Replace broken str* functions with safe versions.

src/share/grabbag/cuesheet.c

@@ -20,12 +20,13 @@
 #  include <config.h>
 #endif
 
-#include "share/grabbag.h"
-#include "share/compat.h"
-#include "FLAC/assert.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include "FLAC/assert.h"
+#include "share/compat.h"
+#include "share/grabbag.h"
+#include "share/safe_str.h"
 
 unsigned grabbag__cuesheet_msf_to_frame(unsigned minutes, unsigned seconds, unsigned frames)
 {
@@ -292,7 +293,7 @@ static FLAC__bool local__cuesheet_parse_(FILE *file, const char **error_message,
 					*error_message = "CD-DA CATALOG number must be 13 decimal digits";
 					return false;
 				}
-				strcpy(cs->media_catalog_number, field);
+				safe_strncpy(cs->media_catalog_number, field, sizeof(cs->media_catalog_number));
 				disc_has_catalog = true;
 			}
 			else if(0 == FLAC__STRCASECMP(field, "FLAGS")) {
@@ -421,7 +422,7 @@ static FLAC__bool local__cuesheet_parse_(FILE *file, const char **error_message,
 					*error_message = "invalid ISRC number";
 					return false;
 				}
-				strcpy(cs->tracks[cs->num_tracks-1].isrc, field);
+				safe_strncpy(cs->tracks[cs->num_tracks-1].isrc, field, sizeof(cs->tracks[cs->num_tracks-1].isrc));
 				track_has_isrc = true;
 			}
 			else if(0 == FLAC__STRCASECMP(field, "TRACK")) {

src/share/grabbag/replaygain.c

@@ -20,11 +20,6 @@
 #  include <config.h>
 #endif
 
-#include "share/grabbag.h"
-#include "share/replaygain_analysis.h"
-#include "FLAC/assert.h"
-#include "FLAC/metadata.h"
-#include "FLAC/stream_decoder.h"
 #include <locale.h>
 #include <math.h>
 #include <stdio.h>
@@ -35,6 +30,13 @@
 #endif
 #include <sys/stat.h> /* for stat(), maybe chmod() */
 
+#include "FLAC/assert.h"
+#include "FLAC/metadata.h"
+#include "FLAC/stream_decoder.h"
+#include "share/grabbag.h"
+#include "share/replaygain_analysis.h"
+#include "share/safe_str.h"
+
 #ifdef local_min
 #undef local_min
 #endif
@@ -591,8 +593,7 @@ static FLAC__bool parse_double_(const FLAC__StreamMetadata_VorbisComment_Entry *
 	if(0 == q)
 		return false;
 	q++;
-	memset(s, 0, sizeof(s)-1);
-	strncpy(s, q, local_min(sizeof(s)-1, (size_t) (entry->length - (q-p))));
+	safe_strncpy(s, q, local_min(sizeof(s), (size_t) (entry->length - (q-p))));
 
 	v = strtod(s, &end);
 	if(end == s)

src/share/utf8/charset_test.c

@@ -119,7 +119,7 @@ void test_utf8()
   assert(charset_mbtowc(charset, &wc, "\377\277\277\277\277\277", 9) == -1);
 
   /* Encoder */
-  strcpy(s, ".......");
+  safe_strncpy(s, ".......", sizeof(s));
   assert(charset_wctomb(charset, s, 1 << 31) == -1 &&
 	 !strcmp(s, "......."));
   assert(charset_wctomb(charset, s, 127) == 1 &&
@@ -161,7 +161,7 @@ void test_ascii()
   assert(charset_mbtowc(charset, &wc, "\200", 2) == -1);
 
   /* Encoder */
-  strcpy(s, "..");
+  safe_strncpy(s, "..", sizeof(s));
   assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, ".."));
   assert(charset_wctomb(charset, s, 255) == -1);
   assert(charset_wctomb(charset, s, 128) == -1);
@@ -182,7 +182,7 @@ void test_iso1()
   assert(charset_mbtowc(charset, &wc, "\302\200", 9) == 1 && wc == 0xc2);
 
   /* Encoder */
-  strcpy(s, "..");
+  safe_strncpy(s, "..", sizeof(s));
   assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, ".."));
   assert(charset_wctomb(charset, s, 255) == 1 && !strcmp(s, "\377."));
   assert(charset_wctomb(charset, s, 128) == 1 && !strcmp(s, "\200."));
@@ -203,7 +203,7 @@ void test_iso2()
   assert(charset_mbtowc(charset, &wc, "\377", 2) == 1 && wc == 0x2d9);
 
   /* Encoder */
-  strcpy(s, "..");
+  safe_strncpy(s, "..", sizeof(s));
   assert(charset_wctomb(charset, s, 256) == -1 && !strcmp(s, ".."));
   assert(charset_wctomb(charset, s, 255) == -1 && !strcmp(s, ".."));
   assert(charset_wctomb(charset, s, 258) == 1 && !strcmp(s, "\303."));
@@ -230,7 +230,7 @@ void test_convert()
   assert(charset_convert("UTF-8", "iso-8859-1",
 			 "\302\200\304\200x", 5, &q, &n) == 1 &&
 	 n == 3 && !strcmp(q, "\200?x"));
-  assert(charset_convert("iso-8859-1", "UTF-8", 
+  assert(charset_convert("iso-8859-1", "UTF-8",
 			 "\000\200\377", 3, &q, &n) == 0 &&
 	 n == 5 && !memcmp(q, "\000\302\200\303\277", 5));
   assert(charset_convert("iso-8859-1", "iso-8859-1",

src/share/utf8/iconvert.c

@@ -30,6 +30,7 @@
 
 #include "iconvert.h"
 #include "share/alloc.h"
+#include "share/safe_str.h"
 
 /*
  * Convert data from one encoding to another. Return:
@@ -76,18 +77,18 @@ int iconvert(const char *fromcode, const char *tocode,
       tocode[4] != '8' ||
       tocode[5] != '\0') {
     char *tocode1;
-
+	size_t dest_len = strlen(tocode) + 11;
     /*
      * Try using this non-standard feature of glibc and libiconv.
      * This is deliberately not a config option as people often
      * change their iconv library without rebuilding applications.
      */
-    tocode1 = safe_malloc_add_2op_(strlen(tocode), /*+*/11);
+    tocode1 = safe_malloc_(dest_len);
     if (!tocode1)
       goto fail;
 
-    strcpy(tocode1, tocode);
-    strcat(tocode1, "//TRANSLIT");
+    safe_strncpy(tocode1, tocode, dest_len);
+    safe_strncat(tocode1, "//TRANSLIT", dest_len);
     cd2 = iconv_open(tocode1, "UTF-8");
     free(tocode1);
 

src/share/utf8/utf8.c

@@ -31,6 +31,7 @@
 #include <string.h>
 
 #include "share/alloc.h"
+#include "share/safe_str.h"
 #include "utf8.h"
 #include "charset.h"
 
@@ -298,7 +299,7 @@ static int convert_string(const char *fromcode, const char *tocode,
   s = safe_malloc_add_2op_(fromlen, /*+*/1);
   if (!s)
     return -1;
-  strcpy(s, from);
+  safe_strncpy(s, from, fromlen + 1);
   *to = s;
   for (; *s; s++)
     if (*s & ~0x7f)