,7 +838,7 @@ void Host_Map_f (void) SCR_BeginLoadingPlaque (); svs.serverflags = 0; // haven't completed an episode yet - strcpy (name, Cmd_Argv(1)); + q_strlcpy (name, Cmd_Argv(1), sizeof(name)); // remove (any) trailing ".bsp" from mapname S.A. p = strstr(name, ".bsp"); if (p && p[4] == '\0') @@ -849,12 +849,11 @@ void Host_Map_f (void) if (cls.state != ca_dedicated) { - strcpy (cls.spawnparms, ""); - + memset (cls.spawnparms, 0, MAX_MAPSTRING); for (i = 2; i < Cmd_Argc(); i++) { - strcat (cls.spawnparms, Cmd_Argv(i)); - strcat (cls.spawnparms, " "); + q_strlcat (cls.spawnparms, Cmd_Argv(i), MAX_MAPSTRING); + q_strlcat (cls.spawnparms, " ", MAX_MAPSTRING); } Cmd_ExecuteString ("connect local", src_command); @@ -894,7 +893,7 @@ void Host_Changelevel_f (void) IN_Activate(); // -- S.A. key_dest = key_game; // remove console or menu SV_SaveSpawnparms (); - strcpy (level, Cmd_Argv(1)); + q_strlcpy (level, Cmd_Argv(1), sizeof(level)); SV_SpawnServer (level); } @@ -914,7 +913,7 @@ void Host_Restart_f (void) if (cmd_source != src_command) return; - strcpy (mapname, sv.name); // must copy out, because it gets cleared + q_strlcpy (mapname, sv.name, sizeof(mapname)); // must copy out, because it gets cleared // in sv_spawnserver SV_SpawnServer (mapname); } @@ -950,7 +949,7 @@ void Host_Connect_f (void) CL_StopPlayback (); CL_Disconnect (); } - strcpy (name, Cmd_Argv(1)); + q_strlcpy (name, Cmd_Argv(1), sizeof(name)); CL_EstablishConnection (name); Host_Reconnect_f (); } @@ -1257,9 +1256,9 @@ void Host_Name_f (void) return; } if (Cmd_Argc () == 2) - Q_strncpy(newName, Cmd_Argv(1), sizeof(newName)-1); + q_strlcpy(newName, Cmd_Argv(1), sizeof(newName)); else - Q_strncpy(newName, Cmd_Args(), sizeof(newName)-1); + q_strlcpy(newName, Cmd_Args(), sizeof(newName)); newName[15] = 0; // client_t structure actually says name[32]. if (cmd_source == src_command) @@ -2202,7 +2201,7 @@ void Host_Startdemos_f (void) Con_Printf ("%i demo(s) in loop\n", c); for (i = 1; i < c + 1; i++) - strncpy (cls.demos[i-1], Cmd_Argv(i), sizeof(cls.demos[0])-1); + q_strlcpy (cls.demos[i-1], Cmd_Argv(i), sizeof(cls.demos[0])); if (!sv.active && cls.demonum != -1 && !cls.demoplayback) { diff --git a/Quake/keys.c b/Quake/keys.c index 8ec71757..1ecabcf2 100644 --- a/Quake/keys.c +++ b/Quake/keys.c @@ -649,9 +649,9 @@ void Key_Bind_f (void) cmd[0] = 0; // start out with a null string for (i=2 ; i< c ; i++) { - if (i > 2) - strcat (cmd, " "); - strcat (cmd, Cmd_Argv(i)); + q_strlcat (cmd, Cmd_Argv(i), sizeof(cmd)); + if (i != (c-1)) + q_strlcat (cmd, " ", sizeof(cmd)); } Key_SetBinding (b, cmd); diff --git a/Quake/net_dgrm.c b/Quake/net_dgrm.c index 4f2ecd7b..4de328a3 100644 --- a/Quake/net_dgrm.c +++ b/Quake/net_dgrm.c @@ -502,7 +502,7 @@ static const char *Strip_Port (const char *host) if (!host || !*host) return host; - strcpy (noport, host); + q_strlcpy (noport, host, sizeof(noport)); if ((p = Q_strrchr(noport, ':')) == NULL) return host; *p++ = '\0'; @@ -1373,8 +1373,7 @@ static qsocket_t *_Datagram_Connect (const char *host) { reason = MSG_ReadString(); Con_Printf("%s\n", reason); - Q_strncpy(m_return_reason, reason, 31); - m_return_reason[31] = 0; + q_strlcpy(m_return_reason, reason, sizeof(m_return_reason)); goto ErrorReturn; } diff --git a/Quake/pr_cmds.c b/Quake/pr_cmds.c index b83d607c..b145c922 100644 --- a/Quake/pr_cmds.c +++ b/Quake/pr_cmds.c @@ -54,7 +54,11 @@ static char *PF_VarString (int first) out[0] = 0; for (i = first; i < pr_argc; i++) { - strcat (out, G_STRING((OFS_PARM0+i*3))); + if ( q_strlcat(out, G_STRING((OFS_PARM0+i*3)), sizeof(out)) >= sizeof(out) ) + { + Con_Printf("PF_VarString: overflow (string truncated)\n"); + break; + } } return out; } diff --git a/Quake/sbar.c b/Quake/sbar.c index 285c223f..3c6c7fcd 100644 --- a/Quake/sbar.c +++ b/Quake/sbar.c @@ -506,13 +506,10 @@ void Sbar_SoloScoreboard (void) if (!fitzmode) { /* QuakeSpasm customization: */ - sprintf (str,"skill %i", (int)(skill.value + 0.5)); + q_snprintf (str, sizeof(str), "skill %i", (int)(skill.value + 0.5)); Sbar_DrawString (160 - strlen(str)*4, 12, str); - strcpy (str,cl.levelname); - strcat (str," ("); - strncat(str,cl.mapname,250-strlen(str)); - strcat (str,")"); + q_snprintf (str, sizeof(str), "%s (%s)", cl.levelname, cl.mapname); len = strlen (str); if (len > 40) Sbar_DrawScrollString (0, 4, 320, str); diff --git a/Quake/snd_dma.c b/Quake/snd_dma.c index 251e821c..cd93411e 100644 --- a/Quake/snd_dma.c +++ b/Quake/snd_dma.c @@ -256,7 +256,7 @@ static sfx_t *S_FindName (const char *name) Sys_Error ("S_FindName: out of sfx_t"); sfx = &known_sfx[i]; - strcpy (sfx->name, name); + q_strlcpy (sfx->name, name, sizeof(sfx->name)); num_sfx++; @@ -966,13 +966,11 @@ static void S_Play (void) i = 1; while (i < Cmd_Argc()) { + q_strlcpy(name, Cmd_Argv(i), sizeof(name)); if (!Q_strrchr(Cmd_Argv(i), '.')) { - Q_strcpy(name, Cmd_Argv(i)); - Q_strcat(name, ".wav"); + q_strlcat(name, ".wav", sizeof(name)); } - else - Q_strcpy(name, Cmd_Argv(i)); sfx = S_PrecacheSound(name); S_StartSound(hash++, 0, sfx, listener_origin, 1.0, 1.0); i++; @@ -990,13 +988,11 @@ static void S_PlayVol (void) i = 1; while (i < Cmd_Argc()) { + q_strlcpy(name, Cmd_Argv(i), sizeof(name)); if (!Q_strrchr(Cmd_Argv(i), '.')) { - Q_strcpy(name, Cmd_Argv(i)); - Q_strcat(name, ".wav"); + q_strlcat(name, ".wav", sizeof(name)); } - else - Q_strcpy(name, Cmd_Argv(i)); sfx = S_PrecacheSound(name); vol = Q_atof(Cmd_Argv(i + 1)); S_StartSound(hash++, 0, sfx, listener_origin, vol, 1.0); diff --git a/Quake/snd_mem.c b/Quake/snd_mem.c index eea18b64..e7970a19 100644 --- a/Quake/snd_mem.c +++ b/Quake/snd_mem.c @@ -108,8 +108,8 @@ sfxcache_t *S_LoadSound (sfx_t *s) // Con_Printf ("S_LoadSound: %x\n", (int)stackbuf); // load it in - Q_strcpy(namebuffer, "sound/"); - Q_strcat(namebuffer, s->name); + q_strlcpy(namebuffer, "sound/", sizeof(namebuffer)); + q_strlcat(namebuffer, s->name, sizeof(namebuffer)); // Con_Printf ("loading %s\n",namebuffer); diff --git a/Quake/sv_main.c b/Quake/sv_main.c index a2c3acc8..c57b979a 100644 --- a/Quake/sv_main.c +++ b/Quake/sv_main.c @@ -1317,7 +1317,7 @@ void SV_SpawnServer (const char *server) //memset (&sv, 0, sizeof(sv)); Host_ClearMemory (); - strcpy (sv.name, server); + q_strlcpy (sv.name, server, sizeof(sv.name)); sv.protocol = sv_protocol; // johnfitz @@ -1354,7 +1354,7 @@ void SV_SpawnServer (const char *server) sv.time = 1.0; - strncpy (sv.name, server, sizeof(sv.name) - 1); + q_strlcpy (sv.name, server, sizeof(sv.name)); q_snprintf (sv.modelname, sizeof(sv.modelname), "maps/%s.bsp", server); sv.worldmodel = Mod_ForName (sv.modelname, false); if (!sv.worldmodel) diff --git a/Quake/zone.c b/Quake/zone.c index 94eec3ee..41de8d85 100644 --- a/Quake/zone.c +++ b/Quake/zone.c @@ -337,9 +337,8 @@ void Hunk_Print (qboolean all) hunk_t *h, *next, *endlow, *starthigh, *endhigh; int count, sum; int totalblocks; - char name[9]; + char name[HUNKNAME_LEN]; - name[8] = 0; count = 0; sum = 0; totalblocks = 0; @@ -387,7 +386,7 @@ void Hunk_Print (qboolean all) // // print the single block // - memcpy (name, h->name, 8); + memcpy (name, h->name, HUNKNAME_LEN); if (all) Con_Printf ("%8p :%8i %8s\n",h, h->size, name); @@ -395,7 +394,7 @@ void Hunk_Print (qboolean all) // print the total // if (next == endlow || next == endhigh || - strncmp (h->name, next->name, 8) ) + strncmp (h->name, next->name, HUNKNAME_LEN - 1)) { if (!all) Con_Printf (" :%8i %8s (TOTAL)\n",sum, name); @@ -451,7 +450,7 @@ void *Hunk_AllocName (int size, const char *name) h->size = size; h->sentinal = HUNK_SENTINAL; - Q_strncpy (h->name, name, HUNKNAME_LEN - 1); + q_strlcpy (h->name, name, HUNKNAME_LEN); return (void *)(h+1); } @@ -542,7 +541,7 @@ void *Hunk_HighAllocName (int size, const char *name) memset (h, 0, size); h->size = size; h->sentinal = HUNK_SENTINAL; - Q_strncpy (h->name, name, sizeof(h->name)-1); + q_strlcpy (h->name, name, HUNKNAME_LEN); return (void *)(h+1); } @@ -930,7 +929,7 @@ void *Cache_Alloc (cache_user_t *c, int size, const char *name) cs = Cache_TryAlloc (size, false); if (cs) { - strncpy (cs->name, name, CACHENAME_LEN - 1); + q_strlcpy (cs->name, name, CACHENAME_LEN); c->data = (void *)(cs+1); cs->user = c; break;