From dddf0452216e01278720018e2434709a582edb77 Mon Sep 17 00:00:00 2001 From: Bill Currie Date: Tue, 8 Jul 2003 20:11:10 +0000 Subject: [PATCH] put "FIXME: overflow" on all the char arrays I could find that weren't obviously safe --- libs/net/nm/net_dgrm.c | 14 +++++----- libs/net/nm/net_udp.c | 5 ++-- libs/util/quakefs.c | 16 +++++++----- libs/util/quakeio.c | 4 +-- libs/video/renderer/gl/gl_sky_clip.c | 4 +-- nq/source/host.c | 10 ++++---- nq/source/sbar.c | 14 +++++----- qw/source/cl_main.c | 22 ++++++++-------- qw/source/master.c | 6 ++--- qw/source/sbar.c | 38 ++++++++++++++-------------- qw/source/sv_ccmds.c | 16 ++++++------ qw/source/sv_pr_cmds.c | 8 +++--- tools/qfbsp/source/writebsp.c | 4 +-- 13 files changed, 82 insertions(+), 79 deletions(-) diff --git a/libs/net/nm/net_dgrm.c b/libs/net/nm/net_dgrm.c index c242c3665..4d076265a 100644 --- a/libs/net/nm/net_dgrm.c +++ b/libs/net/nm/net_dgrm.c @@ -126,7 +126,7 @@ struct { char * StrAddr (struct qsockaddr *addr) { - static char buf[34]; + static char buf[34]; //FIXME: overflow byte *p = (byte *) addr; int n; @@ -144,8 +144,8 @@ unsigned long banMask = 0xffffffff; static void NET_Ban_f (void) { - char addrStr[32]; - char maskStr[32]; + char addrStr[32]; //FIXME: overflow + char maskStr[32]; //FIXME: overflow void (*print) (const char *fmt, ...); if (cmd_source == src_command) { @@ -549,8 +549,8 @@ Test_Poll (void *unused) struct qsockaddr clientaddr; int control; int len; - char name[32]; - char address[64]; + char name[32]; //FIXME: overflow + char address[64]; //FIXME: overflow int colors; int frags; int connectTime; @@ -681,8 +681,8 @@ Test2_Poll (void *unused) struct qsockaddr clientaddr; int control; int len; - char name[256]; - char value[256]; + char name[256]; //FIXME: overflow + char value[256]; //FIXME: overflow net_landriverlevel = test2Driver; name[0] = 0; diff --git a/libs/net/nm/net_udp.c b/libs/net/nm/net_udp.c index a7d68e008..9ff38ae8a 100644 --- a/libs/net/nm/net_udp.c +++ b/libs/net/nm/net_udp.c @@ -248,7 +248,7 @@ UDP_CloseSocket (int socket) static int PartialIPAddress (const char *in, struct qsockaddr *hostaddr) { - char buff[256]; + char buff[256]; //FIXME: overflow char *b; int addr, mask, num, port, run; @@ -312,6 +312,7 @@ UDP_CheckNewConnections (void) Sys_Error ("UDP: ioctlsocket (FIONREAD) failed"); if (available) return net_acceptsocket; + // quietly absorb empty packets recvfrom (net_acceptsocket, buff, 0, 0, (struct sockaddr *) &from, &fromlen); return -1; @@ -376,7 +377,7 @@ UDP_Write (int socket, byte * buf, int len, struct qsockaddr *addr) const char * UDP_AddrToString (struct qsockaddr *addr) { - static char buffer[22]; + static char buffer[22]; //FIXME: overflow int haddr; haddr = ntohl (((struct sockaddr_in *) addr)->sin_addr.s_addr); diff --git a/libs/util/quakefs.c b/libs/util/quakefs.c index f599a02f7..df7706abe 100644 --- a/libs/util/quakefs.c +++ b/libs/util/quakefs.c @@ -751,7 +751,7 @@ static int open_file (searchpath_t *search, const char *filename, QFile **gzfile, dstring_t *foundname, int zip) { - char netpath[MAX_OSPATH]; + char netpath[MAX_OSPATH]; //FIXME: overflow file_from_pak = 0; @@ -808,10 +808,10 @@ _QFS_FOpenFile (const char *filename, QFile **gzfile, searchpath_t *search; char *path; #ifdef HAVE_VORBIS - char oggfilename[MAX_OSPATH]; + char oggfilename[MAX_OSPATH]; //FIXME: overflow #endif #ifdef HAVE_ZLIB - char gzfilename[MAX_OSPATH]; + char gzfilename[MAX_OSPATH]; //FIXME: overflow #endif // make sure they're not trying to do weird stuff with our private files @@ -882,7 +882,7 @@ QFS_LoadFile (const char *path, int usehunk) { QFile *h; byte *buf = NULL; - char base[32]; + char base[32]; //FIXME: overflow int len; // look for it in the filesystem or pack files @@ -1294,10 +1294,12 @@ QFS_Open (const char *path, const char *mode) QFile * QFS_WOpen (const char *path, int zip) { - char mode[4] = "wb\000\000"; + char mode[5] = "wb\000\000"; - if (zip) - mode[2] = bound (1, zip, 9) + '0'; + if (zip) { + mode[2] = 'z'; + mode[3] = bound (1, zip, 9) + '0'; + } return QFS_Open (path, mode); } diff --git a/libs/util/quakeio.c b/libs/util/quakeio.c index 34883e7f3..149f482d2 100644 --- a/libs/util/quakeio.c +++ b/libs/util/quakeio.c @@ -133,7 +133,7 @@ QFile * Qopen (const char *path, const char *mode) { QFile *file; - char m[80], *p; + char m[80], *p; //FIXME: overflow int reading = 0; int zip = 0; int size = -1; @@ -191,7 +191,7 @@ QFile * Qdopen (int fd, const char *mode) { QFile *file; - char m[80], *p; + char m[80], *p; //FIXME: overflow int zip = 0; #ifdef WIN32 diff --git a/libs/video/renderer/gl/gl_sky_clip.c b/libs/video/renderer/gl/gl_sky_clip.c index 8d6cd2960..5fd3902a3 100644 --- a/libs/video/renderer/gl/gl_sky_clip.c +++ b/libs/video/renderer/gl/gl_sky_clip.c @@ -289,9 +289,9 @@ insert_cube_vertices (struct box_def *box, struct visit_def visit, int count, // This is fix for borland alloca "feature" which fails to restore stack // correctly if calling function doesn't have any references to local // variables. - char dummy[5]; + char dummy[5]; - dummy[0]=0; + dummy[0]=0; #endif va_start (args, count); diff --git a/nq/source/host.c b/nq/source/host.c index 5cd6320b6..6271bddca 100644 --- a/nq/source/host.c +++ b/nq/source/host.c @@ -129,7 +129,7 @@ cvar_t *temp1; void Host_EndGame (const char *message, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow va_list argptr; va_start (argptr, message); @@ -159,7 +159,7 @@ Host_EndGame (const char *message, ...) void Host_Error (const char *error, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow static qboolean inerror = false; va_list argptr; @@ -303,7 +303,7 @@ Host_WriteConfiguration (void) void SV_ClientPrintf (const char *fmt, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow va_list argptr; va_start (argptr, fmt); @@ -322,7 +322,7 @@ SV_ClientPrintf (const char *fmt, ...) void SV_BroadcastPrintf (const char *fmt, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow int i; va_list argptr; @@ -345,7 +345,7 @@ SV_BroadcastPrintf (const char *fmt, ...) void Host_ClientCommands (const char *fmt, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow va_list argptr; va_start (argptr, fmt); diff --git a/nq/source/sbar.c b/nq/source/sbar.c index 071370505..a8b1d651c 100644 --- a/nq/source/sbar.c +++ b/nq/source/sbar.c @@ -334,7 +334,7 @@ draw_fill (view_t *view, int x, int y, int w, int h, int col) static void draw_num (view_t *view, int x, int y, int num, int digits, int color) { - char str[12]; + char str[12]; //FIXME: overflow char *ptr; int l, frame; @@ -360,7 +360,7 @@ draw_num (view_t *view, int x, int y, int num, int digits, int color) static inline void draw_smallnum (view_t *view, int x, int y, int n, int packed, int colored) { - char num[4]; + char num[4]; //FIXME: overflow packed = packed != 0; // ensure 0 or 1 @@ -422,7 +422,7 @@ Sbar_SortFrags (void) static void draw_solo (view_t *view) { - char str[80]; + char str[80]; //FIXME: overflow int minutes, seconds, tens, units; int l; @@ -583,7 +583,7 @@ draw_frags (view_t *view) int i, k, l, p = -1; int top, bottom; int x; - char num[12]; + char num[12]; //FIXME: overflow scoreboard_t *s; if (cl.maxclients == 1) @@ -1048,7 +1048,7 @@ Sbar_DeathmatchOverlay (view_t *view) int i, k, l; int top, bottom; int x, y, f; - char num[12]; + char num[12]; //FIXME: overflow scoreboard_t *s; scr_copyeverything = 1; @@ -1101,7 +1101,7 @@ draw_time (view_t *view) struct tm *local = NULL; time_t utc = 0; const char *timefmt = NULL; - char st[80]; + char st[80]; //FIXME: overflow // Get local time utc = time (NULL); @@ -1120,7 +1120,7 @@ draw_time (view_t *view) static void draw_fps (view_t *view) { - char st[80]; + char st[80]; //FIXME: overflow double t; static double lastframetime; static int lastfps; diff --git a/qw/source/cl_main.c b/qw/source/cl_main.c index adf0764d2..b02ac8616 100644 --- a/qw/source/cl_main.c +++ b/qw/source/cl_main.c @@ -251,7 +251,7 @@ CL_Version_f (void) static void CL_SendConnectPacket (void) { - char data[2048]; + char data[2048]; //FIXME: overflow double t1, t2; // JACK: Fixed bug where DNS lookups would cause two connects real fast @@ -291,7 +291,7 @@ CL_SendConnectPacket (void) static void CL_CheckForResend (void) { - char data[2048]; + char data[2048]; //FIXME: overflow double t1, t2; if (connect_time == -1) @@ -355,7 +355,7 @@ CL_Connect_f (void) static void CL_Rcon_f (void) { - char message[1024]; + char message[1024]; //FIXME: overflow netadr_t to; snprintf (message, sizeof (message), "\377\377\377\377rcon %s %s", @@ -624,7 +624,7 @@ CL_FullServerinfo_f (void) static void CL_AddQFInfoKeys (void) { - char cap[100] = ""; // max of 98 or so flags + char cap[100] = ""; // max of 98 or so flags //FIXME: overflow // set the capabilities info. single char flags (possibly with modifiers) // defined capabilities (* = not implemented): @@ -653,7 +653,7 @@ CL_AddQFInfoKeys (void) static void CL_FullInfo_f (void) { - char key[512], value[512]; + char key[512], value[512]; //FIXME: overflow char *o; const char *s; @@ -730,7 +730,7 @@ CL_SetInfo_f (void) static void CL_Packet_f (void) { - char send[2048]; + char send[2048]; //FIXME: overflow char *out; const char *in; int i, l; @@ -771,7 +771,7 @@ CL_Packet_f (void) void CL_NextDemo (void) { - char str[1024]; + char str[1024]; //FIXME: overflow if (cls.demonum == -1) return; // don't play demos @@ -878,7 +878,7 @@ CL_ConnectionlessPacket (void) } // remote command from gui front end if (c == A2C_CLIENT_COMMAND) { - char cmdtext[2048]; + char cmdtext[2048]; //FIXME: overflow int len; Con_Printf ("client command\n"); @@ -1128,7 +1128,7 @@ CL_SetState (cactive_t state) void CL_Init (void) { - char st[80]; + char st[80]; //FIXME: overflow CL_SetState (ca_disconnected); @@ -1337,7 +1337,7 @@ CL_Init_Cvars (void) void Host_EndGame (const char *message, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow va_list argptr; va_start (argptr, message); @@ -1360,7 +1360,7 @@ Host_EndGame (const char *message, ...) void Host_Error (const char *error, ...) { - char string[1024]; + char string[1024]; //FIXME: overflow static qboolean inerror = false; va_list argptr; diff --git a/qw/source/master.c b/qw/source/master.c index 218fc108d..0b12a4b4e 100644 --- a/qw/source/master.c +++ b/qw/source/master.c @@ -336,7 +336,7 @@ QW_Master (struct sockaddr_in *addr) while (1) { int size; - char buf[31]; + char buf[31]; //FIXME: overflow MSGHDR; buf[30] = '\0'; // a sentinal for string ops @@ -411,7 +411,7 @@ read_hosts (const char *fname) { FILE *host_file; int host_port; - char host_name[256]; + char host_name[256]; //FIXME: overflow static const char *fake_heartbeat = " "; char *buf; struct sockaddr_in host_addr; @@ -501,7 +501,7 @@ ma_log (const char *fmt, ...) va_list args; time_t mytime = 0; struct tm *local = NULL; - char stamp[1024]; + char stamp[1024]; //FIXME: overflow mytime = time (NULL); local = localtime (&mytime); diff --git a/qw/source/sbar.c b/qw/source/sbar.c index 2efab69ce..9acb7b641 100644 --- a/qw/source/sbar.c +++ b/qw/source/sbar.c @@ -348,7 +348,7 @@ draw_fill (view_t *view, int x, int y, int w, int h, int col) static void draw_num (view_t *view, int x, int y, int num, int digits, int color) { - char str[12]; + char str[12]; //FIXME: overflow char *ptr; int l, frame; @@ -413,7 +413,7 @@ Sbar_SortFrags (qboolean includespec) static void Sbar_SortTeams (void) { - char t[16 + 1]; + char t[16 + 1]; //FIXME: overflow int i, j, k; player_info_t *s; @@ -483,7 +483,7 @@ Sbar_ColorForMap (int m) static void draw_solo (view_t *view) { - char str[80]; + char str[80]; //FIXME: overflow int minutes, seconds; draw_pic (view, 0, 0, sb_scorebar); @@ -497,7 +497,7 @@ draw_solo (view_t *view) static inline void dmo_ping (view_t *view, int x, int y, player_info_t *s) { - char num[12]; + char num[12]; //FIXME: overflow int p; p = s->ping; @@ -510,7 +510,7 @@ dmo_ping (view_t *view, int x, int y, player_info_t *s) static inline void dmo_uid (view_t *view, int x, int y, player_info_t *s) { - char num[12]; + char num[12]; //FIXME: overflow int p; p = s->userid; @@ -521,7 +521,7 @@ dmo_uid (view_t *view, int x, int y, player_info_t *s) static inline void dmo_pl (view_t *view, int x, int y, player_info_t *s) { - char num[12]; + char num[12]; //FIXME: overflow int p; // draw pl @@ -555,7 +555,7 @@ calc_fph (int frags, int total) static inline void dmo_main (view_t *view, int x, int y, player_info_t *s, int is_client) { - char num[12]; + char num[12]; //FIXME: overflow int fph, minutes, total, top, bottom, f; // get time @@ -663,7 +663,7 @@ draw_weapons_hud (view_t *view) static void draw_ammo_sbar (view_t *view) { - char num[6]; + char num[6]; //FIXME: overflow int i; // ammo counts @@ -684,7 +684,7 @@ draw_ammo_sbar (view_t *view) static void draw_ammo_hud (view_t *view) { - char num[6]; + char num[6]; //FIXME: overflow int i; // ammo counts @@ -758,7 +758,7 @@ draw_frags (view_t *view) int i, k, l, p = -1; int top, bottom; int x; - char num[12]; + char num[12]; //FIXME: overflow player_info_t *s; Sbar_SortFrags (false); @@ -843,7 +843,7 @@ draw_face (view_t *view) static void draw_spectator (view_t *view) { - char st[512]; + char st[512]; //FIXME: overflow if (autocam != CAM_TRACK) { draw_string (view, 160 - 7 * 8, 4, "SPECTATOR MODE"); @@ -975,7 +975,7 @@ Sbar_Draw (void) void Sbar_TeamOverlay (view_t *view) { - char num[12]; + char num[12]; //FIXME: overflow int pavg, plow, phigh, i, k, l, x, y; team_t *tm; info_key_t *player_team = cl.players[cl.playernum].team; @@ -1060,9 +1060,9 @@ Sbar_TeamOverlay (view_t *view) void Sbar_LogFrags (void) { - char num[512]; - char conv[512]; - char conv2[512]; + char num[512]; //FIXME: overflow + char conv[512]; //FIXME: overflow + char conv2[512]; //FIXME: overflow char *cp = NULL; QFile *file = NULL; int minutes, fph, total, d, f, i, k, l, p; @@ -1472,7 +1472,7 @@ static void draw_minifrags (view_t *view) { int numlines, top, bottom, f, i, k, x, y; - char num[12]; + char num[12]; //FIXME: overflow player_info_t *s; scr_copyeverything = 1; @@ -1546,7 +1546,7 @@ static void draw_miniteam (view_t *view) { int i, k, x, y; - char num[12]; + char num[12]; //FIXME: overflow info_key_t *player_team = cl.players[cl.playernum].team; team_t *tm; @@ -1587,7 +1587,7 @@ draw_time (view_t *view) struct tm *local = NULL; time_t utc = 0; const char *timefmt = NULL; - char st[80]; + char st[80]; //FIXME: overflow // Get local time utc = time (NULL); @@ -1606,7 +1606,7 @@ draw_time (view_t *view) static void draw_fps (view_t *view) { - char st[80]; + char st[80]; //FIXME: overflow double t; static double lastframetime; static int lastfps; diff --git a/qw/source/sv_ccmds.c b/qw/source/sv_ccmds.c index 480ce4b63..79f480f82 100644 --- a/qw/source/sv_ccmds.c +++ b/qw/source/sv_ccmds.c @@ -157,7 +157,7 @@ SV_Match_User (const char *substr) static void SV_SetMaster_f (void) { - char data[2]; + char data[2]; //FIXME: overflow int i; memset (&master_adr, 0, sizeof (master_adr)); @@ -341,7 +341,7 @@ SV_Give_f (void) } // Use this to keep track of current level --KB -static char curlevel[MAX_QPATH] = ""; +static char curlevel[MAX_QPATH] = ""; //FIXME: overflow const char * SV_Current_Map (void) @@ -393,8 +393,8 @@ nice_time (float time) static void SV_Map_f (void) { - char level[MAX_QPATH]; - char expanded[MAX_QPATH]; + char level[MAX_QPATH]; //FIXME: overflow + char expanded[MAX_QPATH]; //FIXME: overflow QFile *f; if (Cmd_Argc () > 2) { @@ -568,7 +568,7 @@ SV_Cuff_f (void) double mins = 0.5; qboolean all = false, done = false; client_t *cl = 0; - char text[1024]; + char text[1024]; //FIXME: overflow if (Cmd_Argc () != 2 && Cmd_Argc () != 3) { SV_Printf ("usage: cuff [minutes]\n" @@ -630,7 +630,7 @@ SV_Mute_f (void) double mins = 0.5; qboolean all = false, done = false; client_t *cl = 0; - char text[1024]; + char text[1024]; //FIXME: overflow if (Cmd_Argc () != 2 && Cmd_Argc () != 3) { SV_Printf ("usage: mute [minutes]\n" @@ -688,7 +688,7 @@ static void SV_Tell (const char *prefix) { char *p; - char text[512]; + char text[512]; //FIXME: overflow client_t *cl; int i; @@ -762,7 +762,7 @@ static void SV_ConSay (const char *prefix) { char *p; - char text[1024]; + char text[1024]; //FIXME: overflow client_t *client; int j; diff --git a/qw/source/sv_pr_cmds.c b/qw/source/sv_pr_cmds.c index bc23b8ec0..0c13f176c 100644 --- a/qw/source/sv_pr_cmds.c +++ b/qw/source/sv_pr_cmds.c @@ -1361,8 +1361,8 @@ PF_logfrag (progs_t *pr) // do gib event callback if (sv_frag_e->func) { - char buf[16]; - char type1[2], type2[2]; + char buf[16]; //FIXME: overflow + char type1[2], type2[2]; //FIXME: overflow int u1, u2; type1[1] = type2[1] = 0; @@ -1409,7 +1409,7 @@ void PF_infokey (progs_t *pr) { const char *key, *value; - static char ov[256]; + static char ov[256]; //FIXME: overflow edict_t *e; int e1; @@ -1538,7 +1538,7 @@ PF_setinfokey (progs_t *pr) int e1 = NUM_FOR_EDICT (pr, edict); const char *key = P_GSTRING (pr, 1); const char *value = P_GSTRING (pr, 2); - char oldval[MAX_INFO_STRING]; + char oldval[MAX_INFO_STRING]; //FIXME: overflow if (e1 == 0) { if (*value) diff --git a/tools/qfbsp/source/writebsp.c b/tools/qfbsp/source/writebsp.c index f26e44ed9..8cf4f7919 100644 --- a/tools/qfbsp/source/writebsp.c +++ b/tools/qfbsp/source/writebsp.c @@ -355,7 +355,7 @@ TEX_InitFromWad (char *path) static int LoadLump (char *name, dstring_t *dest) { - char cname[16]; + char cname[16]; //FIXME: overflow int i; int ofs = dest->size; wadlist_t *wl; @@ -382,7 +382,7 @@ static void AddAnimatingTextures (void) { int base, i, j, k; - char name[32]; + char name[32]; //FIXME: overflow wadlist_t *wl; base = nummiptex;