Skip to content

Commit

Permalink
Replace all calls to strncpy with strlcpy, use strdup more, expose st…
Browse files Browse the repository at this point in the history
…rlcat

strlcpy doesn't zero the buffer and ensures null termination,
just like snprintf

strlcat is already used by mjs and it's a safe alternative to strcat,
so it should be OK to expose to apps
  • Loading branch information
CookiePLMonster committed Sep 5, 2024
1 parent c632691 commit d7bce62
Show file tree
Hide file tree
Showing 24 changed files with 66 additions and 63 deletions.
4 changes: 2 additions & 2 deletions applications/debug/rpc_debug_app/rpc_debug_app.c
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ static void rpc_debug_app_tick_event_callback(void* context) {
static void
rpc_debug_app_format_hex(const uint8_t* data, size_t data_size, char* buf, size_t buf_size) {
if(data == NULL || data_size == 0) {
strncpy(buf, "<Data empty>", buf_size);
strlcpy(buf, "<Data empty>", buf_size);
return;
}

Expand Down Expand Up @@ -60,7 +60,7 @@ static void rpc_debug_app_rpc_command_callback(const RpcAppSystemEvent* event, v
furi_assert(event->data.type == RpcAppSystemEventDataTypeBytes);

rpc_debug_app_format_hex(
event->data.bytes.ptr, event->data.bytes.size, app->text_store, TEXT_STORE_SIZE);
event->data.bytes.ptr, event->data.bytes.size, app->text_store, sizeof(text_store));

view_dispatcher_send_custom_event(
app->view_dispatcher, RpcDebugAppCustomEventRpcDataExchange);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ static void rpc_debug_app_scene_input_error_code_result_callback(void* context)

void rpc_debug_app_scene_input_error_code_on_enter(void* context) {
RpcDebugApp* app = context;
strncpy(app->text_store, "666", TEXT_STORE_SIZE);
strlcpy(app->text_store, "666", sizeof(app->text_store));
text_input_set_header_text(app->text_input, "Enter error code");
text_input_set_validator(
app->text_input, rpc_debug_app_scene_input_error_code_validator_callback, NULL);
Expand All @@ -35,7 +35,7 @@ void rpc_debug_app_scene_input_error_code_on_enter(void* context) {
rpc_debug_app_scene_input_error_code_result_callback,
app,
app->text_store,
TEXT_STORE_SIZE,
sizeof(app->text_store),
true);
view_dispatcher_switch_to_view(app->view_dispatcher, RpcDebugAppViewTextInput);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ static void rpc_debug_app_scene_input_error_text_result_callback(void* context)

void rpc_debug_app_scene_input_error_text_on_enter(void* context) {
RpcDebugApp* app = context;
strncpy(app->text_store, "I'm a scary error message!", TEXT_STORE_SIZE);
strlcpy(app->text_store, "I'm a scary error message!", sizeof(app->text_store));
text_input_set_header_text(app->text_input, "Enter error text");
text_input_set_result_callback(
app->text_input,
rpc_debug_app_scene_input_error_text_result_callback,
app,
app->text_store,
TEXT_STORE_SIZE,
sizeof(app->text_store),
true);
view_dispatcher_switch_to_view(app->view_dispatcher, RpcDebugAppViewTextInput);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

void rpc_debug_app_scene_receive_data_exchange_on_enter(void* context) {
RpcDebugApp* app = context;
strncpy(app->text_store, "Received data will appear here...", TEXT_STORE_SIZE);
strlcpy(app->text_store, "Received data will appear here...", sizeof(app->text_store));

text_box_set_text(app->text_box, app->text_store);
text_box_set_font(app->text_box, TextBoxFontHex);
Expand Down
6 changes: 3 additions & 3 deletions applications/examples/example_thermo/example_thermo.c
Original file line number Diff line number Diff line change
Expand Up @@ -228,7 +228,7 @@ static void example_thermo_draw_callback(Canvas* canvas, void* ctx) {

snprintf(
text_store,
TEXT_STORE_SIZE,
sizeof(text_store),
"to GPIO pin %ld",
furi_hal_resources_get_ext_pin_number(&THERMO_GPIO_PIN));
canvas_draw_str_aligned(canvas, middle_x, 42, AlignCenter, AlignBottom, text_store);
Expand All @@ -254,10 +254,10 @@ static void example_thermo_draw_callback(Canvas* canvas, void* ctx) {
furi_crash("Illegal measurement units");
}
/* If a reading is available, display it */
snprintf(text_store, TEXT_STORE_SIZE, "Temperature: %+.1f%c", (double)temp, temp_units);
snprintf(text_store, sizeof(text_store), "Temperature: %+.1f%c", (double)temp, temp_units);
} else {
/* Or show a message that no data is available */
strncpy(text_store, "-- No data --", TEXT_STORE_SIZE);
strlcpy(text_store, "-- No data --", sizeof(text_store));
}

canvas_draw_str_aligned(canvas, middle_x, 58, AlignCenter, AlignBottom, text_store);
Expand Down
2 changes: 1 addition & 1 deletion applications/main/archive/scenes/archive_scene_delete.c
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ void archive_scene_delete_on_enter(void* context) {

FuriString* filename_no_ext = furi_string_alloc();
path_extract_filename(current->path, filename_no_ext, true);
strlcpy(app->text_store, furi_string_get_cstr(filename_no_ext), MAX_NAME_LEN);
strlcpy(app->text_store, furi_string_get_cstr(filename_no_ext), sizeof(app->text_store));
furi_string_free(filename_no_ext);

path_extract_filename(current->path, filename, false);
Expand Down
2 changes: 1 addition & 1 deletion applications/main/archive/scenes/archive_scene_rename.c
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ void archive_scene_rename_on_enter(void* context) {
FuriString* filename;
filename = furi_string_alloc();
path_extract_filename(current->path, filename, is_file);
strlcpy(archive->text_store, furi_string_get_cstr(filename), MAX_NAME_LEN);
strlcpy(archive->text_store, furi_string_get_cstr(filename), sizeof(archive->text_store));

if(is_file) {
path_extract_extension(current->path, archive->file_extension, MAX_EXT_LEN);
Expand Down
4 changes: 2 additions & 2 deletions applications/main/bad_usb/views/bad_usb_view.c
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ void bad_usb_view_set_file_name(BadUsb* bad_usb, const char* name) {
with_view_model(
bad_usb->view,
BadUsbModel * model,
{ strlcpy(model->file_name, name, MAX_NAME_LEN); },
{ strlcpy(model->file_name, name, sizeof(model->file_name)); },
true);
}

Expand All @@ -247,7 +247,7 @@ void bad_usb_view_set_layout(BadUsb* bad_usb, const char* layout) {
with_view_model(
bad_usb->view,
BadUsbModel * model,
{ strlcpy(model->layout, layout, MAX_NAME_LEN); },
{ strlcpy(model->layout, layout, sizeof(model->layout)); },
true);
}

Expand Down
4 changes: 2 additions & 2 deletions applications/main/ibutton/ibutton.c
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ bool ibutton_load_key(iButton* ibutton, bool show_error) {
FuriString* tmp = furi_string_alloc();

path_extract_filename(ibutton->file_path, tmp, true);
strncpy(ibutton->key_name, furi_string_get_cstr(tmp), IBUTTON_KEY_NAME_SIZE);
strlcpy(ibutton->key_name, furi_string_get_cstr(tmp), sizeof(ibutton->key_name));

furi_string_free(tmp);
} else if(show_error) {
Expand Down Expand Up @@ -243,7 +243,7 @@ bool ibutton_delete_key(iButton* ibutton) {
}

void ibutton_reset_key(iButton* ibutton) {
memset(ibutton->key_name, 0, IBUTTON_KEY_NAME_SIZE + 1);
ibutton->key_name[0] = '\0';
furi_string_reset(ibutton->file_path);
ibutton_key_reset(ibutton->key);
}
Expand Down
4 changes: 2 additions & 2 deletions applications/main/ibutton/ibutton_i.h
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
#define IBUTTON_APP_FILENAME_PREFIX "iBtn"
#define IBUTTON_APP_FILENAME_EXTENSION ".ibtn"

#define IBUTTON_KEY_NAME_SIZE 22
#define IBUTTON_KEY_NAME_SIZE 23

typedef enum {
iButtonWriteModeInvalid,
Expand All @@ -56,7 +56,7 @@ struct iButton {
iButtonWriteMode write_mode;

FuriString* file_path;
char key_name[IBUTTON_KEY_NAME_SIZE + 1];
char key_name[IBUTTON_KEY_NAME_SIZE];

Submenu* submenu;
ByteInput* byte_input;
Expand Down
4 changes: 2 additions & 2 deletions applications/main/ibutton/scenes/ibutton_scene_save_name.c
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ void ibutton_scene_save_name_on_enter(void* context) {

if(is_new_file) {
name_generator_make_auto(
ibutton->key_name, IBUTTON_KEY_NAME_SIZE, IBUTTON_APP_FILENAME_PREFIX);
ibutton->key_name, sizeof(ibutton->key_name), IBUTTON_APP_FILENAME_PREFIX);
}

text_input_set_header_text(text_input, "Name the key");
Expand All @@ -27,7 +27,7 @@ void ibutton_scene_save_name_on_enter(void* context) {
ibutton_scene_save_name_text_input_callback,
ibutton,
ibutton->key_name,
IBUTTON_KEY_NAME_SIZE,
sizeof(ibutton->key_name),
is_new_file);

ValidatorIsFile* validator_is_file = validator_is_file_alloc_init(
Expand Down
4 changes: 2 additions & 2 deletions applications/main/infrared/infrared_app_i.h
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@
#define INFRARED_TEXT_STORE_NUM 2
#define INFRARED_TEXT_STORE_SIZE 128

#define INFRARED_MAX_BUTTON_NAME_LENGTH 22
#define INFRARED_MAX_REMOTE_NAME_LENGTH 22
#define INFRARED_MAX_BUTTON_NAME_LENGTH 23
#define INFRARED_MAX_REMOTE_NAME_LENGTH 23

#define INFRARED_APP_FOLDER EXT_PATH("infrared")
#define INFRARED_APP_EXTENSION ".ir"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,15 @@ void infrared_scene_edit_rename_on_enter(void* context) {
furi_check(current_button_index != InfraredButtonIndexNone);

enter_name_length = INFRARED_MAX_BUTTON_NAME_LENGTH;
strncpy(
strlcpy(
infrared->text_store[0],
infrared_remote_get_signal_name(remote, current_button_index),
enter_name_length);

} else if(edit_target == InfraredEditTargetRemote) {
text_input_set_header_text(text_input, "Name the remote");
enter_name_length = INFRARED_MAX_REMOTE_NAME_LENGTH;
strncpy(infrared->text_store[0], infrared_remote_get_name(remote), enter_name_length);
strlcpy(infrared->text_store[0], infrared_remote_get_name(remote), enter_name_length);

FuriString* folder_path;
folder_path = furi_string_alloc();
Expand Down
5 changes: 4 additions & 1 deletion applications/main/subghz/scenes/subghz_scene_rpc.c
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,10 @@ static void subghz_format_file_name_tmp(SubGhz* subghz) {
file_name = furi_string_alloc();
path_extract_filename(subghz->file_path, file_name, true);
snprintf(
subghz->file_name_tmp, SUBGHZ_MAX_LEN_NAME, "loaded\n%s", furi_string_get_cstr(file_name));
subghz->file_name_tmp,
sizeof(subghz->file_name_tmp),
"loaded\n%s",
furi_string_get_cstr(file_name));
furi_string_free(file_name);
}

Expand Down
8 changes: 4 additions & 4 deletions applications/main/subghz/scenes/subghz_scene_save_name.c
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
#include <dolphin/dolphin.h>
#include <toolbox/name_generator.h>

#define MAX_TEXT_INPUT_LEN 22
#define MAX_TEXT_INPUT_LEN 23

void subghz_scene_save_name_text_input_callback(void* context) {
furi_assert(context);
Expand Down Expand Up @@ -39,9 +39,9 @@ void subghz_scene_save_name_on_enter(void* context) {
FuriString* dir_name = furi_string_alloc();

if(!subghz_path_is_file(subghz->file_path)) {
char file_name_buf[SUBGHZ_MAX_LEN_NAME] = {0};
char file_name_buf[SUBGHZ_MAX_LEN_NAME] = {};

name_generator_make_auto(file_name_buf, SUBGHZ_MAX_LEN_NAME, SUBGHZ_APP_FILENAME_PREFIX);
name_generator_make_auto(file_name_buf, sizeof(file_name_buf), SUBGHZ_APP_FILENAME_PREFIX);

furi_string_set(file_name, file_name_buf);
furi_string_set(subghz->file_path, SUBGHZ_APP_FOLDER);
Expand All @@ -62,7 +62,7 @@ void subghz_scene_save_name_on_enter(void* context) {
furi_string_set(subghz->file_path, dir_name);
}

strncpy(subghz->file_name_tmp, furi_string_get_cstr(file_name), SUBGHZ_MAX_LEN_NAME);
strlcpy(subghz->file_name_tmp, furi_string_get_cstr(file_name), sizeof(subghz->file_name_tmp));
text_input_set_header_text(text_input, "Name signal");
text_input_set_result_callback(
text_input,
Expand Down
10 changes: 3 additions & 7 deletions applications/services/desktop/animations/animation_storage.c
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,7 @@ static bool animation_storage_load_single_manifest_info(
if(furi_string_cmp_str(read_string, name)) break;
flipper_format_set_strict_mode(file, true);

manifest_info->name = malloc(furi_string_size(read_string) + 1);
strcpy((char*)manifest_info->name, furi_string_get_cstr(read_string));
manifest_info->name = strdup(furi_string_get_cstr(read_string));

if(!flipper_format_read_uint32(file, "Min butthurt", &u32value, 1)) break;
manifest_info->min_butthurt = u32value;
Expand Down Expand Up @@ -105,9 +104,7 @@ void animation_storage_fill_animation_list(StorageAnimationList_t* animation_lis
storage_animation->manifest_info.name = NULL;

if(!flipper_format_read_string(file, "Name", read_string)) break;
storage_animation->manifest_info.name = malloc(furi_string_size(read_string) + 1);
strcpy(
(char*)storage_animation->manifest_info.name, furi_string_get_cstr(read_string));
storage_animation->manifest_info.name = strdup(furi_string_get_cstr(read_string));

if(!flipper_format_read_uint32(file, "Min butthurt", &u32value, 1)) break;
storage_animation->manifest_info.min_butthurt = u32value;
Expand Down Expand Up @@ -401,8 +398,7 @@ static bool animation_storage_load_bubbles(BubbleAnimation* animation, FlipperFo

furi_string_replace_all(str, "\\n", "\n");

FURI_CONST_ASSIGN_PTR(bubble->bubble.text, malloc(furi_string_size(str) + 1));
strcpy((char*)bubble->bubble.text, furi_string_get_cstr(str));
FURI_CONST_ASSIGN_PTR(bubble->bubble.text, strdup(furi_string_get_cstr(str)));

if(!flipper_format_read_string(ff, "AlignH", str)) break;
if(!animation_storage_cast_align(str, (Align*)&bubble->bubble.align_h)) break;
Expand Down
4 changes: 1 addition & 3 deletions applications/services/rpc/rpc_storage.c
Original file line number Diff line number Diff line change
Expand Up @@ -226,9 +226,7 @@ static void rpc_system_storage_list_root(const PB_Main* request, void* context)
response.content.storage_list_response.file[i].data = NULL;
response.content.storage_list_response.file[i].size = 0;
response.content.storage_list_response.file[i].type = PB_Storage_File_FileType_DIR;
char* str = malloc(strlen(hard_coded_dirs[i]) + 1);
strcpy(str, hard_coded_dirs[i]);
response.content.storage_list_response.file[i].name = str;
response.content.storage_list_response.file[i].name = strdup(hard_coded_dirs[i]);
}

rpc_send_and_release(session, &response);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ bool desktop_settings_scene_favorite_on_event(void* context, SceneManagerEvent e

if(dialog_file_browser_show(app->dialogs, temp_path, temp_path, &browser_options)) {
submenu_reset(app->submenu); // Prevent menu from being shown when we exiting scene
strncpy(
strlcpy(
curr_favorite_app->name_or_path,
furi_string_get_cstr(temp_path),
sizeof(curr_favorite_app->name_or_path));
Expand All @@ -219,7 +219,7 @@ bool desktop_settings_scene_favorite_on_event(void* context, SceneManagerEvent e
size_t app_index = event.event - 2;
const char* name = favorite_fap_get_app_name(app_index);
if(name)
strncpy(
strlcpy(
curr_favorite_app->name_or_path,
name,
sizeof(curr_favorite_app->name_or_path));
Expand Down
Loading

0 comments on commit d7bce62

Please sign in to comment.