Skip to content

Commit

Permalink
Cleaning up usage of strncpy() and snprintf() to prevent a crash
Browse files Browse the repository at this point in the history
  • Loading branch information
@iccir
iccir committed Mar 3, 2012
1 parent 8217381 commit 9540eb6
Show file tree
Hide file tree
Showing 8 changed files with 101 additions and 177 deletions.
20 changes: 8 additions & 12 deletions source/Processors/Exe32Processor.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -797,11 +797,9 @@ - (void)processCodeLine: (Line**)ioLine;
strstr(theOrigCommentCString, "; symbol stub for: ");

if (theSubstring)
strncpy(theCommentCString, &theOrigCommentCString[19],
strlen(&theOrigCommentCString[19]) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", &theOrigCommentCString[19]);
else
strncpy(theCommentCString, theOrigCommentCString,
strlen(theOrigCommentCString) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", theOrigCommentCString);
}

BOOL needFuncName = NO;
Expand Down Expand Up @@ -1036,11 +1034,9 @@ - (void)processCodeLine: (Line**)ioLine;
tempComment[j] = 0;

if (iLineOperandsCString[0])
strncpy(theCommentCString, tempComment,
strlen(tempComment) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", tempComment);
else
strncpy(iLineOperandsCString, tempComment,
strlen(tempComment) + 1);
snprintf(iLineOperandsCString, MAX_COMMENT_LENGTH, "%s", tempComment);

// Fill up commentSpaces based on operands field width.
SInt32 k = (SInt32)(iFieldWidths.operands - strlen(iLineOperandsCString));
Expand Down Expand Up @@ -1269,29 +1265,29 @@ - (void)processCodeLine: (Line**)ioLine;
char theFinalCString[MAX_LINE_LENGTH] = "";

if (iOpts.localOffsets && iOpts.showCode)
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
finalFormatCString, localOffsetString,
addrSpaces, theAddressCString,
instSpaces, theCodeCString,
mnemSpaces, theMnemonicCString,
opSpaces, iLineOperandsCString,
commentSpaces, theCommentCString);
else if (iOpts.localOffsets)
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
finalFormatCString, localOffsetString,
addrSpaces, theAddressCString,
instSpaces, theMnemonicCString,
opSpaces, iLineOperandsCString,
commentSpaces, theCommentCString);
else if (iOpts.showCode)
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
addrSpaces, theAddressCString,
instSpaces, theCodeCString,
mnemSpaces, theMnemonicCString,
opSpaces, iLineOperandsCString,
commentSpaces, theCommentCString);
else
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
finalFormatCString, theAddressCString,
instSpaces, theMnemonicCString,
opSpaces, iLineOperandsCString,
Expand Down
16 changes: 6 additions & 10 deletions source/Processors/Exe64Processor.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -789,11 +789,9 @@ - (void)processCodeLine: (Line64**)ioLine;
strstr(theOrigCommentCString, "; symbol stub for: ");

if (theSubstring)
strncpy(theCommentCString, &theOrigCommentCString[19],
strlen(&theOrigCommentCString[19]) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", &theOrigCommentCString[19]);
else
strncpy(theCommentCString, theOrigCommentCString,
strlen(theOrigCommentCString) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", theOrigCommentCString);
}

BOOL needFuncName = NO;
Expand Down Expand Up @@ -994,11 +992,9 @@ - (void)processCodeLine: (Line64**)ioLine;
tempComment[j] = 0;

if (iLineOperandsCString[0])
strncpy(theCommentCString, tempComment,
strlen(tempComment) + 1);
snprintf(theCommentCString, MAX_COMMENT_LENGTH, "%s", tempComment);
else
strncpy(iLineOperandsCString, tempComment,
strlen(tempComment) + 1);
snprintf(iLineOperandsCString, MAX_COMMENT_LENGTH, "%s", tempComment);

// Terminate commentSpaces based on operands field width.
size_t opLength = strlen(iLineOperandsCString);
Expand Down Expand Up @@ -1221,15 +1217,15 @@ - (void)processCodeLine: (Line64**)ioLine;
char theFinalCString[MAX_LINE_LENGTH] = "";

if (iOpts.localOffsets)
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
finalFormatCString, localOffsetString,
addrSpaces, theAddressCString,
instSpaces, theCodeCString,
mnemSpaces, theMnemonicCString,
opSpaces, iLineOperandsCString,
commentSpaces, theCommentCString);
else
snprintf(theFinalCString, MAX_LINE_LENGTH - 1,
snprintf(theFinalCString, MAX_LINE_LENGTH,
finalFormatCString, theAddressCString,
instSpaces, theCodeCString,
mnemSpaces, theMnemonicCString,
Expand Down
2 changes: 1 addition & 1 deletion source/Processors/ExeProcessor.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ enum {
#define MAX_FIELD_SPACES " " // 50 spaces
#define MAX_FORMAT_LENGTH 50 // snprintf() format string
#define MAX_OPERANDS_LENGTH 1000
#define MAX_COMMENT_LENGTH 2000
#define MAX_COMMENT_LENGTH 32
#define MAX_LINE_LENGTH 10000
#define MAX_TYPE_STRING_LENGTH 200 // for encoded ObjC data types
#define MAX_MD5_LINE 40 // for the md5 pipe
Expand Down
3 changes: 1 addition & 2 deletions source/Processors/ExeProcessor.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -346,8 +346,7 @@ - (void)getDescription: (char*)ioCString
[self getDescription:theCType forType:&inTypeCode[theNextChar]];
isArray = NO;

snprintf(theTypeCString, MAX_TYPE_STRING_LENGTH - 1, "%s[%s]",
theCType, theArrayCCount);
snprintf(theTypeCString, MAX_TYPE_STRING_LENGTH, "%s[%s]", theCType, theArrayCCount);

break;
}
Expand Down
60 changes: 24 additions & 36 deletions source/Processors/PPC64Processor.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,15 +217,13 @@ - (void)commentForLine: (Line64*)inLine;
theTypeCString[0] = 0;

[self getDescription:theTypeCString forType:[self getPointer:theIvar->type type:NULL]];
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s (%s)%s",
tempComment, theTypeCString, theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s (%s)%s", tempComment, theTypeCString, theSymPtr);
}
else
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s %s",
tempComment, theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s %s", tempComment, theSymPtr);
}
else // !mReginfos[5].isValid
strncpy(iLineCommentCString, tempComment, strlen(tempComment) + 1);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", tempComment);

break;
}
Expand Down Expand Up @@ -306,15 +304,12 @@ - (void)commentForLine: (Line64*)inLine;
strncpy(iLineOperandsCString, " ", 2);

if (iRegInfos[3].className != NULL)
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1,
"+[%s %s]", iRegInfos[3].className, sel);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "+[%s %s]", iRegInfos[3].className, sel);
else // Instance method?
if (iRegInfos[3].isValid)
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1,
"objc_msgSend(%%r3, %s)", sel);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "objc_msgSend(%%r3, %s)", sel);
else
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1,
"-[%%r3 %s]", sel);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "-[%%r3 %s]", sel);
}

// Print value of ctr, ignoring the low 2 bits.
Expand Down Expand Up @@ -365,11 +360,11 @@ - (void)commentForLine: (Line64*)inLine;
theTypeCString[0] = 0;

[self getDescription:theTypeCString forType:[self getPointer:theIvar->type type:NULL]];
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "(%s)%s",
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "(%s)%s",
theTypeCString, theSymPtr);
}
else
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s", theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theSymPtr);
}
}
else
Expand Down Expand Up @@ -436,11 +431,10 @@ - (void)commentForLine: (Line64*)inLine;
theTypeCString[0] = 0;

[self getDescription:theTypeCString forType:[self getPointer:theIvar->type type:NULL]];
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "(%s)%s",
theTypeCString, theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "(%s)%s", theTypeCString, theSymPtr);
}
else
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s", theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theSymPtr);
}
}
else // absolute address
Expand Down Expand Up @@ -607,8 +601,7 @@ - (void)commentForLine: (Line64*)inLine;
snprintf(iLineCommentCString, 255,
"%*s", theSymPtr[0], theSymPtr + 1);
else
snprintf(iLineCommentCString,
MAX_COMMENT_LENGTH - 1, "%s", theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theSymPtr);
}
} // if (theSymPtr)
else
Expand Down Expand Up @@ -652,7 +645,7 @@ - (void)commentForLine: (Line64*)inLine;
[self getObjcDescription:&symName fromObject:theSymPtr type:type];

if (symName)
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s", symName);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", symName);

break;

Expand All @@ -662,7 +655,7 @@ - (void)commentForLine: (Line64*)inLine;
case OCProtoListType:
case OCMsgRefType:
case OCSelRefType:
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s", theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theSymPtr);
break;

default:
Expand Down Expand Up @@ -693,11 +686,10 @@ - (void)commentForLine: (Line64*)inLine;
theTypeCString[0] = 0;

[self getDescription:theTypeCString forType:[self getPointer:foundIvar->type type:NULL]];
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "(%s)%s",
theTypeCString, theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "(%s)%s", theTypeCString, theSymPtr);
}
else
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH - 1, "%s", theSymPtr);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theSymPtr);
}
}
}
Expand Down Expand Up @@ -758,14 +750,12 @@ - (void)commentForSystemCall
snprintf(iLineCommentCString, 40, "%s(%s)",
theTempComment, "PT_DENY_ATTACH");
else
strncpy(iLineCommentCString, theTempComment,
strlen(theTempComment) + 1);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theTempComment);

break;

default:
strncpy(iLineCommentCString, theTempComment,
strlen(theTempComment) + 1);
snprintf(iLineCommentCString, MAX_COMMENT_LENGTH, "%s", theTempComment);

break;
}
Expand Down Expand Up @@ -964,7 +954,7 @@ - (void)commentForMsgSend: (char*)ioComment

if (className)
{
snprintf(tempComment, MAX_COMMENT_LENGTH - 1,
snprintf(tempComment, MAX_COMMENT_LENGTH,
((sendType == sendSuper || sendType == sendSuper_stret) ?
"+%s[[%s super] %s]" : "+%s[%s %s]"),
returnTypeString, className, selString);
Expand All @@ -976,19 +966,19 @@ - (void)commentForMsgSend: (char*)ioComment
case send:
case send_rtp:
case send_variadic:
snprintf(tempComment, MAX_COMMENT_LENGTH - 1, "-%s[r3 %s]", returnTypeString, selString);
snprintf(tempComment, MAX_COMMENT_LENGTH, "-%s[r3 %s]", returnTypeString, selString);
break;

case sendSuper:
snprintf(tempComment, MAX_COMMENT_LENGTH - 1, "-%s[[r3 super] %s]", returnTypeString, selString);
snprintf(tempComment, MAX_COMMENT_LENGTH, "-%s[[r3 super] %s]", returnTypeString, selString);
break;

case send_stret:
snprintf(tempComment, MAX_COMMENT_LENGTH - 1, "-%s[r4 %s]", returnTypeString, selString);
snprintf(tempComment, MAX_COMMENT_LENGTH, "-%s[r4 %s]", returnTypeString, selString);
break;

case sendSuper_stret:
snprintf(tempComment, MAX_COMMENT_LENGTH - 1, "-%s[[r4 super] %s]", returnTypeString, selString);
snprintf(tempComment, MAX_COMMENT_LENGTH, "-%s[[r4 super] %s]", returnTypeString, selString);
break;

default:
Expand Down Expand Up @@ -1029,12 +1019,10 @@ - (void)commentForMsgSend: (char*)ioComment
theTypeCString[0] = 0;

[self getDescription:theTypeCString forType:[self getPointer:theIvar->type type:NULL]];
snprintf(tempComment, MAX_COMMENT_LENGTH - 1, " (%s)%s",
theTypeCString, theSymPtr);
snprintf(tempComment, MAX_COMMENT_LENGTH, " (%s)%s", theTypeCString, theSymPtr);
}
else
snprintf(tempComment,
MAX_COMMENT_LENGTH - 1, " %s", theSymPtr);
snprintf(tempComment, MAX_COMMENT_LENGTH, " %s", theSymPtr);

strncat(ioComment, tempComment, strlen(tempComment));
}
Expand Down
Loading

0 comments on commit 9540eb6

Please sign in to comment.