Remove unsafe sprintf() and strcat() calls

Prep work for enabling the sanitizers on macos CI since they are marked
as deprecated and cause the build to fail when -Werror is enabled.
This commit is contained in:
Ben Noordhuis 2023-11-01 22:16:59 +01:00
parent 6535064577
commit 6dbf01bb1f

View file

@ -11417,20 +11417,20 @@ static int js_ecvt(double d, int n_digits, int *decpt, int *sign, char *buf,
return n_digits; return n_digits;
} }
static int js_fcvt1(char *buf, int buf_size, double d, int n_digits, static int js_fcvt1(char (*buf)[JS_DTOA_BUF_SIZE], double d, int n_digits,
int rounding_mode) int rounding_mode)
{ {
int n; int n;
if (rounding_mode != FE_TONEAREST) if (rounding_mode != FE_TONEAREST)
fesetround(rounding_mode); fesetround(rounding_mode);
n = snprintf(buf, buf_size, "%.*f", n_digits, d); n = snprintf(*buf, sizeof(*buf), "%.*f", n_digits, d);
if (rounding_mode != FE_TONEAREST) if (rounding_mode != FE_TONEAREST)
fesetround(FE_TONEAREST); fesetround(FE_TONEAREST);
assert(n < buf_size); assert(n < sizeof(*buf));
return n; return n;
} }
static void js_fcvt(char *buf, int buf_size, double d, int n_digits) static void js_fcvt(char (*buf)[JS_DTOA_BUF_SIZE], double d, int n_digits)
{ {
int rounding_mode; int rounding_mode;
rounding_mode = FE_TONEAREST; rounding_mode = FE_TONEAREST;
@ -11444,12 +11444,12 @@ static void js_fcvt(char *buf, int buf_size, double d, int n_digits)
zero (RNDNA), but in printf the "ties" case is not specified zero (RNDNA), but in printf the "ties" case is not specified
(for example it is RNDN for glibc, RNDNA for Windows), so we (for example it is RNDN for glibc, RNDNA for Windows), so we
must round manually. */ must round manually. */
n1 = js_fcvt1(buf1, sizeof(buf1), d, n_digits + 1, FE_TONEAREST); n1 = js_fcvt1(&buf1, d, n_digits + 1, FE_TONEAREST);
rounding_mode = FE_TONEAREST; rounding_mode = FE_TONEAREST;
/* XXX: could use 2 digits to reduce the average running time */ /* XXX: could use 2 digits to reduce the average running time */
if (buf1[n1 - 1] == '5') { if (buf1[n1 - 1] == '5') {
n1 = js_fcvt1(buf1, sizeof(buf1), d, n_digits + 1, FE_DOWNWARD); n1 = js_fcvt1(&buf1, d, n_digits + 1, FE_DOWNWARD);
n2 = js_fcvt1(buf2, sizeof(buf2), d, n_digits + 1, FE_UPWARD); n2 = js_fcvt1(&buf2, d, n_digits + 1, FE_UPWARD);
if (n1 == n2 && memcmp(buf1, buf2, n1) == 0) { if (n1 == n2 && memcmp(buf1, buf2, n1) == 0) {
/* exact result: round away from zero */ /* exact result: round away from zero */
if (buf1[0] == '-') if (buf1[0] == '-')
@ -11460,7 +11460,7 @@ static void js_fcvt(char *buf, int buf_size, double d, int n_digits)
} }
} }
#endif /* CONFIG_PRINTF_RNDN */ #endif /* CONFIG_PRINTF_RNDN */
js_fcvt1(buf, buf_size, d, n_digits, rounding_mode); js_fcvt1(buf, d, n_digits, rounding_mode);
} }
/* radix != 10 is only supported with flags = JS_DTOA_VAR_FORMAT */ /* radix != 10 is only supported with flags = JS_DTOA_VAR_FORMAT */
@ -11476,18 +11476,18 @@ static void js_fcvt(char *buf, int buf_size, double d, int n_digits)
/* XXX: slow and maybe not fully correct. Use libbf when it is fast enough. /* XXX: slow and maybe not fully correct. Use libbf when it is fast enough.
XXX: radix != 10 is only supported for small integers XXX: radix != 10 is only supported for small integers
*/ */
static void js_dtoa1(char *buf, double d, int radix, int n_digits, int flags) static void js_dtoa1(char (*buf)[JS_DTOA_BUF_SIZE], double d,
int radix, int n_digits, int flags)
{ {
char *q; char *q;
if (!isfinite(d)) { if (!isfinite(d)) {
if (isnan(d)) { if (isnan(d)) {
strcpy(buf, "NaN"); pstrcpy(*buf, sizeof(*buf), "NaN");
} else if (d < 0) {
pstrcpy(*buf, sizeof(*buf), "-Infinity");
} else { } else {
q = buf; pstrcpy(*buf, sizeof(*buf), "Infinity");
if (d < 0)
*q++ = '-';
strcpy(q, "Infinity");
} }
} else if (flags == JS_DTOA_VAR_FORMAT) { } else if (flags == JS_DTOA_VAR_FORMAT) {
int64_t i64; int64_t i64;
@ -11499,12 +11499,12 @@ static void js_dtoa1(char *buf, double d, int radix, int n_digits, int flags)
goto generic_conv; goto generic_conv;
/* fast path for integers */ /* fast path for integers */
ptr = i64toa(buf1 + sizeof(buf1), i64, radix); ptr = i64toa(buf1 + sizeof(buf1), i64, radix);
strcpy(buf, ptr); pstrcpy(*buf, sizeof(*buf), ptr);
} else { } else {
if (d == 0.0) if (d == 0.0)
d = 0.0; /* convert -0 to 0 */ d = 0.0; /* convert -0 to 0 */
if (flags == JS_DTOA_FRAC_FORMAT) { if (flags == JS_DTOA_FRAC_FORMAT) {
js_fcvt(buf, JS_DTOA_BUF_SIZE, d, n_digits); js_fcvt(buf, d, n_digits);
} else { } else {
char buf1[JS_DTOA_BUF_SIZE]; char buf1[JS_DTOA_BUF_SIZE];
int sign, decpt, k, n, i, p, n_max; int sign, decpt, k, n, i, p, n_max;
@ -11519,7 +11519,7 @@ static void js_dtoa1(char *buf, double d, int radix, int n_digits, int flags)
/* the number has k digits (k >= 1) */ /* the number has k digits (k >= 1) */
k = js_ecvt(d, n_digits, &decpt, &sign, buf1, is_fixed); k = js_ecvt(d, n_digits, &decpt, &sign, buf1, is_fixed);
n = decpt; /* d=10^(n-k)*(buf1) i.e. d= < x.yyyy 10^(n-1) */ n = decpt; /* d=10^(n-k)*(buf1) i.e. d= < x.yyyy 10^(n-1) */
q = buf; q = *buf;
if (sign) if (sign)
*q++ = '-'; *q++ = '-';
if (flags & JS_DTOA_FORCE_EXP) if (flags & JS_DTOA_FORCE_EXP)
@ -11561,7 +11561,7 @@ static void js_dtoa1(char *buf, double d, int radix, int n_digits, int flags)
p = n - 1; p = n - 1;
if (p >= 0) if (p >= 0)
*q++ = '+'; *q++ = '+';
sprintf(q, "%d", p); snprintf(q, *buf + sizeof(*buf) - q, "%d", p);
} }
} }
} }
@ -11571,7 +11571,7 @@ static JSValue js_dtoa(JSContext *ctx,
double d, int radix, int n_digits, int flags) double d, int radix, int n_digits, int flags)
{ {
char buf[JS_DTOA_BUF_SIZE]; char buf[JS_DTOA_BUF_SIZE];
js_dtoa1(buf, d, radix, n_digits, flags); js_dtoa1(&buf, d, radix, n_digits, flags);
return JS_NewString(ctx, buf); return JS_NewString(ctx, buf);
} }
@ -27363,6 +27363,7 @@ static char *js_default_module_normalize_name(JSContext *ctx,
{ {
char *filename, *p; char *filename, *p;
const char *r; const char *r;
int cap;
int len; int len;
if (name[0] != '.') { if (name[0] != '.') {
@ -27376,7 +27377,8 @@ static char *js_default_module_normalize_name(JSContext *ctx,
else else
len = 0; len = 0;
filename = js_malloc(ctx, len + strlen(name) + 1 + 1); cap = len + strlen(name) + 1 + 1;
filename = js_malloc(ctx, cap);
if (!filename) if (!filename)
return NULL; return NULL;
memcpy(filename, base_name, len); memcpy(filename, base_name, len);
@ -27408,8 +27410,8 @@ static char *js_default_module_normalize_name(JSContext *ctx,
} }
} }
if (filename[0] != '\0') if (filename[0] != '\0')
strcat(filename, "/"); pstrcat(filename, cap, "/");
strcat(filename, r); pstrcat(filename, cap, r);
// printf("normalize: %s %s -> %s\n", base_name, name, filename); // printf("normalize: %s %s -> %s\n", base_name, name, filename);
return filename; return filename;
} }