From: Thomas E. Dickey Date: Sun, 30 Dec 2012 01:55:33 +0000 (+0000) Subject: ncurses 5.9 - patch 20121229 X-Git-Tag: v6.0~122 X-Git-Url: http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff_plain;h=938680fa3bc29d2a086031a2f648dfd6cadcb51e;hp=925cd3b851aa2c58529dfaba8ed2c727e718a1e0 ncurses 5.9 - patch 20121229 + fix coverity warnings regarding copying into fixed-size buffers. + add throw-declarations in the c++ binding per Coverity warning. + minor changes to new-items for consistent reference to bug-report numbers. --- diff --git a/NEWS b/NEWS index a8d43aa1..f84b3fef 100644 --- a/NEWS +++ b/NEWS @@ -25,7 +25,7 @@ -- sale, use or other dealings in this Software without prior written -- -- authorization. -- ------------------------------------------------------------------------------- --- $Id: NEWS,v 1.2002 2012/12/23 01:15:35 tom Exp $ +-- $Id: NEWS,v 1.2006 2012/12/29 22:37:28 tom Exp $ ------------------------------------------------------------------------------- This is a log of changes that ncurses has gone through since Zeyd started @@ -45,6 +45,12 @@ See the AUTHORS file for the corresponding full names. Changes through 1.9.9e did not credit all contributions; it is not possible to add this information. +20121229 + + fix coverity warnings regarding copying into fixed-size buffers. + + add throw-declarations in the c++ binding per Coverity warning. + + minor changes to new-items for consistent reference to bug-report + numbers. + 20121222 + add *.dSYM directories to clean-rule in ncurses directory makefile, for Mac OS builds. @@ -2422,8 +2428,8 @@ it is not possible to add this information. that library. + add/modify null-pointer checks in several functions for SP and/or the WINDOW* parameter (report by Thorben Krueger). - + fixes for field_buffer() in formw library (see Redhat Bugzilla - #310071, patches by Miroslav Lichvar). + + fixes for field_buffer() in formw library (see Redhat #310071, + patches by Miroslav Lichvar). + improve performance of NCURSES_CHAR_EQ code (patch by Miroslav Lichvar). + update/improve mlterm and rxvt terminfo entries, e.g., for @@ -3019,8 +3025,7 @@ it is not possible to add this information. + workaround for 20050806 ifdef's change to allow visbuf.c to compile when using --with-termlib --with-trace options. + improve tgetstr() by making the return value point into the user's - buffer, if provided (patch by Miroslav Lichvar (see Redhat Bugzilla - #202480)). + buffer, if provided (patch by Miroslav Lichvar (see Redhat #202480)). + correct libraries needed for foldkeys (report by Stanislav Ievlev) 20060826 @@ -3033,10 +3038,10 @@ it is not possible to add this information. source output (Debian #378783). + modify configure script to ensure that if the C compiler is used rather than the loader in making shared libraries, the $(CFLAGS) - variable is also used (Redhat Bugzilla #199369). + variable is also used (Redhat #199369). + port hashed-db code to db2 and db3. + fix a bug in tgetent() from 20060625 and 20060715 changes - (patch/analysis by Miroslav Lichvar (see Redhat Bugzilla #202480)). + (patch/analysis by Miroslav Lichvar (see Redhat #202480)). 20060805 + updated xterm function-keys terminfo to match xterm #216 -TD @@ -3828,7 +3833,7 @@ it is not possible to add this information. of cur_term if the same output was selected. This now reuses it only when setupterm() is called from tgetent(), which has no notion of separate SCREENs. Note that tgetent() must be called after initscr() - or newterm() to use this feature (Redhat Bugzilla #140326). + or newterm() to use this feature (Redhat #140326). + add a check in CF_BUILD_CC macro to ensure that developer has given the --with-build-cc option when cross-compiling (report by Alexandre Campo). @@ -3921,7 +3926,7 @@ it is not possible to add this information. entries, e.g., so it can analyze the xterm-8bit entry. + add morphos terminfo entry, improve amiga-8bit entry (Pavel Fedin). + correct translation of "%%" in terminfo format to termcap, e.g., - using "tic -C" (Redhat Bugzilla #130921). + using "tic -C" (Redhat #130921). + modified configure script CF_XOPEN_SOURCE macro to ensure that if it defines _POSIX_C_SOURCE, that it defines it to a specific value (comp.os.stratus newsgroup comment). @@ -3932,9 +3937,9 @@ it is not possible to add this information. However that did find a coding error in Assume_Default_Colors(). + modify several terminfo entries to ensure xterm mouse and cursor visibility are reset in rs2 string: hurd, putty, gnome, - konsole-base, mlterm, Eterm, screen (Debian #265784, #55637). The - xterm entries are left alone - old ones for compatibility, and the - new ones do not require this change. -TD + konsole-base, mlterm, Eterm, screen (Debian #265784, Debian #55637). + The xterm entries are left alone - old ones for compatibility, and + the new ones do not require this change. -TD 20040814 + fake a SIGWINCH in newterm() to accommodate buggy terminal emulators @@ -3965,8 +3970,8 @@ it is not possible to add this information. + modify "tic -cv" to ignore delays when comparing strings. Also modify it to ignore a canceled sgr string, e.g., for terminals which cannot properly combine attributes in one control sequence. - + corrections for gnome and konsole entries (Redhat Bugzilla #122815, - patch by Hans de Goede) + + corrections for gnome and konsole entries (Redhat #122815, patch by + Hans de Goede) > terminfo updates -TD + make ncsa-m rmacs/smacs consistent with sgr + add sgr, rc/sc and ech to syscons entries @@ -3979,7 +3984,7 @@ it is not possible to add this information. > terminfo updates -TD + add xterm-pc-fkeys + review/update gnome and gnome-rh90 entries (prompted by Redhat - Bugzilla #122815). + #122815). + review/update konsole entries + add sgr, correct sgr0 for kterm and mlterm + correct tsl string in kterm @@ -5093,7 +5098,7 @@ it is not possible to add this information. + add a check in kgetch() for cooked characters in the fifo to avoid calling fifo_push() when a KEY_RESIZE is available (report/analysis by Sam Varshavchik ). - + fix an overlooked case for bugzilla #68199 (Philippe Blain). + + fix an overlooked case for Redhat #68199 (Philippe Blain). + ensure clearerr() is called before using ferror() e.g., in lib_screen.c (report by Philippe Blain). @@ -5101,7 +5106,7 @@ it is not possible to add this information. + modify lib_screen.c and lib_newwin.c to maintain the SCREEN-specific pointers for curscr/stdscr/newscr when scr_save() and scr_restore() modify the global curscr/stdscr/newscr variables. Fixes Redhat - bugzilla #68199 dated 2002-07-07. + #68199 dated 2002-07-07. + add checks for null pointer in calls to tparm() and tgoto() based on FreeBSD bug report. If ncurses were built with termcap support, and the first call to tgoto() were a zero-length string, the result would @@ -5134,7 +5139,7 @@ it is not possible to add this information. Olaf Buddenhagen ). + modified wresize() to ensure that a failed realloc will not corrupt the window structure, and to make subwindows fit within the resized - window (completes Debian #87678, #101699) + window (completes Debian #87678, Debian #101699) 20020803 + fix an off-by-one in lib_pad.c check for limits of pad (patch by @@ -5829,9 +5834,9 @@ it is not possible to add this information. which may be in libutf8. + remove some unnecessary text from curs_extend.3x and default_colors.3x which caused man-db to make incorrect symbolic - links (Debian bug report #99550). + links (Debian #99550). + add configure check if cast for _IO_va_list is needed to compile - C++ vscan code (Debian bug report #97945). + C++ vscan code (Debian #97945). > several patches from Sven Verdoolaege: + correct code that used non-standard auto-initialization of a struct, which gcc allows (report by Larry Virden). @@ -5966,7 +5971,7 @@ it is not possible to add this information. + add some examples of customizing screen's terminfo: screen.xterm-xfree86, screen.xterm-r6, screen.teraterm -TD + modify screen's terminfo entry to match the khome/kend in screen - 3.09.08 (Debian bug report #92215). + 3.09.08 (Debian #92215). + correct a memory leak in forms library (report by Stefan Vogtner ) (patch by Juergen Pfeifer). @@ -5980,12 +5985,12 @@ it is not possible to add this information. + add .cc.ii rule to c++ makefile, to get preprocessor output for debugging. + correct configure script handling of @keyword@ substitutions when the - --with-manpage-renames option is given (cf: 20000715, fixes Debian - bug #89939). + --with-manpage-renames option is given (cf: 20000715, fixes Debian + #89939). + report stack underflow/overflow in tparm() when tic -cv option is given. + remove spurious "%|" operator from xterm-xfree86 terminfo entry, - (reported by Adam Costello , Debian bug #89222). + (reported by Adam Costello , Debian #89222). 20010310 + cleanup of newdemo.c, fixing some ambiguous expressions noted by gcc @@ -6689,7 +6694,7 @@ it is not possible to add this information. + correct spelling error in terminfo entry name: bq300-rv was given as bg300-rv in esr's version. + modify redrawwin() macro so its parameter is fully parenthesized - (fixes Debian bug report #61088). + (fixes Debian #61088). + correct formatting error in dump_entry() which set incorrect column value when no newline trimming was needed at the end of an entry, before appending "use=" clauses (cf: 960406). diff --git a/c++/cursesf.h b/c++/cursesf.h index 23bc0f5b..ef705413 100644 --- a/c++/cursesf.h +++ b/c++/cursesf.h @@ -31,7 +31,7 @@ * Author: Juergen Pfeifer, 1997 * ****************************************************************************/ -// $Id: cursesf.h,v 1.30 2012/06/08 17:43:56 Richard.Yao Exp $ +// $Id: cursesf.h,v 1.31 2012/12/29 21:49:58 tom Exp $ #ifndef NCURSES_CURSESF_H_incl #define NCURSES_CURSESF_H_incl 1 @@ -61,7 +61,7 @@ class NCURSES_IMPEXP NCursesFieldType protected: FIELDTYPE* fieldtype; - inline void OnError(int err) const THROWS(NCursesFormException) { + inline void OnError(int err) const THROW2(NCursesException const, NCursesFormException) { if (err!=E_OK) THROW(new NCursesFormException (err)); } @@ -109,7 +109,7 @@ protected: NCursesFieldType* ftype; // Associated field type // Error handler - inline void OnError (int err) const THROWS(NCursesFormException) { + inline void OnError (int err) const THROW2(NCursesException const, NCursesFormException) { if (err != E_OK) THROW(new NCursesFormException (err)); } @@ -391,7 +391,7 @@ protected: bool with_frame, bool autoDeleteFields); - inline void OnError (int err) const THROWS(NCursesFormException) { + inline void OnError (int err) const THROW2(NCursesException const, NCursesFormException) { if (err != E_OK) THROW(new NCursesFormException (err)); } diff --git a/c++/cursesm.h b/c++/cursesm.h index 45b6c0cc..259d107f 100644 --- a/c++/cursesm.h +++ b/c++/cursesm.h @@ -31,7 +31,7 @@ * Author: Juergen Pfeifer, 1997 * ****************************************************************************/ -// $Id: cursesm.h,v 1.28 2012/06/08 17:43:56 Richard.Yao Exp $ +// $Id: cursesm.h,v 1.29 2012/12/29 21:48:33 tom Exp $ #ifndef NCURSES_CURSESM_H_incl #define NCURSES_CURSESM_H_incl 1 @@ -53,7 +53,7 @@ class NCURSES_IMPEXP NCursesMenuItem protected: ITEM *item; - inline void OnError (int err) const THROWS(NCursesMenuException) { + inline void OnError (int err) const THROW2(NCursesException const, NCursesMenuException) { if (err != E_OK) THROW(new NCursesMenuException (err)); } @@ -253,7 +253,7 @@ protected: bool with_frame, bool autoDeleteItems); - inline void OnError (int err) const THROWS(NCursesMenuException) { + inline void OnError (int err) const THROW2(NCursesException const, NCursesMenuException) { if (err != E_OK) THROW(new NCursesMenuException (this, err)); } diff --git a/c++/cursesp.h b/c++/cursesp.h index 9b63d6d6..699ec284 100644 --- a/c++/cursesp.h +++ b/c++/cursesp.h @@ -1,6 +1,6 @@ // * This makes emacs happy -*-Mode: C++;-*- /**************************************************************************** - * Copyright (c) 1998-2007,2008 Free Software Foundation, Inc. * + * Copyright (c) 1998-2008,2012 Free Software Foundation, Inc. * * * * Permission is hereby granted, free of charge, to any person obtaining a * * copy of this software and associated documentation files (the * @@ -34,7 +34,7 @@ #ifndef NCURSES_CURSESP_H_incl #define NCURSES_CURSESP_H_incl 1 -// $Id: cursesp.h,v 1.29 2008/08/16 17:20:23 tom Exp $ +// $Id: cursesp.h,v 1.30 2012/12/29 21:50:55 tom Exp $ #include @@ -86,7 +86,7 @@ protected: return result; } - void OnError (int err) const THROWS(NCursesPanelException) + void OnError (int err) const THROW2(NCursesException const, NCursesPanelException) { if (err==ERR) THROW(new NCursesPanelException (this, err)); diff --git a/c++/etip.h.in b/c++/etip.h.in index b78bc9bf..9f642ee6 100644 --- a/c++/etip.h.in +++ b/c++/etip.h.in @@ -1,6 +1,6 @@ // * This makes emacs happy -*-Mode: C++;-*- /**************************************************************************** - * Copyright (c) 1998-2008,2011 Free Software Foundation, Inc. * + * Copyright (c) 1998-2011,2012 Free Software Foundation, Inc. * * * * Permission is hereby granted, free of charge, to any person obtaining a * * copy of this software and associated documentation files (the * @@ -31,7 +31,7 @@ * Author: Juergen Pfeifer, 1997 * ****************************************************************************/ -// $Id: etip.h.in,v 1.38 2011/10/29 14:01:50 tom Exp $ +// $Id: etip.h.in,v 1.39 2012/12/29 21:50:44 tom Exp $ #ifndef NCURSES_ETIP_H_incl #define NCURSES_ETIP_H_incl 1 @@ -367,11 +367,13 @@ inline void THROW(const NCursesException *e) { #define NCURSES_CPP_TRY /* nothing */ #define NCURSES_CPP_CATCH(e) if (false) #define THROWS(s) /* nothing */ +#define THROW2(s,t) /* nothing */ #elif CPP_HAS_TRY_CATCH throw *e; #define NCURSES_CPP_TRY try #define NCURSES_CPP_CATCH(e) catch(e) #define THROWS(s) throw(s) +#define THROW2(s,t) throw(s,t) #endif } diff --git a/dist.mk b/dist.mk index 524f7c08..e3b7cab9 100644 --- a/dist.mk +++ b/dist.mk @@ -25,7 +25,7 @@ # use or other dealings in this Software without prior written # # authorization. # ############################################################################## -# $Id: dist.mk,v 1.906 2012/12/22 17:51:44 tom Exp $ +# $Id: dist.mk,v 1.907 2012/12/29 16:59:31 tom Exp $ # Makefile for creating ncurses distributions. # # This only needs to be used directly as a makefile by developers, but @@ -37,7 +37,7 @@ SHELL = /bin/sh # These define the major/minor/patch versions of ncurses. NCURSES_MAJOR = 5 NCURSES_MINOR = 9 -NCURSES_PATCH = 20121222 +NCURSES_PATCH = 20121229 # We don't append the patch to the version, since this only applies to releases VERSION = $(NCURSES_MAJOR).$(NCURSES_MINOR) diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c index db46e209..e02e622b 100644 --- a/ncurses/tinfo/captoinfo.c +++ b/ncurses/tinfo/captoinfo.c @@ -93,7 +93,7 @@ #include #include -MODULE_ID("$Id: captoinfo.c,v 1.75 2012/11/24 20:48:54 tom Exp $") +MODULE_ID("$Id: captoinfo.c,v 1.77 2012/12/30 00:50:40 tom Exp $") #define MAX_PUSHED 16 /* max # args we can push onto the stack */ @@ -532,10 +532,13 @@ save_tc_char(char *bufptr, int c1) bufptr = save_char(bufptr, '\\'); bufptr = save_char(bufptr, c1); } else { - if (c1 == (c1 & 0x1f)) /* iscntrl() returns T on 255 */ - _nc_STRCPY(temp, unctrl((chtype) c1), sizeof(temp)); - else - _nc_SPRINTF(temp, _nc_SLIMIT(sizeof(temp)) "\\%03o", c1); + if (c1 == (c1 & 0x1f)) { /* iscntrl() returns T on 255 */ + _nc_SPRINTF(temp, _nc_SLIMIT(sizeof(temp)) + "%.20s", unctrl((chtype) c1)); + } else { + _nc_SPRINTF(temp, _nc_SLIMIT(sizeof(temp)) + "\\%03o", c1); + } bufptr = save_string(bufptr, temp); } return bufptr; diff --git a/ncurses/tinfo/write_entry.c b/ncurses/tinfo/write_entry.c index 9fdfe59d..45f31597 100644 --- a/ncurses/tinfo/write_entry.c +++ b/ncurses/tinfo/write_entry.c @@ -47,7 +47,7 @@ #define TRACE_OUT(p) /*nothing */ #endif -MODULE_ID("$Id: write_entry.c,v 1.86 2012/06/16 16:59:05 tom Exp $") +MODULE_ID("$Id: write_entry.c,v 1.87 2012/12/29 23:12:22 tom Exp $") static int total_written; @@ -273,16 +273,21 @@ _nc_write_entry(TERMTYPE *const tp) char name_list[MAX_TERMINFO_LENGTH]; char *first_name, *other_names; char *ptr; + const char *term_names = tp->term_names; + size_t name_size = strlen(term_names); - assert(strlen(tp->term_names) != 0); - assert(strlen(tp->term_names) < sizeof(name_list)); + if (name_size == 0) { + _nc_syserr_abort("no terminal name found."); + } else if (name_size >= sizeof(name_list) - 1) { + _nc_syserr_abort("terminal name too long: %s", term_names); + } - _nc_STRCPY(name_list, tp->term_names, sizeof(name_list)); + _nc_STRCPY(name_list, term_names, sizeof(name_list)); DEBUG(7, ("Name list = '%s'", name_list)); first_name = name_list; - ptr = &name_list[strlen(name_list) - 1]; + ptr = &name_list[name_size - 1]; other_names = ptr + 1; while (ptr > name_list && *ptr != '|') @@ -316,8 +321,8 @@ _nc_write_entry(TERMTYPE *const tp) buffer[0] = 0; memset(&key, 0, sizeof(key)); - key.data = tp->term_names; - key.size = strlen(tp->term_names); + key.data = term_names; + key.size = name_size; memset(&data, 0, sizeof(data)); data.data = buffer; @@ -328,12 +333,12 @@ _nc_write_entry(TERMTYPE *const tp) buffer[0] = 2; key.data = name_list; - key.size = strlen(name_list); + key.size = name_size; _nc_STRCPY(buffer + 1, - tp->term_names, + term_names, sizeof(buffer) - 1); - data.size = strlen(tp->term_names) + 1; + data.size = name_size + 1; _nc_db_put(capdb, &key, &data); diff --git a/package/debian/changelog b/package/debian/changelog index 0cee29a5..c4a7623d 100644 --- a/package/debian/changelog +++ b/package/debian/changelog @@ -1,8 +1,8 @@ -ncurses6 (5.9-20121222) unstable; urgency=low +ncurses6 (5.9-20121229) unstable; urgency=low * latest weekly patch - -- Thomas E. Dickey Sat, 22 Dec 2012 12:57:01 -0500 + -- Thomas E. Dickey Sat, 29 Dec 2012 12:00:04 -0500 ncurses6 (5.9-20120608) unstable; urgency=low diff --git a/package/ncurses.spec b/package/ncurses.spec index 5577edf1..270a6862 100644 --- a/package/ncurses.spec +++ b/package/ncurses.spec @@ -1,7 +1,7 @@ Summary: shared libraries for terminal handling Name: ncurses6 Release: 5.9 -Version: 20121222 +Version: 20121229 License: X11 Group: Development/Libraries Source: ncurses-%{release}-%{version}.tgz diff --git a/progs/dump_entry.c b/progs/dump_entry.c index 56610e9d..99f3b2a8 100644 --- a/progs/dump_entry.c +++ b/progs/dump_entry.c @@ -39,7 +39,7 @@ #include "termsort.c" /* this C file is generated */ #include /* so is this */ -MODULE_ID("$Id: dump_entry.c,v 1.102 2012/12/15 18:25:56 tom Exp $") +MODULE_ID("$Id: dump_entry.c,v 1.104 2012/12/30 00:51:13 tom Exp $") #define INDENT 8 #define DISCARD(string) string = ABSENT_STRING @@ -873,11 +873,41 @@ fmt_entry(TERMTYPE *tterm, tp[0] = '\0'; if (box_ok) { + char *tmp = _nc_tic_expand(boxchars, + (outform == F_TERMINFO), + numbers); _nc_STRCPY(buffer, "box1=", sizeof(buffer)); - _nc_STRCAT(buffer, - _nc_tic_expand(boxchars, - outform == F_TERMINFO, numbers), - sizeof(buffer)); + while (*tmp != '\0') { + size_t have = strlen(buffer); + size_t next = strlen(tmp); + size_t want = have + next + 1; + size_t last = next; + char save = '\0'; + + /* + * If the expanded string is too long for the buffer, + * chop it off and save the location where we chopped it. + */ + if (want >= sizeof(buffer)) { + save = tmp[last]; + tmp[last] = '\0'; + } + _nc_STRCAT(buffer, tmp, sizeof(buffer)); + + /* + * If we chopped the buffer, replace the missing piece and + * shift everything to append the remainder. + */ + if (save != '\0') { + next = 0; + tmp[last] = save; + while ((tmp[next] = tmp[last + next]) != '\0') { + ++next; + } + } else { + break; + } + } WRAP_CONCAT; } } diff --git a/test/demo_defkey.c b/test/demo_defkey.c index ac6dc2df..03c4d622 100644 --- a/test/demo_defkey.c +++ b/test/demo_defkey.c @@ -1,5 +1,5 @@ /**************************************************************************** - * Copyright (c) 2002-2007,2008 Free Software Foundation, Inc. * + * Copyright (c) 2002-2008,2012 Free Software Foundation, Inc. * * * * Permission is hereby granted, free of charge, to any person obtaining a * * copy of this software and associated documentation files (the * @@ -26,7 +26,7 @@ * authorization. * ****************************************************************************/ /* - * $Id: demo_defkey.c,v 1.20 2010/11/14 00:59:35 tom Exp $ + * $Id: demo_defkey.c,v 1.21 2012/12/29 22:55:39 tom Exp $ * * Demonstrate the define_key() function. * Thomas Dickey - 2002/11/23 @@ -106,7 +106,7 @@ visible(const char *string) for (pass = 0; pass < 2; ++pass) { for (n = 0; string[n] != '\0'; ++n) { char temp[80]; - strcpy(temp, visichar(string[n])); + strncpy(temp, visichar(string[n]), sizeof(temp) - 2); if (pass) strcat(result, temp); else diff --git a/test/demo_terminfo.c b/test/demo_terminfo.c index 8b64869f..d9bf5540 100644 --- a/test/demo_terminfo.c +++ b/test/demo_terminfo.c @@ -29,7 +29,7 @@ /* * Author: Thomas E. Dickey * - * $Id: demo_terminfo.c,v 1.13 2012/07/07 23:37:13 tom Exp $ + * $Id: demo_terminfo.c,v 1.15 2012/12/29 23:36:22 tom Exp $ * * A simple demo of the terminfo interface. */ @@ -283,7 +283,7 @@ demo_terminfo(char *name) } #endif } else { - char temp[10]; + char temp[80]; static const char *xterm_keys[] = { "kDC", "kDN", "kEND", "kHOM", "kIC", @@ -292,9 +292,9 @@ demo_terminfo(char *name) for (n = 0; n < SIZEOF(xterm_keys); ++n) { for (mod = 0; mod < 8; ++mod) { if (mod == 0) - strcpy(temp, xterm_keys[n]); + sprintf(temp, "%.*s", 8, xterm_keys[n]); else - sprintf(temp, "%s%d", xterm_keys[n], mod); + sprintf(temp, "%.*s%d", 8, xterm_keys[n], mod); dumpit(temp); } } diff --git a/test/gdc.c b/test/gdc.c index 0a925b4e..4c662ecf 100644 --- a/test/gdc.c +++ b/test/gdc.c @@ -33,7 +33,7 @@ * modified 10-18-89 for curses (jrl) * 10-18-89 added signal handling * - * $Id: gdc.c,v 1.35 2012/06/09 20:30:32 tom Exp $ + * $Id: gdc.c,v 1.36 2012/12/29 22:51:57 tom Exp $ */ #include @@ -231,7 +231,7 @@ main(int argc, char *argv[]) drawbox(FALSE); do { - char buf[30]; + char buf[40]; time(&now); tm = localtime(&now); @@ -293,7 +293,7 @@ main(int argc, char *argv[]) } /* this depends on the detailed format of ctime(3) */ - (void) strcpy(buf, ctime(&now)); + (void) strncpy(buf, ctime(&now), 30); (void) strcpy(buf + 10, buf + 19); MvAddStr(16, 30, buf); diff --git a/test/ncurses.c b/test/ncurses.c index 9810bce3..15f73296 100644 --- a/test/ncurses.c +++ b/test/ncurses.c @@ -40,7 +40,7 @@ AUTHOR Author: Eric S. Raymond 1993 Thomas E. Dickey (beginning revision 1.27 in 1996). -$Id: ncurses.c,v 1.382 2012/12/09 00:56:24 tom Exp $ +$Id: ncurses.c,v 1.386 2012/12/29 23:37:55 tom Exp $ ***************************************************************************/ @@ -1919,7 +1919,7 @@ show_color_name(int y, int x, int color, bool wide) } else if (color < 0) { strcpy(temp, "default"); } else { - strcpy(temp, the_color_names[color]); + sprintf(temp, "%.*s", 16, the_color_names[color]); } printw("%-*.*s", width, width, temp); } @@ -3728,7 +3728,7 @@ show_2_wacs(int n, const char *name, const char *code, attr_t attr, short pair) MvPrintw(row, col, "%*s : ", COLS / 4, name); (void) attr_set(attr, pair, 0); - addstr(strcpy(temp, code)); + addstr(strncpy(temp, code, 20)); (void) attr_set(A_NORMAL, 0, 0); return n + 1; } @@ -5786,55 +5786,60 @@ edit_secure(FIELD * me, int c) if (field_info(me, &rows, &cols, &frow, &fcol, &nrow, &nbuf) == E_OK && nbuf > 0) { char *source = field_buffer(me, 1); - char temp[80]; + size_t have = (source ? strlen(source) : 0) + 1; + size_t need = 80 + have; + char *temp = malloc(need); long len; - strcpy(temp, source ? source : ""); - len = (long) (char *) field_userptr(me); - if (c <= KEY_MAX) { - if (isgraph(c) && (len + 1) < (int) sizeof(temp)) { - temp[len++] = (char) c; - temp[len] = 0; - set_field_buffer(me, 1, temp); - c = '*'; - } else { - c = 0; - } - } else { - switch (c) { - case REQ_BEG_FIELD: - case REQ_CLR_EOF: - case REQ_CLR_EOL: - case REQ_DEL_LINE: - case REQ_DEL_WORD: - case REQ_DOWN_CHAR: - case REQ_END_FIELD: - case REQ_INS_CHAR: - case REQ_INS_LINE: - case REQ_LEFT_CHAR: - case REQ_NEW_LINE: - case REQ_NEXT_WORD: - case REQ_PREV_WORD: - case REQ_RIGHT_CHAR: - case REQ_UP_CHAR: - c = 0; /* we don't want to do inline editing */ - break; - case REQ_CLR_FIELD: - if (len) { - temp[0] = 0; + if (temp != 0) { + strncpy(temp, source ? source : "", have + 1); + len = (long) (char *) field_userptr(me); + if (c <= KEY_MAX) { + if (isgraph(c) && (len + 1) < (int) sizeof(temp)) { + temp[len++] = (char) c; + temp[len] = 0; set_field_buffer(me, 1, temp); + c = '*'; + } else { + c = 0; } - break; - case REQ_DEL_CHAR: - case REQ_DEL_PREV: - if (len) { - temp[--len] = 0; - set_field_buffer(me, 1, temp); + } else { + switch (c) { + case REQ_BEG_FIELD: + case REQ_CLR_EOF: + case REQ_CLR_EOL: + case REQ_DEL_LINE: + case REQ_DEL_WORD: + case REQ_DOWN_CHAR: + case REQ_END_FIELD: + case REQ_INS_CHAR: + case REQ_INS_LINE: + case REQ_LEFT_CHAR: + case REQ_NEW_LINE: + case REQ_NEXT_WORD: + case REQ_PREV_WORD: + case REQ_RIGHT_CHAR: + case REQ_UP_CHAR: + c = 0; /* we don't want to do inline editing */ + break; + case REQ_CLR_FIELD: + if (len) { + temp[0] = 0; + set_field_buffer(me, 1, temp); + } + break; + case REQ_DEL_CHAR: + case REQ_DEL_PREV: + if (len) { + temp[--len] = 0; + set_field_buffer(me, 1, temp); + } + break; } - break; } + set_field_userptr(me, (void *) len); + free(temp); } - set_field_userptr(me, (void *) len); } return c; } diff --git a/test/newdemo.c b/test/newdemo.c index 566fc47c..825d6e46 100644 --- a/test/newdemo.c +++ b/test/newdemo.c @@ -2,7 +2,7 @@ * newdemo.c - A demo program using PDCurses. The program illustrate * the use of colours for text output. * - * $Id: newdemo.c,v 1.37 2012/11/17 23:27:50 tom Exp $ + * $Id: newdemo.c,v 1.39 2012/12/29 23:39:08 tom Exp $ */ #include @@ -222,7 +222,7 @@ main(int argc GCC_UNUSED, char *argv[]GCC_UNUSED) { WINDOW *win; int w, x, y, i, j, k; - char buffer[200]; + char buffer[SIZEOF(messages) * 80]; const char *message; int width, height; chtype save[80]; diff --git a/test/view.c b/test/view.c index 6a3c7507..76a88a30 100644 --- a/test/view.c +++ b/test/view.c @@ -50,7 +50,7 @@ * scroll operation worked, and the refresh() code only had to do a * partial repaint. * - * $Id: view.c,v 1.88 2012/12/01 23:19:49 tom Exp $ + * $Id: view.c,v 1.89 2012/12/29 22:38:28 tom Exp $ */ #include @@ -565,7 +565,7 @@ show_all(const char *tag) printw("%.*s", COLS, temp); clrtoeol(); this_time = time((time_t *) 0); - strcpy(temp, ctime(&this_time)); + strncpy(temp, ctime(&this_time), 30); if ((i = (int) strlen(temp)) != 0) { temp[--i] = 0; if (move(0, COLS - i - 2) != ERR)