Subject: Re: PR/33392 CVS commit: src/dist/nawk
To: None <gnats-bugs@NetBSD.org>
From: Aleksey Cheusov <cheusov@tut.by>
List: netbsd-bugs
Date: 07/26/2006 21:33:36
>  | P.S.
>  | I saw HEAD changes in awk code and was surprized that
>  | lots of snprintf functions was changed to sprintf,
>  | and strlcpy to strcpy. Is this really ok?
>  
>  They were not done carefully so bugs were introduced and we decided
>  to back them out until someone does them carefully.

How about the following patch? It is just inverted changes
from netbsd-3 branch.

Note that maketab.c fragment needs a check for NULL.

Index: maketab.c
===================================================================
RCS file: /cvsroot/src/dist/nawk/maketab.c,v
retrieving revision 1.7
diff -u -r1.7 maketab.c
--- maketab.c   3 Jul 2005 15:18:11 -0000       1.7
+++ maketab.c   26 Jul 2006 18:27:45 -0000
@@ -139,8 +139,7 @@
                        fprintf(stderr, "maketab funny token %d %s ignored\n", tok, buf);
                        continue;
                }
-               names[tok-FIRSTTOKEN] = (char *) malloc(strlen(name)+1);
-               strcpy(names[tok-FIRSTTOKEN], name);
+               names[tok-FIRSTTOKEN] = strdup(name);
                printf("\t\"%s\",\t/* %d */\n", name, tok);
                i++;
        }
Index: proctab.c
===================================================================
RCS file: /cvsroot/src/dist/nawk/proctab.c,v
retrieving revision 1.6
diff -u -r1.6 proctab.c
--- proctab.c   3 Jul 2005 15:18:11 -0000       1.6
+++ proctab.c   26 Jul 2006 18:27:45 -0000
@@ -200,7 +200,7 @@
        static char buf[100];
 
        if (n < FIRSTTOKEN || n > LASTTOKEN) {
-               sprintf(buf, "token %d", n);
+               snprintf(buf, sizeof(buf), "token %d", n);
                return buf;
        }
        return printname[n-FIRSTTOKEN];
Index: run.c
===================================================================
RCS file: /cvsroot/src/dist/nawk/run.c,v
retrieving revision 1.13
diff -u -r1.13 run.c
--- run.c       18 Mar 2006 22:39:40 -0000      1.13
+++ run.c       26 Jul 2006 18:27:45 -0000
@@ -465,9 +465,9 @@
                s = getsval(y);
                if (!adjbuf(&buf, &bufsz, strlen(buf)+strlen(s)+nsub+1, recsize, 0, 0))
                        FATAL("out of memory for %s[%s...]", x->nval, buf);
-               strcat(buf, s);
+               strlcat(buf, s, bufsz);
                if (np->nnext)
-                       strcat(buf, *SUBSEP);
+                       strlcat(buf, *SUBSEP, bufsz);
                tempfree(y);
        }
        if (!isarr(x)) {
@@ -512,9 +512,9 @@
                        s = getsval(y);
                        if (!adjbuf(&buf, &bufsz, strlen(buf)+strlen(s)+nsub+1, recsize, 0, 0))
                                FATAL("out of memory deleting %s[%s...]", x->nval, buf);
-                       strcat(buf, s);
+                       strlcat(buf, s, bufsz);
                        if (np->nnext)
-                               strcat(buf, *SUBSEP);
+                               strlcat(buf, *SUBSEP, bufsz);
                        tempfree(y);
                }
                freeelem(x, buf);
@@ -551,10 +551,10 @@
                s = getsval(x);
                if (!adjbuf(&buf, &bufsz, strlen(buf)+strlen(s)+nsub+1, recsize, 0, 0))
                        FATAL("out of memory deleting %s[%s...]", x->nval, buf);
-               strcat(buf, s);
+               strlcat(buf, s, bufsz);
                tempfree(x);
                if (p->nnext)
-                       strcat(buf, *SUBSEP);
+                       strlcat(buf, *SUBSEP, bufsz);
        }
        k = lookup(buf, (Array *) ap->sval);
        tempfree(ap);
Index: tran.c
===================================================================
RCS file: /cvsroot/src/dist/nawk/tran.c,v
retrieving revision 1.8
diff -u -r1.8 tran.c
--- tran.c      21 Mar 2006 16:59:09 -0000      1.8
+++ tran.c      26 Jul 2006 18:27:45 -0000
@@ -403,10 +403,9 @@
 {
        char *p;
 
-       p = (char *) malloc(strlen(s)+1);
+       p = strdup(s);
        if (p == NULL)
                FATAL("out of space in tostring on %s", s);
-       strcpy(p, s);
        return(p);
 }
 


-- 
Best regards, Aleksey Cheusov.