Use only safe string functions

configure.in

@@ -119,7 +119,7 @@ if test x$enable_libc = xyes; then
     if test x$ac_cv_func_strtod = xyes; then
         AC_DEFINE(HAVE_STRTOD)
     fi
-    AC_CHECK_FUNCS(malloc calloc realloc free getenv putenv unsetenv qsort abs bcopy memset memcpy memmove strlen strcpy strncpy strcat strncat strdup _strrev _strupr _strlwr strchr strrchr strstr itoa _ltoa _uitoa _ultoa strtol _i64toa _ui64toa strtoll atoi atof strcmp strncmp stricmp strcasecmp sscanf snprintf vsnprintf sigaction setjmp nanosleep)
+    AC_CHECK_FUNCS(malloc calloc realloc free getenv putenv unsetenv qsort abs bcopy memset memcpy memmove strlen strlcpy strlcat strdup _strrev _strupr _strlwr strchr strrchr strstr itoa _ltoa _uitoa _ultoa strtol _i64toa _ui64toa strtoll atoi atof strcmp strncmp stricmp strcasecmp sscanf snprintf vsnprintf sigaction setjmp nanosleep)
 
     AC_CHECK_LIB(m, pow, [BUILD_LIBS="$BUILD_LIBS -lm"])
 fi

include/SDL_config.h.in

@@ -87,10 +87,8 @@
 #undef HAVE_MEMMOVE
 #undef HAVE_MEMCMP
 #undef HAVE_STRLEN
-#undef HAVE_STRCPY
-#undef HAVE_STRNCPY
-#undef HAVE_STRCAT
-#undef HAVE_STRNCAT
+#undef HAVE_STRLCPY
+#undef HAVE_STRLCAT
 #undef HAVE_STRDUP
 #undef HAVE__STRREV
 #undef HAVE__STRUPR

include/SDL_stdinc.h

@@ -206,6 +206,9 @@ extern DECLSPEC void SDLCALL SDL_qsort(void *base, size_t nmemb, size_t size,
 #define SDL_abs(X)	((X) < 0 ? -(X) : (X))
 #endif
 
+#define SDL_min(x, y)	(((x) < (y)) ? (x) : (y))
+#define SDL_max(x, y)	(((x) > (y)) ? (x) : (y))
+
 #if HAVE_CTYPE_H
 #define SDL_isdigit(X)  isdigit(X)
 #define SDL_isspace(X)  isspace(X)
@@ -355,28 +358,16 @@ extern DECLSPEC int SDLCALL SDL_memcmp(const void *s1, const void *s2, size_t le
 extern DECLSPEC size_t SDLCALL SDL_strlen(const char *string);
 #endif
 
-#if HAVE_STRCPY
-#define SDL_strcpy     strcpy
-#else
-extern DECLSPEC char * SDLCALL SDL_strcpy(char *dst, const char *src);
-#endif
-
-#if HAVE_STRNCPY
-#define SDL_strncpy     strncpy
-#else
-extern DECLSPEC char * SDLCALL SDL_strncpy(char *dst, const char *src, size_t maxlen);
-#endif
-
-#if HAVE_STRCAT
-#define SDL_strcat     strcat
+#if HAVE_STRLCPY
+#define SDL_strlcpy     strlcpy
 #else
-#define SDL_strcat(dst, src)    (SDL_strcpy(dst+SDL_strlen(dst), src), dst)
+extern DECLSPEC size_t SDLCALL SDL_strlcpy(char *dst, const char *src, size_t maxlen);
 #endif
 
-#if HAVE_STRNCAT
-#define SDL_strncat    strncat
+#if HAVE_STRLCAT
+#define SDL_strlcat    strlcat
 #else
-#define SDL_strncat(dst, src, n) (SDL_strncpy(dst+SDL_strlen(dst), src, n), dst)
+extern DECLSPEC size_t SDLCALL SDL_strlcat(char *dst, const char *src, size_t maxlen);
 #endif
 
 #if HAVE_STRDUP

src/SDL_error.c

@@ -59,8 +59,7 @@ void SDL_SetError (const char *fmt, ...)
 	/* Copy in the key, mark error as valid */
 	error = SDL_GetErrBuf();
 	error->error = 1;
-	SDL_strncpy((char *)error->key, fmt, sizeof(error->key));
-	error->key[sizeof(error->key)-1] = '\0';
+	SDL_strlcpy((char *)error->key, fmt, sizeof(error->key));
 
 	va_start(ap, fmt);
 	error->argc = 0;
@@ -94,8 +93,7 @@ void SDL_SetError (const char *fmt, ...)
 				  char *str = va_arg(ap, char *);
 				  if (str == NULL)
 				      str = "(null)";
-				  SDL_strncpy((char *)error->args[index].buf, str, ERR_MAX_STRLEN);
-				  error->args[index].buf[ERR_MAX_STRLEN-1] = 0;
+				  SDL_strlcpy((char *)error->args[index].buf, str, ERR_MAX_STRLEN);
 				  error->argc++;
 				}
 				break;
@@ -251,8 +249,7 @@ Uint8 *SDL_GetErrorMsg(Uint8 *errstr, unsigned int maxlen)
 	/* Allocate the UNICODE buffer */
 	errstr16 = (Uint16 *)SDL_malloc(maxlen * (sizeof *errstr16));
 	if ( ! errstr16 ) {
-		SDL_strncpy((char *)errstr, "Out of memory", maxlen);
-		errstr[maxlen-1] = '\0';
+		SDL_strlcpy((char *)errstr, "Out of memory", maxlen);
 		return(errstr);
 	}
 

src/audio/SDL_audio.c

@@ -373,8 +373,7 @@ int SDL_AudioInit(const char *driver_name)
 char *SDL_AudioDriverName(char *namebuf, int maxlen)
 {
 	if ( current_audio != NULL ) {
-		SDL_strncpy(namebuf, current_audio->name, maxlen-1);
-		namebuf[maxlen-1] = '\0';
+		SDL_strlcpy(namebuf, current_audio->name, maxlen);
 		return(namebuf);
 	}
 	return(NULL);

src/audio/SDL_audiodev.c

@@ -89,7 +89,7 @@ int SDL_OpenAudioPath(char *path, int maxlen, int flags, int classic)
 		audiodev = audiopath;
 	}
 	if ( path != NULL ) {
-		SDL_strncpy(path, audiodev, maxlen);
+		SDL_strlcpy(path, audiodev, maxlen);
 		path[maxlen-1] = '\0';
 	}
 	return(audio_fd);
@@ -136,7 +136,7 @@ static int OpenUserDefinedDevice(char *path, int maxlen, int flags)
 	}
 	audio_fd = open(audiodev, flags, 0);
 	if ( path != NULL ) {
-		SDL_strncpy(path, audiodev, maxlen);
+		SDL_strlcpy(path, audiodev, maxlen);
 		path[maxlen-1] = '\0';
 	}
 	return audio_fd;
@@ -166,8 +166,7 @@ int SDL_OpenAudioPath(char *path, int maxlen, int flags, int classic)
 	    audio_fd = open(audiopath, flags, 0);
 	    if ( audio_fd > 0 ) {
 		if ( path != NULL ) {
-		    SDL_strncpy( path, audiopath, maxlen );
-		    path[maxlen-1] = '\0';
+		    SDL_strlcpy( path, audiopath, maxlen );
 		}
 	        return audio_fd;
 	    }

src/audio/alsa/SDL_alsa_audio.c

@@ -124,7 +124,7 @@ static int LoadALSALibrary(void) {
 	if (alsa_handle) {
 		alsa_loaded = 1;
 		retval = 0;
-		for (i = 0; i < SDL_TABLESIZE(alsa_functions); i++) {
+		for (i = 0; i < SDL_arraysize(alsa_functions); i++) {
 /*			*alsa_functions[i].func = SDL_LoadFunction(alsa_handle,alsa_functions[i].name);*/
 #if HAVE_DLVSYM
 			*alsa_functions[i].func = dlvsym(alsa_handle,alsa_functions[i].name,"ALSA_0.9");

src/audio/arts/SDL_artsaudio.c

@@ -90,7 +90,7 @@ static int LoadARTSLibrary(void)
 	if ( arts_handle ) {
 		arts_loaded = 1;
 		retval = 0;
-		for ( i=0; i<SDL_TABLESIZE(arts_functions); ++i ) {
+		for ( i=0; i<SDL_arraysize(arts_functions); ++i ) {
 			*arts_functions[i].func = SDL_LoadFunction(arts_handle, arts_functions[i].name);
 			if ( !*arts_functions[i].func ) {
 				retval = -1;

src/audio/esd/SDL_esdaudio.c

@@ -85,7 +85,7 @@ static int LoadESDLibrary(void)
 	if ( esd_handle ) {
 		esd_loaded = 1;
 		retval = 0;
-		for ( i=0; i<SDL_TABLESIZE(esd_functions); ++i ) {
+		for ( i=0; i<SDL_arraysize(esd_functions); ++i ) {
 			*esd_functions[i].func = SDL_LoadFunction(esd_handle, esd_functions[i].name);
 			if ( !*esd_functions[i].func ) {
 				retval = -1;

src/cdrom/aix/SDL_syscdrom.c

@@ -124,12 +124,11 @@ static void AddDrive(char *drive, struct stat *stbuf)
 
 		/* Add this drive to our list */
 		i = SDL_numcds;
-		SDL_cdlist[i] = (char *)SDL_malloc(SDL_strlen(drive)+1);
+		SDL_cdlist[i] = SDL_strdup(drive);
 		if ( SDL_cdlist[i] == NULL ) {
 			SDL_OutOfMemory();
 			return;
 		}
-		SDL_strcpy(SDL_cdlist[i], drive);
 		SDL_cdmode[i] = stbuf->st_rdev;
 		++SDL_numcds;
 #ifdef DEBUG_CDROM
@@ -302,9 +301,10 @@ int  SDL_SYS_CDInit(void)
 	SDLcdrom = SDL_getenv("SDL_CDROM");	/* ':' separated list of devices */
 	if ( SDLcdrom != NULL ) {
 		char *cdpath, *delim;
-		cdpath = SDL_malloc(SDL_strlen(SDLcdrom)+1);
+		size_t len = SDL_strlen(SDLcdrom)+1;
+		cdpath = SDL_stack_alloc(char, len);
 		if ( cdpath != NULL ) {
-			SDL_strcpy(cdpath, SDLcdrom);
+			SDL_strlcpy(cdpath, SDLcdrom, len);
 			SDLcdrom = cdpath;
 			do {
 				delim = SDL_strchr(SDLcdrom, ':');
@@ -323,7 +323,7 @@ int  SDL_SYS_CDInit(void)
 					SDLcdrom = NULL;
 				}
 			} while ( SDLcdrom );
-			SDL_free(cdpath);
+			SDL_stack_free(cdpath);
 		}
 
 		/* If we found our drives, there's nothing left to do */
@@ -360,21 +360,23 @@ static int SDL_SYS_CDOpen(int drive)
     int   fd;
     char* lastsl;
     char* cdromname;
+    size_t len;
 
     /*
      * We found /dev/cd? drives and that is in our list. But we can
      * open only the /dev/rcd? versions of those devices for Audio CD.
      */
-    cdromname = (char*)SDL_malloc( SDL_strlen(SDL_cdlist[drive]+2) );
-    SDL_strcpy(cdromname,SDL_cdlist[drive]);
+    len = SDL_strlen(SDL_cdlist[drive])+2;
+    cdromname = (char*)SDL_malloc(len);
+    SDL_strlcpy(cdromname,SDL_cdlist[drive],len);
     lastsl = SDL_strrchr(cdromname,'/');
     if (lastsl) {
 	*lastsl = 0;
-	strcat(cdromname,"/r");
+	SDL_strlcat(cdromname,"/r",len);
 	lastsl = SDL_strrchr(SDL_cdlist[drive],'/');
 	if (lastsl) {
 	    lastsl++;
-	    strcat(cdromname,lastsl);
+	    SDL_strlcat(cdromname,lastsl,len);
 	}
     }
 

src/cdrom/bsdi/SDL_syscdrom.c

@@ -224,12 +224,11 @@ static void AddDrive(char *drive, struct stat *stbuf)
 
 		/* Add this drive to our list */
 		i = SDL_numcds;
-		SDL_cdlist[i] = (char *)SDL_malloc(SDL_strlen(drive)+1);
+		SDL_cdlist[i] = SDL_strdup(drive);
 		if ( SDL_cdlist[i] == NULL ) {
 			SDL_OutOfMemory();
 			return;
 		}
-		SDL_strcpy(SDL_cdlist[i], drive);
 		SDL_cdmode[i] = stbuf->st_rdev;
 		++SDL_numcds;
 #ifdef DEBUG_CDROM
@@ -265,9 +264,10 @@ int  SDL_SYS_CDInit(void)
 	SDLcdrom = SDL_getenv("SDL_CDROM");	/* ':' separated list of devices */
 	if ( SDLcdrom != NULL ) {
 		char *cdpath, *delim;
-		cdpath = SDL_malloc(SDL_strlen(SDLcdrom)+1);
+		size_t len = SDL_strlen(SDLcdrom)+1;
+		cdpath = SDL_stack_alloc(char, len);
 		if ( cdpath != NULL ) {
-			SDL_strcpy(cdpath, SDLcdrom);
+			SDL_strlcpy(cdpath, SDLcdrom, len);
 			SDLcdrom = cdpath;
 			do {
 				delim = SDL_strchr(SDLcdrom, ':');
@@ -283,7 +283,7 @@ int  SDL_SYS_CDInit(void)
 					SDLcdrom = NULL;
 				}
 			} while ( SDLcdrom );
-			SDL_free(cdpath);
+			SDL_stack_free(cdpath);
 		}
 
 		/* If we found our drives, there's nothing left to do */

src/cdrom/freebsd/SDL_syscdrom.c

@@ -110,12 +110,11 @@ static void AddDrive(char *drive, struct stat *stbuf)
 
 		/* Add this drive to our list */
 		i = SDL_numcds;
-		SDL_cdlist[i] = (char *)SDL_malloc(SDL_strlen(drive)+1);
+		SDL_cdlist[i] = SDL_strdup(drive);
 		if ( SDL_cdlist[i] == NULL ) {
 			SDL_OutOfMemory();
 			return;
 		}
-		SDL_strcpy(SDL_cdlist[i], drive);
 		SDL_cdmode[i] = stbuf->st_rdev;
 		++SDL_numcds;
 #ifdef DEBUG_CDROM
@@ -152,9 +151,10 @@ int  SDL_SYS_CDInit(void)
 	SDLcdrom = SDL_getenv("SDL_CDROM");	/* ':' separated list of devices */
 	if ( SDLcdrom != NULL ) {
 		char *cdpath, *delim;
-		cdpath = SDL_malloc(SDL_strlen(SDLcdrom)+1);
+		size_t len = SDL_strlen(SDLcdrom)+1;
+		cdpath = SDL_stack_alloc(char, len);
 		if ( cdpath != NULL ) {
-			SDL_strcpy(cdpath, SDLcdrom);
+			SDL_strlcpy(cdpath, SDLcdrom, len);
 			SDLcdrom = cdpath;
 			do {
 				delim = SDL_strchr(SDLcdrom, ':');
@@ -170,7 +170,7 @@ int  SDL_SYS_CDInit(void)
 					SDLcdrom = NULL;
 				}
 			} while ( SDLcdrom );
-			SDL_free(cdpath);
+			SDL_stack_free(cdpath);
 		}
 
 		/* If we found our drives, there's nothing left to do */

src/cdrom/linux/SDL_syscdrom.c

@@ -167,12 +167,11 @@ static void AddDrive(char *drive, struct stat *stbuf)
 
 		/* Add this drive to our list */
 		i = SDL_numcds;
-		SDL_cdlist[i] = (char *)SDL_malloc(SDL_strlen(drive)+1);
+		SDL_cdlist[i] = SDL_strdup(drive);
 		if ( SDL_cdlist[i] == NULL ) {
 			SDL_OutOfMemory();
 			return;
 		}
-		SDL_strcpy(SDL_cdlist[i], drive);
 		SDL_cdmode[i] = stbuf->st_rdev;
 		++SDL_numcds;
 #ifdef DEBUG_CDROM
@@ -192,21 +191,25 @@ static void CheckMounts(const char *mtab)
 	if ( mntfp != NULL ) {
 		char *tmp;
 		char *mnt_type;
+		size_t mnt_type_len;
 		char *mnt_dev;
+		size_t mnt_dev_len;
 
 		while ( (mntent=getmntent(mntfp)) != NULL ) {
-			mnt_type = SDL_malloc(SDL_strlen(mntent->mnt_type) + 1);
+			mnt_type_len = SDL_strlen(mntent->mnt_type) + 1;
+			mnt_type = SDL_stack_alloc(char, mnt_type_len);
 			if (mnt_type == NULL)
 				continue;  /* maybe you'll get lucky next time. */
 
-			mnt_dev = SDL_malloc(SDL_strlen(mntent->mnt_fsname) + 1);
+			mnt_dev_len = SDL_strlen(mntent->mnt_fsname) + 1;
+			mnt_dev = SDL_stack_alloc(char, mnt_dev_len);
 			if (mnt_dev == NULL) {
-				SDL_free(mnt_type);
+				SDL_stack_free(mnt_type);
 				continue;
 			}
 
-			SDL_strcpy(mnt_type, mntent->mnt_type);
-			SDL_strcpy(mnt_dev, mntent->mnt_fsname);
+			SDL_strlcpy(mnt_type, mntent->mnt_type, mnt_type_len);
+			SDL_strlcpy(mnt_dev, mntent->mnt_fsname, mnt_dev_len);
 
 			/* Handle "supermount" filesystem mounts */
 			if ( SDL_strcmp(mnt_type, MNTTYPE_SUPER) == 0 ) {
@@ -242,8 +245,8 @@ static void CheckMounts(const char *mtab)
 					AddDrive(mnt_dev, &stbuf);
 				}
 			}
-			SDL_free(mnt_dev);
-			SDL_free(mnt_type);
+			SDL_stack_free(mnt_dev);
+			SDL_stack_free(mnt_type);
 		}
 		endmntent(mntfp);
 	}
@@ -277,9 +280,10 @@ int  SDL_SYS_CDInit(void)
 	SDLcdrom = SDL_getenv("SDL_CDROM");	/* ':' separated list of devices */
 	if ( SDLcdrom != NULL ) {
 		char *cdpath, *delim;
-		cdpath = SDL_malloc(SDL_strlen(SDLcdrom)+1);
+		size_t len = SDL_strlen(SDLcdrom)+1;
+		cdpath = SDL_stack_alloc(char, len);
 		if ( cdpath != NULL ) {
-			SDL_strcpy(cdpath, SDLcdrom);
+			SDL_strlcpy(cdpath, SDLcdrom, len);
 			SDLcdrom = cdpath;
 			do {
 				delim = SDL_strchr(SDLcdrom, ':');
@@ -298,7 +302,7 @@ int  SDL_SYS_CDInit(void)
 					SDLcdrom = NULL;
 				}
 			} while ( SDLcdrom );
-			SDL_free(cdpath);
+			SDL_stack_free(cdpath);
 		}
 
 		/* If we found our drives, there's nothing left to do */