diff options
| author | Michael Butler <butlermichael@google.com> | 2017-04-21 18:48:09 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2017-04-21 18:48:09 +0000 |
| commit | a16bfb513347e424bd919135a653de275362f0bb (patch) | |
| tree | 1a4f3f468adc0a26ab0cb63b0c8c3f96f4af1db4 /cpu_ref | |
| parent | 426ea082a75fa014b926a9fe4cad0a7451d43865 (diff) | |
| parent | ca451c3280b6265a9b79273b4bf89e121a050cab (diff) | |
| download | rs-a16bfb513347e424bd919135a653de275362f0bb.tar.gz | |
Merge "Fix clang-analyzer-security warnings for RenderScript" into oc-dev
Diffstat (limited to 'cpu_ref')
| -rw-r--r-- | cpu_ref/rsCpuCore.cpp | 4 | ||||
| -rw-r--r-- | cpu_ref/rsCpuExecutable.cpp | 24 |
2 files changed, 17 insertions, 11 deletions
diff --git a/cpu_ref/rsCpuCore.cpp b/cpu_ref/rsCpuCore.cpp index 43e45218..f4f9c4c9 100644 --- a/cpu_ref/rsCpuCore.cpp +++ b/cpu_ref/rsCpuCore.cpp @@ -483,7 +483,7 @@ static const int kFormatInBytesMax = 16; // ": " + 2 digits per byte + 1 separator between bytes + "..." + null typedef char FormatBuf[2 + kFormatInBytesMax*2 + (kFormatInBytesMax - 1) + 3 + 1]; static const char *format_bytes(FormatBuf *outBuf, const uint8_t *inBuf, const int inBytes) { - strcpy(*outBuf, ": "); + strlcpy(*outBuf, ": ", sizeof(FormatBuf)); int pos = 2; const int lim = std::min(kFormatInBytesMax, inBytes); for (int i = 0; i < lim; ++i) { @@ -495,7 +495,7 @@ static const char *format_bytes(FormatBuf *outBuf, const uint8_t *inBuf, const i pos += 2; } if (kFormatInBytesMax < inBytes) - strcpy(*outBuf + pos, "..."); + strlcpy(*outBuf + pos, "...", sizeof(FormatBuf) - pos); return *outBuf; } diff --git a/cpu_ref/rsCpuExecutable.cpp b/cpu_ref/rsCpuExecutable.cpp index 045b915d..a79f671a 100644 --- a/cpu_ref/rsCpuExecutable.cpp +++ b/cpu_ref/rsCpuExecutable.cpp @@ -300,6 +300,18 @@ static char* strgets(char *s, int size, const char **ppstr) { return s; } +// Creates a duplicate of a string. The new string is as small as possible, +// only including characters up to and including the first null-terminator; +// otherwise, the new string will be the same size as the input string. +// The code that calls duplicateString is responsible for the new string's +// lifetime, and is responsible for freeing it when it is no longer needed. +static char* duplicateString(const char *str, size_t length) { + const size_t newLen = strnlen(str, length-1) + 1; + char *newStr = new char[newLen]; + strlcpy(newStr, str, newLen); + return newStr; +} + ScriptExecutable* ScriptExecutable::createFromSharedObject( void* sharedObj, uint32_t expectedChecksum) { char line[MAXLINE]; @@ -370,8 +382,7 @@ ScriptExecutable* ScriptExecutable::createFromSharedObject( } fieldAddress[i] = addr; fieldIsObject[i] = false; - fieldName[i] = new char[strlen(line)+1]; - strcpy(fieldName[i], line); + fieldName[i] = duplicateString(line, sizeof(line)); } if (strgets(line, MAXLINE, &rsInfo) == nullptr) { @@ -624,13 +635,8 @@ ScriptExecutable* ScriptExecutable::createFromSharedObject( goto error; } - char *pKey = new char[strlen(key)+1]; - strcpy(pKey, key); - pragmaKeys[i] = pKey; - - char *pValue = new char[strlen(value)+1]; - strcpy(pValue, value); - pragmaValues[i] = pValue; + pragmaKeys[i] = duplicateString(key, sizeof(key)); + pragmaValues[i] = duplicateString(value, sizeof(value)); //ALOGE("Pragma %zu: Key: '%s' Value: '%s'", i, pKey, pValue); } |