From 247f9a2e8e11bcfc9524b51b552adc73965755eb Mon Sep 17 00:00:00 2001 From: Taylor Richards Date: Mon, 13 Oct 2014 21:27:54 -0400 Subject: [PATCH] safer strings using SDL string functions --- include/bmpman.h | 4 +- include/eventmusic.h | 4 +- include/freespace.h | 4 +- include/hudtargetbox.h | 2 +- include/localize.h | 18 +- include/managepilot.h | 2 +- include/missioncampaign.h | 4 +- include/missiondebrief.h | 2 +- include/missionparse.h | 2 +- include/missionshipchoice.h | 2 +- include/missiontraining.h | 2 +- include/multi_kick.h | 2 +- include/multi_pmsg.h | 2 +- include/multiui.h | 4 +- include/multiutil.h | 2 +- include/parselo.h | 4 +- include/player.h | 4 +- include/psnet.h | 4 +- include/psnet2.h | 4 +- include/ship.h | 4 +- include/snazzyui.h | 2 +- src/ac/ac_stubs.cpp | 2 +- src/anim/animplay.cpp | 22 +- src/bmpman/bmpman.cpp | 44 ++- src/cfile/cfile.cpp | 26 +- src/cfile/cfilesystem.cpp | 167 +++++----- src/cmdline/cmdline.cpp | 11 +- src/controlconfig/controlsconfig.cpp | 22 +- src/controlconfig/controlsconfigcommon.cpp | 14 +- src/cutscene/cutscenes.cpp | 7 +- src/debugconsole/console.cpp | 26 +- src/demo/demo.cpp | 4 +- src/fireball/fireballs.cpp | 4 +- src/fonttool/fontstubs.cpp | 2 +- src/freespace2/freespace.cpp | 121 +++----- src/freespace2/main.cpp | 4 +- src/gamehelp/gameplayhelp.cpp | 24 +- src/gamesnd/eventmusic.cpp | 20 +- src/globalincs/systemvars.cpp | 2 +- src/globalincs/version.cpp | 7 +- src/graphics/2d.cpp | 4 +- src/graphics/font.cpp | 14 +- src/graphics/grgl1.cpp | 4 +- src/hud/hud.cpp | 36 +-- src/hud/hudbrackets.cpp | 2 +- src/hud/hudconfig.cpp | 6 +- src/hud/hudescort.cpp | 4 +- src/hud/hudmessage.cpp | 34 +-- src/hud/hudreticle.cpp | 2 +- src/hud/hudshield.cpp | 8 +- src/hud/hudsquadmsg.cpp | 16 +- src/hud/hudtarget.cpp | 22 +- src/hud/hudtargetbox.cpp | 195 ++++++------ src/inetfile/cftp.cpp | 40 +-- src/inetfile/chttpget.cpp | 22 +- src/inetfile/inetgetfile.cpp | 2 +- src/io/keycontrol.cpp | 6 +- src/io/timer.cpp | 4 +- src/jumpnode/jumpnode.cpp | 2 +- src/localization/localize.cpp | 335 ++++++++++----------- src/menuui/barracks.cpp | 113 ++++--- src/menuui/credits.cpp | 16 +- src/menuui/mainhallmenu.cpp | 74 ++--- src/menuui/mainhalltemp.cpp | 4 +- src/menuui/optionsmenu.cpp | 4 +- src/menuui/optionsmenumulti.cpp | 17 +- src/menuui/playermenu.cpp | 38 +-- src/menuui/readyroom.cpp | 60 ++-- src/menuui/snazzyui.cpp | 22 +- src/menuui/techmenu.cpp | 67 ++--- src/menuui/trainingmenu.cpp | 3 +- src/mission/missionbriefcommon.cpp | 25 +- src/mission/missioncampaign.cpp | 109 ++++--- src/mission/missiongoals.cpp | 10 +- src/mission/missionhotkey.cpp | 6 +- src/mission/missionload.cpp | 40 ++- src/mission/missionlog.cpp | 26 +- src/mission/missionmessage.cpp | 34 +-- src/mission/missionparse.cpp | 56 ++-- src/mission/missiontraining.cpp | 60 ++-- src/missionui/chatbox.cpp | 33 +- src/missionui/missionbrief.cpp | 18 +- src/missionui/missioncmdbrief.cpp | 4 +- src/missionui/missiondebrief.cpp | 74 ++--- src/missionui/missionscreencommon.cpp | 2 +- src/missionui/missionshipchoice.cpp | 30 +- src/missionui/missionweaponchoice.cpp | 24 +- src/missionui/redalert.cpp | 6 +- src/model/modelread.cpp | 70 ++--- src/movie/mvelib.cpp | 4 +- src/nebedit/nebstubs.cpp | 2 +- src/nebula/neb.cpp | 4 +- src/network/multi.cpp | 2 +- src/network/multi_campaign.cpp | 26 +- src/network/multi_data.cpp | 6 +- src/network/multi_dogfight.cpp | 22 +- src/network/multi_endgame.cpp | 50 +-- src/network/multi_ingame.cpp | 7 +- src/network/multi_kick.cpp | 15 +- src/network/multi_log.cpp | 10 +- src/network/multi_observer.cpp | 4 +- src/network/multi_options.cpp | 48 ++- src/network/multi_pause.cpp | 2 +- src/network/multi_pinfo.cpp | 48 +-- src/network/multi_pmsg.cpp | 52 ++-- src/network/multi_rate.cpp | 2 +- src/network/multi_respawn.cpp | 2 +- src/network/multi_team.cpp | 4 +- src/network/multi_update.cpp | 22 +- src/network/multi_voice.cpp | 3 +- src/network/multi_xfer.cpp | 25 +- src/network/multimsgs.cpp | 44 +-- src/network/multiteamselect.cpp | 26 +- src/network/multiui.cpp | 237 +++++++-------- src/network/multiutil.cpp | 70 +++-- src/network/psnet.cpp | 18 +- src/network/psnet2.cpp | 18 +- src/object/objectsnd.cpp | 8 +- src/osapi/osapi.cpp | 2 +- src/osapi/osregistry.cpp | 8 +- src/osapi/outwnd.cpp | 14 +- src/palman/palman.cpp | 20 +- src/parse/parselo.cpp | 28 +- src/parse/sexp.cpp | 96 +++--- src/pcxutils/pcxutils.cpp | 36 +-- src/playerman/managepilot.cpp | 48 +-- src/playerman/playercontrol.cpp | 92 +++--- src/pofview/pofviewstubs.cpp | 2 +- src/popup/popup.cpp | 19 +- src/radar/radar.cpp | 2 +- src/ship/ai.cpp | 2 +- src/ship/aigoals.cpp | 6 +- src/ship/ship.cpp | 53 ++-- src/ship/shiphit.cpp | 28 +- src/sound/sound.cpp | 4 +- src/starfield/starfield.cpp | 34 +-- src/stats/medals.cpp | 137 +++++---- src/stats/scoring.cpp | 2 +- src/stats/stats.cpp | 50 +-- src/tgautils/tgautils.cpp | 18 +- src/ui/gadget.cpp | 15 +- src/ui/inputbox.cpp | 11 +- src/ui/slider.cpp | 8 +- src/ui/window.cpp | 2 +- src/vcodec/codec1.cpp | 2 +- src/weapon/emp.cpp | 26 +- src/weapon/muzzleflash.cpp | 12 +- src/weapon/weapons.cpp | 18 +- 148 files changed, 1945 insertions(+), 2041 deletions(-) diff --git a/include/bmpman.h b/include/bmpman.h index 41d6861..8e82b84 100644 --- a/include/bmpman.h +++ b/include/bmpman.h @@ -227,7 +227,7 @@ extern void bm_unlock( int bitmapnum ); extern void bm_get_info( int bitmapnum, int *w=NULL, int * h=NULL, ubyte * flags=NULL, int *nframes=NULL, int *fps=NULL, bitmap_section_info **sections = NULL ); // get filename -extern void bm_get_filename(int bitmapnum, char *filename); +extern void bm_get_filename(int bitmapnum, char *filename, const int max_len); // resyncs all the bitmap palette extern void bm_update(); @@ -237,7 +237,7 @@ extern void bm_load_all(); extern void bm_unload_all(); // call to get the palette for a bitmap -extern void bm_get_palette(int n, ubyte *pal, char *name); +extern void bm_get_palette(int n, ubyte *pal, char *name, const int name_len); // Hacked function to get a pixel from a bitmap. // Only works good in 8bpp mode. diff --git a/include/eventmusic.h b/include/eventmusic.h index 7b501cd..f1640a8 100644 --- a/include/eventmusic.h +++ b/include/eventmusic.h @@ -230,8 +230,8 @@ int event_music_primary_goals_met(); int event_music_primary_goal_failed(); int event_music_player_death(); void event_music_start_default(); -void event_music_get_info(char *outbuf); -void event_music_get_soundtrack_name(char *outbuf); +void event_music_get_info(char *outbuf, const int outbuf_size); +void event_music_get_soundtrack_name(char *outbuf, const int outbuf_size); int event_music_next_soundtrack(int delta); void event_music_set_soundtrack(char *name); void event_music_set_score(int score_index, const char *name); diff --git a/include/freespace.h b/include/freespace.h index a924a1b..ee4cce3 100644 --- a/include/freespace.h +++ b/include/freespace.h @@ -323,10 +323,10 @@ void game_shudder_apply(int time, float intensity); void game_feature_not_in_demo_popup(); // Return version string for demo or full version, depending on build. -void get_version_string(char *str); +void get_version_string(char *str, const int str_len); // format the specified time (fixed point) into a nice string -void game_format_time(fix m_time, char *time_str); +void game_format_time(fix m_time, char *time_str, const int time_str_len); // if the game is running using hacked data int game_hacked_data(); diff --git a/include/hudtargetbox.h b/include/hudtargetbox.h index c77acd7..f1c1b20 100644 --- a/include/hudtargetbox.h +++ b/include/hudtargetbox.h @@ -174,7 +174,7 @@ void hud_render_target_weapon(object *target_objp); void hud_update_cargo_scan_sound(); void hud_cargo_scan_update(object *targetp, float frametime); -char *hud_targetbox_truncate_subsys_name(char *outstr); +char *hud_targetbox_truncate_subsys_name(char *outstr, const int max_len); #endif /* __FREESPACE_HUDTARGETBOX_H__ */ diff --git a/include/localize.h b/include/localize.h index 8e8cb2c..55f954c 100644 --- a/include/localize.h +++ b/include/localize.h @@ -115,7 +115,7 @@ void lcl_xstr_close(); int lcl_get_language(); // returns the current language character string -void lcl_get_language_name(char *lang_name); +void lcl_get_language_name(char *lang_name, const int max_len); // set our current language void lcl_set_language(int lang); @@ -127,10 +127,10 @@ void lcl_set_language(int lang); // externalization of table/mission files (only parse routines ever need to deal with these functions) ----------------------- // maybe add on an appropriate subdirectory when opening a localized file -void lcl_add_dir(char *current_path); +void lcl_add_dir(char *current_path, const int max_len); // maybe add localized directory to full path with file name when opening a localized file -void lcl_add_dir_to_path_with_filename(char *current_path); +void lcl_add_dir_to_path_with_filename(char *current_path, const int path_len); // open the externalization file for use during parsing (call before parsing a given file) void lcl_ext_open(); @@ -167,12 +167,12 @@ void lcl_fix_polish(char *str); #define LXSTR(str, i) (XSTR(str, i)) #endif // defined(GERMAN_BUILD) -void lcl_translate_wep_name(char *name); -void lcl_translate_ship_name(char *name); -void lcl_translate_brief_icon_name(char *name); -void lcl_translate_brief_icon_name_pl(char *name); -void lcl_translate_targetbox_name(char *name); -void lcl_translate_targetbox_name_pl(char *name); +void lcl_translate_wep_name(char *name, const int max_len); +void lcl_translate_ship_name(char *name, const int max_len); +void lcl_translate_brief_icon_name(char *name, const int max_len); +void lcl_translate_brief_icon_name_pl(char *name, const int max_len); +void lcl_translate_targetbox_name(char *name, const int max_len); +void lcl_translate_targetbox_name_pl(char *name, const int max_len); #endif // defined __FREESPACE2_LOCALIZATION_UTILITIES_HEADER_FILE diff --git a/include/managepilot.h b/include/managepilot.h index 7d1d126..b7a2fbd 100644 --- a/include/managepilot.h +++ b/include/managepilot.h @@ -169,7 +169,7 @@ void pilot_set_random_pic(player *p); void pilot_set_random_squad_pic(player *p); // format a pilot's callsign into a "personal" form - ie, adding a 's or just an ' as appropriate -void pilot_format_callsign_personal(const char *in_callsign, char *out_callsign); +void pilot_format_callsign_personal(const char *in_callsign, char *out_callsign, const int out_size); // throw up a popup asking the user to verify the overwrite of an existing pilot name // 1 == ok to overwrite, 0 == not ok diff --git a/include/missioncampaign.h b/include/missioncampaign.h index da6caff..1f0d5bf 100644 --- a/include/missioncampaign.h +++ b/include/missioncampaign.h @@ -418,7 +418,7 @@ extern void mission_campaign_savefile_delete( const char *cfilename, int is_mult extern void mission_campaign_delete_all_savefiles( const char *pilot_name, int is_multi ); // if a given campaign is a multiplayer campaign, we can load and save the multiplayer info portion with these functions -extern int mission_campaign_parse_is_multi(const char *filename, char *name); +extern int mission_campaign_parse_is_multi(const char *filename, char *name, const int max_len); // function which sets up internal variable for player to play next mission in the campaign extern int mission_campaign_next_mission( void ); @@ -447,7 +447,7 @@ extern void mission_campaign_maybe_play_movie(int type); // save persistent information extern void mission_campaign_save_persistent( int type, int index ); -void mission_campaign_savefile_generate_root(char *filename); +void mission_campaign_savefile_generate_root(char *filename, const int max_len); // The following are functions I added to set up the globals and then // execute the corresponding mission_campaign_savefile functions. diff --git a/include/missiondebrief.h b/include/missiondebrief.h index b847627..21e6a1e 100644 --- a/include/missiondebrief.h +++ b/include/missiondebrief.h @@ -82,7 +82,7 @@ void debrief_rebuild_player_list(); void debrief_handle_player_drop(); void debrief_disable_accept(); -void debrief_assemble_optional_mission_popup_text(char *buffer, char *mission_loop_desc); +void debrief_assemble_optional_mission_popup_text(char *buffer, const int buf_len, char *mission_loop_desc); // multiplayer call to set up the client side debriefings diff --git a/include/missionparse.h b/include/missionparse.h index 09428fb..ed179ed 100644 --- a/include/missionparse.h +++ b/include/missionparse.h @@ -552,7 +552,7 @@ void mission_parse_support_arrived( int objnum ); // alternate name stuff int mission_parse_lookup_alt(char *name); -void mission_parse_lookup_alt_index(int index, char *out); +void mission_parse_lookup_alt_index(int index, char *out, const int max_outlen); int mission_parse_add_alt(char *name); void mission_parse_reset_alt(); diff --git a/include/missionshipchoice.h b/include/missionshipchoice.h index 6de0c28..1ce8f93 100644 --- a/include/missionshipchoice.h +++ b/include/missionshipchoice.h @@ -268,7 +268,7 @@ void ss_blit_ship_icon(int x,int y,int ship_class,int bmap_num); // called from weapon select int ss_return_ship(int wing_block, int wing_slot, int *ship_index, p_object **ppobjp); -void ss_return_name(int wing_block, int wing_slot, char *name); +void ss_return_name(int wing_block, int wing_slot, char *name, const int max_namelen); int ss_return_original_ship_class(int slot_num); int ss_return_saindex(int slot_num); int ss_disabled_slot(int slot_num); diff --git a/include/missiontraining.h b/include/missiontraining.h index 5626910..57adec4 100644 --- a/include/missiontraining.h +++ b/include/missiontraining.h @@ -65,6 +65,6 @@ void training_check_objectives(); void message_training_que(char *text, int timestamp, int length = -1); void message_training_setup(int num, int length = -1); void message_training_display(); -void message_translate_tokens(char *buf, char *text); +void message_translate_tokens(char *buf, const int max_buflen, char *text); void training_fail(); diff --git a/include/multi_kick.h b/include/multi_kick.h index 170daad..25564a6 100644 --- a/include/multi_kick.h +++ b/include/multi_kick.h @@ -81,7 +81,7 @@ int multi_kick_is_banned(net_addr_t *addr); void multi_dcf_kick(); // fill in the passed string with the appropriate "kicked" string -void multi_kick_get_text(net_player *pl, int reason, char *str); +void multi_kick_get_text(net_player *pl, int reason, char *str, const int max_strlen); #endif diff --git a/include/multi_pmsg.h b/include/multi_pmsg.h index 32cfde7..cb15e5b 100644 --- a/include/multi_pmsg.h +++ b/include/multi_pmsg.h @@ -102,7 +102,7 @@ int multi_msg_text_process(int k); int multi_msg_text_mode(); // return 0 or 1 if there is multi text to be rendered (filling in txt if necessary) -int multi_msg_message_text(char *txt); +int multi_msg_message_text(char *txt, const int txt_len); // display ingame,inmission message text void multi_msg_display_mission_text(const char *msg, int player_index); diff --git a/include/multiui.h b/include/multiui.h index 9635850..c12f76b 100644 --- a/include/multiui.h +++ b/include/multiui.h @@ -408,7 +408,7 @@ int multi_create_lookup_mission(char *fname); // returns an index into Multi_create_campaign_list int multi_create_lookup_campaign(char *fname); -void multi_sg_rank_build_name(char *in,char *out); +void multi_sg_rank_build_name(char *in,char *out, const int max_outlen); void multi_join_game_init(); void multi_join_game_close(); @@ -470,7 +470,7 @@ void multi_debrief_server_process(); // process all details regarding moving void multi_common_add_notify(const char *str); // bring up the password string popup, fill in passwd (return 1 if accept was pressed, 0 if cancel was pressed) -int multi_passwd_popup(char *passwd); +int multi_passwd_popup(char *passwd, const int max_plen); #endif diff --git a/include/multiutil.h b/include/multiutil.h index 894bfec..6b44fed 100644 --- a/include/multiutil.h +++ b/include/multiutil.h @@ -194,7 +194,7 @@ extern const char* multi_random_chat_start(); extern int multi_ship_class_lookup(const char* ship_name); extern ushort netmisc_calc_checksum( void * vptr, int len ); extern void fill_net_addr(net_addr_t* addr, ubyte* address, ubyte* net_id, ushort port); -extern char* get_text_address( char * text, ubyte * address ); +extern char* get_text_address(char * text, const int max_textlen, ubyte * address ); extern object *multi_get_network_object( ushort net_signature ); // find a network object diff --git a/include/parselo.h b/include/parselo.h index 74a3402..2c56d9b 100644 --- a/include/parselo.h +++ b/include/parselo.h @@ -332,7 +332,7 @@ extern void stuff_matrix(matrix *mp); extern int string_lookup(const char *str1, const char *strlist[], int max, const char *description = NULL, int say_errors = 0); extern void find_and_stuff(const char *id, int *addr, int f_type, const char *strlist[], int max, const char *description); extern int match_and_stuff(int f_type, const char *strlist[], int max, const char *description); -extern void find_and_stuff_or_add(const char *id, int *addr, int f_type, char *strlist[], int *total, +extern void find_and_stuff_or_add(const char *id, int *addr, int f_type, char *strlist[], const int max_strlen, int *total, int max, const char *description); extern int get_string(char *str); extern void stuff_parenthesized_vector(vector *vp); @@ -351,7 +351,7 @@ extern void mark_int_list(int *ilp, int max_ints, int lookup_type); extern void compact_multitext_string(char *str); extern void read_file_text(const char *filename, int mode = CF_TYPE_ANY ); extern void debug_show_mission_text(); -extern void convert_sexp_to_string(int cur_node, char *outstr, int mode); +extern void convert_sexp_to_string(int cur_node, char *outstr, const int outstr_len, int mode); char *split_str_once(char *src, int max_pixel_w); int split_str(const char *src, int max_pixel_w, int *n_chars, char **p_str, int max_lines, char ignore_char = -1); diff --git a/include/player.h b/include/player.h index 74a75f0..d0f76fd 100644 --- a/include/player.h +++ b/include/player.h @@ -362,7 +362,7 @@ void player_set_squad_bitmap(player *p, const char *fname); // set squadron void player_set_squad(player *p, const char *squad_name); -int player_inspect_cargo(float frametime, char *outstr); +int player_inspect_cargo(float frametime, char *outstr, const int max_outstr); //#ifndef NDEBUG extern int use_descent; // player is using descent-style physics @@ -372,7 +372,7 @@ extern void toggle_player_object(); // toggles between descent-style ship and p extern void read_player_controls( object *obj, float frametime); extern void player_control_reset_ci( control_info *ci ); -char *player_generate_death_text( player *player_p, char *text ); +char *player_generate_death_text(player *player_p, char *text , const int max_dtlen); void player_show_death_message(); void player_maybe_fire_turret(object *objp); void player_maybe_play_all_alone_msg(); diff --git a/include/psnet.h b/include/psnet.h index eeaf4b2..17ba221 100644 --- a/include/psnet.h +++ b/include/psnet.h @@ -269,8 +269,8 @@ extern int psnet_rel_check(); extern int psnet_get_network_status(); extern void psnet_whoami( net_addr * my_address ); -extern char* psnet_addr_to_string( char * text, net_addr * address ); -extern void psnet_string_to_addr( net_addr * address, char * text ); +extern char* psnet_addr_to_string( char * text, const int max_textlen, net_addr * address ); +extern void psnet_string_to_addr( net_addr * address, char * text, const int max_textlen ); extern int psnet_same( net_addr * a1, net_addr * a2 ); extern int psnet_send( net_addr * who_to, void * data, int len, int flags = PSNET_FLAG_RAW, int reliable_socket = 0 ); diff --git a/include/psnet2.h b/include/psnet2.h index 338c4b0..e9fb0f6 100644 --- a/include/psnet2.h +++ b/include/psnet2.h @@ -207,10 +207,10 @@ int psnet_use_protocol(int type); int psnet_get_network_status(); // convert a net_addr to a string -char *psnet_addr_to_string( char * text, net_addr_t * address ); +char *psnet_addr_to_string(char * text, const int max_textlen, net_addr_t * address ); // convert a string to a net addr -void psnet_string_to_addr( net_addr_t * address, char * text ); +void psnet_string_to_addr(net_addr_t * address, char * text , const int max_textlen); // compare 2 addresses int psnet_same( net_addr_t * a1, net_addr_t * a2 ); diff --git a/include/ship.h b/include/ship.h index e2ceb69..3b94ec9 100644 --- a/include/ship.h +++ b/include/ship.h @@ -1160,8 +1160,8 @@ int ship_dumbfire_threat(ship *sp); int ship_lock_threat(ship *sp); int bitmask_2_bitnum(int num); -char *ship_return_orders(char *outbuf, ship *sp); -char *ship_return_time_to_goal(char *outbuf, ship *sp); +char *ship_return_orders(char *outbuf, const int max_outbuf, ship *sp); +char *ship_return_time_to_goal(char *outbuf, const int max_outbuf, ship *sp); void ship_check_cargo_all(); // called from game_simulation_frame void ship_maybe_warn_player(ship *enemy_sp, float dist); diff --git a/include/snazzyui.h b/include/snazzyui.h index c08d94d..6753a35 100644 --- a/include/snazzyui.h +++ b/include/snazzyui.h @@ -100,7 +100,7 @@ typedef struct menu_region { #define SNAZZY_CLICKED 2 // mouse button has gone from down to up over a region int snazzy_menu_do(ubyte *data, int mask_w, int mask_h, int num_regions, MENU_REGION *regions, int *action, int poll_key = 1, int *key = NULL); -void read_menu_tbl(const char *menu_name, char *bkg_filename, char *mask_filename, MENU_REGION *regions, int* num_regions, int play_sound=1); +void read_menu_tbl(const char *menu_name, char *bkg_filename, const int max_bkg_len, char *mask_filename, const int max_mask_len, MENU_REGION *regions, int* num_regions, int play_sound=1); void snazzy_menu_add_region(MENU_REGION *region, const char* text, int mask, int key, int click_sound = -1); void snazzy_menu_init(); // Call the first time a snazzy menu is inited diff --git a/src/ac/ac_stubs.cpp b/src/ac/ac_stubs.cpp index 78de817..d0b04f3 100644 --- a/src/ac/ac_stubs.cpp +++ b/src/ac/ac_stubs.cpp @@ -128,7 +128,7 @@ void game_load_palette(){} void game_format_time(int, char*){} int game_get_default_skill_level(){return 0;} float Freespace_gamma; -void get_version_string(char*){} +void get_version_string(char*, const int){} int Sun_drew; int Interface_framerate; void game_set_view_clip(){} diff --git a/src/anim/animplay.cpp b/src/anim/animplay.cpp index e9314a3..6c4064e 100644 --- a/src/anim/animplay.cpp +++ b/src/anim/animplay.cpp @@ -892,12 +892,12 @@ anim *anim_load(const char *real_filename, int file_mapped) SDL_assert ( real_filename != NULL ); - strcpy( name, real_filename ); - char *p = strchr( name, '.' ); + SDL_strlcpy(name, real_filename, sizeof(name)); + char *p = SDL_strchr( name, '.' ); if ( p ) { *p = 0; } - strcat( name, ".ani" ); + SDL_strlcat(name, ".ani", sizeof(name)); ptr = first_anim; while (ptr) { @@ -919,7 +919,7 @@ anim *anim_load(const char *real_filename, int file_mapped) ptr->next = first_anim; first_anim = ptr; SDL_assert(strlen(name) < _MAX_PATH - 1); - strcpy(ptr->name, name); + SDL_strlcpy(ptr->name, name, sizeof(ptr->name)); ptr->instance_count = 0; ptr->width = 0; ptr->height = 0; @@ -1123,7 +1123,7 @@ int anim_write_frames_out(const char *filename) int i,j; ubyte **row_data; - strcpy(root_name, filename); + SDL_strlcpy(root_name, filename, sizeof(root_name)); root_name[strlen(filename)-4] = 0; source_anim = anim_load(filename); @@ -1136,9 +1136,9 @@ int anim_write_frames_out(const char *filename) for ( i = 0; i < source_anim->total_frames; i++ ) { anim_get_next_raw_buffer(ai, 0, 0, 16); - strcpy(pcxname, root_name); - sprintf(buf,"%04d",i); - strcat(pcxname, buf); + SDL_strlcpy(pcxname, root_name, sizeof(pcxname)); + SDL_snprintf(buf, sizeof(buf), "%04d", i); + SDL_strlcat(pcxname, buf, sizeof(pcxname)); for ( j = 0; j < source_anim->height; j++ ) { row_data[j] = &ai->frame[j*source_anim->width]; @@ -1173,12 +1173,12 @@ void anim_display_info(const char *real_filename) int i, uncompressed, compressed, *key_frame_nums=NULL, tmp; char filename[MAX_FILENAME_LEN]; - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) { *p = 0; } - strcat( filename, ".ani" ); + SDL_strlcat( filename, ".ani", sizeof(filename) ); fp = cfopen(filename, "rb"); if ( !fp ) { diff --git a/src/bmpman/bmpman.cpp b/src/bmpman/bmpman.cpp index 3eac3f1..153de4d 100644 --- a/src/bmpman/bmpman.cpp +++ b/src/bmpman/bmpman.cpp @@ -866,7 +866,7 @@ int bm_create( int bpp, int w, int h, void *data, int flags ) memset( &bm_bitmaps[n], 0, sizeof(bitmap_entry) ); - sprintf( bm_bitmaps[n].filename, "TMP%dx%d", w, h ); + SDL_snprintf( bm_bitmaps[n].filename, MAX_FILENAME_LEN, "TMP%dx%d", w, h ); bm_bitmaps[n].type = BM_TYPE_USER; bm_bitmaps[n].palette_checksum = 0; @@ -904,8 +904,8 @@ int bm_load_sub(const char *real_filename, const char *ext, int *handle) int i; char filename[MAX_FILENAME_LEN] = ""; - strcpy( filename, real_filename ); - strcat( filename, ext ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + SDL_strlcat( filename, ext, sizeof(filename) ); for (i=0; i<(int)strlen(filename); i++ ){ filename[i] = char(tolower(filename[i])); } @@ -952,12 +952,12 @@ int bm_load( const char * real_filename ) // nice little trick for keeping standalone memory usage way low - always return a bogus bitmap if(Game_mode & GM_STANDALONE_SERVER){ - strcpy(filename,"test128"); + SDL_strlcpy(filename,"test128", sizeof(filename)); } // make sure no one passed an extension - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) { mprintf(( "Someone passed an extension to bm_load for file '%s'\n", real_filename )); //Int3(); @@ -973,7 +973,7 @@ int bm_load( const char * real_filename ) // found as a file case 0: found = 1; - strcat(filename, ".pcx"); + SDL_strlcat(filename, ".pcx", sizeof(filename)); break; // found as pre-existing @@ -991,7 +991,7 @@ int bm_load( const char * real_filename ) // found as a file case 0: - strcat(filename, ".tga"); + SDL_strlcat(filename, ".tga", sizeof(filename)); tga = 1; break; @@ -1044,7 +1044,7 @@ int bm_load( const char * real_filename ) bm_bitmaps[n].type = tga ? (ubyte)BM_TYPE_TGA : (ubyte)BM_TYPE_PCX; bm_bitmaps[n].signature = Bm_next_signature++; SDL_assert ( strlen(filename) < MAX_FILENAME_LEN ); - strncpy(bm_bitmaps[n].filename, filename, MAX_FILENAME_LEN-1 ); + SDL_strlcpy(bm_bitmaps[n].filename, filename, MAX_FILENAME_LEN ); bm_bitmaps[n].bm.w = short(w); bm_bitmaps[n].bm.rowsize = short(w); bm_bitmaps[n].bm.h = short(h); @@ -1159,14 +1159,14 @@ int bm_load_animation( const char *real_filename, int *nframes, int *fps, int ca if ( !bm_inited ) bm_init(); - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) { mprintf(( "Someone passed an extension to bm_load_animation for file '%s'\n", real_filename )); //Int3(); *p = 0; } - strcat( filename, ".ani" ); + SDL_strlcat( filename, ".ani", sizeof(filename) ); if ( (fp = cfopen(filename, "rb")) == NULL ) { // Error(LOCATION,"Could not open filename %s in bm_load_ani()\n", filename); @@ -1176,7 +1176,7 @@ int bm_load_animation( const char *real_filename, int *nframes, int *fps, int ca int reduced = 0; #ifndef NDEBUG // for debug of ANI sizes - strcpy(the_anim.name, real_filename); + SDL_strlcpy(the_anim.name, real_filename, sizeof(the_anim.name)); #endif anim_read_header(&the_anim, fp); if ( can_drop_frames ) { @@ -1249,9 +1249,9 @@ int bm_load_animation( const char *real_filename, int *nframes, int *fps, int ca bm_calc_sections(&bm_bitmaps[n+i].bm); if ( i == 0 ) { - sprintf( bm_bitmaps[n+i].filename, "%s", filename ); + SDL_snprintf( bm_bitmaps[n+i].filename, MAX_FILENAME_LEN, "%s", filename ); } else { - sprintf( bm_bitmaps[n+i].filename, "%s[%d]", filename, i ); + SDL_snprintf( bm_bitmaps[n+i].filename, MAX_FILENAME_LEN, "%s[%d]", filename, i ); } } @@ -1745,9 +1745,7 @@ bitmap * bm_lock( int handle, ubyte bpp, ubyte flags ) if ( !Bm_paging ) { if ( be->type != BM_TYPE_USER ) { - char flag_text[64]; - strcpy( flag_text, "--" ); - nprintf(( "Paging", "Loading %s (%dx%dx%dx%s)\n", be->filename, bmp->w, bmp->h, bpp, flag_text )); + nprintf(( "Paging", "Loading %s (%dx%dx%dx--)\n", be->filename, bmp->w, bmp->h, bpp )); } } @@ -1849,7 +1847,7 @@ char *bm_get_filename(int handle) return bm_bitmaps[n].filename; } -void bm_get_palette(int handle, ubyte *pal, char *name) +void bm_get_palette(int handle, ubyte *pal, char *name, const int name_len) { char *filename; int w,h; @@ -1860,7 +1858,7 @@ void bm_get_palette(int handle, ubyte *pal, char *name) filename = bm_bitmaps[n].filename; if (name) { - strcpy( name, filename ); + SDL_strlcpy( name, filename, name_len ); } int pcx_error=pcx_read_header( filename, &w, &h, pal ); @@ -1921,7 +1919,7 @@ void bm_release(int handle) // Fill in bogus structures! // For debugging: - strcpy( bm_bitmaps[n].filename, "IVE_BEEN_RELEASED!" ); + SDL_strlcpy( bm_bitmaps[n].filename, "IVE_BEEN_RELEASED!", sizeof(bm_bitmaps[0].filename) ); bm_bitmaps[n].signature = 0xDEADBEEF; // a unique signature identifying the data bm_bitmaps[n].palette_checksum = 0xDEADBEEF; // checksum used to be sure bitmap is in current palette @@ -2443,12 +2441,12 @@ void bm_get_components(ubyte *pixel, ubyte *r, ubyte *g, ubyte *b, ubyte *a) } // get filename -void bm_get_filename(int bitmapnum, char *filename) +void bm_get_filename(int bitmapnum, char *filename, const int max_len) { int n = bitmapnum % MAX_BITMAPS; // return filename - strcpy(filename, bm_bitmaps[n].filename); + SDL_strlcpy(filename, bm_bitmaps[n].filename, max_len); } // given a bitmap and a section, return the size (w, h) diff --git a/src/cfile/cfile.cpp b/src/cfile/cfile.cpp index 2db4676..53eaeed 100644 --- a/src/cfile/cfile.cpp +++ b/src/cfile/cfile.cpp @@ -299,9 +299,9 @@ cf_pathtype Pathtypes[CF_MAX_PATH_TYPES] = { #define CFILE_STACK_MAX 8 int cfile_inited = 0; -int Cfile_stack_pos = 0; +static int Cfile_stack_pos = 0; -char Cfile_stack[128][CFILE_STACK_MAX]; +static char Cfile_stack[CFILE_STACK_MAX][MAX_PATH_LEN]; Cfile_block Cfile_block_list[MAX_CFILE_BLOCKS]; CFILE Cfile_list[MAX_CFILE_BLOCKS]; @@ -334,7 +334,7 @@ int cfile_in_root_dir(char *exe_path) // copy the path memset(path_copy, 0, 2048); - strncpy(path_copy, exe_path, 2047); + SDL_strlcpy(path_copy, exe_path, sizeof(path_copy)); // count how many slashes there are in the path tok = strtok(path_copy, DIR_SEPARATOR_STR); @@ -439,12 +439,12 @@ int cfile_push_chdir(int type) _getcwd(OriginalDirectory, 127); SDL_assert(Cfile_stack_pos < CFILE_STACK_MAX); - strcpy(Cfile_stack[Cfile_stack_pos++], OriginalDirectory); + SDL_strlcpy(Cfile_stack[Cfile_stack_pos++], OriginalDirectory, MAX_PATH_LEN); cf_create_default_path_string( dir, type, NULL ); SDL_strlwr(dir); #ifndef PLAT_UNIX - char *Drive = strchr(dir, ':'); + char *Drive = SDL_strchr(dir, ':'); if (Drive) { if (!cfile_chdrive( *(Drive - 1) - 'a' + 1, 1)) @@ -484,7 +484,7 @@ int cfile_chdir(char *dir) SDL_strlwr(dir); #ifndef PLAT_UNIX - char *Drive = strchr(dir, ':'); + char *Drive = SDL_strchr(dir, ':'); if (Drive) { if (!cfile_chdrive( *(Drive - 1) - 'a' + 1, 1)) return 1; @@ -575,10 +575,10 @@ char *cf_add_ext(const char *filename, const char *ext) flen = strlen(filename); elen = strlen(ext); SDL_assert(flen < MAX_PATH_LEN); - strcpy(path, filename); + SDL_strlcpy(path, filename, sizeof(path)); if ((flen < 4) || SDL_strcasecmp(path + flen - elen, ext)) { SDL_assert(flen + elen < MAX_PATH_LEN); - strcat(path, ext); + SDL_strlcat(path, ext, sizeof(path)); } return path; @@ -734,7 +734,7 @@ CFILE *cfopen(const char *file_path, const char *mode, int type, int dir_type, b // If in write mode, just try to open the file straight off // the harddisk. No fancy packfile stuff here! - if ( strchr(mode,'w') ) { + if ( SDL_strchr(mode,'w') ) { // For write-only files, require a full path or a path type #ifdef PLAT_UNIX if ( strpbrk(file_path, "/") ) { @@ -742,7 +742,7 @@ CFILE *cfopen(const char *file_path, const char *mode, int type, int dir_type, b if ( strpbrk(file_path,"/\\:") ) { #endif // Full path given? - strcpy(longname, file_path ); + SDL_strlcpy(longname, file_path, sizeof(longname)); } else { // Path type given? SDL_assert( dir_type != CF_TYPE_ANY ); @@ -769,7 +769,7 @@ CFILE *cfopen(const char *file_path, const char *mode, int type, int dir_type, b int offset, size; char copy_file_path[MAX_PATH_LEN]; // FIX change in memory from cf_find_file_location - strcpy(copy_file_path, file_path); + SDL_strlcpy(copy_file_path, file_path, sizeof(copy_file_path)); if ( cf_find_file_location( copy_file_path, dir_type, longname, &size, &offset, localize ) ) { @@ -1722,7 +1722,7 @@ int cfile_init_paths() } // set root directory - strcpy(Cfile_root_dir, t_path); + SDL_strlcpy(Cfile_root_dir, t_path, sizeof(Cfile_root_dir)); // free SDL copy SDL_free(t_path); t_path = NULL; @@ -1749,7 +1749,7 @@ int cfile_init_paths() } // set user/pref directory - strcpy(Cfile_user_dir, u_path); + SDL_strlcpy(Cfile_user_dir, u_path, sizeof(Cfile_user_dir)); // free SDL copy SDL_free(u_path); u_path = NULL; diff --git a/src/cfile/cfilesystem.cpp b/src/cfile/cfilesystem.cpp index dc86ee4..6ad6dab 100644 --- a/src/cfile/cfilesystem.cpp +++ b/src/cfile/cfilesystem.cpp @@ -265,11 +265,11 @@ int cf_get_packfile_count(cf_root *root) packfile_count = 0; for (i=CF_TYPE_ROOT; ipath ); + SDL_strlcpy( filespec, root->path, sizeof(filespec) ); if(strlen(Pathtypes[i].path)){ - strcat( filespec, Pathtypes[i].path ); - strcat( filespec, "/" ); + SDL_strlcat( filespec, Pathtypes[i].path, sizeof(filespec) ); + SDL_strlcat( filespec, "/", sizeof(filespec) ); } DIR *dirp; @@ -285,14 +285,14 @@ int cf_get_packfile_count(cf_root *root) closedir(dirp); } #else - strcpy( filespec, root->path ); + SDL_strlcpy( filespec, root->path, sizeof(filespec) ); if(strlen(Pathtypes[i].path)){ - strcat( filespec, Pathtypes[i].path ); - strcat( filespec, "\\" ); + SDL_strlcat( filespec, Pathtypes[i].path, sizeof(filespec) ); + SDL_strlcat( filespec, "\\", sizeof(filespec) ); } - strcat( filespec, "*.vp" ); + SDL_strlcat( filespec, "*.vp", sizeof(filespec) ); int find_handle; _finddata_t find; @@ -357,11 +357,11 @@ void cf_build_pack_list( cf_root *root ) for (i=CF_TYPE_ROOT; ipath ); + SDL_strlcpy( filespec, root->path, sizeof(filespec) ); if(strlen(Pathtypes[i].path)){ - strcat( filespec, Pathtypes[i].path ); - strcat( filespec, "/" ); + SDL_strlcat( filespec, Pathtypes[i].path, sizeof(filespec) ); + SDL_strlcat( filespec, "/", sizeof(filespec) ); } DIR *dirp; @@ -376,8 +376,7 @@ void cf_build_pack_list( cf_root *root ) SDL_assert(root_index < temp_root_count); char fn[MAX_PATH]; - snprintf(fn, MAX_PATH-1, "%s/%s", filespec, dir->d_name); - fn[MAX_PATH-1] = 0; + SDL_snprintf(fn, sizeof(fn), "%s/%s", filespec, dir->d_name); struct stat buf; if (stat(fn, &buf) == -1) { @@ -392,14 +391,14 @@ void cf_build_pack_list( cf_root *root ) rptr_sort = &temp_roots_sort[root_index++]; // fill in all the proper info - strcpy(rptr_sort->path, root->path); + SDL_strlcpy(rptr_sort->path, root->path, sizeof(rptr_sort->path)); if(strlen(Pathtypes[i].path)){ - strcat(rptr_sort->path, Pathtypes[i].path ); - strcat(rptr_sort->path, "/"); + SDL_strlcat(rptr_sort->path, Pathtypes[i].path, sizeof(rptr_sort->path)); + SDL_strlcat(rptr_sort->path, "/", sizeof(rptr_sort->path)); } - strcat(rptr_sort->path, dir->d_name ); + SDL_strlcat(rptr_sort->path, dir->d_name, sizeof(rptr_sort->path)); rptr_sort->roottype = CF_ROOTTYPE_PACK; rptr_sort->cf_type = i; } @@ -407,13 +406,13 @@ void cf_build_pack_list( cf_root *root ) closedir(dirp); } #else - strcpy( filespec, root->path ); + SDL_strlcpy( filespec, root->path, sizeof(filespec) ); if(strlen(Pathtypes[i].path)){ - strcat( filespec, Pathtypes[i].path ); - strcat( filespec, "\\" ); + SDL_strlcat( filespec, Pathtypes[i].path, sizeof(filespec) ); + SDL_strlcat( filespec, "\\", sizeof(filespec) ); } - strcat( filespec, "*.vp" ); + SDL_strlcat( filespec, "*.vp", sizeof(filespec) ); int find_handle; _finddata_t find; @@ -429,14 +428,14 @@ void cf_build_pack_list( cf_root *root ) rptr_sort = &temp_roots_sort[root_index++]; // fill in all the proper info - strcpy(rptr_sort->path, root->path); + SDL_strlcpy(rptr_sort->path, root->path, sizeof(rptr_sort->path)); if(strlen(Pathtypes[i].path)){ - strcat(rptr_sort->path, Pathtypes[i].path ); - strcat(rptr_sort->path, "\\"); + SDL_strlcat(rptr_sort->path, Pathtypes[i].path, sizeof(rptr_sort->path) ); + SDL_strlcat(rptr_sort->path, "\\", sizeof(rptr_sort->path)); } - strcat(rptr_sort->path, find.name ); + SDL_strlcat(rptr_sort->path, find.name, sizeof(rptr_sort->path) ); rptr_sort->roottype = CF_ROOTTYPE_PACK; rptr_sort->cf_type = i; } @@ -458,11 +457,11 @@ void cf_build_pack_list( cf_root *root ) cf_root *new_root; for(i=0; ipath, root->path ); + SDL_strlcpy( new_root->path, root->path, sizeof(new_root->path) ); // mwa -- 4/2/98 put in the next 2 lines because the path name needs to be there // to find the files. - strcpy(new_root->path, temp_roots_sort[i].path); + SDL_strlcpy(new_root->path, temp_roots_sort[i].path, sizeof(new_root->path)); new_root->roottype = CF_ROOTTYPE_PACK; } @@ -480,11 +479,11 @@ void cf_build_root_list(const char *extras_dir) // ================================================================ // have user's writable directory as default for loading and saving files root = cf_create_root(); - strcpy( root->path, Cfile_user_dir ); + SDL_strlcpy( root->path, Cfile_user_dir, sizeof(root->path) ); // do we already have a slash? as in the case of a root directory install if(strlen(root->path) && (root->path[strlen(root->path)-1] != DIR_SEPARATOR_CHAR)){ - strcat(root->path, DIR_SEPARATOR_STR); // put trailing backslash on for easier path construction + SDL_strlcat(root->path, DIR_SEPARATOR_STR, sizeof(root->path)); // put trailing backslash on for easier path construction } root->roottype = CF_ROOTTYPE_PATH; @@ -495,11 +494,11 @@ void cf_build_root_list(const char *extras_dir) //====================================================== // Next, use the executable's directory for game data root = cf_create_root(); - strcpy( root->path, Cfile_root_dir ); + SDL_strlcpy( root->path, Cfile_root_dir, sizeof(root->path) ); // do we already have a slash? as in the case of a root directory install if(strlen(root->path) && (root->path[strlen(root->path)-1] != DIR_SEPARATOR_CHAR)){ - strcat(root->path, DIR_SEPARATOR_STR); // put trailing backslash on for easier path construction + SDL_strlcat(root->path, DIR_SEPARATOR_STR, sizeof(root->path)); // put trailing backslash on for easier path construction } root->roottype = CF_ROOTTYPE_PATH; @@ -512,7 +511,7 @@ void cf_build_root_list(const char *extras_dir) // Check the real CD if one... if ( extras_dir && strlen(extras_dir) ) { root = cf_create_root(); - strcpy( root->path, extras_dir ); + SDL_strlcpy( root->path, extras_dir, sizeof(root->path) ); root->roottype = CF_ROOTTYPE_PATH; //====================================================== @@ -528,7 +527,7 @@ int is_ext_in_list( const char *ext_list, char *ext ) { char tmp_ext[128]; - strncpy( tmp_ext, ext, 127 ); + SDL_strlcpy( tmp_ext, ext, sizeof(tmp_ext) ); SDL_strlwr(tmp_ext); if ( strstr(ext_list, tmp_ext )) { return 1; @@ -549,11 +548,11 @@ void cf_search_root_path(int root_index) for (i=CF_TYPE_ROOT; ipath ); + SDL_strlcpy( search_path, root->path, sizeof(search_path) ); if(strlen(Pathtypes[i].path)){ - strcat( search_path, Pathtypes[i].path ); - strcat( search_path, DIR_SEPARATOR_STR ); + SDL_strlcat( search_path, Pathtypes[i].path, sizeof(search_path) ); + SDL_strlcat( search_path, DIR_SEPARATOR_STR, sizeof(search_path) ); } #ifdef PLAT_UNIX @@ -574,8 +573,7 @@ void cf_search_root_path(int root_index) if (!fnmatch ("*.*", dir->d_name, 0)) { char fn[MAX_PATH]; - snprintf(fn, MAX_PATH-1, "%s/%s", search_path, dir->d_name); - fn[MAX_PATH-1] = 0; + SDL_snprintf(fn, MAX_PATH, "%s/%s", search_path, dir->d_name); struct stat buf; if (stat(fn, &buf) == -1) { @@ -586,13 +584,13 @@ void cf_search_root_path(int root_index) continue; } - char *ext = strchr( dir->d_name, '.' ); + char *ext = SDL_strchr( dir->d_name, '.' ); if ( ext ) { if ( is_ext_in_list( Pathtypes[i].extensions, ext ) ) { // Found a file!!!! cf_file *file = cf_create_file(); - strcpy( file->name_ext, dir->d_name ); + SDL_strlcpy( file->name_ext, dir->d_name, sizeof(file->name_ext) ); file->root_index = root_index; file->pathtype_index = i; @@ -610,7 +608,7 @@ void cf_search_root_path(int root_index) closedir(dirp); } #else - strcat( search_path, "*.*" ); + SDL_strlcat( search_path, "*.*", sizeof(search_path) ); int find_handle; _finddata_t find; @@ -621,13 +619,13 @@ void cf_search_root_path(int root_index) do { if (!(find.attrib & _A_SUBDIR)) { - char *ext = strchr( find.name, '.' ); + char *ext = SDL_strchr( find.name, '.' ); if ( ext ) { if ( is_ext_in_list( Pathtypes[i].extensions, ext ) ) { // Found a file!!!! cf_file *file = cf_create_file(); - strcpy( file->name_ext, find.name ); + SDL_strlcpy( file->name_ext, find.name, sizeof(file->name_ext) ); file->root_index = root_index; file->pathtype_index = i; file->write_time = find.time_write; @@ -695,7 +693,7 @@ void cf_search_root_pack(int root_index) char search_path[CF_MAX_PATHNAME_LENGTH]; - strcpy( search_path, "" ); + SDL_strlcpy( search_path, "", sizeof(search_path) ); // Go through all the files for (i=0; iname_ext, find.filename ); + SDL_strlcpy( file->name_ext, find.filename, sizeof(file->name_ext) ); file->root_index = root_index; file->pathtype_index = j; file->write_time = find.write_time; @@ -869,7 +867,7 @@ int cf_find_file_location( const char *filespec, int pathtype, char *pack_filena if ( size ) *size = filelength(fileno(fp)); if ( offset ) *offset = 0; if ( pack_filename ) { - strcpy( pack_filename, filespec ); + SDL_strlcpy( pack_filename, filespec, MAX_PATH_LEN ); } fclose(fp); return 1; @@ -902,7 +900,7 @@ int cf_find_file_location( const char *filespec, int pathtype, char *pack_filena if ( size ) *size = filelength(fileno(fp)); if ( offset ) *offset = 0; if ( pack_filename ) { - strcpy( pack_filename, longname ); + SDL_strlcpy( pack_filename, longname, MAX_PATH_LEN ); } fclose(fp); return 1; @@ -922,8 +920,8 @@ int cf_find_file_location( const char *filespec, int pathtype, char *pack_filena if (localize) { // create localized filespec char loc_filespec[MAX_PATH_LEN]; - strcpy(loc_filespec, filespec); - lcl_add_dir_to_path_with_filename(loc_filespec); + SDL_strlcpy(loc_filespec, filespec, sizeof(loc_filespec)); + lcl_add_dir_to_path_with_filename(loc_filespec, sizeof(loc_filespec)); if ( !SDL_strcasecmp(loc_filespec, f->name_ext) ) { if ( size ) *size = f->size; @@ -931,11 +929,11 @@ int cf_find_file_location( const char *filespec, int pathtype, char *pack_filena if ( pack_filename ) { cf_root * r = cf_get_root(f->root_index); - strcpy( pack_filename, r->path ); + SDL_strlcpy( pack_filename, r->path, MAX_PATH_LEN ); if ( f->pack_offset < 1 ) { - strcat( pack_filename, Pathtypes[f->pathtype_index].path ); - strcat( pack_filename, DIR_SEPARATOR_STR ); - strcat( pack_filename, f->name_ext ); + SDL_strlcat( pack_filename, Pathtypes[f->pathtype_index].path, MAX_PATH_LEN ); + SDL_strlcat( pack_filename, DIR_SEPARATOR_STR, MAX_PATH_LEN ); + SDL_strlcat( pack_filename, f->name_ext, MAX_PATH_LEN ); } } return 1; @@ -949,15 +947,15 @@ int cf_find_file_location( const char *filespec, int pathtype, char *pack_filena if ( pack_filename ) { cf_root * r = cf_get_root(f->root_index); - strcpy( pack_filename, r->path ); + SDL_strlcpy( pack_filename, r->path, MAX_PATH_LEN ); if ( f->pack_offset < 1 ) { if(strlen(Pathtypes[f->pathtype_index].path)){ - strcat( pack_filename, Pathtypes[f->pathtype_index].path ); - strcat( pack_filename, DIR_SEPARATOR_STR ); + SDL_strlcat( pack_filename, Pathtypes[f->pathtype_index].path, MAX_PATH_LEN ); + SDL_strlcat( pack_filename, DIR_SEPARATOR_STR, MAX_PATH_LEN ); } - strcat( pack_filename, f->name_ext ); + SDL_strlcat( pack_filename, f->name_ext, MAX_PATH_LEN ); } } return 1; @@ -973,13 +971,13 @@ int cf_matches_spec(const char *filespec, const char *filename) { const char *src_ext, *dst_ext; - src_ext = strchr(filespec, '.'); + src_ext = SDL_strchr(filespec, '.'); if (!src_ext) return 1; if (*src_ext == '*') return 1; - dst_ext = strchr(filename, '.'); + dst_ext = SDL_strchr(filename, '.'); if (!dst_ext) return 1; @@ -995,8 +993,8 @@ int cf_file_already_in_list( int num_files, char **list, char *filename ) char name_no_extension[MAX_PATH_LEN]; - strcpy(name_no_extension, filename ); - char *p = strchr( name_no_extension, '.' ); + SDL_strlcpy(name_no_extension, filename, sizeof(name_no_extension)); + char *p = SDL_strchr( name_no_extension, '.' ); if ( p ) *p = 0; for (i=0; id_name); - fn[MAX_PATH-1] = 0; + SDL_snprintf(fn, MAX_PATH, "%s/%s", filespec, dir->d_name); struct stat buf; if (stat(fn, &buf) == -1) { @@ -1073,8 +1070,7 @@ int cf_get_file_list( int max, char **list, int pathtype, const char *filter, in l = strlen(dir->d_name); list[num_files] = (char *)malloc(l + 1); - strncpy(list[num_files], dir->d_name, l); - list[num_files][l] = 0; + SDL_strlcpy(list[num_files], dir->d_name, l+1); if (info) info[num_files].write_time = buf.st_mtime; @@ -1102,8 +1098,7 @@ int cf_get_file_list( int max, char **list, int pathtype, const char *filter, in l = strlen(find.name); list[num_files] = (char *)malloc(l + 1); - strncpy(list[num_files], find.name, l); - list[num_files][l] = 0; + SDL_strlcpy(list[num_files], find.name, l+1); if (info) info[num_files].write_time = find.time_write; @@ -1149,8 +1144,7 @@ int cf_get_file_list( int max, char **list, int pathtype, const char *filter, in l = strlen(f->name_ext); list[num_files] = (char *)malloc(l + 1); - strncpy(list[num_files], f->name_ext, l); - list[num_files][l] = 0; + SDL_strlcpy(list[num_files], f->name_ext, l+1); if (info) { info[num_files].write_time = f->write_time; @@ -1181,8 +1175,8 @@ int cf_file_already_in_list_preallocated( int num_files, char arr[][MAX_FILENAME char name_no_extension[MAX_PATH_LEN]; - strcpy(name_no_extension, filename ); - char *p = strchr( name_no_extension, '.' ); + SDL_strlcpy(name_no_extension, filename, sizeof(name_no_extension)); + char *p = SDL_strchr( name_no_extension, '.' ); if ( p ) *p = 0; for (i=0; id_name); - fn[MAX_PATH-1] = 0; + SDL_snprintf(fn, MAX_PATH, "%s/%s", filespec, dir->d_name); struct stat buf; if (stat(fn, &buf) == -1) { @@ -1255,7 +1248,7 @@ int cf_get_file_list_preallocated( int max, char arr[][MAX_FILENAME_LEN], char * if ( !Get_file_list_filter || (*Get_file_list_filter)(dir->d_name) ) { - strncpy(arr[num_files], dir->d_name, MAX_FILENAME_LEN - 1 ); + SDL_strlcpy(arr[num_files], dir->d_name, MAX_FILENAME_LEN); char *ptr = strrchr(arr[num_files], '.'); if ( ptr ) { *ptr = 0; @@ -1286,7 +1279,7 @@ int cf_get_file_list_preallocated( int max, char arr[][MAX_FILENAME_LEN], char * if ( !Get_file_list_filter || (*Get_file_list_filter)(find.name) ) { - strncpy(arr[num_files], find.name, MAX_FILENAME_LEN - 1 ); + SDL_strlcpy(arr[num_files], find.name, MAX_FILENAME_LEN); char *ptr = strrchr(arr[num_files], '.'); if ( ptr ) { *ptr = 0; @@ -1332,7 +1325,7 @@ int cf_get_file_list_preallocated( int max, char arr[][MAX_FILENAME_LEN], char * //mprintf(( "Found '%s' in root %d path %d\n", f->name_ext, f->root_index, f->pathtype_index )); - strncpy(arr[num_files], f->name_ext, MAX_FILENAME_LEN - 1 ); + SDL_strlcpy(arr[num_files], f->name_ext, MAX_FILENAME_LEN); char *ptr = strrchr(arr[num_files], '.'); if ( ptr ) { *ptr = 0; @@ -1377,43 +1370,43 @@ void cf_create_default_path_string( char *path, int pathtype, const char *filena if ( filename && strpbrk(filename,"/\\:") ) { #endif // Already has full path - strcpy( path, filename ); + SDL_strlcpy( path, filename, MAX_PATH_LEN ); } else { if ( cfile_init_paths() ) { - strcpy(path, (filename) ? filename : ""); + SDL_strlcpy(path, (filename) ? filename : "", MAX_PATH_LEN); return; } SDL_assert(CF_TYPE_SPECIFIED(pathtype)); - strcpy(path, Cfile_user_dir); - strcat(path, Pathtypes[pathtype].path); + SDL_strlcpy(path, Cfile_user_dir, MAX_PATH_LEN); + SDL_strlcat(path, Pathtypes[pathtype].path, MAX_PATH_LEN); // Don't add slash for root directory if (Pathtypes[pathtype].path[0] != '\0') { - strcat(path, DIR_SEPARATOR_STR); + SDL_strlcat(path, DIR_SEPARATOR_STR, MAX_PATH_LEN); } // add filename if (filename) { - strcat(path, filename); + SDL_strlcat(path, filename, MAX_PATH_LEN); // localize filename if (localize) { // create copy of path char temp_path[MAX_PATH_LEN]; - strcpy(temp_path, path); + SDL_strlcpy(temp_path, path, sizeof(temp_path)); // localize the path - lcl_add_dir_to_path_with_filename(path); + lcl_add_dir_to_path_with_filename(path, MAX_PATH_LEN); // verify localized path FILE *fp = fopen(path, "rb"); if (fp) { fclose(fp); } else { - strcpy(path, temp_path); + SDL_strlcpy(path, temp_path, sizeof(temp_path)); } } } diff --git a/src/cmdline/cmdline.cpp b/src/cmdline/cmdline.cpp index 327de2f..a1eba00 100644 --- a/src/cmdline/cmdline.cpp +++ b/src/cmdline/cmdline.cpp @@ -359,7 +359,7 @@ static void parm_stuff_args(cmdline_parm *parm, char *cmdline) if (parm->args != NULL) { memset(parm->args, 0, size+1); - strcpy(parm->args, buffer); + SDL_strlcpy(parm->args, buffer, size+1); } } } @@ -546,7 +546,7 @@ static void os_init_cmdline(const char *cmdline) // make sure that we have a trailing space for option finding to // work properly with single args - strcat(buf, " "); + SDL_strlcat(buf, " ", sizeof(buf)); mprintf(("%s", buf)); @@ -561,11 +561,12 @@ static void os_init_cmdline(const char *cmdline) mprintf(("%s", cmdline)); // for proper arg handling make sure cmdline has trailing space - char *m_cmdline = (char*) malloc(strlen(cmdline)+2); + int len = strlen(cmdline) + 2; + char *m_cmdline = (char*) malloc(len); if (m_cmdline) { - strcpy(m_cmdline, cmdline); - strcat(m_cmdline, " "); + SDL_strlcpy(m_cmdline, cmdline, len); + SDL_strlcat(m_cmdline, " ", len); os_parse_parms(m_cmdline); os_validate_parms(m_cmdline); diff --git a/src/controlconfig/controlsconfig.cpp b/src/controlconfig/controlsconfig.cpp index 8e0a829..84a7f6f 100644 --- a/src/controlconfig/controlsconfig.cpp +++ b/src/controlconfig/controlsconfig.cpp @@ -1775,7 +1775,7 @@ void control_config_do_frame(float frametime) Ui_window.process(0); if (k == SDLK_ESCAPE) { - strcpy(bound_string, XSTR( "Canceled", 206)); + SDL_strlcpy(bound_string, XSTR( "Canceled", 206), sizeof(bound_string)); bound_timestamp = timestamp(2500); control_config_do_cancel(); @@ -1790,7 +1790,7 @@ void control_config_do_frame(float frametime) if (bind) { if (Axis_override >= 0) { control_config_bind_axis(z, Axis_override); - strcpy(bound_string, Joy_axis_text[Axis_override]); + SDL_strlcpy(bound_string, Joy_axis_text[Axis_override], sizeof(bound_string)); gr_force_fit_string(bound_string, 39, Conflict_wnd_coords[gr_screen.res][CONTROL_W_COORD]); bound_timestamp = timestamp(2500); control_config_conflict_check(); @@ -1826,7 +1826,7 @@ void control_config_do_frame(float frametime) } if (k == SDLK_ESCAPE) { - strcpy(bound_string, XSTR( "Canceled", 206)); + SDL_strlcpy(bound_string, XSTR( "Canceled", 206), sizeof(bound_string)); bound_timestamp = timestamp(2500); control_config_do_cancel(); @@ -1856,7 +1856,7 @@ void control_config_do_frame(float frametime) SDL_assert(!(z & JOY_AXIS)); control_config_bind_key(z, k); - strcpy(bound_string, textify_scancode(k)); + SDL_strlcpy(bound_string, textify_scancode(k), sizeof(bound_string)); gr_force_fit_string(bound_string, 39, Conflict_wnd_coords[gr_screen.res][CONTROL_W_COORD]); bound_timestamp = timestamp(2500); control_config_conflict_check(); @@ -1870,7 +1870,7 @@ void control_config_do_frame(float frametime) SDL_assert(!(z & JOY_AXIS)); control_config_bind_joy(z, i); - strcpy(bound_string, Joy_button_text[i]); + SDL_strlcpy(bound_string, Joy_button_text[i], sizeof(bound_string)); gr_force_fit_string(bound_string, 39, Conflict_wnd_coords[gr_screen.res][CONTROL_W_COORD]); bound_timestamp = timestamp(2500); control_config_conflict_check(); @@ -1893,7 +1893,7 @@ void control_config_do_frame(float frametime) SDL_assert(!(z & JOY_AXIS)); control_config_bind_joy(z, i); - strcpy(bound_string, Joy_button_text[i]); + SDL_strlcpy(bound_string, Joy_button_text[i], sizeof(bound_string)); gr_force_fit_string(bound_string, 39, Conflict_wnd_coords[gr_screen.res][CONTROL_W_COORD]); bound_timestamp = timestamp(2500); control_config_conflict_check(); @@ -2163,7 +2163,7 @@ void control_config_do_frame(float frametime) // setup the conflict string char conflict_str[512] = ""; - strncpy(conflict_str, XSTR("Conflict!", 205), 511); + SDL_strlcpy(conflict_str, XSTR("Conflict!", 205), sizeof(conflict_str)); int sw, sh; gr_get_string_size(&sw, &sh, conflict_str); @@ -2239,7 +2239,7 @@ void control_config_do_frame(float frametime) gr_get_string_size(&w, NULL, str); gr_printf(x - w / 2, y - font_height, str); - strcpy(buf, XSTR(Control_config[i].text, CONTROL_CONFIG_XSTR + i)); + SDL_strlcpy(buf, XSTR(Control_config[i].text, CONTROL_CONFIG_XSTR + i), sizeof(buf)); gr_force_fit_string(buf, 255, Conflict_wnd_coords[gr_screen.res][CONTROL_W_COORD]); gr_get_string_size(&w, NULL, buf); gr_printf(x - w / 2, y, buf); @@ -2286,7 +2286,7 @@ void control_config_do_frame(float frametime) gr_set_color_fast(c); if (Cc_lines[line].label) { - strcpy(buf, Cc_lines[line].label); + SDL_strlcpy(buf, Cc_lines[line].label, sizeof(buf)); gr_force_fit_string(buf, 255, Control_list_ctrl_w[gr_screen.res]); gr_printf(Control_list_coords[gr_screen.res][CONTROL_X_COORD], y, buf); } @@ -2303,7 +2303,7 @@ void control_config_do_frame(float frametime) } else { if (k >= 0) { - strcpy(buf, textify_scancode(k)); + SDL_strlcpy(buf, textify_scancode(k), sizeof(buf)); if (Conflicts[z].key >= 0) { if (c == &Color_text_normal) gr_set_color_fast(&Color_text_error); @@ -2334,7 +2334,7 @@ void control_config_do_frame(float frametime) } if (j >= 0) { - strcpy(buf, Joy_button_text[j]); + SDL_strlcpy(buf, Joy_button_text[j], sizeof(buf)); if (Conflicts[z].joy >= 0) { if (c == &Color_text_normal) gr_set_color_fast(&Color_text_error); diff --git a/src/controlconfig/controlsconfigcommon.cpp b/src/controlconfig/controlsconfigcommon.cpp index 5fb6246..6b4f2d0 100644 --- a/src/controlconfig/controlsconfigcommon.cpp +++ b/src/controlconfig/controlsconfigcommon.cpp @@ -1080,27 +1080,27 @@ const char *textify_scancode(int code) *text = 0; if (code & KEY_ALTED) { if(Lcl_gr){ - strcat(text, "Alt-"); + SDL_strlcat(text, "Alt-", sizeof(text)); } else if(Lcl_fr){ - strcat(text, "Alt-"); + SDL_strlcat(text, "Alt-", sizeof(text)); } else { - strcat(text, "Alt-"); + SDL_strlcat(text, "Alt-", sizeof(text)); } } if (code & KEY_SHIFTED) { if(Lcl_gr){ - strcat(text, "Shift-"); + SDL_strlcat(text, "Shift-", sizeof(text)); } else if(Lcl_fr){ - strcat(text, "Maj.-"); + SDL_strlcat(text, "Maj.-", sizeof(text)); } else { - strcat(text, "Shift-"); + SDL_strlcat(text, "Shift-", sizeof(text)); } } code = SDL_GetScancodeFromKey(code & KEY_MASK); - strcat(text, Scan_code_text[code]); + SDL_strlcat(text, Scan_code_text[code], sizeof(text)); return text; } //XSTR:ON diff --git a/src/cutscene/cutscenes.cpp b/src/cutscene/cutscenes.cpp index ede022d..02a83c4 100644 --- a/src/cutscene/cutscenes.cpp +++ b/src/cutscene/cutscenes.cpp @@ -400,14 +400,14 @@ void cutscenes_screen_play() SDL_assert( (Selected_line >= 0) && (Selected_line < Num_files) ); which_cutscene = Cutscene_list[Selected_line]; - strcpy(name, Cutscenes[which_cutscene].filename ); + SDL_strlcpy(name, Cutscenes[which_cutscene].filename, sizeof(name)); full_name = cf_add_ext(name, NOX(".mve")); int rval = movie_play(full_name); if ( !rval ) { char str[256]; - sprintf(str, XSTR( "Unable to play movie %s.", 204), Cutscenes[which_cutscene].name ); + SDL_snprintf(str, sizeof(str), XSTR( "Unable to play movie %s.", 204), Cutscenes[which_cutscene].name ); popup(0, 1, POPUP_OK, str ); } } @@ -715,8 +715,7 @@ void cutscenes_screen_do_frame() if (len > MAX_TEXT_LINE_LEN) len = MAX_TEXT_LINE_LEN; - strncpy(line, Text_lines[z], len); - line[len] = 0; + SDL_strlcpy(line, Text_lines[z], len+1); gr_string(Cutscene_desc_coords[gr_screen.res][0], Cutscene_desc_coords[gr_screen.res][1] + y, line); y += font_height; diff --git a/src/debugconsole/console.cpp b/src/debugconsole/console.cpp index 7807c27..64136eb 100644 --- a/src/debugconsole/console.cpp +++ b/src/debugconsole/console.cpp @@ -263,7 +263,7 @@ void scanner_downshift_word() int offset = 'a' - 'A'; char * tp; - strcpy( scanner_word_string, scanner_token_string ); + SDL_strlcpy( scanner_word_string, scanner_token_string, sizeof(scanner_word_string) ); tp = scanner_word_string; do { @@ -370,7 +370,7 @@ void dc_get_arg(uint type) if ( num_digits==len ) { Dc_arg_type |= ARG_FLOAT; Dc_arg_float = (float)atof(Dc_arg); - if ( !strchr( Dc_arg, '.' )) { + if ( !SDL_strchr( Dc_arg, '.' )) { Dc_arg_type |= ARG_INT; Dc_arg_int = atoi(Dc_arg); } @@ -578,7 +578,7 @@ void debug_output( char c ) if ( debug_y >= DROWS ) { int i; for (i=1; i= DROWS ) { int i; for (i=1; i -1 ) { - strcpy( command_line, oldcommand_line[last_oldcommand] ); + SDL_strlcpy( command_line, oldcommand_line[last_oldcommand], sizeof(command_line) ); command_line_pos = strlen(command_line); command_line[command_line_pos] = 0; } @@ -695,7 +695,7 @@ void debug_console( void (*_func)() ) command_scroll = last_oldcommand; if ( command_scroll > -1 ) { - strcpy( command_line, oldcommand_line[command_scroll] ); + SDL_strlcpy( command_line, oldcommand_line[command_scroll], sizeof(command_line) ); command_line_pos = strlen(command_line); command_line[command_line_pos] = 0; } @@ -708,7 +708,7 @@ void debug_console( void (*_func)() ) if (command_scroll>last_oldcommand) command_scroll = -1; if ( command_scroll > -1 ) { - strcpy( command_line, oldcommand_line[command_scroll] ); + SDL_strlcpy( command_line, oldcommand_line[command_scroll], sizeof(command_line) ); command_line_pos = strlen(command_line); command_line[command_line_pos] = 0; } @@ -729,13 +729,13 @@ void debug_console( void (*_func)() ) if ( !found ) { if ( last_oldcommand < DEBUG_HISTORY-1 ) { last_oldcommand++; - strcpy( oldcommand_line[last_oldcommand], command_line); + SDL_strlcpy( oldcommand_line[last_oldcommand], command_line, sizeof(oldcommand_line[0]) ); } else { int i; for (i=0; i" ); - strcat( debug_text[debug_y], command_line ); + SDL_strlcpy( debug_text[debug_y], ">", DCOLS ); + SDL_strlcat( debug_text[debug_y], command_line, DCOLS ); debug_draw(); if ( _func ){ diff --git a/src/demo/demo.cpp b/src/demo/demo.cpp index fb2ad9b..e2d7b1d 100644 --- a/src/demo/demo.cpp +++ b/src/demo/demo.cpp @@ -290,7 +290,7 @@ int demo_start_record(const char *file) } // open the outfile - strcpy(full_name, file); + SDL_strlcpy(full_name, file, sizeof(full_name)); cf_add_ext(full_name, ".fsd"); Demo_file = cfopen(full_name, "wb", CFILE_NORMAL, CF_TYPE_DEMOS); if(Demo_file == NULL){ @@ -334,7 +334,7 @@ int demo_start_playback(const char *file) } // open the outfile - strcpy(full_name, file); + SDL_strlcpy(full_name, file, sizeof(full_name)); cf_add_ext(full_name, ".fsd"); Demo_file = cfopen(full_name, "rb", CFILE_NORMAL, CF_TYPE_DEMOS); if(Demo_file == NULL){ diff --git a/src/fireball/fireballs.cpp b/src/fireball/fireballs.cpp index ed347b9..f5c518b 100644 --- a/src/fireball/fireballs.cpp +++ b/src/fireball/fireballs.cpp @@ -478,7 +478,7 @@ void fireball_parse_tbl() } // stuff default filename - strcpy(Fireball_info[ntypes].lod[0].filename, base_filename); + SDL_strlcpy(Fireball_info[ntypes].lod[0].filename, base_filename, sizeof(Fireball_info[0].lod[0].filename)); // stuff LOD level filenames for(idx=1; idxsubmodel[sm].name, total); + SDL_snprintf(str, sizeof(str), "Submodel %s total : %d faces\n", pm->submodel[sm].name, total); cfputs(str, out); *out_total += total + sub_total; @@ -6667,7 +6667,7 @@ void game_spew_pof_info() } counted = 0; for(idx=0; idx= 0){ pm = model_get(model_num); @@ -6685,16 +6685,16 @@ void game_spew_pof_info() total = submodel_get_num_polys(model_num, i); model_total += total; - sprintf(str, "Submodel %s total : %d faces\n", pm->submodel[i].name, total); + SDL_snprintf(str, sizeof(str), "Submodel %s total : %d faces\n", pm->submodel[i].name, total); cfputs(str, out); } - sprintf(str, "Model total %d\n", model_total); + SDL_snprintf(str, sizeof(str), "Model total %d\n", model_total); cfputs(str, out); // now go through and do it by LOD cfputs("BY LOD\n\n", out); for(i=0; in_detail_levels; i++){ - sprintf(str, "LOD %d\n", i); + SDL_snprintf(str, sizeof(str), "LOD %d\n", i); cfputs(str, out); // submodels @@ -6705,14 +6705,14 @@ void game_spew_pof_info() game_spew_pof_info_sub(model_num, pm, j, out, &total, &destroyed_total); } - sprintf(str, "Submodel %s total : %d faces\n", pm->submodel[pm->detail[i]].name, root_total); + SDL_snprintf(str, sizeof(str), "Submodel %s total : %d faces\n", pm->submodel[pm->detail[i]].name, root_total); cfputs(str, out); - sprintf(str, "TOTAL: %d\n", total + root_total); + SDL_snprintf(str, sizeof(str), "TOTAL: %d\n", total + root_total); cfputs(str, out); - sprintf(str, "TOTAL not counting destroyed faces %d\n", (total + root_total) - destroyed_total); + SDL_snprintf(str, sizeof(str), "TOTAL not counting destroyed faces %d\n", (total + root_total) - destroyed_total); cfputs(str, out); - sprintf(str, "TOTAL destroyed faces %d\n\n", destroyed_total); + SDL_snprintf(str, sizeof(str), "TOTAL destroyed faces %d\n\n", destroyed_total); cfputs(str, out); } cfputs("------------------------------------------------------------------------\n\n", out); @@ -7245,7 +7245,7 @@ void game_show_event_debug(float frametime) z = Event_debug_index[k]; if (z & EVENT_DEBUG_EVENT) { z &= 0x7fff; - sprintf(buf, NOX("%s%s (%s) %s%d %d"), (Mission_events[z].flags & MEF_CURRENT) ? NOX("* ") : "", + SDL_snprintf(buf, sizeof(buf), NOX("%s%s (%s) %s%d %d"), (Mission_events[z].flags & MEF_CURRENT) ? NOX("* ") : "", Mission_events[z].name, Mission_events[z].result ? NOX("True") : NOX("False"), (Mission_events[z].chain_delay < 0) ? "" : NOX("x "), Mission_events[z].repeat_count, Mission_events[z].interval); @@ -7256,31 +7256,31 @@ void game_show_event_debug(float frametime) while (i--) buf[i] = ' '; - strcat(buf, Sexp_nodes[z & 0x7fff].text); + SDL_strlcat(buf, Sexp_nodes[z & 0x7fff].text, sizeof(buf)); switch (Sexp_nodes[z & 0x7fff].value) { case SEXP_TRUE: - strcat(buf, NOX(" (True)")); + SDL_strlcat(buf, NOX(" (True)"), sizeof(buf)); break; case SEXP_FALSE: - strcat(buf, NOX(" (False)")); + SDL_strlcat(buf, NOX(" (False)"), sizeof(buf)); break; case SEXP_KNOWN_TRUE: - strcat(buf, NOX(" (Always true)")); + SDL_strlcat(buf, NOX(" (Always true)"), sizeof(buf)); break; case SEXP_KNOWN_FALSE: - strcat(buf, NOX(" (Always false)")); + SDL_strlcat(buf, NOX(" (Always false)"), sizeof(buf)); break; case SEXP_CANT_EVAL: - strcat(buf, NOX(" (Can't eval)")); + SDL_strlcat(buf, NOX(" (Can't eval)"), sizeof(buf)); break; case SEXP_NAN: case SEXP_NAN_FOREVER: - strcat(buf, NOX(" (Not a number)")); + SDL_strlcat(buf, NOX(" (Not a number)"), sizeof(buf)); break; } } @@ -7331,7 +7331,7 @@ void Time_model( int modelnum ) int bmp_num = pm->original_textures[i]; if ( bmp_num > -1 ) { - bm_get_palette(pm->original_textures[i], pal, filename ); + bm_get_palette(pm->original_textures[i], pal, filename, sizeof(filename) ); int w,h; bm_get_info( pm->original_textures[i],&w, &h ); @@ -7481,11 +7481,10 @@ void game_feature_not_in_demo_popup() } // format the specified time (fixed point) into a nice string -void game_format_time(fix m_time,char *time_str) +void game_format_time(fix m_time, char *time_str, const int time_str_len) { float mtime; int hours,minutes,seconds; - char tmp[10]; mtime = f2fl(m_time); @@ -7497,47 +7496,27 @@ void game_format_time(fix m_time,char *time_str) seconds = (int)mtime%60; minutes = (int)mtime/60; - // print the hour if necessary - if(hours > 0){ - sprintf(time_str,XSTR( "%d:", 201),hours); - // if there are less than 10 minutes, print a leading 0 - if(minutes < 10){ - strcpy(tmp,NOX("0")); - strcat(time_str,tmp); - } - } - - // print the minutes - if(hours){ - sprintf(tmp,XSTR( "%d:", 201),minutes); - strcat(time_str,tmp); + if (hours > 0) { + SDL_snprintf(time_str, time_str_len, "%d:%02d:%02d", hours, minutes, seconds); } else { - sprintf(time_str,XSTR( "%d:", 201),minutes); + SDL_snprintf(time_str, time_str_len, "%d:%02d", minutes, seconds); } - - // print the seconds - if(seconds < 10){ - strcpy(tmp,NOX("0")); - strcat(time_str,tmp); - } - sprintf(tmp,"%d",seconds); - strcat(time_str,tmp); } // Stuff version string in *str. -void get_version_string(char *str) +void get_version_string(char *str, const int str_len) { //XSTR:OFF -if ( FS_VERSION_BUILD == 0 ) { - sprintf(str,"v%d.%02d",FS_VERSION_MAJOR, FS_VERSION_MINOR); -} else { - sprintf(str,"v%d.%02d.%02d",FS_VERSION_MAJOR, FS_VERSION_MINOR, FS_VERSION_BUILD ); -} + if ( FS_VERSION_BUILD == 0 ) { + SDL_snprintf(str, str_len, "v%d.%02d", FS_VERSION_MAJOR, FS_VERSION_MINOR); + } else { + SDL_snprintf(str, str_len, "v%d.%02d.%02d", FS_VERSION_MAJOR, FS_VERSION_MINOR, FS_VERSION_BUILD ); + } #if defined (FS2_DEMO) || defined(FS1_DEMO) - strcat(str, " D"); + SDL_strlcat(str, " D", str_len); #elif defined (OEM_BUILD) - strcat(str, " (OEM)"); + SDL_strlcat(str, " (OEM)", str_len); #endif //XSTR:ON /* @@ -7570,9 +7549,9 @@ if ( FS_VERSION_BUILD == 0 ) { */ } -void get_version_string_short(char *str) +void get_version_string_short(char *str, const int str_len) { - sprintf(str,"v%d.%02d",FS_VERSION_MAJOR, FS_VERSION_MINOR); + SDL_snprintf(str, str_len, "v%d.%02d", FS_VERSION_MAJOR, FS_VERSION_MINOR); } // ---------------------------------------------------------------- diff --git a/src/freespace2/main.cpp b/src/freespace2/main.cpp index 8638252..bb82fbb 100644 --- a/src/freespace2/main.cpp +++ b/src/freespace2/main.cpp @@ -45,8 +45,8 @@ int main(int argc, char *argv[]) memset(argptr, 0, len+5); for (i = 1; i < argc; i++) { - strcat(argptr, argv[i]); - strcat(argptr, " "); + SDL_strlcat(argptr, argv[i], len+5); + SDL_strlcat(argptr, " ", len+5); } } diff --git a/src/gamehelp/gameplayhelp.cpp b/src/gamehelp/gameplayhelp.cpp index b283c2c..db7642b 100644 --- a/src/gamehelp/gameplayhelp.cpp +++ b/src/gamehelp/gameplayhelp.cpp @@ -251,7 +251,7 @@ static int Current_help_page; // generate a line for the on-line help for a control item with specified id // input: id => index for control item within Control_config[] // buf => buffer with enough space to hold ouput string -char *gameplay_help_control_text(int id, char *buf) +char *gameplay_help_control_text(int id, char *buf, const int buf_len) { int has_key=0, has_joy=0; config_item *ci; @@ -259,24 +259,24 @@ char *gameplay_help_control_text(int id, char *buf) ci = &Control_config[id]; if ( ci->key_id >= 0 ) { - strcpy(buf, textify_scancode(ci->key_id)); + SDL_strlcpy(buf, textify_scancode(ci->key_id), buf_len); has_key=1; } if ( ci->joy_id >= 0 ) { if ( has_key ) { - strcat(buf, XSTR( ", ", 129)); + SDL_strlcat(buf, XSTR( ", ", 129), buf_len); } - strcat(buf, Joy_button_text[ci->joy_id]); + SDL_strlcat(buf, Joy_button_text[ci->joy_id], buf_len); has_joy=1; } if ( !has_key && !has_joy ) { - strcpy(buf, XSTR( "no binding", 130)); + SDL_strlcpy(buf, XSTR( "no binding", 130), buf_len); } - strcat(buf, XSTR( " - ", 131)); - strcat(buf, ci->text); + SDL_strlcat(buf, XSTR( " - ", 131), buf_len); + SDL_strlcat(buf, ci->text, buf_len); return buf; } @@ -292,20 +292,20 @@ void gameplay_help_blit_control_line(int x, int y, int id) buf[0] = 0; if ( ci->key_id >= 0 ) { - strcpy(buf, textify_scancode(ci->key_id)); + SDL_strlcpy(buf, textify_scancode(ci->key_id), sizeof(buf)); has_key=1; } if ( ci->joy_id >= 0 ) { if ( has_key ) { - strcat(buf, XSTR( ", ", 129)); + SDL_strlcat(buf, XSTR( ", ", 129), sizeof(buf)); } - strcat(buf, Joy_button_text[ci->joy_id]); + SDL_strlcat(buf, Joy_button_text[ci->joy_id], sizeof(buf)); has_joy=1; } if ( !has_key && !has_joy ) { - strcpy(buf, XSTR( "no binding", 130)); + SDL_strlcpy(buf, XSTR( "no binding", 130), sizeof(buf)); } gr_string(x,y,buf); @@ -329,7 +329,7 @@ void gameplay_help_set_title(const char *title) gr_set_color_fast(&Color_bright); gr_printf(0x8000,sy,title); - sprintf(buf, XSTR( "Page %d of %d", 132), Current_help_page+1, Gp_last_screen+1); + SDL_snprintf(buf, sizeof(buf), XSTR( "Page %d of %d", 132), Current_help_page+1, Gp_last_screen+1); gr_printf(0x8000,sy+gr_get_font_height()+2,buf); gr_set_color_fast(&Color_normal); } diff --git a/src/gamesnd/eventmusic.cpp b/src/gamesnd/eventmusic.cpp index 625db48..1514e9b 100644 --- a/src/gamesnd/eventmusic.cpp +++ b/src/gamesnd/eventmusic.cpp @@ -1123,7 +1123,7 @@ void event_music_parse_musictbl() char *token; int count = 0; token = strtok( line_buf, NOX(" ,\t")); - strcpy(fname, token); + SDL_strlcpy(fname, token, sizeof(fname)); while ( token != NULL ) { token = strtok( NULL, NOX(" ,\t") ); if ( token == NULL ) { @@ -1143,7 +1143,7 @@ void event_music_parse_musictbl() // convert from samples per measure to bytes per measure Pattern_bytes_per_measure[Num_soundtracks][num_patterns] *= 2; - strcpy(Soundtracks[Num_soundtracks].pattern_fnames[num_patterns], fname); + SDL_strlcpy(Soundtracks[Num_soundtracks].pattern_fnames[num_patterns], fname, MAX_FILENAME_LEN); num_patterns++; } @@ -1161,13 +1161,13 @@ void event_music_parse_musictbl() required_string("$Name:"); stuff_string(fname, F_PATHNAME, NULL); SDL_assert( strlen(fname) < (NAME_LENGTH-1) ); - strcpy( Spooled_music[Num_music_files].name, fname ); + SDL_strlcpy( Spooled_music[Num_music_files].name, fname, sizeof(Spooled_music[0].name) ); required_string("$Filename:"); stuff_string(fname, F_PATHNAME, NULL); if ( SDL_strcasecmp(fname, NOX("none.wav")) ) { SDL_assert( strlen(fname) < (MAX_FILENAME_LEN-1) ); - strcpy( Spooled_music[Num_music_files].filename, fname ); + SDL_strlcpy( Spooled_music[Num_music_files].filename, fname, sizeof(Spooled_music[0].filename) ); } Num_music_files++; @@ -1435,13 +1435,13 @@ int hostile_ships_to_arrive() // // Return information about the event music in the buffer outbuf // NOTE: callers to this function are advised to allocate a 256 byte buffer -void event_music_get_info(char *outbuf) +void event_music_get_info(char *outbuf, const int outbuf_size) { if ( Event_music_enabled == FALSE || Event_music_level_inited == FALSE || Current_pattern == -1 ) { - strcpy(outbuf,XSTR( "Event music is not playing", 213)); + SDL_strlcpy(outbuf, XSTR( "Event music is not playing", 213), outbuf_size); } else { - sprintf(outbuf,XSTR( "soundtrack: %s [%s]", 214), Soundtracks[Current_soundtrack_num].name, Pattern_description[Current_pattern]); + SDL_snprintf(outbuf, outbuf_size, XSTR( "soundtrack: %s [%s]", 214), Soundtracks[Current_soundtrack_num].name, Pattern_description[Current_pattern]); } } @@ -1475,13 +1475,13 @@ int event_music_next_soundtrack(int delta) // // Return information about the event music in the buffer outbuf // NOTE: callers to this function are advised to allocate a NAME_LENGTH buffer -void event_music_get_soundtrack_name(char *outbuf) +void event_music_get_soundtrack_name(char *outbuf, const int outbuf_size) { if ( Event_music_enabled == FALSE || Event_music_level_inited == FALSE ) { - strcpy(outbuf, XSTR( "Event music is not playing", 213)); + SDL_strlcpy(outbuf, XSTR( "Event music is not playing", 213), outbuf_size); } else { - strcpy(outbuf, Soundtracks[Current_soundtrack_num].name); + SDL_strlcpy(outbuf, Soundtracks[Current_soundtrack_num].name, outbuf_size); } } diff --git a/src/globalincs/systemvars.cpp b/src/globalincs/systemvars.cpp index 7e96d3c..0e29fa5 100644 --- a/src/globalincs/systemvars.cpp +++ b/src/globalincs/systemvars.cpp @@ -428,7 +428,7 @@ DCF(monitor,"Monitors game performace") } else { Monitor_inited = 1; - strcpy( Monitor_filename, Dc_arg ); + SDL_strlcpy( Monitor_filename, Dc_arg, sizeof(Monitor_filename) ); // Reset them all int i; diff --git a/src/globalincs/version.cpp b/src/globalincs/version.cpp index b68499d..0c58ae9 100644 --- a/src/globalincs/version.cpp +++ b/src/globalincs/version.cpp @@ -43,6 +43,7 @@ #include #include "version.h" #include "osregistry.h" +#include "pstypes.h" // ---------------------------------------------------------------------------------------------------------------- // VERSION DEFINES/VARS @@ -77,8 +78,8 @@ int version_compare(const char *filename, int *u_major, int *u_minor, int *u_bui // grab the last line in file which isn't empty and isn't a comment char buffer[MAX_LINE_LENGTH+1], verbuffer[MAX_LINE_LENGTH+1]; - strcpy(verbuffer,""); - strcpy(buffer,""); + SDL_strlcpy(verbuffer, "", sizeof(verbuffer)); + SDL_strlcpy(buffer, "", sizeof(buffer)); while ( !feof(f) ) { // Read the line into a temporary buffer fgets(buffer, MAX_LINE_LENGTH, f); @@ -94,7 +95,7 @@ int version_compare(const char *filename, int *u_major, int *u_minor, int *u_bui if (buffer[0] == VERSION_FILE_COMMENT_CHAR) continue; // Line is a good one, so save it... - strcpy(verbuffer, buffer); + SDL_strlcpy(verbuffer, buffer, sizeof(verbuffer)); } fclose(f); diff --git a/src/graphics/2d.cpp b/src/graphics/2d.cpp index 75f8545..6829b1e 100644 --- a/src/graphics/2d.cpp +++ b/src/graphics/2d.cpp @@ -602,8 +602,8 @@ void gr_set_palette( const char *name, ubyte * palette, int restrict_font_to_128 { char *p; palette_flush(); - strcpy( Gr_current_palette_name, name ); - p = strchr( Gr_current_palette_name, '.' ); + SDL_strlcpy( Gr_current_palette_name, name, sizeof(Gr_current_palette_name) ); + p = SDL_strchr( Gr_current_palette_name, '.' ); if ( p ) *p = 0; gr_screen.signature = Gr_signature++; gr_set_palette_internal( name, palette, restrict_font_to_128 ); diff --git a/src/graphics/font.cpp b/src/graphics/font.cpp index 04469c2..8c17987 100644 --- a/src/graphics/font.cpp +++ b/src/graphics/font.cpp @@ -282,11 +282,11 @@ char *gr_force_fit_string(char *str, int max_str, int max_width) str[max_str - 3] = 0; } - strcpy(str + strlen(str) - 1, "..."); + SDL_strlcpy(str + strlen(str) - 1, "...", max_str); gr_get_string_size(&w, NULL, str); while (w > max_width) { SDL_assert(strlen(str) >= 4); // if this is hit, a bad max_width was passed in and the calling function needs fixing. - strcpy(str + strlen(str) - 4, "..."); + SDL_strlcpy(str + strlen(str) - 4, "...", max_str); gr_get_string_size(&w, NULL, str); } } @@ -373,9 +373,9 @@ void gr_print_timestamp(int x, int y, int timestamp) int w, c; // format the time information into strings - sprintf(h, "%.1d", (timestamp / 3600000) % 10); - sprintf(m, "%.2d", (timestamp / 60000) % 60); - sprintf(s, "%.2d", (timestamp / 1000) % 60); + SDL_snprintf(h, sizeof(h), "%.1d", (timestamp / 3600000) % 10); + SDL_snprintf(m, sizeof(m), "%.2d", (timestamp / 60000) % 60); + SDL_snprintf(s, sizeof(s), "%.2d", (timestamp / 1000) % 60); gr_get_string_size(&w, NULL, "0"); gr_get_string_size(&c, NULL, ":"); @@ -482,7 +482,7 @@ void __cdecl gr_printf( int x, int y, const char * format, ... ) if ( !Current_font ) return; va_start(args, format); - vsprintf(grx_printf_text,format,args); + SDL_vsnprintf(grx_printf_text, sizeof(grx_printf_text), format, args); va_end(args); gr_string(x,y,grx_printf_text); @@ -567,7 +567,7 @@ int gr_create_font(const char * typeface) fp = cfopen( typeface, "rb", CFILE_NORMAL, CF_TYPE_ANY, localize ); if ( fp == NULL ) return -1; - strncpy( fnt->filename, typeface, MAX_FILENAME_LEN ); + SDL_strlcpy( fnt->filename, typeface, MAX_FILENAME_LEN ); cfread( &fnt->id, 4, 1, fp ); cfread( &fnt->version, sizeof(int), 1, fp ); cfread( &fnt->num_chars, sizeof(int), 1, fp ); diff --git a/src/graphics/grgl1.cpp b/src/graphics/grgl1.cpp index 6276a1a..ad03838 100644 --- a/src/graphics/grgl1.cpp +++ b/src/graphics/grgl1.cpp @@ -372,8 +372,8 @@ void gr_opengl1_print_screen(const char *filename) char tmp[MAX_FILENAME_LEN]; ubyte *buf = NULL; - strcpy( tmp, filename ); - strcat( tmp, NOX(".tga")); + SDL_strlcpy( tmp, filename, sizeof(tmp) ); + SDL_strlcat( tmp, NOX(".tga"), sizeof(tmp) ); buf = (ubyte*)malloc(GL_viewport_w * GL_viewport_h * 3); diff --git a/src/hud/hud.cpp b/src/hud/hud.cpp index 12287f6..39a6059 100644 --- a/src/hud/hud.cpp +++ b/src/hud/hud.cpp @@ -1452,9 +1452,9 @@ void hud_render_multi_ping() if((Netgame.server != NULL) && (Netgame.server->s_info.ping.ping_avg > 0)){ // get the string if(Netgame.server->s_info.ping.ping_avg >= 1000){ - strcpy(ping_str,XSTR("> 1 sec",628)); + SDL_strlcpy(ping_str, XSTR("> 1 sec",628), sizeof(ping_str)); } else { - sprintf(ping_str,XSTR("%d ms",629),Netgame.server->s_info.ping.ping_avg); + SDL_snprintf(ping_str, sizeof(ping_str), XSTR("%d ms", 629), Netgame.server->s_info.ping.ping_avg); } // blit the string out @@ -1826,7 +1826,7 @@ void hud_show_damage_popup() if ( screen_integrity == 0 ) { screen_integrity = 1; } - sprintf(buf, XSTR( "%d%%", 219), screen_integrity); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d%%", 219), screen_integrity); hud_num_make_mono(buf); gr_get_string_size(&w, &h, buf); if ( screen_integrity < 30 ) { @@ -1921,8 +1921,8 @@ void hud_show_damage_popup() hud_set_gauge_color(HUD_DAMAGE_GAUGE); } - gr_string(sx, sy, hud_targetbox_truncate_subsys_name(hud_subsys_list[best_index].name)); - sprintf(buf, XSTR( "%d%%", 219), best_str); + gr_string(sx, sy, hud_targetbox_truncate_subsys_name(hud_subsys_list[best_index].name, MAX_NAME_LEN)); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d%%", 219), best_str); hud_num_make_mono(buf); gr_get_string_size(&w, &h, buf); gr_string(Hull_integ_val_coords[gr_screen.res][0] - w, sy, buf); @@ -1950,7 +1950,7 @@ void hud_anim_init(hud_anim *ha, int sx, int sy, const char *filename) ha->time_elapsed = 0.0f; ha->sx = sx; ha->sy = sy; - strcpy(ha->name, filename); + SDL_strlcpy(ha->name, filename, sizeof(ha->name)); } // call to unload the targetbox static animation @@ -2057,7 +2057,7 @@ void hud_start_text_flash(const char *txt, int t) { // bogus if(txt == NULL){ - strcpy(Hud_text_flash, ""); + SDL_strlcpy(Hud_text_flash, "", sizeof(Hud_text_flash)); return; } @@ -2066,7 +2066,7 @@ void hud_start_text_flash(const char *txt, int t) return; } - strncpy(Hud_text_flash, txt, 500); + SDL_strlcpy(Hud_text_flash, txt, sizeof(Hud_text_flash)); hud_targetbox_start_flash(TBOX_FLASH_CMEASURE, t); } @@ -2143,7 +2143,7 @@ void hud_show_kills_gauge() return; } - sprintf(num_kills_string, "%d", Player->stats.m_kill_count_ok); + SDL_snprintf(num_kills_string, sizeof(num_kills_string), "%d", Player->stats.m_kill_count_ok); gr_get_string_size(&w, &h, num_kills_string); if (Lcl_gr) { @@ -2448,17 +2448,17 @@ void hud_support_view_blit() (ship_get_subsystem_strength(Player_ship, SUBSYSTEM_SENSORS) < 1.0 ) || (ship_get_subsystem_strength(Player_ship, SUBSYSTEM_WEAPONS) < 1.0 ) || (ship_get_subsystem_strength(Player_ship, SUBSYSTEM_COMMUNICATION) < 1.0 ) ) { - strcpy(outstr, XSTR( "repairing", 227)); + SDL_strlcpy(outstr, XSTR( "repairing", 227), sizeof(outstr)); } else { - strcpy(outstr, XSTR( "rearming", 228)); + SDL_strlcpy(outstr, XSTR( "rearming", 228), sizeof(outstr)); } gr_string(0x8000, Support_text_val_coords[gr_screen.res][1], outstr); } else if (Player_ai->ai_flags & AIF_REPAIR_OBSTRUCTED) { - strcpy(outstr, XSTR( "obstructed", 229)); + SDL_strlcpy(outstr, XSTR( "obstructed", 229), sizeof(outstr)); gr_string(0x8000, Support_text_val_coords[gr_screen.res][1], outstr); } else { if ( Hud_support_objnum == -1 ) { - strcpy(outstr, XSTR( "warping in", 230)); + SDL_strlcpy(outstr, XSTR( "warping in", 230), sizeof(outstr)); gr_string(0x8000, Support_text_val_coords[gr_screen.res][1], outstr); } else { ai_info *aip; @@ -2466,11 +2466,11 @@ void hud_support_view_blit() // display "busy" when support ship isn't actually enroute to me aip = &Ai_info[Ships[Objects[Hud_support_objnum].instance].ai_index]; if ( aip->goal_objnum != OBJ_INDEX(Player_obj) ) { - strcpy(outstr, XSTR( "busy", 231)); + SDL_strlcpy(outstr, XSTR( "busy", 231), sizeof(outstr)); show_time = 0; } else { - strcpy(outstr, XSTR( "dock in:", 232)); + SDL_strlcpy(outstr, XSTR( "dock in:", 232), sizeof(outstr)); show_time = 1; } @@ -2931,11 +2931,11 @@ void hud_maybe_display_objective_message() case SECONDARY_GOAL: switch(Objective_display.goal_status) { case GOAL_FAILED: - sprintf(buf, XSTR( "failed (%d/%d)", 240), Objective_display.goal_nresolved, Objective_display.goal_ntotal); + SDL_snprintf(buf, sizeof(buf), XSTR( "failed (%d/%d)", 240), Objective_display.goal_nresolved, Objective_display.goal_ntotal); gr_string(0x8000, Objective_text_val_coords[gr_screen.res][1], buf); break; default: - sprintf(buf, XSTR( "complete (%d/%d)", 241), Objective_display.goal_nresolved, Objective_display.goal_ntotal); + SDL_snprintf(buf, sizeof(buf), XSTR( "complete (%d/%d)", 241), Objective_display.goal_nresolved, Objective_display.goal_ntotal); gr_string(0x8000, Objective_text_val_coords[gr_screen.res][1], buf); break; } @@ -3072,7 +3072,7 @@ void hud_maybe_render_multi_text() memset(txt,0,MULTI_MSG_MAX_TEXT_LEN+1); // if there is valid multiplayer message text to be displayed - if(multi_msg_message_text(txt)){ + if(multi_msg_message_text(txt, sizeof(txt))){ gr_set_color_fast(&Color_normal); gr_string(Multi_msg_coords[gr_screen.res][0], Multi_msg_coords[gr_screen.res][1], txt); } diff --git a/src/hud/hudbrackets.cpp b/src/hud/hudbrackets.cpp index 7b161b0..e778577 100644 --- a/src/hud/hudbrackets.cpp +++ b/src/hud/hudbrackets.cpp @@ -642,7 +642,7 @@ void hud_target_show_dist_on_bracket(int x, int y, float distance) return; } - sprintf(text_dist, "%d", fl2i(distance+0.5f)); + SDL_snprintf(text_dist, sizeof(text_dist), "%d", fl2i(distance+0.5f)); hud_num_make_mono(text_dist); gr_get_string_size(&w,&h,text_dist); diff --git a/src/hud/hudconfig.cpp b/src/hud/hudconfig.cpp index 5c19886..f7031a4 100644 --- a/src/hud/hudconfig.cpp +++ b/src/hud/hudconfig.cpp @@ -1105,7 +1105,7 @@ void hud_config_init_ui() HC_select_all = 0; - strcpy(HC_fname, ""); + SDL_strlcpy(HC_fname, "", sizeof(HC_fname)); } int hud_config_show_flag_is_set(int i) @@ -1608,7 +1608,7 @@ void hud_config_button_do(int n) // save the file, maybe generating a new filename if(strlen(name) <= 0){ - sprintf(name, "hud_%d.hcf", HC_num_files + 1); + SDL_snprintf(name, sizeof(name), "hud_%d.hcf", HC_num_files + 1); out = name; } else { out = cf_add_ext(name, ".hcf"); @@ -1993,7 +1993,7 @@ void hud_config_color_save(const char *name) cfputs(HC_gauge_descriptions(idx), out); cfputs("\n", out); cfputs("+RGBA: ", out); - sprintf(vals, "%d %d %d %d\n\n", HUD_config.clr[idx].red, HUD_config.clr[idx].green, HUD_config.clr[idx].blue, HUD_config.clr[idx].alpha); + SDL_snprintf(vals, sizeof(vals), "%d %d %d %d\n\n", HUD_config.clr[idx].red, HUD_config.clr[idx].green, HUD_config.clr[idx].blue, HUD_config.clr[idx].alpha); cfputs(vals, out); } diff --git a/src/hud/hudescort.cpp b/src/hud/hudescort.cpp index c145fc4..e8511c1 100644 --- a/src/hud/hudescort.cpp +++ b/src/hud/hudescort.cpp @@ -628,7 +628,7 @@ void hud_escort_show_icon(int index, object *objp) } // print out ship name - strcpy(buf, sp->ship_name); + SDL_strlcpy(buf, sp->ship_name, sizeof(buf)); gr_force_fit_string(buf, 255, 100); emp_hud_string( Escort_gauge_text_coords[gr_screen.res][index][0][0], Escort_gauge_text_coords[gr_screen.res][index][0][1], EG_ESCORT1 + index, buf); @@ -669,7 +669,7 @@ void hud_escort_show_icon_dogfight(int index) } // print out player name - strcpy(buf, Net_players[np_index].player->callsign); + SDL_strlcpy(buf, Net_players[np_index].player->callsign, sizeof(buf)); gr_force_fit_string(buf, 255, 100 - stat_shift); emp_hud_string( Escort_gauge_text_coords[gr_screen.res][index][0][0], Escort_gauge_text_coords[gr_screen.res][index][0][1], EG_ESCORT1 + index, buf); diff --git a/src/hud/hudmessage.cpp b/src/hud/hudmessage.cpp index e3f5940..c1cd8b7 100644 --- a/src/hud/hudmessage.cpp +++ b/src/hud/hudmessage.cpp @@ -848,18 +848,17 @@ void HUD_fixed_printf(float duration, const char * format, ...) } va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); msg_length = strlen(tmp); - SDL_assert(msg_length < HUD_MSG_LENGTH_MAX); // If greater than this, probably crashed anyway. if ( !msg_length ) { nprintf(("Warning", "HUD_fixed_printf ==> attempt to print a 0 length string in msg window\n")); return; - } else if (msg_length > MAX_HUD_LINE_LEN - 1){ - nprintf(("Warning", "HUD_fixed_printf ==> Following string truncated to %d chars: %s\n",MAX_HUD_LINE_LEN,tmp)); +// } else if (msg_length > MAX_HUD_LINE_LEN - 1){ +// nprintf(("Warning", "HUD_fixed_printf ==> Following string truncated to %d chars: %s\n",MAX_HUD_LINE_LEN,tmp)); } if (duration == 0.0f){ @@ -868,7 +867,7 @@ void HUD_fixed_printf(float duration, const char * format, ...) HUD_fixed_text[0].end_time = timestamp((int) (1000.0f * duration)); } - strncpy(HUD_fixed_text[0].text, tmp, MAX_HUD_LINE_LEN - 1); + SDL_strlcpy(HUD_fixed_text[0].text, tmp, MAX_HUD_LINE_LEN); HUD_fixed_text[0].color = 0xff0000; } @@ -906,8 +905,7 @@ void HUD_printf_line(const char *text, int source, int time = 0, int x = 0) nprintf(("Warning", "HUD_printf_line() ==> Following string truncated to %d chars: %s\n", MAX_HUD_LINE_LEN, text)); } - strncpy(HUD_pending[Hud_list_end].text, text, MAX_HUD_LINE_LEN - 1); - HUD_pending[Hud_list_end].text[MAX_HUD_LINE_LEN - 1] = 0; + SDL_strlcpy(HUD_pending[Hud_list_end].text, text, MAX_HUD_LINE_LEN); HUD_pending[Hud_list_end].source = source; HUD_pending[Hud_list_end].time = time; HUD_pending[Hud_list_end].x = x; @@ -941,7 +939,6 @@ void HUD_printf(const char *format, ...) { va_list args; char tmp[HUD_MSG_LENGTH_MAX]; - int len; // make sure we only print these messages if we're in the correct state if((Game_mode & GM_MULTIPLAYER) && (Net_player->state != NETPLAYER_STATE_IN_MISSION)){ @@ -950,11 +947,9 @@ void HUD_printf(const char *format, ...) } va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); - len = strlen(tmp); - SDL_assert(len < HUD_MSG_LENGTH_MAX); // If greater than this, probably crashed anyway. hud_sourced_print(HUD_SOURCE_COMPUTER, tmp); } @@ -964,16 +959,15 @@ void HUD_ship_sent_printf(int sh, const char *format, ...) char tmp[HUD_MSG_LENGTH_MAX]; int len; - sprintf(tmp, NOX("%s: "), Ships[sh].ship_name); + SDL_assert(HUD_MSG_LENGTH_MAX > NAME_LENGTH+2); + + SDL_snprintf(tmp, NAME_LENGTH + 2, NOX("%s: "), Ships[sh].ship_name); len = strlen(tmp); - SDL_assert(len < HUD_MSG_LENGTH_MAX); va_start(args, format); - vsprintf(tmp + len, format, args); + SDL_vsnprintf(tmp + len, HUD_MSG_LENGTH_MAX - len, format, args); va_end(args); - len = strlen(tmp); - SDL_assert(len < HUD_MSG_LENGTH_MAX); // If greater than this, probably crashed anyway. hud_sourced_print(HUD_get_team_source(Ships[sh].team), tmp); } @@ -996,9 +990,9 @@ void HUD_sourced_printf(int source, const char *format, ...) } va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); - SDL_assert(strlen(tmp) < HUD_MSG_LENGTH_MAX); // If greater than this, probably crashed anyway. + hud_sourced_print(source, tmp); } @@ -1098,7 +1092,7 @@ void hud_add_line_to_scrollback(const char *text, int source, int t, int x, int new_line->time = t; new_line->source = source; new_line->text = (char *) malloc( strlen(text) + 1 ); - strcpy(new_line->text, text); + SDL_strlcpy(new_line->text, text, strlen(text) + 1); list_append(&Msg_scrollback_used_list, new_line); } @@ -1114,7 +1108,7 @@ void hud_add_msg_to_scrollback(const char *text, int source, int t) w = 0; SDL_assert(msg_len < HUD_MSG_LENGTH_MAX); - strcpy(buf, text); + SDL_strlcpy(buf, text, sizeof(buf)); ptr = strstr(buf, NOX(": ")); if (ptr) { gr_get_string_size(&w, NULL, buf, ptr - buf); diff --git a/src/hud/hudreticle.cpp b/src/hud/hudreticle.cpp index e8c7d70..2d62752 100644 --- a/src/hud/hudreticle.cpp +++ b/src/hud/hudreticle.cpp @@ -538,7 +538,7 @@ void hud_render_throttle_speed(float current_speed, int y_end) x_pos = Hud_reticle_center[gr_screen.res][0] - x_pos; // draw current speed at (x_pos, y_end); - sprintf(buf, "%d", fl2i(current_speed+0.5f)); + SDL_snprintf(buf, sizeof(buf), "%d", fl2i(current_speed+0.5f)); hud_num_make_mono(buf); gr_get_string_size(&w, &h, buf); sx = x_pos - w - 2; diff --git a/src/hud/hudshield.cpp b/src/hud/hudshield.cpp index e7fbcb5..864db39 100644 --- a/src/hud/hudshield.cpp +++ b/src/hud/hudshield.cpp @@ -313,7 +313,7 @@ void hud_shield_game_init() // maybe store SDL_assert(Hud_shield_filename_count < MAX_SHIELD_ICONS); if(Hud_shield_filename_count < MAX_SHIELD_ICONS){ - strcpy(Hud_shield_filenames[Hud_shield_filename_count++], name); + SDL_strlcpy(Hud_shield_filenames[Hud_shield_filename_count++], name, MAX_FILENAME_LEN); } } #else @@ -324,13 +324,13 @@ void hud_shield_game_init() // for fighters for (i = 1; i < 14; i++) { - snprintf(Hud_shield_filenames[Hud_shield_filename_count++], MAX_FILENAME_LEN, "shield-f%02d", i); + SDL_snprintf(Hud_shield_filenames[Hud_shield_filename_count++], MAX_FILENAME_LEN, "shield-f%02d", i); SDL_assert(Hud_shield_filename_count < MAX_SHIELD_ICONS); } // for bombers for (i = 1; i < 11; i++) { - snprintf(Hud_shield_filenames[Hud_shield_filename_count++], MAX_FILENAME_LEN, "shield-b%02d", i); + SDL_snprintf(Hud_shield_filenames[Hud_shield_filename_count++], MAX_FILENAME_LEN, "shield-b%02d", i); SDL_assert(Hud_shield_filename_count < MAX_SHIELD_ICONS); } #endif @@ -715,7 +715,7 @@ void hud_show_mini_ship_integrity(object *objp, int x_force, int y_force) nx += fl2i( HUD_offset_x ); ny += fl2i( HUD_offset_y ); - sprintf(text_integrity, "%d", numeric_integrity); + SDL_snprintf(text_integrity, sizeof(text_integrity), "%d", numeric_integrity); if ( numeric_integrity < 100 ) { hud_num_make_mono(text_integrity); } diff --git a/src/hud/hudsquadmsg.cpp b/src/hud/hudsquadmsg.cpp index df38a8f..2175968 100644 --- a/src/hud/hudsquadmsg.cpp +++ b/src/hud/hudsquadmsg.cpp @@ -677,7 +677,7 @@ int hud_squadmsg_count_ships( int add_to_menu ) count++; if ( add_to_menu ) { SDL_assert ( Num_menu_items < MAX_MENU_ITEMS ); - strcpy( MsgItems[Num_menu_items].text, shipp->ship_name ); + SDL_strlcpy( MsgItems[Num_menu_items].text, shipp->ship_name, sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = SHIP_INDEX(shipp); MsgItems[Num_menu_items].active = 1; Num_menu_items++; @@ -767,7 +767,7 @@ int hud_squadmsg_count_wings( int add_to_menu ) count++; if ( add_to_menu ) { SDL_assert ( Num_menu_items < MAX_MENU_ITEMS ); - strcpy( MsgItems[Num_menu_items].text, Wings[wingnum].name ); + SDL_strlcpy( MsgItems[Num_menu_items].text, Wings[wingnum].name, sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = wingnum; MsgItems[Num_menu_items].active = 1; Num_menu_items++; @@ -788,7 +788,7 @@ int hud_squadmsg_count_wings( int add_to_menu ) count++; if ( add_to_menu ) { SDL_assert ( Num_menu_items < MAX_MENU_ITEMS ); - strcpy( MsgItems[Num_menu_items].text, Wings[i].name ); + SDL_strlcpy( MsgItems[Num_menu_items].text, Wings[i].name, sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = i; MsgItems[Num_menu_items].active = 1; Num_menu_items++; @@ -1936,7 +1936,7 @@ void hud_squadmsg_type_select( ) // Add the items for (i=0; iname ); + SDL_strlcpy( MsgItems[Num_menu_items].text, rp->name, sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = i; MsgItems[Num_menu_items].active = 0; @@ -2268,7 +2268,7 @@ void hud_squadmsg_ship_command() // the order will be activated if the bit is set for the ship. if ( default_orders & Comm_orders[i].value ) { SDL_assert ( Num_menu_items < MAX_MENU_ITEMS ); - strcpy( MsgItems[Num_menu_items].text, comm_order_menu_text(i) ); + SDL_strlcpy( MsgItems[Num_menu_items].text, comm_order_menu_text(i), sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = Comm_orders[i].value; MsgItems[Num_menu_items].active = 0; // check the bit to see if the command is active @@ -2311,7 +2311,7 @@ void hud_squadmsg_ship_command() if ( !all_accept ) { // either modify the text if a partial accept, or grey it out if no one accepts if ( partial_accept ) { - strcat( MsgItems[Num_menu_items].text, XSTR( "(*)", 320) ); + SDL_strlcat( MsgItems[Num_menu_items].text, XSTR( "(*)", 320), sizeof(MsgItems[0].text) ); } else { MsgItems[Num_menu_items].active = 0; } @@ -2365,7 +2365,7 @@ void hud_squadmsg_wing_command() // to be available in the wing. if ( default_orders & Comm_orders[i].value ) { SDL_assert ( Num_menu_items < MAX_MENU_ITEMS ); - strcpy( MsgItems[Num_menu_items].text, comm_order_menu_text(i) ); + SDL_strlcpy( MsgItems[Num_menu_items].text, comm_order_menu_text(i), sizeof(MsgItems[0].text) ); MsgItems[Num_menu_items].instance = Comm_orders[i].value; MsgItems[Num_menu_items].active = 0; diff --git a/src/hud/hudtarget.cpp b/src/hud/hudtarget.cpp index 80ff35b..3edf3d1 100644 --- a/src/hud/hudtarget.cpp +++ b/src/hud/hudtarget.cpp @@ -4396,7 +4396,7 @@ void hud_draw_offscreen_indicator(vertex* target_point, vector *tpos, float dist ypos = (float)floor(ypos); if ( hud_gauge_active(HUD_OFFSCREEN_RANGE) && (distance > 0) ) { - sprintf(buf,"%d",fl2i(distance+0.5f)); + SDL_snprintf(buf, sizeof(buf), "%d", fl2i(distance+0.5f)); hud_num_make_mono(buf); gr_get_string_size(&w, &h, buf); } else { @@ -4530,7 +4530,7 @@ void hud_show_weapon_energy_gauge() if ( percent_left < 0.1 ) { gr_set_color_fast(&Color_bright_red); } - sprintf(buf,XSTR( "%d%%", 326), fl2i(percent_left*100+0.5f)); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d%%", 326), fl2i(percent_left*100+0.5f)); hud_num_make_mono(buf); gr_string(Weapon_energy_text_coords[gr_screen.res][0], Weapon_energy_text_coords[gr_screen.res][1], buf); } @@ -4622,9 +4622,9 @@ void hud_show_secondary_weapon(int count, ship_weapon *sw, int dual_fire) // HACK - make Cluster Bomb fit on the HUD. if(!SDL_strcasecmp(wip->name,"cluster bomb")){ - strcpy(weapon_name, NOX("Cluster")); + SDL_strlcpy(weapon_name, NOX("Cluster"), sizeof(weapon_name)); } else { - strcpy(weapon_name, wip->name); + SDL_strlcpy(weapon_name, wip->name, sizeof(weapon_name)); } hud_end_string_at_first_hash_symbol(weapon_name); @@ -4649,7 +4649,7 @@ void hud_show_secondary_weapon(int count, ship_weapon *sw, int dual_fire) } // print out the ammo right justified - sprintf(ammo_str, "%d", sw->secondary_bank_ammo[i]); + SDL_snprintf(ammo_str, sizeof(ammo_str), "%d", sw->secondary_bank_ammo[i]); hud_num_make_mono(ammo_str); gr_get_string_size(&w, &h, ammo_str); @@ -4773,9 +4773,9 @@ void hud_show_weapons() // draw bottom of border GR_AABITMAP(Weapon_gauges[2].first_frame, Weapon_gauge_primary_coords[gr_screen.res][1][0], Weapon_gauge_primary_coords[gr_screen.res][1][1]); - strcpy(name, Weapon_info[sw->primary_bank_weapons[0]].name); + SDL_strlcpy(name, Weapon_info[sw->primary_bank_weapons[0]].name, sizeof(name)); if (Lcl_gr) { - lcl_translate_wep_name(name); + lcl_translate_wep_name(name, sizeof(name)); } // maybe modify name here to fit @@ -4797,9 +4797,9 @@ void hud_show_weapons() // draw bottom of border GR_AABITMAP(Weapon_gauges[2].first_frame, Weapon_gauge_primary_coords[gr_screen.res][2][0], Weapon_gauge_primary_coords[gr_screen.res][2][1]); - strcpy(name, Weapon_info[sw->primary_bank_weapons[0]].name); + SDL_strlcpy(name, Weapon_info[sw->primary_bank_weapons[0]].name, sizeof(name)); if (Lcl_gr) { - lcl_translate_wep_name(name); + lcl_translate_wep_name(name, sizeof(name)); } // maybe modify name here to fit @@ -4814,9 +4814,9 @@ void hud_show_weapons() } emp_hud_printf(Weapon_pname_coords[gr_screen.res][0][0], Weapon_pname_coords[gr_screen.res][0][1], EG_WEAPON_P1, "%s", name); - strcpy(name, Weapon_info[sw->primary_bank_weapons[1]].name); + SDL_strlcpy(name, Weapon_info[sw->primary_bank_weapons[1]].name, sizeof(name)); if (Lcl_gr) { - lcl_translate_wep_name(name); + lcl_translate_wep_name(name, sizeof(name)); } // maybe modify name here to fit if ( hud_gauge_maybe_flash(HUD_WEAPONS_GAUGE) == 1 ) { diff --git a/src/hud/hudtargetbox.cpp b/src/hud/hudtargetbox.cpp index c277321..bb4eb55 100644 --- a/src/hud/hudtargetbox.cpp +++ b/src/hud/hudtargetbox.cpp @@ -387,89 +387,89 @@ static int Last_ts; // holds last target status. void hud_blit_target_integrity(int disabled,int force_obj_num = -1); // cut down long subsystem names to a more manageable length -char *hud_targetbox_truncate_subsys_name(char *outstr) +char *hud_targetbox_truncate_subsys_name(char *outstr, const int max_len) { if(Lcl_gr){ if ( strstr(outstr, "communication") ) { - strcpy(outstr, "Komm"); + SDL_strlcpy(outstr, "Komm", max_len); } else if ( !SDL_strcasecmp(outstr, "weapons") ) { - strcpy(outstr, "Waffen"); + SDL_strlcpy(outstr, "Waffen", max_len); } else if ( strstr(outstr, "engine") || strstr(outstr, "Engine")) { - strcpy(outstr, "Antrieb"); + SDL_strlcpy(outstr, "Antrieb", max_len); } else if ( !SDL_strcasecmp(outstr, "sensors") ) { - strcpy(outstr, "Sensoren"); + SDL_strlcpy(outstr, "Sensoren", max_len); } else if ( strstr(outstr, "navigat") ) { - strcpy(outstr, "Nav"); + SDL_strlcpy(outstr, "Nav", max_len); } else if ( strstr(outstr, "fighterbay") || strstr(outstr, "Fighterbay") ) { - strcpy(outstr, "J\x84gerhangar"); + SDL_strlcpy(outstr, "J\x84gerhangar", max_len); } else if ( strstr(outstr, "missile") ) { - strcpy(outstr, "Raketenwerfer"); + SDL_strlcpy(outstr, "Raketenwerfer", max_len); } else if ( strstr(outstr, "laser") || strstr(outstr, "turret") ) { - strcpy(outstr, "Gesch\x81tzturm"); + SDL_strlcpy(outstr, "Gesch\x81tzturm", max_len); } else if ( strstr(outstr, "Command Tower") || strstr(outstr, "Bridge") ) { - strcpy(outstr, "Br\x81""cke"); + SDL_strlcpy(outstr, "Br\x81""cke", max_len); } else if ( strstr(outstr, "Barracks") ) { - strcpy(outstr, "Quartiere"); + SDL_strlcpy(outstr, "Quartiere", max_len); } else if ( strstr(outstr, "Reactor") ) { - strcpy(outstr, "Reaktor"); + SDL_strlcpy(outstr, "Reaktor", max_len); } else if ( strstr(outstr, "RadarDish") ) { - strcpy(outstr, "Radarantenne"); + SDL_strlcpy(outstr, "Radarantenne", max_len); } else if (!SDL_strcasecmp(outstr, "Gas Collector")) { - strcpy(outstr, "Sammler"); + SDL_strlcpy(outstr, "Sammler", max_len); } } else if(Lcl_fr){ if ( strstr(outstr, "communication") ) { - strcpy(outstr, "comm"); + SDL_strlcpy(outstr, "comm", max_len); } else if ( !SDL_strcasecmp(outstr, "weapons") ) { - strcpy(outstr, "armes"); + SDL_strlcpy(outstr, "armes", max_len); } else if ( strstr(outstr, "engine") ) { - strcpy(outstr, "moteur"); + SDL_strlcpy(outstr, "moteur", max_len); } else if ( !SDL_strcasecmp(outstr, "sensors") ) { - strcpy(outstr, "detecteurs"); + SDL_strlcpy(outstr, "detecteurs", max_len); } else if ( strstr(outstr, "navi") ) { - strcpy(outstr, "nav"); + SDL_strlcpy(outstr, "nav", max_len); } else if ( strstr(outstr, "missile") ) { - strcpy(outstr, "lanceur de missiles"); + SDL_strlcpy(outstr, "lanceur de missiles", max_len); } else if ( strstr(outstr, "fighter") ) { - strcpy(outstr, "baie de chasse"); + SDL_strlcpy(outstr, "baie de chasse", max_len); } else if ( strstr(outstr, "laser") || strstr(outstr, "turret") || strstr(outstr, "missile") ) { - strcpy(outstr, "tourelle"); + SDL_strlcpy(outstr, "tourelle", max_len); } } else if(Lcl_pl){ if ( strstr(outstr, "communication") ) { - strcpy(outstr, "komunikacja"); + SDL_strlcpy(outstr, "komunikacja", max_len); } else if ( !SDL_strcasecmp(outstr, "weapons") ) { - strcpy(outstr, "uzbrojenie"); + SDL_strlcpy(outstr, "uzbrojenie", max_len); } else if ( strstr(outstr, "engine") || strstr(outstr, "Engine")) { - strcpy(outstr, "silnik"); + SDL_strlcpy(outstr, "silnik", max_len); } else if ( !SDL_strcasecmp(outstr, "sensors") ) { - strcpy(outstr, "sensory"); + SDL_strlcpy(outstr, "sensory", max_len); } else if ( strstr(outstr, "navigat") ) { - strcpy(outstr, "nawigacja"); + SDL_strlcpy(outstr, "nawigacja", max_len); } else if ( strstr(outstr, "fighterbay") || strstr(outstr, "Fighterbay") ) { - strcpy(outstr, "dok my\x9Cliw."); + SDL_strlcpy(outstr, "dok my\x9Cliw.", max_len); } else if ( strstr(outstr, "missile") ) { - strcpy(outstr, "wie\xBF. rakiet."); + SDL_strlcpy(outstr, "wie\xBF. rakiet.", max_len); } else if ( strstr(outstr, "laser") || strstr(outstr, "turret") ) { - strcpy(outstr, "wie\xBFyczka"); + SDL_strlcpy(outstr, "wie\xBFyczka", max_len); } else if ( strstr(outstr, "Command Tower") || strstr(outstr, "Bridge") ) { - strcpy(outstr, "mostek"); + SDL_strlcpy(outstr, "mostek", max_len); } else if ( strstr(outstr, "Barracks") ) { - strcpy(outstr, "koszary"); + SDL_strlcpy(outstr, "koszary", max_len); } else if ( strstr(outstr, "Reactor") ) { - strcpy(outstr, "reaktor"); + SDL_strlcpy(outstr, "reaktor", max_len); } else if ( strstr(outstr, "RadarDish") ) { - strcpy(outstr, "antena radaru"); + SDL_strlcpy(outstr, "antena radaru", max_len); } else if (!SDL_strcasecmp(outstr, "Gas Collector")) { - strcpy(outstr, "zbieracz gazu"); + SDL_strlcpy(outstr, "zbieracz gazu", max_len); } } else { if (!SDL_strncasecmp(outstr, XSTR( "communication", 333), 3)) { - strcpy( outstr, XSTR( "comm", 334) ); + SDL_strlcpy( outstr, XSTR( "comm", 334), max_len ); } else if (!SDL_strncasecmp(outstr, XSTR( "navigation", 335), 3)) { - strcpy( outstr, XSTR( "nav", 336) ); + SDL_strlcpy( outstr, XSTR( "nav", 336), max_len ); } else if (!SDL_strcasecmp(outstr, "Gas Collector")) { - strcpy(outstr, "Collector"); + SDL_strlcpy(outstr, "Collector", max_len); } } @@ -722,20 +722,20 @@ void hud_targetbox_show_extra_ship_info(ship *target_shipp, ai_info *target_aip) // AL 12-26-97: only show orders and time to target for friendly ships if ( (Player_ship->team == target_shipp->team) && !(ship_get_SIF(target_shipp) & SIF_NOT_FLYABLE) ) { extra_data_shown=1; - if ( ship_return_orders(outstr, target_shipp) ) { + if ( ship_return_orders(outstr, sizeof(outstr), target_shipp) ) { gr_force_fit_string(outstr, 255, 162); has_orders = 1; } else { - strcpy(outstr, XSTR( "no orders", 337)); + SDL_strlcpy(outstr, XSTR( "no orders", 337), sizeof(outstr)); } emp_hud_string(Targetbox_coords[gr_screen.res][TBOX_EXTRA_ORDERS][0], Targetbox_coords[gr_screen.res][TBOX_EXTRA_ORDERS][1], EG_TBOX_EXTRA1, outstr); } if ( has_orders ) { - strcpy(outstr, XSTR( "time to: ", 338)); - if ( ship_return_time_to_goal(tmpbuf, target_shipp) ) { - strcat(outstr, tmpbuf); + SDL_strlcpy(outstr, XSTR( "time to: ", 338), sizeof(outstr)); + if ( ship_return_time_to_goal(tmpbuf, sizeof(tmpbuf), target_shipp) ) { + SDL_strlcat(outstr, tmpbuf, sizeof(outstr)); emp_hud_string(Targetbox_coords[gr_screen.res][TBOX_EXTRA_TIME][0], Targetbox_coords[gr_screen.res][TBOX_EXTRA_TIME][1], EG_TBOX_EXTRA2, outstr); } @@ -745,7 +745,7 @@ void hud_targetbox_show_extra_ship_info(ship *target_shipp, ai_info *target_aip) // Print out dock status if ( target_aip->ai_flags & AIF_DOCKED ) { if ( target_aip->dock_objnum >= 0 ) { - sprintf(outstr, XSTR( "Docked: %s", 339), Ships[Objects[target_aip->dock_objnum].instance].ship_name); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "Docked: %s", 339), Ships[Objects[target_aip->dock_objnum].instance].ship_name); gr_force_fit_string(outstr, 255, 173); hud_targetbox_maybe_flash(TBOX_FLASH_DOCKED); @@ -806,7 +806,7 @@ void hud_render_target_jump_node(object *target_objp) hx = fl2i(HUD_offset_x); hy = fl2i(HUD_offset_y); - sprintf(outstr,XSTR( "d: %.0f", 340), dist); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "d: %.0f", 340), dist); hud_num_make_mono(outstr); gr_get_string_size(&w,&h,outstr); @@ -866,26 +866,26 @@ void hud_render_target_asteroid(object *target_objp) case ASTEROID_TYPE_SMALL: case ASTEROID_TYPE_MEDIUM: case ASTEROID_TYPE_BIG: - strcpy(hud_name, NOX("asteroid")); + SDL_strlcpy(hud_name, NOX("asteroid"), sizeof(hud_name)); break; #ifndef MAKE_FS1 case DEBRIS_TERRAN_SMALL: case DEBRIS_TERRAN_MEDIUM: case DEBRIS_TERRAN_LARGE: - strcpy(hud_name, NOX("terran debris")); + SDL_strlcpy(hud_name, NOX("terran debris"), sizeof(hud_name)); break; case DEBRIS_VASUDAN_SMALL: case DEBRIS_VASUDAN_MEDIUM: case DEBRIS_VASUDAN_LARGE: - strcpy(hud_name, NOX("vasudan debris")); + SDL_strlcpy(hud_name, NOX("vasudan debris"), sizeof(hud_name)); break; case DEBRIS_SHIVAN_SMALL: case DEBRIS_SHIVAN_MEDIUM: case DEBRIS_SHIVAN_LARGE: - strcpy(hud_name, NOX("shivan debris")); + SDL_strlcpy(hud_name, NOX("shivan debris"), sizeof(hud_name)); break; #endif @@ -902,31 +902,31 @@ void hud_render_target_asteroid(object *target_objp) #endif } -void get_turret_subsys_name(model_subsystem *system_info, char *outstr) +void get_turret_subsys_name(model_subsystem *system_info, char *outstr, const int max_outlen) { SDL_assert(system_info->type == SUBSYSTEM_TURRET); if (system_info->turret_weapon_type >= 0) { // check if beam or flak using weapon flags if (Weapon_info[system_info->turret_weapon_type].wi_flags & WIF_FLAK) { - sprintf(outstr, "%s", XSTR("Flak turret", 1566)); + SDL_snprintf(outstr, max_outlen, "%s", XSTR("Flak turret", 1566)); } else if (Weapon_info[system_info->turret_weapon_type].wi_flags & WIF_BEAM) { - sprintf(outstr, "%s", XSTR("Beam turret", 1567)); + SDL_snprintf(outstr, max_outlen, "%s", XSTR("Beam turret", 1567)); } else { if (Weapon_info[system_info->turret_weapon_type].subtype == WP_LASER) { - sprintf(outstr, "%s", XSTR("Laser turret", 1568)); + SDL_snprintf(outstr, max_outlen, "%s", XSTR("Laser turret", 1568)); } else if (Weapon_info[system_info->turret_weapon_type].subtype == WP_MISSILE) { - sprintf(outstr, "%s", XSTR("Missile lnchr", 1569)); + SDL_snprintf(outstr, max_outlen, "%s", XSTR("Missile lnchr", 1569)); } else { // Illegal subtype Int3(); - sprintf(outstr, "%s", NOX("Turret")); + SDL_snprintf(outstr, max_outlen, "%s", NOX("Turret")); } } } else { // This should not happen - sprintf(outstr, "%s", NOX("Unused")); + SDL_snprintf(outstr, max_outlen, "%s", NOX("Unused")); } } @@ -949,7 +949,7 @@ void hud_render_target_ship_info(object *target_objp) target_sip = &Ship_info[target_shipp->ship_info_index]; target_aip = &Ai_info[target_shipp->ai_index]; - strcpy( outstr, target_shipp->ship_name ); + SDL_strlcpy( outstr, target_shipp->ship_name, sizeof(outstr) ); if ( hud_gauge_maybe_flash(HUD_TARGET_MONITOR) == 1 ) { hud_set_iff_color(target_objp, 1); @@ -969,10 +969,10 @@ void hud_render_target_ship_info(object *target_objp) // maybe do some translation if (Lcl_gr) { - lcl_translate_targetbox_name(outstr); + lcl_translate_targetbox_name(outstr, sizeof(outstr)); } else if(Lcl_pl) { - lcl_translate_targetbox_name_pl(outstr); + lcl_translate_targetbox_name_pl(outstr, sizeof(outstr)); } emp_hud_string(Targetbox_coords[gr_screen.res][TBOX_NAME][0], Targetbox_coords[gr_screen.res][TBOX_NAME][1], EG_TBOX_NAME, outstr); @@ -981,20 +981,19 @@ void hud_render_target_ship_info(object *target_objp) // if this ship has an alternate type name if(target_shipp->alt_type_index >= 0){ - mission_parse_lookup_alt_index(target_shipp->alt_type_index, temp_name); + mission_parse_lookup_alt_index(target_shipp->alt_type_index, temp_name, sizeof(temp_name)); } else { - strcpy(temp_name, Ship_info[base_index].name); + SDL_strlcpy(temp_name, Ship_info[base_index].name, sizeof(temp_name)); if ( strstr(Ship_info[base_index].name, NOX("#")) ) { - strcpy(temp_name, Ship_info[base_index].name); hud_end_string_at_first_hash_symbol(temp_name); } } if (Lcl_gr) { - lcl_translate_targetbox_name(temp_name); + lcl_translate_targetbox_name(temp_name, sizeof(temp_name)); } else if(Lcl_pl) { - lcl_translate_targetbox_name_pl(temp_name); + lcl_translate_targetbox_name_pl(temp_name, sizeof(temp_name)); } emp_hud_printf(Targetbox_coords[gr_screen.res][TBOX_CLASS][0], Targetbox_coords[gr_screen.res][TBOX_CLASS][1], EG_TBOX_CLASS, temp_name); @@ -1013,7 +1012,7 @@ void hud_render_target_ship_info(object *target_objp) } } // Print out right-justified integrity - sprintf(outstr,XSTR( "%d%%", 341), screen_integrity); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "%d%%", 341), screen_integrity); gr_get_string_size(&w,&h,outstr); if ( hud_gauge_maybe_flash(HUD_TARGET_MONITOR) == 1 ) { @@ -1050,17 +1049,17 @@ void hud_render_target_ship_info(object *target_objp) // hud_set_default_color(); // get turret subsys name if (Player_ai->targeted_subsys->system_info->type == SUBSYSTEM_TURRET) { - get_turret_subsys_name(Player_ai->targeted_subsys->system_info, outstr); + get_turret_subsys_name(Player_ai->targeted_subsys->system_info, outstr, sizeof(outstr)); } else { - sprintf(outstr, "%s", Player_ai->targeted_subsys->system_info->name); + SDL_snprintf(outstr, sizeof(outstr), "%s", Player_ai->targeted_subsys->system_info->name); } - hud_targetbox_truncate_subsys_name(outstr); + hud_targetbox_truncate_subsys_name(outstr, sizeof(outstr)); gr_printf(Target_window_coords[gr_screen.res][0]+2, Target_window_coords[gr_screen.res][1]+Target_window_coords[gr_screen.res][3]-h, outstr); // AL 23-3-98: Fighter bays are a special case. Player cannot destroy them, so don't // show the subsystem strength if ( SDL_strncasecmp(NOX("fighter"), Player_ai->targeted_subsys->system_info->name, 7) ) { - sprintf(outstr,XSTR( "%d%%", 341),screen_integrity); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "%d%%", 341),screen_integrity); gr_get_string_size(&w,&h,outstr); gr_printf(Target_window_coords[gr_screen.res][0]+Target_window_coords[gr_screen.res][2]-w-1, Target_window_coords[gr_screen.res][1]+Target_window_coords[gr_screen.res][3] - h, "%s", outstr); } @@ -1071,9 +1070,9 @@ void hud_render_target_ship_info(object *target_objp) // print out 'disabled' on the monitor if the target is disabled if ( (target_shipp->flags & SF_DISABLED) || (ship_subsys_disrupted(target_shipp, SUBSYSTEM_ENGINE)) ) { if ( target_shipp->flags & SF_DISABLED ) { - strcpy(outstr, XSTR( "DISABLED", 342)); + SDL_strlcpy(outstr, XSTR( "DISABLED", 342), sizeof(outstr)); } else { - strcpy(outstr, XSTR( "DISRUPTED", 343)); + SDL_strlcpy(outstr, XSTR( "DISRUPTED", 343), sizeof(outstr)); } gr_get_string_size(&w,&h,outstr); gr_printf(Target_window_coords[gr_screen.res][0]+Target_window_coords[gr_screen.res][2]/2 - w/2 - 1, Target_window_coords[gr_screen.res][1]+Target_window_coords[gr_screen.res][3] - 2*h, "%s", outstr); @@ -1109,17 +1108,17 @@ void hud_blit_target_integrity(int disabled,int force_obj_num) // print out status of ship if ( (Ships[objp->instance].flags & SF_DISABLED) || (ship_subsys_disrupted(&Ships[objp->instance], SUBSYSTEM_ENGINE)) ) { - strcpy(buf,XSTR( "dis", 344)); + SDL_strlcpy(buf,XSTR( "dis", 344), sizeof(buf)); current_ts = TS_DIS; } else { if ( Pl_target_integrity > 0.9 ) { - strcpy(buf,XSTR( "ok", 345)); + SDL_strlcpy(buf, XSTR( "ok", 345), sizeof(buf)); current_ts = TS_OK; } else if ( Pl_target_integrity > 0.2 ) { - strcpy(buf,XSTR( "dmg", 346)); + SDL_strlcpy(buf, XSTR( "dmg", 346), sizeof(buf)); current_ts = TS_DMG; } else { - strcpy(buf,XSTR( "crt", 347)); + SDL_strlcpy(buf, XSTR( "crt", 347), sizeof(buf)); current_ts = TS_CRT; } } @@ -1393,7 +1392,7 @@ void hud_render_target_debris(object *target_objp) char *printable_ship_class = Ship_info[base_index].name; if ( strstr(Ship_info[base_index].name, NOX("#")) ) { char temp_name[NAME_LENGTH]; - strcpy(temp_name, Ship_info[base_index].name); + SDL_strlcpy(temp_name, Ship_info[base_index].name, sizeof(temp_name)); hud_end_string_at_first_hash_symbol(temp_name); printable_ship_class = temp_name; } @@ -1480,7 +1479,7 @@ void hud_render_target_weapon(object *target_objp) hud_set_gauge_color(HUD_TARGET_MONITOR); // print out the weapon class name - sprintf( outstr,"%s", target_wip->name ); + SDL_snprintf( outstr, sizeof(outstr), "%s", target_wip->name ); gr_get_string_size(&w,&h,outstr); // drop name past the # sign @@ -1496,9 +1495,9 @@ void hud_render_target_weapon(object *target_objp) dist = vm_vec_dist(&target_objp->pos, &wp->homing_object->pos); speed = vm_vec_mag(&target_objp->phys_info.vel); if ( speed > 0 ) { - sprintf(outstr, NOX("impact: %.1f sec"), dist/speed); + SDL_snprintf(outstr, sizeof(outstr), NOX("impact: %.1f sec"), dist/speed); } else { - strcpy(outstr, XSTR( "unknown", 349)); + SDL_strlcpy(outstr, XSTR( "unknown", 349), sizeof(outstr)); } emp_hud_string(Targetbox_coords[gr_screen.res][TBOX_CLASS][0], Targetbox_coords[gr_screen.res][TBOX_CLASS][1], EG_TBOX_CLASS, outstr); @@ -1566,7 +1565,7 @@ void hud_cargo_scan_update(object *targetp, float frametime) // display cargo inspection status if ( targetp->type == OBJ_SHIP ) { - if ( player_inspect_cargo(frametime, outstr) ) { + if ( player_inspect_cargo(frametime, outstr, sizeof(outstr)) ) { if ( hud_gauge_active(HUD_TARGET_MONITOR) ) { if ( Player->cargo_inspect_time > 0 ) { hud_targetbox_start_flash(TBOX_FLASH_CARGO); @@ -1634,7 +1633,7 @@ void hud_show_target_data(float frametime) hy = fl2i(HUD_offset_y); // print out the target distance and speed - sprintf(outstr,XSTR( "d: %.0f%s", 350), Player_ai->current_target_distance, modifiers[Player_ai->current_target_dist_trend]); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "d: %.0f%s", 350), Player_ai->current_target_distance, modifiers[Player_ai->current_target_dist_trend]); hud_num_make_mono(outstr); gr_get_string_size(&w,&h,outstr); @@ -1667,7 +1666,7 @@ void hud_show_target_data(float frametime) } } - sprintf(outstr, XSTR( "s: %.0f%s", 351), spd, (spd>1)?modifiers[Player_ai->current_target_speed_trend]:""); + SDL_snprintf(outstr, sizeof(outstr), XSTR( "s: %.0f%s", 351), spd, (spd>1)?modifiers[Player_ai->current_target_speed_trend]:""); hud_num_make_mono(outstr); emp_hud_string(Targetbox_coords[gr_screen.res][TBOX_SPEED][0]+hx, Targetbox_coords[gr_screen.res][TBOX_SPEED][1]+hy, EG_TBOX_SPEED, outstr); @@ -1690,25 +1689,25 @@ void hud_show_target_data(float frametime) if ( shipp->ai_index >= 0 ) { ai_info *aip = &Ai_info[shipp->ai_index]; - sprintf(outstr,"AI: %s",Ai_behavior_names[aip->mode]); + SDL_snprintf(outstr, sizeof(outstr), "AI: %s", Ai_behavior_names[aip->mode]); switch (aip->mode) { case AIM_CHASE: SDL_assert(aip->submode <= SM_BIG_PARALLEL); // Must be <= largest chase submode value. // sprintf(outstr,"AI: %s",Submode_text[aip->submode]); - sprintf(outstr2," / %s",Submode_text[aip->submode]); - strcat(outstr,outstr2); + SDL_snprintf(outstr2,sizeof(outstr2)," / %s",Submode_text[aip->submode]); + SDL_strlcat(outstr, outstr2, sizeof(outstr)); break; case AIM_STRAFE: SDL_assert(aip->submode <= AIS_STRAFE_POSITION); // Must be <= largest chase submode value. // sprintf(outstr,"AI: %s",Strafe_submode_text[aip->submode-AIS_STRAFE_ATTACK]); - sprintf(outstr2," / %s",Strafe_submode_text[aip->submode-AIS_STRAFE_ATTACK]); - strcat(outstr,outstr2); + SDL_snprintf(outstr2,sizeof(outstr2)," / %s",Strafe_submode_text[aip->submode-AIS_STRAFE_ATTACK]); + SDL_strlcat(outstr, outstr2, sizeof(outstr)); break; case AIM_WAYPOINTS: // gr_printf(sx, sy, "Wpnum: %i",aip->wp_index); - sprintf(outstr2," / Wpnum: %i",aip->wp_index); - strcat(outstr,outstr2); + SDL_snprintf(outstr2,sizeof(outstr2)," / Wpnum: %i",aip->wp_index); + SDL_strlcat(outstr, outstr2, sizeof(outstr)); break; default: break; @@ -1728,9 +1727,9 @@ void hud_show_target_data(float frametime) vector v2t; if (aip->target_objnum == Player_obj-Objects) - strcpy(target_str, "Player!"); + SDL_strlcpy(target_str, "Player!", sizeof(target_str)); else - sprintf(target_str, "%s", Ships[Objects[aip->target_objnum].instance].ship_name); + SDL_snprintf(target_str, sizeof(target_str), "%s", Ships[Objects[aip->target_objnum].instance].ship_name); // gr_printf(TARGET_WINDOW_X1+TARGET_WINDOW_WIDTH+2, TARGET_WINDOW_Y1+4*h, "Target: %s", target_str); gr_printf(sx, sy, "Targ: %s", target_str); @@ -1751,7 +1750,7 @@ void hud_show_target_data(float frametime) sy += dy; if ( aip->targeted_subsys != NULL ) { - sprintf(outstr, "Subsys: %s", aip->targeted_subsys->system_info->name); + SDL_snprintf(outstr, sizeof(outstr), "Subsys: %s", aip->targeted_subsys->system_info->name); gr_printf(sx, sy, outstr); } } @@ -1759,11 +1758,11 @@ void hud_show_target_data(float frametime) // print out energy transfer information on the ship sy = 70; - sprintf(outstr,"MAX G/E: %.0f/%.0f",shipp->weapon_energy,shipp->current_max_speed); + SDL_snprintf(outstr,sizeof(outstr),"MAX G/E: %.0f/%.0f",shipp->weapon_energy,shipp->current_max_speed); gr_printf(sx, sy, outstr); sy += dy; - sprintf(outstr,"G/S/E: %.2f/%.2f/%.2f",Energy_levels[shipp->weapon_recharge_index],Energy_levels[shipp->shield_recharge_index],Energy_levels[shipp->engine_recharge_index]); + SDL_snprintf(outstr,sizeof(outstr),"G/S/E: %.2f/%.2f/%.2f",Energy_levels[shipp->weapon_recharge_index],Energy_levels[shipp->shield_recharge_index],Energy_levels[shipp->engine_recharge_index]); gr_printf(sx, sy, outstr); sy += dy; @@ -1843,21 +1842,21 @@ void hud_show_target_data(float frametime) sy = 100; dy = gr_get_font_height(); - sprintf(outstr,"Num primaries: %d", swp->num_primary_banks); + SDL_snprintf(outstr,sizeof(outstr),"Num primaries: %d", swp->num_primary_banks); gr_printf(sx,sy,outstr); sy += dy; for ( i = 0; i < swp->num_primary_banks; i++ ) { - sprintf(outstr,"%d. %s", i+1, Weapon_info[swp->primary_bank_weapons[i]].name); + SDL_snprintf(outstr,sizeof(outstr),"%d. %s", i+1, Weapon_info[swp->primary_bank_weapons[i]].name); gr_printf(sx,sy,outstr); sy += dy; } sy += dy; - sprintf(outstr,"Num secondaries: %d", swp->num_secondary_banks); + SDL_snprintf(outstr,sizeof(outstr),"Num secondaries: %d", swp->num_secondary_banks); gr_printf(sx,sy,outstr); sy += dy; for ( i = 0; i < swp->num_secondary_banks; i++ ) { - sprintf(outstr,"%d. %s", i+1, Weapon_info[swp->secondary_bank_weapons[i]].name); + SDL_snprintf(outstr,sizeof(outstr),"%d. %s", i+1, Weapon_info[swp->secondary_bank_weapons[i]].name); gr_printf(sx,sy,outstr); sy += dy; } diff --git a/src/inetfile/cftp.cpp b/src/inetfile/cftp.cpp index 6395d89..251c2d7 100644 --- a/src/inetfile/cftp.cpp +++ b/src/inetfile/cftp.cpp @@ -131,19 +131,19 @@ CFtpGet::CFtpGet(char *URL,char *localfile,char *Username,char *Password) if(Username) { - strcpy(m_szUserName,Username); + SDL_strlcpy(m_szUserName, Username, sizeof(m_szUserName)); } else { - strcpy(m_szUserName,"anonymous"); + SDL_strlcpy(m_szUserName, "anonymous", sizeof(m_szUserName)); } if(Password) { - strcpy(m_szPassword,Password); + SDL_strlcpy(m_szPassword, Password, sizeof(m_szPassword)); } else { - strcpy(m_szPassword,"pxouser@pxo.net"); + SDL_strlcpy(m_szPassword, "pxouser@pxo.net", sizeof(m_szPassword)); } m_ListenSock = socket(AF_INET, SOCK_STREAM, 0); if(INVALID_SOCKET == m_ListenSock) @@ -198,7 +198,7 @@ CFtpGet::CFtpGet(char *URL,char *localfile,char *Username,char *Password) } } //There shouldn't be any : in this string - if(strchr(pURL,':')) + if(SDL_strchr(pURL,':')) { m_State = FTP_STATE_URL_PARSING_ERROR; m_Aborted = true; @@ -217,7 +217,7 @@ CFtpGet::CFtpGet(char *URL,char *localfile,char *Username,char *Password) { filestart = pURL+i+1; dirstart = pURL+i+1; - strcpy(m_szFilename,filestart); + SDL_strlcpy(m_szFilename, filestart, sizeof(m_szFilename)); } else { @@ -233,10 +233,10 @@ CFtpGet::CFtpGet(char *URL,char *localfile,char *Username,char *Password) } else { - strncpy(m_szDir,dirstart,(filestart-dirstart)); - m_szDir[(filestart-dirstart)] = 0; - strncpy(m_szHost,pURL,(dirstart-pURL)); - m_szHost[(dirstart-pURL)-1] = 0; + int len = min((filestart-dirstart)+1, sizeof(m_szDir)); + SDL_strlcpy(m_szDir, dirstart, len); + len = min((dirstart-pURL), sizeof(m_szHost)); + SDL_strlcpy(m_szHost, pURL, len); } //At this point we should have a nice host,dir and filename @@ -327,7 +327,7 @@ unsigned int CFtpGet::GetFile() char szCommandString[200]; int rcode; - sprintf(szCommandString,"TYPE I\r\n"); + SDL_strlcpy(szCommandString, "TYPE I\r\n", sizeof(szCommandString)); rcode = SendFTPCommand(szCommandString); if(rcode >=400) { @@ -338,7 +338,7 @@ unsigned int CFtpGet::GetFile() return 0; if(m_szDir[0]) { - sprintf(szCommandString,"CWD %s\r\n",m_szDir); + SDL_snprintf(szCommandString, sizeof(szCommandString), "CWD %s\r\n", m_szDir); rcode = SendFTPCommand(szCommandString); if(rcode >=400) { @@ -355,7 +355,7 @@ unsigned int CFtpGet::GetFile() } if(m_Aborting) return 0; - sprintf(szCommandString,"RETR %s\r\n",m_szFilename); + SDL_snprintf(szCommandString, sizeof(szCommandString), "RETR %s\r\n", m_szFilename); rcode = SendFTPCommand(szCommandString); if(rcode >=400) { @@ -366,11 +366,11 @@ unsigned int CFtpGet::GetFile() return 0; //Now we will try to determine the file size... char *p,*s; - p = strchr(recv_buffer,'('); + p = SDL_strchr(recv_buffer,'('); p++; if(p) { - s = strchr(p,' '); + s = SDL_strchr(p,' '); *s = 0; m_iBytesTotal = atoi(p); } @@ -431,7 +431,7 @@ unsigned int CFtpGet::IssuePort() // Format the PORT command with the correct numbers. #ifndef PLAT_UNIX - sprintf(szCommandString, "PORT %d,%d,%d,%d,%d,%d\r\n", + SDL_snprintf(szCommandString, sizeof(szCommandString), "PORT %d,%d,%d,%d,%d,%d\r\n", listenaddr.sin_addr.S_un.S_un_b.s_b1, listenaddr.sin_addr.S_un.S_un_b.s_b2, listenaddr.sin_addr.S_un.S_un_b.s_b3, @@ -439,7 +439,7 @@ unsigned int CFtpGet::IssuePort() nLocalPort & 0xFF, nLocalPort >> 8); #else - sprintf(szCommandString, "PORT %d,%d,%d,%d,%d,%d\r\n", + SDL_snprintf(szCommandString, sizeof(szCommandString), "PORT %d,%d,%d,%d,%d,%d\r\n", (listenaddr.sin_addr.s_addr >> 0) & 0xFF, (listenaddr.sin_addr.s_addr >> 8) & 0xFF, (listenaddr.sin_addr.s_addr >> 16) & 0xFF, @@ -504,14 +504,14 @@ int CFtpGet::LoginHost() char szLoginString[200]; int rcode; - sprintf(szLoginString,"USER %s\r\n",m_szUserName); + SDL_snprintf(szLoginString, sizeof(szLoginString), "USER %s\r\n" ,m_szUserName); rcode = SendFTPCommand(szLoginString); if(rcode >=400) { m_State = FTP_STATE_LOGIN_ERROR; return 0; } - sprintf(szLoginString,"PASS %s\r\n",m_szPassword); + SDL_snprintf(szLoginString, sizeof(szLoginString), "PASS %s\r\n" ,m_szPassword); rcode = SendFTPCommand(szLoginString); if(rcode >=400) { @@ -571,7 +571,7 @@ unsigned int CFtpGet::ReadFTPServerReply() } else { chunk[1] = 0; - strcat(recv_buffer,chunk); + SDL_strlcat(recv_buffer, chunk, sizeof(recv_buffer)); } SDL_Delay(1); diff --git a/src/inetfile/chttpget.cpp b/src/inetfile/chttpget.cpp index 11752fc..7e6f369 100644 --- a/src/inetfile/chttpget.cpp +++ b/src/inetfile/chttpget.cpp @@ -190,8 +190,7 @@ void ChttpGet::GetFile(char *URL,char *localfile) m_Aborting = false; m_Aborted = false; - strncpy(m_URL,URL,MAX_URL_LEN-1); - m_URL[MAX_URL_LEN-1] = 0; + SDL_strlcpy(m_URL, URL, sizeof(m_URL)); LOCALFILE = fopen(localfile,"wb"); if(NULL == LOCALFILE) @@ -223,7 +222,7 @@ void ChttpGet::GetFile(char *URL,char *localfile) } } //There shouldn't be any : in this string - if(strchr(pURL,':')) + if(SDL_strchr(pURL,':')) { m_State = HTTP_STATE_URL_PARSING_ERROR; m_Aborted = true; @@ -242,7 +241,7 @@ void ChttpGet::GetFile(char *URL,char *localfile) { filestart = pURL+i+1; dirstart = pURL+i+1; - strcpy(m_szFilename,filestart); + SDL_strlcpy(m_szFilename, filestart, sizeof(m_szFilename)); } else { @@ -258,10 +257,9 @@ void ChttpGet::GetFile(char *URL,char *localfile) } else { - strcpy(m_szDir,dirstart);//,(filestart-dirstart)); - //m_szDir[(filestart-dirstart)] = NULL; - strncpy(m_szHost,pURL,(dirstart-pURL)); - m_szHost[(dirstart-pURL)-1] = '\0'; + SDL_strlcpy(m_szDir, dirstart, sizeof(m_szDir));//,(filestart-dirstart)); + int len = min((dirstart-pURL), sizeof(m_szHost)); + SDL_strlcpy(m_szHost, pURL, len); } SDL_Thread *thread = SDL_CreateThread(HTTPObjThread, "HTTPObjThread", this); @@ -328,13 +326,13 @@ void ChttpGet::WorkerThread() LOCALFILE = NULL; return; } - sprintf(szCommand,"GET %s%s HTTP/1.1\nAccept: */*\nAccept-Encoding: deflate\nHost: %s\n\n\n",m_ProxyEnabled?"":"/",m_ProxyEnabled?m_URL:m_szDir,m_szHost); + SDL_snprintf(szCommand,sizeof(szCommand),"GET %s%s HTTP/1.1\nAccept: */*\nAccept-Encoding: deflate\nHost: %s\n\n\n",m_ProxyEnabled?"":"/",m_ProxyEnabled?m_URL:m_szDir,m_szHost); send(m_DataSock,szCommand,strlen(szCommand),0); p = GetHTTPLine(); if(SDL_strncasecmp("HTTP/",p,5)==0) { char *pcode; - pcode = strchr(p,' ')+1; + pcode = SDL_strchr(p,' ')+1; if(!pcode) { m_State = HTTP_STATE_UNKNOWN_ERROR; @@ -373,7 +371,7 @@ void ChttpGet::WorkerThread() } if(SDL_strncasecmp(p,"Content-Length:",strlen("Content-Length:"))==0) { - char *s = strchr(p,' ')+1; + char *s = SDL_strchr(p,' ')+1; p = s; if(s) { @@ -601,7 +599,7 @@ char *ChttpGet::GetHTTPLine() } else { chunk[1] = '\0'; - strcat(recv_buffer,chunk); + SDL_strlcat(recv_buffer, chunk, sizeof(recv_buffer)); } SDL_Delay(1); diff --git a/src/inetfile/inetgetfile.cpp b/src/inetfile/inetgetfile.cpp index a42a9d6..0cd0a82 100644 --- a/src/inetfile/inetgetfile.cpp +++ b/src/inetfile/inetgetfile.cpp @@ -102,7 +102,7 @@ InetGetFile::InetGetFile(char *URL,char *localfile) // make sure localfile has \ in it or we'll be here a long time. if (strstr(localfile, DIR_SEPARATOR_STR)) { - strcpy(dir_name, localfile); + SDL_strlcpy(dir_name, localfile, sizeof(dir_name)); int len = strlen(localfile); end = dir_name + len; diff --git a/src/io/keycontrol.cpp b/src/io/keycontrol.cpp index a8dd08f..9ab8794 100644 --- a/src/io/keycontrol.cpp +++ b/src/io/keycontrol.cpp @@ -713,7 +713,7 @@ void debug_cycle_targeted_ship(int delta) sip = &Ship_info[si_index]; // if it has test in the name, jump over it - strcpy(name, sip->name); + SDL_strlcpy(name, sip->name, sizeof(name)); SDL_strlwr(name); if ( strstr(name,NOX("test")) != NULL ) continue; @@ -746,7 +746,7 @@ void debug_change_song(int delta) { char buf[256]; if ( event_music_next_soundtrack(delta) != -1 ) { - event_music_get_soundtrack_name(buf); + event_music_get_soundtrack_name(buf, sizeof(buf)); HUD_sourced_printf(HUD_SOURCE_HIDDEN, XSTR( "Soundtrack changed to: %s", 2), buf); } else { @@ -1294,7 +1294,7 @@ void process_debug_keys(int k) case KEY_DEBUGGED + SDLK_t: { char buf[256]; - event_music_get_info(buf); + event_music_get_info(buf, sizeof(buf)); HUD_sourced_printf(HUD_SOURCE_HIDDEN, buf); break; } diff --git a/src/io/timer.cpp b/src/io/timer.cpp index 9d903e9..096748c 100644 --- a/src/io/timer.cpp +++ b/src/io/timer.cpp @@ -297,7 +297,7 @@ void timing_frame_start() Timing_frame.start = timer_get_microseconds(); for(idx=0; idx= 0) { Jump_nodes[Num_jump_nodes].objnum = obj; Num_jump_nodes++; diff --git a/src/localization/localize.cpp b/src/localization/localize.cpp index c7d40ee..f854883 100644 --- a/src/localization/localize.cpp +++ b/src/localization/localize.cpp @@ -434,7 +434,7 @@ int lcl_ext_get_text(char *xstr, char *out); int lcl_ext_get_id(char *xstr, int *out); // given a valid XSTR() id#, lookup the string in tstrings.tbl, filling in out if found, nonzero on success -int lcl_ext_lookup(char *out, int id); +int lcl_ext_lookup(char *out, const int max_out, int id); // if the char is a valid char for a signed integer value string int lcl_is_valid_numeric_char(char c); @@ -445,7 +445,7 @@ int lcl_is_valid_numeric_char(char c); // for cases 1 and 2 : the high bit (1<<31) will be set if the parser detected the beginning of a new string id on this line // so be sure to mask this value out to get the low portion of the return value // -int lcl_ext_lookup_sub(char *text, char *out, int id); +int lcl_ext_lookup_sub(char *text, char *out, const int max_out, int id); // initialize the pointer array into tstrings.tbl (call from lcl_ext_open() ONLY) void lcl_ext_setup_pointers(); @@ -475,9 +475,9 @@ void lcl_init(int lang_init) if(ret == NULL){ Int3(); - strcpy(lang_string, DEFAULT_LANGUAGE); + SDL_strlcpy(lang_string, DEFAULT_LANGUAGE, sizeof(lang_string)); } else { - strcpy(lang_string, ret); + SDL_strlcpy(lang_string, ret, sizeof(lang_string)); } // look it up @@ -557,8 +557,8 @@ void lcl_xstr_init() // move down to the proper section memset(language_tag, 0, 512); - strcpy(language_tag, "#"); - strcat(language_tag, Lcl_languages[Lcl_current_lang].lang_name); + SDL_strlcpy(language_tag, "#", sizeof(language_tag)); + SDL_strlcat(language_tag, Lcl_languages[Lcl_current_lang].lang_name, sizeof(language_tag)); if(skip_to_string(language_tag) != 1){ Error(LOCATION, NOX("Strings.tbl is corrupt")); } @@ -731,7 +731,7 @@ void lcl_set_language(int lang) } // maybe add on an appropriate subdirectory when opening a localized file -void lcl_add_dir(char *current_path) +void lcl_add_dir(char *current_path, const int max_len) { char last_char; int path_len; @@ -752,18 +752,18 @@ void lcl_add_dir(char *current_path) // if the last char is a slash, just copy in the disk extension if (last_char == DIR_SEPARATOR_CHAR) { - strcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext); - strcat(current_path, DIR_SEPARATOR_STR); + SDL_strlcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext, max_len); + SDL_strlcat(current_path, DIR_SEPARATOR_STR, max_len); } // otherwise add a slash, then copy in the disk extension else { - strcat(current_path, DIR_SEPARATOR_STR); - strcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext); + SDL_strlcat(current_path, DIR_SEPARATOR_STR, max_len); + SDL_strlcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext, max_len); } } // maybe add localized directory to full path with file name when opening a localized file -void lcl_add_dir_to_path_with_filename(char *current_path) +void lcl_add_dir_to_path_with_filename(char *current_path, const int path_len) { char temp[MAX_PATH_LEN]; @@ -776,19 +776,19 @@ void lcl_add_dir_to_path_with_filename(char *current_path) // mark end of current path with '\0', so strcat will work char *last_slash = strrchr(current_path, DIR_SEPARATOR_CHAR); if (last_slash == NULL) { - strcpy(temp, current_path); + SDL_strlcpy(temp, current_path, sizeof(temp)); current_path[0] = '\0'; } else { - strcpy(temp, last_slash+1); + SDL_strlcpy(temp, last_slash+1, sizeof(temp)); last_slash[1] = '\0'; } // add extension - strcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext); - strcat(current_path, DIR_SEPARATOR_STR); + SDL_strlcat(current_path, Lcl_languages[Lcl_current_lang].lang_ext, path_len); + SDL_strlcat(current_path, DIR_SEPARATOR_STR, path_len); // copy rest of filename from temp - strcat(current_path, temp); + SDL_strlcat(current_path, temp, path_len); } @@ -863,7 +863,7 @@ void lcl_ext_localize(char *in, char *out, int max_len, int *id) error_display(0, "Token too long: [%s]. Length = %i. Max is %i.\n", in, str_len, max_len); return; } - strcpy(out, in); + SDL_strlcpy(out, in, max_len); if(id != NULL){ *id = -2; } @@ -872,14 +872,14 @@ void lcl_ext_localize(char *in, char *out, int max_len, int *id) // otherwise, check to see if it's an XSTR() tag memset(first_four, 0, 5); - strncpy(first_four, in, 4); + SDL_strlcpy(first_four, in, sizeof(first_four)); if(SDL_strcasecmp(first_four, "XSTR")){ // NOT an XSTR() tag if(str_len > max_len){ error_display(0, "Token too long: [%s]. Length = %i. Max is %i.\n", in, str_len, max_len); return; } - strcpy(out, in); + SDL_strlcpy(out, in, max_len); if(id != NULL){ *id = -2; } @@ -889,14 +889,14 @@ void lcl_ext_localize(char *in, char *out, int max_len, int *id) // at this point we _know_ its an XSTR() tag, so split off the strings and id sections if(!lcl_ext_get_text(in, text_str)){ Int3(); - strcpy(out, in); + SDL_strlcpy(out, in, max_len); if(id != NULL){ *id = -1; } return; } if(!lcl_ext_get_id(in, &str_id)){ - strcpy(out, in); + SDL_strlcpy(out, in, max_len); if(id != NULL){ *id = -1; } @@ -905,7 +905,7 @@ void lcl_ext_localize(char *in, char *out, int max_len, int *id) // if the localization file is not open, or we're running in the default language, return the original string if((Lcl_ext_file == NULL) || (str_id < 0) || (Lcl_current_lang == LCL_DEFAULT_LANGUAGE)){ - strcpy(out, text_str); + SDL_strlcpy(out, text_str, max_len); if(id != NULL){ *id = str_id; } @@ -913,22 +913,21 @@ void lcl_ext_localize(char *in, char *out, int max_len, int *id) } // attempt to find the string - if(lcl_ext_lookup(lookup_str, str_id)){ + if(lcl_ext_lookup(lookup_str, sizeof(lookup_str), str_id)){ // copy to the outgoing string SDL_assert(strlen(lookup_str) <= (unsigned int)(max_len - 1)); if (strlen(lookup_str) > (unsigned int)(max_len-1)) { // be safe and truncate string to fit - strncpy(out, lookup_str, (size_t) (max_len-1)); - out[max_len-1] = '\0'; // ensure null terminator, since strncpy(...) doesnt. + SDL_strlcpy(out, lookup_str, max_len); } else { - strcpy(out, lookup_str); + SDL_strlcpy(out, lookup_str, max_len); } } // otherwise use what we have - probably should Int3() or assert here else { - strcpy(out, text_str); + SDL_strlcpy(out, text_str, max_len); } // set the id # @@ -1101,7 +1100,7 @@ int lcl_ext_get_id(char *xstr, int *out) } // given a valid XSTR() id#, lookup the string in tstrings.tbl, filling in out if found, nonzero on success -int lcl_ext_lookup(char *out, int id) +int lcl_ext_lookup(char *out, const int max_out, int id) { char text[1024]; int ret; @@ -1124,7 +1123,7 @@ int lcl_ext_lookup(char *out, int id) memset(Ts_text, 0, PARSE_TEXT_STRING_LEN); memset(Ts_id_text, 0, PARSE_ID_STRING_LEN); while((cftell(Lcl_ext_file) < Lcl_pointers[Lcl_pointer_count - 1]) && cfgets(text, 1024, Lcl_ext_file)){ - ret = lcl_ext_lookup_sub(text, out, id); + ret = lcl_ext_lookup_sub(text, out, max_out, id); // run the line parse function switch(ret & 0x0fffffff){ @@ -1163,7 +1162,7 @@ int lcl_ext_lookup(char *out, int id) // 0 on fail, 1 on success, 2 if found a matching id/string pair, 3 if end of language has been found // for cases 1 and 2 : the high bit (1<<31) will be set if the parser detected the beginning of a new string id on this line // -int lcl_ext_lookup_sub(char *text, char *out, int id) +int lcl_ext_lookup_sub(char *text, char *out, const int max_out, int id) { char *p; // current ptr int len = strlen(text); @@ -1180,7 +1179,7 @@ int lcl_ext_lookup_sub(char *text, char *out, int id) // scanning for a line of text case TS_SCANNING: // if the first word is #end, we're done with the file altogether - strcpy(text_copy, text); + SDL_strlcpy(text_copy, text, sizeof(text_copy)); tok = strtok(text_copy, " \n"); if((tok != NULL) && !SDL_strcasecmp(tok, "#end")){ return 3; @@ -1244,7 +1243,7 @@ int lcl_ext_lookup_sub(char *text, char *out, int id) // if the id#'s match, copy the string and return "string found" if((atoi(Ts_id_text) == id) && (out != NULL)){ - strcpy(out, Ts_text); + SDL_strlcpy(out, Ts_text, max_out); return found_new_string_id ? (1<<1) | (1<<31) : (1<<1); } @@ -1301,11 +1300,11 @@ void lcl_ext_setup_pointers() // seek to the currently active language memset(language_string, 0, 128); - strcpy(language_string, "#"); + SDL_strlcpy(language_string, "#", sizeof(language_string)); if(!SDL_strcasecmp(DEFAULT_LANGUAGE, Lcl_languages[Lcl_current_lang].lang_name)){ - strcat(language_string, "default"); + SDL_strlcat(language_string, "default", sizeof(language_string)); } else { - strcat(language_string, Lcl_languages[Lcl_current_lang].lang_name); + SDL_strlcat(language_string, Lcl_languages[Lcl_current_lang].lang_name, sizeof(language_string)); } memset(line, 0, 1024); @@ -1333,7 +1332,7 @@ void lcl_ext_setup_pointers() string_count = 0; while(cfgets(line, 1024, Lcl_ext_file)){ - ret = lcl_ext_lookup_sub(line, NULL, -1); + ret = lcl_ext_lookup_sub(line, NULL, 0, -1); // do stuff switch(ret & 0x0fffffff){ @@ -1374,11 +1373,11 @@ void lcl_ext_setup_pointers() lcl_ext_close(); } -void lcl_get_language_name(char *lang_name) +void lcl_get_language_name(char *lang_name, const int max_len) { SDL_assert(LCL_NUM_LANGUAGES == 3); - strcpy(lang_name, Lcl_languages[Lcl_current_lang].lang_name); + SDL_strlcpy(lang_name, Lcl_languages[Lcl_current_lang].lang_name, max_len); } // converts german umlauted chars from ASCII to ANSI @@ -1484,16 +1483,16 @@ void lcl_fix_polish(char *str) // For displaying weapon names in german version // since we cant actually just change them outright. // -void lcl_translate_wep_name(char *name) +void lcl_translate_wep_name(char *name, const int max_len) { if (!strcmp(name, "Morning Star")) { - strcpy(name, "Morgenstern"); + SDL_strlcpy(name, "Morgenstern", max_len); } else if (!strcmp(name, "MorningStar")) { - strcpy(name, "Morgenstern D"); + SDL_strlcpy(name, "Morgenstern D", max_len); } else if (!strcmp(name, "UD-8 Kayser")) { - strcpy(name, "Kayserstrahl"); + SDL_strlcpy(name, "Kayserstrahl", max_len); } else if (!strcmp(name, "UD-D Kayser")) { - strcpy(name, "Kayserstrahl"); + SDL_strlcpy(name, "Kayserstrahl", max_len); } } @@ -1503,144 +1502,144 @@ void lcl_translate_wep_name(char *name) // For displaying ship names in german version // since we cant actually just change them outright. // -void lcl_translate_brief_icon_name(char *name) +void lcl_translate_brief_icon_name(char *name, const int max_len) { char *pos; char buf[128]; if (!SDL_strcasecmp(name, "Subspace Portal")) { - strcpy(name, "Subraum Portal"); + SDL_strlcpy(name, "Subraum Portal", max_len); } else if (!SDL_strcasecmp(name, "Alpha Wing")) { - strcpy(name, "Alpha"); + SDL_strlcpy(name, "Alpha", max_len); } else if (!SDL_strcasecmp(name, "Beta Wing")) { - strcpy(name, "Beta"); + SDL_strlcpy(name, "Beta", max_len); } else if (!SDL_strcasecmp(name, "Zeta Wing")) { - strcpy(name, "Zeta"); + SDL_strlcpy(name, "Zeta", max_len); } else if (!SDL_strcasecmp(name, "Capella Node")) { - strcpy(name, "Capella"); + SDL_strlcpy(name, "Capella", max_len); } else if (!SDL_strcasecmp(name, "Hostile")) { - strcpy(name, "Gegner"); + SDL_strlcpy(name, "Gegner", max_len); } else if (!SDL_strcasecmp(name, "Hostile Craft")) { - strcpy(name, "Gegner"); + SDL_strlcpy(name, "Gegner", max_len); } else if (!SDL_strcasecmp(name, "Rebel Wing")) { - strcpy(name, "Rebellen"); + SDL_strlcpy(name, "Rebellen", max_len); } else if (!SDL_strcasecmp(name, "Rebel Fleet")) { - strcpy(name, "Rebellenflotte"); + SDL_strlcpy(name, "Rebellenflotte", max_len); } else if (!SDL_strcasecmp(name, "Sentry Gun")) { - strcpy(name, "Gesch\x81tz"); + SDL_strlcpy(name, "Gesch\x81tz", max_len); } else if (!SDL_strcasecmp(name, "Cargo")) { - strcpy(name, "Fracht"); + SDL_strlcpy(name, "Fracht", max_len); } else if (!SDL_strcasecmp(name, "Knossos Device")) { - strcpy(name, "Knossosger\x84t"); + SDL_strlcpy(name, "Knossosger\x84t", max_len); } else if (!SDL_strcasecmp(name, "Support")) { - strcpy(name, "Versorger"); + SDL_strlcpy(name, "Versorger", max_len); } else if (!SDL_strcasecmp(name, "Unknown")) { - strcpy(name, "Unbekannt"); + SDL_strlcpy(name, "Unbekannt", max_len); } else if (!SDL_strcasecmp(name, "Instructor")) { - strcpy(name, "Ausbilder"); + SDL_strlcpy(name, "Ausbilder", max_len); } else if (!SDL_strcasecmp(name, "Jump Node")) { - strcpy(name, "Sprungknoten"); + SDL_strlcpy(name, "Sprungknoten", max_len); } else if (!SDL_strcasecmp(name, "Escort")) { - strcpy(name, "Geleitschutz"); + SDL_strlcpy(name, "Geleitschutz", max_len); } else if (!SDL_strcasecmp(name, "Asteroid Field")) { - strcpy(name, "Asteroidenfeld"); + SDL_strlcpy(name, "Asteroidenfeld", max_len); } else if (!SDL_strcasecmp(name, "Enif Station")) { - strcpy(name, "Station Enif"); + SDL_strlcpy(name, "Station Enif", max_len); } else if (!SDL_strcasecmp(name, "Rally Point")) { - strcpy(name, "Sammelpunkt"); + SDL_strlcpy(name, "Sammelpunkt", max_len); } else if ((pos = strstr(name, "Transport")) != NULL) { pos += 9; // strlen of "transport" - strcpy(buf, "Transporter"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Transporter", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Jump Node")) != NULL) { pos += 9; // strlen of "jump node" - strcpy(buf, "Sprungknoten"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Sprungknoten", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if (!SDL_strcasecmp(name, "Orion under repair")) { - strcpy(name, "Orion wird repariert"); + SDL_strlcpy(name, "Orion wird repariert", max_len); // SOTY-specific ones below! } else if (!SDL_strcasecmp(name, "Wayfarer Station")) { - strcpy(name, "Station Wayfarer"); + SDL_strlcpy(name, "Station Wayfarer", max_len); } else if (!SDL_strcasecmp(name, "Enemy")) { - strcpy(name, "Gegner"); + SDL_strlcpy(name, "Gegner", max_len); } else if (!SDL_strcasecmp(name, "Supply Depot")) { - strcpy(name, "Nachschubdepot"); + SDL_strlcpy(name, "Nachschubdepot", max_len); } else if (!SDL_strcasecmp(name, "Fighter Escort")) { - strcpy(name, "Jagdschutz"); + SDL_strlcpy(name, "Jagdschutz", max_len); } else if (!SDL_strcasecmp(name, "Shivans")) { - strcpy(name, "Shivaner"); + SDL_strlcpy(name, "Shivaner", max_len); } else if (!SDL_strcasecmp(name, "NTF Base of Operations")) { - strcpy(name, "NTF-Operationsbasis"); + SDL_strlcpy(name, "NTF-Operationsbasis", max_len); } else if (!SDL_strcasecmp(name, "NTF Bombers")) { - strcpy(name, "NTF-Bomber"); + SDL_strlcpy(name, "NTF-Bomber", max_len); } else if (!SDL_strcasecmp(name, "NTF Fighters")) { - strcpy(name, "NTF-J\x84ger"); + SDL_strlcpy(name, "NTF-J\x84ger", max_len); } else if (!SDL_strcasecmp(name, "Sentry")) { - strcpy(name, "Sperrgesch\x81tz"); + SDL_strlcpy(name, "Sperrgesch\x81tz", max_len); } else if (!SDL_strcasecmp(name, "Cargo Containers")) { - strcpy(name, "Frachtbeh\x84lter"); + SDL_strlcpy(name, "Frachtbeh\x84lter", max_len); } else if (!SDL_strcasecmp(name, "NTF Reinforcements")) { - strcpy(name, "NTF-Verst\x84rkungen"); + SDL_strlcpy(name, "NTF-Verst\x84rkungen", max_len); } else if (!SDL_strcasecmp(name, "NTF Base")) { - strcpy(name, "NTF-St\x81tzpunkt"); + SDL_strlcpy(name, "NTF-St\x81tzpunkt", max_len); } else if (!SDL_strcasecmp(name, "Refugee Convoy")) { - strcpy(name, "Fl\x81""chtlingskonvoi"); + SDL_strlcpy(name, "Fl\x81""chtlingskonvoi", max_len); } else if (!SDL_strcasecmp(name, "Food Convoy")) { - strcpy(name, "Nachschubkonvoi"); + SDL_strlcpy(name, "Nachschubkonvoi", max_len); } else if (!SDL_strcasecmp(name, "Governor's Shuttle")) { - strcpy(name, "F\x84hre des Gouverneurs"); + SDL_strlcpy(name, "F\x84hre des Gouverneurs", max_len); } else if (!SDL_strcasecmp(name, "GTVA Patrol")) { - strcpy(name, "GTVA-Patrouille"); + SDL_strlcpy(name, "GTVA-Patrouille", max_len); } else if (!SDL_strcasecmp(name, "Escort fighters")) { - strcpy(name, "Geleitschutz"); + SDL_strlcpy(name, "Geleitschutz", max_len); } else if (!SDL_strcasecmp(name, "Nagada Outpost")) { - strcpy(name, "Nagada-Aussenposten"); + SDL_strlcpy(name, "Nagada-Aussenposten", max_len); } else if (!SDL_strcasecmp(name, "Fighters")) { - strcpy(name, "J\x84ger"); + SDL_strlcpy(name, "J\x84ger", max_len); } else if (!SDL_strcasecmp(name, "Bombers")) { - strcpy(name, "Bomber"); + SDL_strlcpy(name, "Bomber", max_len); } else if (!SDL_strcasecmp(name, "Enemy Destroyers")) { - strcpy(name, "Feindliche Zerst\x94rer"); + SDL_strlcpy(name, "Feindliche Zerst\x94rer", max_len); } else if (!SDL_strcasecmp(name, "Ross 128 System")) { - strcpy(name, "System Ross 128"); + SDL_strlcpy(name, "System Ross 128", max_len); } else if (!SDL_strcasecmp(name, "Knossos Station")) { - strcpy(name, "Knossos-Station"); + SDL_strlcpy(name, "Knossos-Station", max_len); } else if (!SDL_strcasecmp(name, "Transporters")) { - strcpy(name, "Transporter"); + SDL_strlcpy(name, "Transporter", max_len); } else if (!SDL_strcasecmp(name, "Pirates?")) { - strcpy(name, "Piraten?"); + SDL_strlcpy(name, "Piraten?", max_len); } else if (!SDL_strcasecmp(name, "Escorts")) { - strcpy(name, "Geleitschutz"); + SDL_strlcpy(name, "Geleitschutz", max_len); } else if (!SDL_strcasecmp(name, "Shivan Fighters")) { - strcpy(name, "J\x84ger"); + SDL_strlcpy(name, "J\x84ger", max_len); } else if (!SDL_strcasecmp(name, "Shivan Territory")) { - strcpy(name, "Shivaner"); + SDL_strlcpy(name, "Shivaner", max_len); } } @@ -1650,85 +1649,85 @@ void lcl_translate_brief_icon_name(char *name) // For displaying ship names in polish version // since we cant actually just change them outright. // -void lcl_translate_brief_icon_name_pl(char *name) +void lcl_translate_brief_icon_name_pl(char *name, const int max_len) { char *pos; char buf[128]; if (!SDL_strcasecmp(name, "Subspace Portal")) { - strcpy(name, "Portal podprz."); + SDL_strlcpy(name, "Portal podprz.", max_len); } else if (!SDL_strcasecmp(name, "Alpha Wing")) { - strcpy(name, "Alfa"); + SDL_strlcpy(name, "Alfa", max_len); } else if (!SDL_strcasecmp(name, "Beta Wing")) { - strcpy(name, "Beta"); + SDL_strlcpy(name, "Beta", max_len); } else if (!SDL_strcasecmp(name, "Zeta Wing")) { - strcpy(name, "Zeta"); + SDL_strlcpy(name, "Zeta", max_len); } else if (!SDL_strcasecmp(name, "Capella Node")) { - strcpy(name, "Capella"); + SDL_strlcpy(name, "Capella", max_len); } else if (!SDL_strcasecmp(name, "Hostile")) { - strcpy(name, "Wr\xF3g"); + SDL_strlcpy(name, "Wr\xF3g", max_len); } else if (!SDL_strcasecmp(name, "Hostile Craft")) { - strcpy(name, "Wr\xF3g"); + SDL_strlcpy(name, "Wr\xF3g", max_len); } else if (!SDL_strcasecmp(name, "Rebel Wing")) { - strcpy(name, "Rebelianci"); + SDL_strlcpy(name, "Rebelianci", max_len); } else if (!SDL_strcasecmp(name, "Rebel Fleet")) { - strcpy(name, "Flota Rebelii"); + SDL_strlcpy(name, "Flota Rebelii", max_len); } else if (!SDL_strcasecmp(name, "Sentry Gun")) { - strcpy(name, "Dzia\xB3o str."); + SDL_strlcpy(name, "Dzia\xB3o str.", max_len); } else if (!SDL_strcasecmp(name, "Cargo")) { - strcpy(name, "\xA3\x61\x64unek"); + SDL_strlcpy(name, "\xA3\x61\x64unek", max_len); } else if (!SDL_strcasecmp(name, "Knossos Device")) { - strcpy(name, "Urz. Knossos"); + SDL_strlcpy(name, "Urz. Knossos, max_len", max_len); } else if (!SDL_strcasecmp(name, "Support")) { - strcpy(name, "Wsparcie"); + SDL_strlcpy(name, "Wsparcie", max_len); } else if (!SDL_strcasecmp(name, "Unknown")) { - strcpy(name, "Nieznany"); + SDL_strlcpy(name, "Nieznany", max_len); } else if (!SDL_strcasecmp(name, "Instructor")) { - strcpy(name, "Instruktor"); + SDL_strlcpy(name, "Instruktor", max_len); } else if (!SDL_strcasecmp(name, "Jump Node")) { - strcpy(name, "W\xEAze\xB3 skokowy"); + SDL_strlcpy(name, "W\xEAze\xB3 skokowy", max_len); } else if (!SDL_strcasecmp(name, "Escort")) { - strcpy(name, "Eskorta"); + SDL_strlcpy(name, "Eskorta", max_len); } else if (!SDL_strcasecmp(name, "Asteroid Field")) { - strcpy(name, "Pole asteroid"); + SDL_strlcpy(name, "Pole asteroid", max_len); } else if (!SDL_strcasecmp(name, "Enif Station")) { - strcpy(name, "Stacja Enif"); + SDL_strlcpy(name, "Stacja Enif", max_len); } else if (!SDL_strcasecmp(name, "Rally Point")) { - strcpy(name, "Pkt zborny"); + SDL_strlcpy(name, "Pkt zborny", max_len); } else if ((pos = strstr(name, "Transport")) != NULL) { pos += 9; // strlen of "transport" - strcpy(buf, "Transporter"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Transporter", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Jump Node")) != NULL) { pos += 9; // strlen of "jump node" - strcpy(buf, "W\xEAze\xB3 skokowy"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "W\xEAze\xB3 skokowy", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if (!SDL_strcasecmp(name, "Orion under repair")) { - strcpy(name, "Naprawiany Orion"); + SDL_strlcpy(name, "Naprawiany Orion", max_len); } } @@ -1738,10 +1737,10 @@ void lcl_translate_brief_icon_name_pl(char *name) // For displaying ship names in german version in the briefing // since we cant actually just change them outright. // -void lcl_translate_ship_name(char *name) +void lcl_translate_ship_name(char *name, const int max_len) { if (!strcmp(name, "GTDR Amazon Advanced")) { - strcpy(name, "GTDR Amazon VII"); + SDL_strlcpy(name, "GTDR Amazon VII", max_len); } } @@ -1751,49 +1750,49 @@ void lcl_translate_ship_name(char *name) // For displaying ship names in german version in the targetbox // since we cant actually just change them outright. // -void lcl_translate_targetbox_name(char *name) +void lcl_translate_targetbox_name(char *name, const int max_len) { char *pos; char buf[128]; if ((pos = strstr(name, "Sentry")) != NULL) { pos += 6; // strlen of "sentry" - strcpy(buf, "Sperrgesch\x81tz"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Sperrgesch\x81tz", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Support")) != NULL) { pos += 7; // strlen of "support" - strcpy(buf, "Versorger"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Versorger", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Unknown")) != NULL) { pos += 7; // strlen of "unknown" - strcpy(buf, "Unbekannt"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Unbekannt", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Drone")) != NULL) { pos += 5; // strlen of "drone" - strcpy(buf, "Drohne"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Drohne", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Jump Node")) != NULL) { pos += 9; // strlen of "jump node" - strcpy(buf, "Sprungknoten"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Sprungknoten", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if (!SDL_strcasecmp(name, "Instructor")) { - strcpy(name, "Ausbilder"); + SDL_strlcpy(name, "Ausbilder", max_len); } else if (!SDL_strcasecmp(name, "NTF Vessel")) { - strcpy(name, "NTF-Schiff"); + SDL_strlcpy(name, "NTF-Schiff", max_len); } else if (!SDL_strcasecmp(name, "Enif Station")) { - strcpy(name, "Station Enif"); + SDL_strlcpy(name, "Station Enif", max_len); } } @@ -1803,48 +1802,48 @@ void lcl_translate_targetbox_name(char *name) // For displaying ship names in polish version in the targetbox // since we cant actually just change them outright. // -void lcl_translate_targetbox_name_pl(char *name) +void lcl_translate_targetbox_name_pl(char *name, const int max_len) { char *pos; char buf[128]; if ((pos = strstr(name, "Sentry")) != NULL) { pos += 6; // strlen of "sentry" - strcpy(buf, "Stra\xBFnik"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Stra\xBFnik", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Support")) != NULL) { pos += 7; // strlen of "support" - strcpy(buf, "Wsparcie"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Wsparcie", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Unknown")) != NULL) { pos += 7; // strlen of "unknown" - strcpy(buf, "Nieznany"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Nieznany", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Drone")) != NULL) { pos += 5; // strlen of "drone" - strcpy(buf, "Sonda"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "Sonda", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if ((pos = strstr(name, "Jump Node")) != NULL) { pos += 9; // strlen of "jump node" - strcpy(buf, "W\xEAze\xB3 skokowy"); - strcat(buf, pos); - strcpy(name, buf); + SDL_strlcpy(buf, "W\xEAze\xB3 skokowy", sizeof(buf)); + SDL_strlcat(buf, pos, sizeof(buf)); + SDL_strlcpy(name, buf, max_len); } else if (!SDL_strcasecmp(name, "Instructor")) { - strcpy(name, "Instruktor"); + SDL_strlcpy(name, "Instruktor", max_len); } else if (!SDL_strcasecmp(name, "NTF Vessel")) { - strcpy(name, "Okr\xEAt NTF"); + SDL_strlcpy(name, "Okr\xEAt NTF", max_len); } else if (!SDL_strcasecmp(name, "Enif Station")) { - strcpy(name, "Stacja Enif"); + SDL_strlcpy(name, "Stacja Enif", max_len); } } diff --git a/src/menuui/barracks.cpp b/src/menuui/barracks.cpp index 1df196b..f3a2496 100644 --- a/src/menuui/barracks.cpp +++ b/src/menuui/barracks.cpp @@ -448,11 +448,6 @@ void barracks_squad_change_popup(); // BARRACKS screen // -#define STRCPY1(a, b) do { \ - SDL_assert(strlen(b) < STAT_COLUMN1_W); \ - strcpy(a, b); \ -} while (0) - void barracks_init_stats(scoring_struct *stats) { int i; @@ -460,7 +455,7 @@ void barracks_init_stats(scoring_struct *stats) Num_stat_lines = 0; - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "*All Time Stats", 50)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "*All Time Stats", 50), STAT_COLUMN1_W); Stats[Num_stat_lines][0] = 0; Num_stat_lines++; @@ -470,38 +465,38 @@ void barracks_init_stats(scoring_struct *stats) Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Primary weapon shots:", 51)); - sprintf(Stats[Num_stat_lines], "%d", stats->p_shots_fired); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Primary weapon shots:", 51), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->p_shots_fired); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Primary weapon hits:", 52)); - sprintf(Stats[Num_stat_lines], "%d", stats->p_shots_hit); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Primary weapon hits:", 52), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->p_shots_hit); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Primary friendly hits:", 53)); - sprintf(Stats[Num_stat_lines], "%d", stats->p_bonehead_hits); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Primary friendly hits:", 53), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->p_bonehead_hits); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Primary hit %:", 54)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Primary hit %:", 54), STAT_COLUMN1_W); if (stats->p_shots_fired > 0) { f = (float) stats->p_shots_hit * 100.0f / (float) stats->p_shots_fired; } else { f = 0.0f; } - sprintf(Stats[Num_stat_lines], XSTR( "%.1f%%", 55), f); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, XSTR( "%.1f%%", 55), f); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Primary friendly hit %:", 56)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Primary friendly hit %:", 56), STAT_COLUMN1_W); if (stats->p_bonehead_hits > 0) { f = (float) stats->p_bonehead_hits * 100.0f / (float) stats->p_shots_fired; } else { f = 0.0f; } - sprintf(Stats[Num_stat_lines], XSTR( "%.1f%%", 55), f); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, XSTR( "%.1f%%", 55), f); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); @@ -510,38 +505,38 @@ void barracks_init_stats(scoring_struct *stats) Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Secondary weapon shots:", 57)); - sprintf(Stats[Num_stat_lines], "%d", stats->s_shots_fired); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Secondary weapon shots:", 57), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->s_shots_fired); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Secondary weapon hits:", 58)); - sprintf(Stats[Num_stat_lines], "%d", stats->s_shots_hit); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Secondary weapon hits:", 58), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->s_shots_hit); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Secondary friendly hits:", 59)); - sprintf(Stats[Num_stat_lines], "%d", stats->s_bonehead_hits); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Secondary friendly hits:", 59), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->s_bonehead_hits); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Secondary hit %:", 60)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Secondary hit %:", 60), STAT_COLUMN1_W); if (stats->s_shots_fired > 0) { f = (float) stats->s_shots_hit * 100.0f / (float) stats->s_shots_fired; } else { f = 0.0f; } - sprintf(Stats[Num_stat_lines], XSTR( "%.1f%%", 55), f); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, XSTR( "%.1f%%", 55), f); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Secondary friendly hit %:", 61)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Secondary friendly hit %:", 61), STAT_COLUMN1_W); if (stats->s_bonehead_hits > 0) { f = (float) stats->s_bonehead_hits * 100.0f / (float) stats->s_shots_fired; } else { f = 0.0f; } - sprintf(Stats[Num_stat_lines], XSTR( "%.1f%%", 55), f); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, XSTR( "%.1f%%", 55), f); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); @@ -550,13 +545,13 @@ void barracks_init_stats(scoring_struct *stats) Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Total kills:", 62)); - sprintf(Stats[Num_stat_lines], "%d", stats->kill_count_ok); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Total kills:", 62), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->kill_count_ok); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "Assists:", 63)); - sprintf(Stats[Num_stat_lines], "%d", stats->assists); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "Assists:", 63), STAT_COLUMN1_W); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->assists); Num_stat_lines++; SDL_assert(Num_stat_lines < NUM_STAT_LINES); @@ -569,7 +564,7 @@ void barracks_init_stats(scoring_struct *stats) Stats[Num_stat_lines][0] = 0; Num_stat_lines++; - STRCPY1(Stat_labels[Num_stat_lines], XSTR( "*Kills by Ship Type", 64)); + SDL_strlcpy(Stat_labels[Num_stat_lines], XSTR( "*Kills by Ship Type", 64), STAT_COLUMN1_W); Stats[Num_stat_lines][0] = 0; Num_stat_lines++; @@ -582,8 +577,8 @@ void barracks_init_stats(scoring_struct *stats) if (stats->kills[i]) { SDL_assert(Num_stat_lines < NUM_STAT_LINES); SDL_assert(strlen(Ship_info[i].name) + 1 < STAT_COLUMN1_W); - sprintf(Stat_labels[Num_stat_lines], NOX("%s:"), Ship_info[i].name); - sprintf(Stats[Num_stat_lines], "%d", stats->kills[i]); + SDL_snprintf(Stat_labels[Num_stat_lines], STAT_COLUMN1_W, NOX("%s:"), Ship_info[i].name); + SDL_snprintf(Stats[Num_stat_lines], STAT_COLUMN2_W, "%d", stats->kills[i]); Num_stat_lines++; } } @@ -645,7 +640,7 @@ int barracks_new_pilot_selected() int i; barracks_init_stats(&Cur_pilot->stats); for (i=0; iimage_filename); + SDL_strlcpy(stripped, Cur_pilot->image_filename, sizeof(stripped)); barracks_strip_pcx(stripped); if (!SDL_strcasecmp(stripped, Pilot_image_names[i])) { break; @@ -653,7 +648,7 @@ int barracks_new_pilot_selected() } Pic_number = i; for ( i=0; isquad_filename); + SDL_strlcpy(stripped, Cur_pilot->squad_filename, sizeof(stripped)); barracks_strip_pcx(stripped); if (!SDL_strcasecmp(stripped, Pilot_squad_image_names[i])) { break; @@ -710,7 +705,7 @@ void barracks_create_new_pilot() int idx = Num_pilots; SDL_assert(Num_pilots >= 0); while (idx--) { - strcpy(Pilots[idx + 1], Pilots[idx]); + SDL_strlcpy(Pilots[idx + 1], Pilots[idx], MAX_FILENAME_LEN); Pilot_ranks[idx + 1] = Pilot_ranks[idx]; } @@ -752,8 +747,8 @@ int barracks_pilot_accepted() // when we store the LastPlayer key, we have to mark it as being single or multiplayer, so we know where to look for him // (since we could have a single and a multiplayer pilot with the same callsign) // we'll distinguish them by putting an M and the end of the multiplayer callsign and a P at the end of a single player - strcpy(str, Cur_pilot->callsign); - strcat(str, is_pilot_multi(Cur_pilot) ? NOX("M") : NOX("S")); + SDL_strlcpy(str, Cur_pilot->callsign, sizeof(str)); + SDL_strlcat(str, is_pilot_multi(Cur_pilot) ? NOX("M") : NOX("S"), sizeof(str)); os_config_write_string( NULL, "LastPlayer", str ); return 0; } @@ -831,7 +826,7 @@ void barracks_prev_pic() // copy pilot pic filename into pilot struct if ((Pic_number >= 0) && (Pic_number < Num_pilot_images)) { - strcpy(Cur_pilot->image_filename, Pilot_image_names[Pic_number]); + SDL_strlcpy(Cur_pilot->image_filename, Pilot_image_names[Pic_number], sizeof(Cur_pilot->image_filename)); } // play scroll sound @@ -855,7 +850,7 @@ void barracks_next_pic() // copy pilot pic filename into pilot struct if ((Pic_number >= 0) && (Pic_number < Num_pilot_images)){ - strcpy(Cur_pilot->image_filename, Pilot_image_names[Pic_number]); + SDL_strlcpy(Cur_pilot->image_filename, Pilot_image_names[Pic_number], sizeof(Cur_pilot->image_filename)); } // play scroll sound @@ -879,7 +874,7 @@ void barracks_prev_squad_pic() // copy pilot pic filename into pilot struct if ((Pic_squad_number >= 0) && (Pic_squad_number < Num_pilot_squad_images)) { - strcpy(Cur_pilot->squad_filename, Pilot_squad_image_names[Pic_squad_number]); + SDL_strlcpy(Cur_pilot->squad_filename, Pilot_squad_image_names[Pic_squad_number], sizeof(Cur_pilot->squad_filename)); } // play scroll sound @@ -903,7 +898,7 @@ void barracks_next_squad_pic() // copy pilot pic filename into pilot struct if ((Pic_squad_number >= 0) && (Pic_squad_number < Num_pilot_squad_images)){ - strcpy(Cur_pilot->squad_filename, Pilot_squad_image_names[Pic_squad_number]); + SDL_strlcpy(Cur_pilot->squad_filename, Pilot_squad_image_names[Pic_squad_number], sizeof(Cur_pilot->squad_filename)); } // play scroll sound @@ -929,9 +924,9 @@ void barracks_delete_pilot() active = 1; } - strcpy(buf, Pilots[Selected_line]); + SDL_strlcpy(buf, Pilots[Selected_line], sizeof(buf)); for (int i=Selected_line; icallsign, Player_sel_mode == PLAYER_SELECT_MODE_MULTI)) { z = popup(0, 2, POPUP_CANCEL, POPUP_OK, temp); if (z != 1) break; } - strcpy(old_pic, Cur_pilot->image_filename); - strcpy(old_squad_pic, Cur_pilot->squad_filename); - strcpy(old_squad, Cur_pilot->squad_name); + SDL_strlcpy(old_pic, Cur_pilot->image_filename, sizeof(old_pic)); + SDL_strlcpy(old_squad_pic, Cur_pilot->squad_filename, sizeof(old_squad_pic)); + SDL_strlcpy(old_squad, Cur_pilot->squad_name, sizeof(old_squad)); init_new_pilot(Cur_pilot, 0); - strcpy(Cur_pilot->image_filename, old_pic); - strcpy(Cur_pilot->squad_filename, old_squad_pic); - strcpy(Cur_pilot->squad_name, old_squad); + SDL_strlcpy(Cur_pilot->image_filename, old_pic, sizeof(Cur_pilot->image_filename)); + SDL_strlcpy(Cur_pilot->squad_filename, old_squad_pic, sizeof(Cur_pilot->squad_filename)); + SDL_strlcpy(Cur_pilot->squad_name, old_squad, sizeof(Cur_pilot->squad_name)); if (Player_sel_mode == PLAYER_SELECT_MODE_SINGLE) { Cur_pilot->flags |= PLAYER_FLAGS_IS_MULTI; write_pilot_file(); @@ -1309,7 +1304,7 @@ void barracks_accept_new_pilot_callsign() z = 1; } else { for (i=1; buf[i]; i++) { - if (!isalpha(buf[i]) && !isdigit(buf[i]) && !strchr(VALID_PILOT_CHARS, buf[i])) { + if (!isalpha(buf[i]) && !isdigit(buf[i]) && !SDL_strchr(VALID_PILOT_CHARS, buf[i])) { return; } } @@ -1318,9 +1313,9 @@ void barracks_accept_new_pilot_callsign() for (i=1; icallsign, buf); + SDL_strlcpy(Pilots[0], buf, MAX_FILENAME_LEN); + SDL_strlcpy(Cur_pilot->callsign, buf, sizeof(Cur_pilot->callsign)); init_new_pilot(Cur_pilot, !Clone_flag); // again, make sure we set his flags correctly to ensure that he gets saved to the proper directory and gets @@ -1378,7 +1373,7 @@ void barracks_draw_pilot_pic() // print number of the current pic char buf[40]; - sprintf(buf, XSTR( "%d of %d", 71), Pic_number + 1, Num_pilot_images); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d of %d", 71), Pic_number + 1, Num_pilot_images); gr_printf(Barracks_image_number_coords[gr_screen.res][BARRACKS_X_COORD], Barracks_image_number_coords[gr_screen.res][BARRACKS_Y_COORD], buf); } } else { @@ -1403,7 +1398,7 @@ void barracks_draw_squad_pic() // print number of current squad pic if(Player_sel_mode != PLAYER_SELECT_MODE_SINGLE){ - sprintf(buf,XSTR( "%d of %d", 71), Pic_squad_number+1, Num_pilot_squad_images); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d of %d", 71), Pic_squad_number+1, Num_pilot_squad_images); gr_printf(Barracks_squad_number_coords[gr_screen.res][BARRACKS_X_COORD], Barracks_squad_number_coords[gr_screen.res][BARRACKS_Y_COORD], buf); } } @@ -1586,7 +1581,7 @@ void barracks_do_frame(float frametime) // cancel create pilot Num_pilots--; for (i=0; i= 0) && (main_hall_num < NUM_MAIN_HALLS)); @@ -935,7 +935,7 @@ void main_hall_init(int main_hall_num) */ Main_hall_region_linger_stamp = -1; - strcpy(Main_hall_campaign_cheat, ""); + SDL_strlcpy(Main_hall_campaign_cheat, "", sizeof(Main_hall_campaign_cheat)); // zero out the door sounds for(idx=0;idxnum_door_sounds;idx++){ @@ -1189,10 +1189,10 @@ void main_hall_do(float frametime) } else { if (Num_recent_missions > 0) { - strncpy( Game_current_mission_filename, Recent_missions[0], MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Recent_missions[0], sizeof(Game_current_mission_filename) ); } else { mission_load_up_campaign(); - strncpy( Game_current_mission_filename, Campaign.missions[0].name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Campaign.missions[0].name, sizeof(Game_current_mission_filename) ); } Campaign.current_mission = -1; @@ -1212,7 +1212,7 @@ void main_hall_do(float frametime) char temp[100]; game_increase_skill_level(); - sprintf(temp, XSTR( "Skill level set to %s.", 370), Skill_level_names(Game_skill_level)); + SDL_snprintf(temp, sizeof(temp), XSTR( "Skill level set to %s.", 370), Skill_level_names(Game_skill_level)); main_hall_set_notify_string(temp); break; @@ -1811,7 +1811,7 @@ void main_hall_handle_random_intercom_sounds() // set the notification string with its decay timeout void main_hall_set_notify_string(const char *str) { - strcpy(Main_hall_notify_text,str); + SDL_strlcpy(Main_hall_notify_text, str, sizeof(Main_hall_notify_text)); Main_hall_notify_stamp = timestamp(MAIN_HALL_NOTIFY_TIME); } @@ -1821,7 +1821,7 @@ void main_hall_notify_do() if(Main_hall_notify_stamp != -1){ // if the text time has expired if(timestamp_elapsed(Main_hall_notify_stamp)){ - strcpy(Main_hall_notify_text,""); + SDL_strlcpy(Main_hall_notify_text, "", sizeof(Main_hall_notify_text)); Main_hall_notify_stamp = -1; } else { int w,h; @@ -1881,7 +1881,7 @@ void main_hall_blit_version() int w; // format the version string - get_version_string(version_string); + get_version_string(version_string, sizeof(version_string)); // get the length of the string gr_get_string_size(&w,NULL,version_string); @@ -1952,7 +1952,7 @@ void main_hall_process_help_stuff() } // otherwise print out the message - strcpy(str, XSTR( "Press F1 for help", 371)); + SDL_strlcpy(str, XSTR( "Press F1 for help", 371), sizeof(str)); gr_get_string_size(&w, &h, str); int y_anim_offset = Main_hall_f1_text_frame; @@ -2148,9 +2148,9 @@ void main_hall_read_table() int idx; // Terran main hall - strncpy(Main_hall_defines[0][0].bitmap, "MainHall1", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].mask, "MainHall1-m", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].music, "main_amb", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].bitmap, "MainHall1", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].mask, "MainHall1-m", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].music, "main_amb", MAX_FILENAME_LEN); Main_hall_defines[0][0].num_random_intercom_sounds = 3; Main_hall_defines[0][0].intercom_delay[0][0] = 8000; @@ -2167,8 +2167,8 @@ void main_hall_read_table() Main_hall_defines[0][0].intercom_sound_pan[2] = 0.0f; Main_hall_defines[0][0].num_misc_animations = 2; - strncpy(Main_hall_defines[0][0].misc_anim_name[0], "main1-m1", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].misc_anim_name[1], "main1-m2", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].misc_anim_name[0], "main1-m1", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].misc_anim_name[1], "main1-m2", MAX_FILENAME_LEN); Main_hall_defines[0][0].misc_anim_delay[0][0] = -1; Main_hall_defines[0][0].misc_anim_delay[0][1] = 15000; Main_hall_defines[0][0].misc_anim_delay[0][2] = 20000; @@ -2205,12 +2205,12 @@ void main_hall_read_table() Main_hall_defines[0][0].misc_anim_sound_flag[1][0] = 2; Main_hall_defines[0][0].num_door_animations = 6; - strncpy(Main_hall_defines[0][0].door_anim_name[0], "main1-d1", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].door_anim_name[1], "main1-d6", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].door_anim_name[2], "main1-d3", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].door_anim_name[3], "main1-d4", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].door_anim_name[4], "main1-d5", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][0].door_anim_name[5], "main1-d2", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[0], "main1-d1", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[1], "main1-d6", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[2], "main1-d3", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[3], "main1-d4", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[4], "main1-d5", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][0].door_anim_name[5], "main1-d2", MAX_FILENAME_LEN); Main_hall_defines[0][0].door_anim_coords[0][0] = 68; Main_hall_defines[0][0].door_anim_coords[0][1] = 260; Main_hall_defines[0][0].door_anim_coords[0][2] = 103; @@ -2262,9 +2262,9 @@ void main_hall_read_table() // Vasudan main hall - strncpy(Main_hall_defines[0][1].bitmap, "MainHall2", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].mask, "MainHall2-m", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].music, "main_amb", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].bitmap, "MainHall2", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].mask, "MainHall2-m", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].music, "main_amb", MAX_FILENAME_LEN); Main_hall_defines[0][1].num_random_intercom_sounds = 3; Main_hall_defines[0][1].intercom_delay[0][0] = 8000; @@ -2281,10 +2281,10 @@ void main_hall_read_table() Main_hall_defines[0][1].intercom_sound_pan[2] = 0.0f; Main_hall_defines[0][1].num_misc_animations = 4; - strncpy(Main_hall_defines[0][1].misc_anim_name[0], "main2-m1", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].misc_anim_name[1], "main2-m2", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].misc_anim_name[2], "main2-m3", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].misc_anim_name[3], "main2-m4", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].misc_anim_name[0], "main2-m1", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].misc_anim_name[1], "main2-m2", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].misc_anim_name[2], "main2-m3", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].misc_anim_name[3], "main2-m4", MAX_FILENAME_LEN); Main_hall_defines[0][1].misc_anim_delay[0][0] = -1; Main_hall_defines[0][1].misc_anim_delay[0][1] = 0; Main_hall_defines[0][1].misc_anim_delay[0][2] = 0; @@ -2347,12 +2347,12 @@ void main_hall_read_table() Main_hall_defines[0][1].misc_anim_sound_flag[3][0] = 2; Main_hall_defines[0][1].num_door_animations = 6; - strncpy(Main_hall_defines[0][1].door_anim_name[0], "main2-d1", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].door_anim_name[1], "main2-d6", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].door_anim_name[2], "main2-d3", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].door_anim_name[3], "main2-d4", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].door_anim_name[4], "main2-d5", MAX_FILENAME_LEN); - strncpy(Main_hall_defines[0][1].door_anim_name[5], "main2-d2", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[0], "main2-d1", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[1], "main2-d6", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[2], "main2-d3", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[3], "main2-d4", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[4], "main2-d5", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[0][1].door_anim_name[5], "main2-d2", MAX_FILENAME_LEN); Main_hall_defines[0][1].door_anim_coords[0][0] = 199; Main_hall_defines[0][1].door_anim_coords[0][1] = 265; Main_hall_defines[0][1].door_anim_coords[0][2] = 263; @@ -2412,12 +2412,12 @@ void main_hall_read_table() Main_hall_defines[GR_1024][1].door_sounds[OPTIONS_REGION][1] = SND_VASUDAN_BUP; // set head anim. hehe - strcpy(Main_hall_defines[GR_640][1].door_anim_name[OPTIONS_REGION], "vhallheads"); - strcpy(Main_hall_defines[GR_1024][1].door_anim_name[OPTIONS_REGION], "2_vhallheads"); + SDL_strlcpy(Main_hall_defines[GR_640][1].door_anim_name[OPTIONS_REGION], "vhallheads", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[GR_1024][1].door_anim_name[OPTIONS_REGION], "2_vhallheads", MAX_FILENAME_LEN); // set the background - strcpy(Main_hall_defines[GR_640][1].bitmap, "vhallhead"); - strcpy(Main_hall_defines[GR_1024][1].bitmap, "2_vhallhead"); + SDL_strlcpy(Main_hall_defines[GR_640][1].bitmap, "vhallhead", MAX_FILENAME_LEN); + SDL_strlcpy(Main_hall_defines[GR_1024][1].bitmap, "2_vhallhead", MAX_FILENAME_LEN); } } diff --git a/src/menuui/mainhalltemp.cpp b/src/menuui/mainhalltemp.cpp index 55718a2..6c8ede9 100644 --- a/src/menuui/mainhalltemp.cpp +++ b/src/menuui/mainhalltemp.cpp @@ -171,10 +171,10 @@ void mht_do() } if (Num_recent_missions > 0) { - strncpy( Game_current_mission_filename, Recent_missions[0], MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Recent_missions[0], sizeof(Game_current_mission_filename) ); } else { mission_load_up_campaign(); - strncpy( Game_current_mission_filename, Campaign.missions[0].name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Campaign.missions[0].name, sizeof(Game_current_mission_filename) ); } Campaign.current_mission = -1; diff --git a/src/menuui/optionsmenu.cpp b/src/menuui/optionsmenu.cpp index 796e8eb..d95b55a 100644 --- a/src/menuui/optionsmenu.cpp +++ b/src/menuui/optionsmenu.cpp @@ -803,7 +803,7 @@ void options_play_voice_clip() void options_add_notify(const char *str) { - strcpy(Options_notify_string, str); + SDL_strlcpy(Options_notify_string, str, sizeof(Options_notify_string)); Options_notify_stamp = timestamp(OPTIONS_NOTIFY_TIME); } @@ -1037,7 +1037,7 @@ void options_change_gamma(float delta) } gr_set_gamma(Freespace_gamma); - sprintf(tmp_gamma_string, NOX("%.2f"), Freespace_gamma); + SDL_snprintf(tmp_gamma_string, sizeof(tmp_gamma_string), NOX("%.2f"), Freespace_gamma); os_config_write_string(NULL, NOX("Gamma"), tmp_gamma_string); } diff --git a/src/menuui/optionsmenumulti.cpp b/src/menuui/optionsmenumulti.cpp index 51c9b9c..1e680d9 100644 --- a/src/menuui/optionsmenumulti.cpp +++ b/src/menuui/optionsmenumulti.cpp @@ -936,7 +936,7 @@ void options_multi_add_notify(const char *str) // copy the string memset(Om_notify_string,0,255); if(str != NULL){ - strcpy(Om_notify_string,str); + SDL_strlcpy(Om_notify_string, str, sizeof(Om_notify_string)); } // set the timestamp @@ -953,6 +953,7 @@ void options_multi_notify_process() int line_count; int y_start; int idx; + int len; // if there is no timestamp, do nothing if(Om_notify_stamp == -1){ @@ -970,9 +971,9 @@ void options_multi_notify_process() y_start = OM_NOTIFY_Y; gr_set_color_fast(&Color_bright); for(idx=0;idxplayer->callsign); + SDL_strlcpy(str, Om_vox_players[idx]->player->callsign, sizeof(str)); gr_force_fit_string(str, CALLSIGN_LEN+1, Om_vox_plist_coords[gr_screen.res][2]); // blit the callsign diff --git a/src/menuui/playermenu.cpp b/src/menuui/playermenu.cpp index f653bca..ee4191e 100644 --- a/src/menuui/playermenu.cpp +++ b/src/menuui/playermenu.cpp @@ -978,7 +978,7 @@ int player_select_create_new_pilot() // move all the pilots in the list up while (idx--) { - strcpy(Pilots[idx + 1], Pilots[idx]); + SDL_strlcpy(Pilots[idx + 1], Pilots[idx], MAX_FILENAME_LEN); } // by default, set the default netgame protocol to be VMT @@ -1009,8 +1009,8 @@ void player_select_delete_pilot() // tack on the full path and the pilot file extension // build up the path name length // make sure we do this based upon whether we're in single or multiplayer mode - strcpy( filename, Pilots[Player_select_pilot] ); - strcat( filename, NOX(".plr") ); + SDL_strlcpy( filename, Pilots[Player_select_pilot], sizeof(filename) ); + SDL_strlcat( filename, NOX(".plr"), sizeof(filename) ); // attempt to delete the pilot if (Player_select_mode == PLAYER_SELECT_MODE_SINGLE) { @@ -1024,7 +1024,7 @@ void player_select_delete_pilot() // move all the players down for (i=Player_select_pilot; iflags |= PLAYER_FLAGS_STRUCTURE_IN_USE; } - strcpy(Player->callsign, buf); + SDL_strlcpy(Player->callsign, buf, sizeof(Player->callsign)); init_new_pilot(Player, !Player_select_clone_flag); // set him as being a multiplayer pilot if we're in the correct mode @@ -1373,19 +1373,19 @@ void player_select_display_copyright() gr_set_color_fast(&Color_bright); if (Lcl_gr) { - sprintf(Copyright_msg1, XSTR("Descent: FreeSpace - The Great War, Copyright %c 1998, Volition, Inc.", 384), '\xA8'); + SDL_snprintf(Copyright_msg1, sizeof(Copyright_msg1), XSTR("Descent: FreeSpace - The Great War, Copyright %c 1998, Volition, Inc.", 384), '\xA8'); } else { - sprintf(Copyright_msg1, XSTR("Descent: FreeSpace - The Great War, Copyright %c 1998, Volition, Inc.", 384), '\x83'); + SDL_snprintf(Copyright_msg1, sizeof(Copyright_msg1), XSTR("Descent: FreeSpace - The Great War, Copyright %c 1998, Volition, Inc.", 384), '\x83'); } - sprintf(Copyright_msg2, XSTR("All Rights Reserved", 385)); + SDL_snprintf(Copyright_msg2, sizeof(Copyright_msg2), XSTR("All Rights Reserved", 385)); #else gr_set_color_fast(&Color_white); - sprintf(Copyright_msg1, NOX("FreeSpace 2")); + SDL_snprintf(Copyright_msg1, sizeof(Copyright_msg1), NOX("FreeSpace 2")); if (Lcl_gr) { - sprintf(Copyright_msg2, XSTR("Copyright %c 1999, Volition, Inc. All rights reserved.", 385), '\xA8'); + SDL_snprintf(Copyright_msg2, sizeof(Copyright_msg2), XSTR("Copyright %c 1999, Volition, Inc. All rights reserved.", 385), '\xA8'); } else { - sprintf(Copyright_msg2, XSTR("Copyright %c 1999, Volition, Inc. All rights reserved.", 385), '\x83'); + SDL_snprintf(Copyright_msg2, sizeof(Copyright_msg2), XSTR("Copyright %c 1999, Volition, Inc. All rights reserved.", 385), '\x83'); } #endif // MAKE_FS1 @@ -1435,14 +1435,14 @@ int player_select_pilot_file_filter(const char *filename) void player_select_set_bottom_text(const char *txt) { if (txt) { - strncpy(Player_select_bottom_text, txt, 149); + SDL_strlcpy(Player_select_bottom_text, txt, sizeof(Player_select_bottom_text)); } } void player_select_set_middle_text(const char *txt) { if (txt) { - strncpy(Player_select_middle_text, txt, 149); + SDL_strlcpy(Player_select_middle_text, txt, sizeof(Player_select_middle_text)); } } @@ -1463,7 +1463,7 @@ void player_select_eval_very_first_pilot() if((Player_select_num_pilots == 1) && (Player_select_initial_count == 0)){ // set up the data Player_select_very_first_pilot = 1; - strcpy(Player_select_very_first_pilot_callsign,Pilots[Player_select_pilot]); + SDL_strlcpy(Player_select_very_first_pilot_callsign, Pilots[Player_select_pilot], sizeof(Player_select_very_first_pilot_callsign)); } } } @@ -1493,7 +1493,7 @@ void player_select_cancel_create() // move all pilots down for (idx=0; idx 0) { // sanity check if (strlen(Mission_filenames[Num_standalone_missions_with_info]) < MAX_FILENAME_LEN - 4) { // sanity check? - strcpy(filename, Mission_filenames[Num_standalone_missions_with_info]); + SDL_strlcpy(filename, Mission_filenames[Num_standalone_missions_with_info], sizeof(filename)); // update popup - memset(str, 0, 256); - sprintf(str, XSTR("Single Mission\n\n%s",989), filename); + SDL_snprintf(str, sizeof(str), XSTR("Single Mission\n\n%s",989), filename); popup_change_text(str); // tack on an extension - strcat(filename, FS_MISSION_FILE_EXT); + SDL_strlcat(filename, FS_MISSION_FILE_EXT, sizeof(filename)); if (!get_mission_info(filename)) { Standalone_mission_names[Num_standalone_missions_with_info] = strdup(The_mission.name); Standalone_mission_flags[Num_standalone_missions_with_info] = The_mission.game_type; @@ -668,8 +667,7 @@ int build_campaign_mission_list_do_frame() } // change popup - memset(str, 0, 256); - sprintf(str, XSTR("Campaign Mission\n\n%s",990), Campaign.missions[Num_campaign_missions_with_info].name); + SDL_snprintf(str, sizeof(str), XSTR("Campaign Mission\n\n%s",990), Campaign.missions[Num_campaign_missions_with_info].name); popup_change_text(str); // Set global variable so we we'll have list available next time @@ -735,7 +733,7 @@ void sim_room_build_listing() // determine some extra information int flags = 0; memset(full_filename, 0, 256); - strcpy(full_filename, cf_add_ext(Mission_filenames[i], FS_MISSION_FILE_EXT)); + SDL_strlcpy(full_filename, cf_add_ext(Mission_filenames[i], FS_MISSION_FILE_EXT), sizeof(full_filename)); fs_builtin_mission *fb = game_find_builtin_mission(full_filename); if((fb != NULL) && (fb->flags & FSB_FROM_VOLITION)){ flags |= READYROOM_FLAG_FROM_VOLITION; @@ -767,7 +765,7 @@ void sim_room_build_listing() // determine some extra information int flags = 0; memset(full_filename, 0, 256); - strcpy(full_filename, cf_add_ext(Campaign.missions[i].name, FS_MISSION_FILE_EXT)); + SDL_strlcpy(full_filename, cf_add_ext(Campaign.missions[i].name, FS_MISSION_FILE_EXT), sizeof(full_filename)); fs_builtin_mission *fb = game_find_builtin_mission(full_filename); if((fb != NULL) && (fb->flags & FSB_FROM_VOLITION)){ flags |= READYROOM_FLAG_FROM_VOLITION; @@ -1020,7 +1018,7 @@ void sim_room_commit() return; } - strncpy(Game_current_mission_filename, sim_room_lines[Selected_line].filename, MAX_FILENAME_LEN); + SDL_strlcpy(Game_current_mission_filename, sim_room_lines[Selected_line].filename, sizeof(Game_current_mission_filename)); Game_mode &= ~(GM_CAMPAIGN_MODE); // be sure this bit is clear @@ -1103,7 +1101,7 @@ void sim_room_init() { int i; sim_room_buttons *b; - char wild_card[256]; + char wild_card[6]; list_x1 = Mission_list_coords[gr_screen.res][0]; list_x2 = Campaign_list_coords[gr_screen.res][0]; @@ -1169,15 +1167,13 @@ void sim_room_init() Scroll_offset = Selected_line = 0; - strcpy(Cur_campaign, Player->current_campaign); + SDL_strlcpy(Cur_campaign, Player->current_campaign, sizeof(Cur_campaign)); mission_load_up_campaign(); mission_campaign_next_mission(); Num_campaigns = Num_campaign_missions = 0; Get_file_list_filter = sim_room_campaign_mission_filter; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_CAMPAIGN_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_CAMPAIGN_FILE_EXT); Num_campaigns = cf_get_file_list(MAX_CAMPAIGNS, Campaign_file_names, CF_TYPE_MISSIONS, wild_card, CF_SORT_NAME); Hash_table_inited = 0; @@ -1195,9 +1191,7 @@ void sim_room_init() gr_flip(); Get_file_list_filter = sim_room_standalone_mission_filter; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_MISSION_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_MISSION_FILE_EXT); Num_standalone_missions = cf_get_file_list(MAX_MISSIONS, Mission_filenames, CF_TYPE_MISSIONS, wild_card, CF_SORT_NAME); Num_campaign_missions_with_info = Num_standalone_missions_with_info = Standalone_mission_names_inited = Campaign_names_inited = Campaign_mission_names_inited = 0; @@ -1406,19 +1400,18 @@ void sim_room_do_frame(float frametime) gr_set_font(FONT1); if (Player->readyroom_listing_mode == MODE_CAMPAIGNS) { gr_set_color_fast(&Color_text_heading); - strcpy(buf, Campaign.name); + SDL_strlcpy(buf, Campaign.name, sizeof(buf)); gr_force_fit_string(buf, 255, list_w1); gr_printf(list_x1, Mission_list_coords[gr_screen.res][1], buf); if (Campaign.filename) { - sprintf(buf, NOX("%s%s"), Campaign.filename, FS_CAMPAIGN_FILE_EXT); + SDL_snprintf(buf, sizeof(buf), NOX("%s%s"), Campaign.filename, FS_CAMPAIGN_FILE_EXT); gr_force_fit_string(buf, 255, list_w2); gr_printf(list_x2, Mission_list_coords[gr_screen.res][1], buf); // blit the proper icons if necessary char full_name[256]; - memset(full_name, 0, 256); - strcpy(full_name, cf_add_ext(Campaign.filename,FS_CAMPAIGN_FILE_EXT)); + SDL_strlcpy(full_name, cf_add_ext(Campaign.filename,FS_CAMPAIGN_FILE_EXT), sizeof(full_name)); fs_builtin_mission *fb = game_find_builtin_mission(full_name); if(fb != NULL){ // sim_room_blit_icons(0, Mission_list_coords[gr_screen.res][1], fb, 0); @@ -1444,12 +1437,12 @@ void sim_room_do_frame(float frametime) else gr_set_color_fast(&Color_text_normal); - strcpy(buf, sim_room_lines[line].name); + SDL_strlcpy(buf, sim_room_lines[line].name, sizeof(buf)); gr_force_fit_string(buf, 255, list_x1 + list_w1 - sim_room_lines[line].x); gr_printf(sim_room_lines[line].x, y, buf); if (sim_room_lines[line].filename) { - strcpy(buf, sim_room_lines[line].filename); + SDL_strlcpy(buf, sim_room_lines[line].filename, sizeof(buf)); gr_force_fit_string(buf, 255, list_w2); gr_printf(list_x2, y, buf); } @@ -1690,9 +1683,10 @@ int campaign_room_reset_campaign(int n) // z = popup(PF_TITLE_BIG | PF_TITLE_RED, 2, POPUP_CANCEL, POPUP_OK, XSTR( "Warning\nThis will cause all progress in your\ncurrent campaign to be lost", 110), Campaign_names[n]); z = popup(PF_TITLE_BIG | PF_TITLE_RED, 2, POPUP_CANCEL, POPUP_OK, XSTR( "Warning\nThis will cause all progress in your\ncurrent campaign to be lost", 110)); if (z == 1) { - filename = (char *) malloc(strlen(Campaign_file_names[n]) + 5); - strcpy(filename, Campaign_file_names[n]); - strcat(filename, FS_CAMPAIGN_FILE_EXT); + int len = strlen(Campaign_file_names[n]) + 5; + filename = (char *) malloc(len); + SDL_strlcpy(filename, Campaign_file_names[n], len); + SDL_strlcat(filename, FS_CAMPAIGN_FILE_EXT, len); mission_campaign_savefile_delete(filename); mission_campaign_load(filename); @@ -1718,7 +1712,7 @@ void campaign_room_commit() mission_campaign_savefile_delete(Campaign_file_names[Selected_campaign_index]); mission_campaign_load(Campaign_file_names[Selected_campaign_index]); - strcpy(Player->current_campaign, Campaign.filename); // track new campaign for player + SDL_strlcpy(Player->current_campaign, Campaign.filename, sizeof(Player->current_campaign)); // track new campaign for player } if (mission_campaign_next_mission()) { // is campaign and next mission valid? @@ -1783,7 +1777,7 @@ void campaign_room_init() { int i, j, load_failed; ui_button_info *b; - char wild_card[256]; + char wild_card[6]; list_h = Mission_list_coords[gr_screen.res][3]; @@ -1844,9 +1838,7 @@ void campaign_room_init() Num_campaigns = 0; Get_file_list_filter = campaign_room_campaign_filter; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_CAMPAIGN_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_CAMPAIGN_FILE_EXT); Num_campaigns = cf_get_file_list(MAX_CAMPAIGNS, Campaign_file_names, CF_TYPE_MISSIONS, wild_card, CF_SORT_NAME); for (i=0; imask = mask; region->key = key; - strcpy(region->text, text); + SDL_strlcpy(region->text, text, sizeof(region->text)); region->click_sound = click_sound; } @@ -368,7 +368,7 @@ void snazzy_menu_add_region(MENU_REGION* region, const char* text, int mask, int // // -void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filename, MENU_REGION* regions, int* num_regions, int play_sound) +void read_menu_tbl(const char* menu_name, char* bkg_filename, const int max_bkg_len, char* mask_filename, const int max_mask_len, MENU_REGION* regions, int* num_regions, int play_sound) { CFILE* fp; int state=0; @@ -396,9 +396,9 @@ void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filenam while (cfgets(tmp_line, 132, fp)) { - p1 = strchr(tmp_line,'\n'); if (p1) *p1 = '\0'; - p1 = strchr(tmp_line,';'); if (p1) *p1 = '\0'; - p1 = p3 = strchr( tmp_line, '[' ); + p1 = SDL_strchr(tmp_line,'\n'); if (p1) *p1 = '\0'; + p1 = SDL_strchr(tmp_line,';'); if (p1) *p1 = '\0'; + p1 = p3 = SDL_strchr( tmp_line, '[' ); if (p3 && state == 1) { // close localization @@ -410,7 +410,7 @@ void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filenam if ( p1 || p3) { if (!state) { - p2 = strchr( tmp_line, ']' ); + p2 = SDL_strchr( tmp_line, ']' ); if (p2) *p2 = 0; if (!SDL_strcasecmp( ++p1, menu_name )) state = 1; } else { @@ -421,9 +421,9 @@ void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filenam // parse a region line - p1 = strchr( tmp_line, '\"' ); + p1 = SDL_strchr( tmp_line, '\"' ); if (p1) { - p2 = strchr( tmp_line+1, '\"' ); + p2 = SDL_strchr( tmp_line+1, '\"' ); if (!p2) { nprintf(("Warning","Error parsing menu file\n")); @@ -433,7 +433,7 @@ void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filenam return; } *p2 = 0; - strcpy(regions[*num_regions].text,++p1); + SDL_strlcpy(regions[*num_regions].text, ++p1, sizeof(regions[0].text)); p2++; // get the tokens mask number @@ -462,11 +462,11 @@ void read_menu_tbl(const char* menu_name, char* bkg_filename, char* mask_filenam if ( token != NULL ) { // store the background filename - strcpy(bkg_filename, token); + SDL_strlcpy(bkg_filename, token, max_bkg_len); // get the mask filename token = strtok( NULL, seps ); - strcpy(mask_filename, token); + SDL_strlcpy(mask_filename, token, max_mask_len); } } } diff --git a/src/menuui/techmenu.cpp b/src/menuui/techmenu.cpp index d0c8c7b..f069ec4 100644 --- a/src/menuui/techmenu.cpp +++ b/src/menuui/techmenu.cpp @@ -684,13 +684,12 @@ void techroom_render_desc(int xo, int yo, int h) break; } - len = Text_line_size[z]; + len = Text_line_size[z] + 1; if (len > MAX_TEXT_LINE_LEN){ len = MAX_TEXT_LINE_LEN; } - strncpy(line, Text_lines[z], len); - line[len] = 0; + SDL_strlcpy(line, Text_lines[z], len); gr_string(xo, yo + y, line); y += font_height; @@ -770,9 +769,9 @@ void tech_common_render() gr_set_color_fast(&Color_text_normal); } - strcpy(buf, Current_list[z].name); + SDL_strlcpy(buf, Current_list[z].name, sizeof(buf)); if (Lcl_gr) { - lcl_translate_ship_name(buf); + lcl_translate_ship_name(buf, sizeof(buf)); } gr_force_fit_string(buf, 255, Tech_list_coords[gr_screen.res][SHIP_W_COORD]); @@ -1216,47 +1215,47 @@ void techroom_change_tab(int num) #ifdef MAKE_FS1 // figure out the animation based on weapon name if (!strcmp(Weapon_info[i].name, "ML-16 Laser")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_ML16.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_ML16.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Disruptor")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Disruptor.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Disruptor.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "D-Advanced")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_DAdvanced.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_DAdvanced.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Avenger")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Avenger.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Avenger.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Flail")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Flail.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Flail.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Prometheus")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Prometheus.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Prometheus.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Banshee")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Banshee.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Banshee.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "MX-50")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_MX50.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_MX50.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "D-Missile")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_DisruptorMissile.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_DisruptorMissile.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Fury")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Fury.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Fury.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Hornet")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Hornet.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Hornet.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Interceptor")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Interceptor.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Interceptor.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Phoenix V")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Phoenix.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Phoenix.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Synaptic")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Synaptic.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Synaptic.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Stiletto")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Stiletto.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Stiletto.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Tsunami")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Tsunami.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Tsunami.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Harbinger")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_Harbinger.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_Harbinger.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Leech Cannon")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_leech.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_leech.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "EM Pulse")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_empulse.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_empulse.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "S-Breaker")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_sbreaker.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_sbreaker.ani", NAME_LENGTH); } else if (!strcmp(Weapon_info[i].name, "Cluster Bomb")) { - strncpy(Weapon_info[i].tech_anim_filename, "CB_cluster.ani", NAME_LENGTH); + SDL_strlcpy(Weapon_info[i].tech_anim_filename, "CB_cluster.ani", NAME_LENGTH); } #endif @@ -1451,9 +1450,9 @@ int techroom_load_ani(anim **animpp, char *name) // hi-res support // (i dont think there are any hi-res anims for these tho) if (gr_screen.res == GR_1024) { - strcat(anim_filename, name); + SDL_strlcat(anim_filename, name, sizeof(anim_filename)); } else { - strcpy(anim_filename, name); + SDL_strlcpy(anim_filename, name, sizeof(anim_filename)); } while(1) { @@ -1527,8 +1526,8 @@ void techroom_intel_init() #else if (optional_string("$Terran Tech Description:")) { stuff_string(Intel_info[Intel_info_size].desc, F_MULTITEXT, NULL, TECH_INTEL_DESC_LEN); - strcpy(Intel_info[Intel_info_size].name, "Terran"); - strcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[0]); + SDL_strlcpy(Intel_info[Intel_info_size].name, "Terran", sizeof(Intel_info[0].name)); + SDL_strlcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[0], sizeof(Intel_info[0].anim_filename)); Intel_info[Intel_info_size].in_tech_db = 1; Intel_info_size++; @@ -1537,8 +1536,8 @@ void techroom_intel_init() if (optional_string("$Vasudan Tech Description:")) { stuff_string(Intel_info[Intel_info_size].desc, F_MULTITEXT, NULL, TECH_INTEL_DESC_LEN); - strcpy(Intel_info[Intel_info_size].name, "Vasudan"); - strcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[1]); + SDL_strlcpy(Intel_info[Intel_info_size].name, "Vasudan", sizeof(Intel_info[0].name)); + SDL_strlcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[1], sizeof(Intel_info[0].anim_filename)); Intel_info[Intel_info_size].in_tech_db = 1; Intel_info_size++; @@ -1547,8 +1546,8 @@ void techroom_intel_init() if (optional_string("$Shivan Tech Description:")) { stuff_string(Intel_info[Intel_info_size].desc, F_MULTITEXT, NULL, TECH_INTEL_DESC_LEN); - strcpy(Intel_info[Intel_info_size].name, "Shivan"); - strcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[2]); + SDL_strlcpy(Intel_info[Intel_info_size].name, "Shivan", sizeof(Intel_info[0].name)); + SDL_strlcpy(Intel_info[Intel_info_size].anim_filename, Intel_anim_filenames[2], sizeof(Intel_info[0].anim_filename)); // FIXME: shouldn't always be in the intel database but no choice at this point // there are only about 4 missions before they show up anyway so it may not be worth it Intel_info[Intel_info_size].in_tech_db = 1; diff --git a/src/menuui/trainingmenu.cpp b/src/menuui/trainingmenu.cpp index c4366d2..1875d3e 100644 --- a/src/menuui/trainingmenu.cpp +++ b/src/menuui/trainingmenu.cpp @@ -148,7 +148,8 @@ void training_menu_init() snazzy_menu_init(); - read_menu_tbl(NOX("TRAINING MENU"), background_img_filename, background_mask_filename, region, &num_training); + read_menu_tbl(NOX("TRAINING MENU"), background_img_filename, sizeof(background_img_filename), + background_mask_filename, sizeof(background_mask_filename), region, &num_training); // load in the background bitmap (filenames are hard-coded temporarily) trainingMenuBitmap = bm_load(background_img_filename); diff --git a/src/mission/missionbriefcommon.cpp b/src/mission/missionbriefcommon.cpp index e275965..b8a4779 100644 --- a/src/mission/missionbriefcommon.cpp +++ b/src/mission/missionbriefcommon.cpp @@ -910,7 +910,7 @@ void brief_parse_icon_tbl() hf = &Icon_bitmaps[idx][0]; // load in regular frames - strncpy(name, fs1_icon_tbl[idx][0], NAME_LENGTH); + SDL_strlcpy(name, fs1_icon_tbl[idx][0], NAME_LENGTH); if ( Fred_running ) { load_this_icon = 1; @@ -926,12 +926,12 @@ void brief_parse_icon_tbl() } // load in fade frames - strncpy(name, fs1_icon_tbl[idx][1], NAME_LENGTH); + SDL_strlcpy(name, fs1_icon_tbl[idx][1], NAME_LENGTH); ha = &Icon_fade_anims[idx][0]; hud_anim_init(ha, 0, 0, name); // load in highlighting frames - strncpy(name, fs1_icon_tbl[idx][2], NAME_LENGTH); + SDL_strlcpy(name, fs1_icon_tbl[idx][2], NAME_LENGTH); ha = &Icon_highlight_anims[idx][0]; hud_anim_init(ha, 0, 0, name); } @@ -1359,14 +1359,14 @@ void brief_render_icon(int stage_num, int icon_num, float frametime, int selecte else { if (Lcl_gr) { char buf[128]; - strcpy(buf, bi->label); - lcl_translate_brief_icon_name(buf); + SDL_strlcpy(buf, bi->label, sizeof(buf)); + lcl_translate_brief_icon_name(buf, sizeof(buf)); gr_get_string_size(&w, &h, buf); gr_printf(bc - fl2i(w/2.0f), by - h, buf); } else if(Lcl_pl) { char buf[128]; - strcpy(buf, bi->label); - lcl_translate_brief_icon_name_pl(buf); + SDL_strlcpy(buf, bi->label, sizeof(buf)); + lcl_translate_brief_icon_name_pl(buf, sizeof(buf)); gr_get_string_size(&w, &h, buf); gr_printf(bc - fl2i(w/2.0f), by - h, buf); } else { @@ -1545,7 +1545,7 @@ void brief_blit_stage_num(int stage_num, int stage_max) #else gr_set_color_fast(&Color_text_heading); #endif - sprintf(buf, XSTR( "Stage %d of %d", 394), stage_num + 1, stage_max); + SDL_snprintf(buf, sizeof(buf), XSTR( "Stage %d of %d", 394), stage_num + 1, stage_max); if (Game_mode & GM_MULTIPLAYER) { gr_printf(Brief_stage_text_coords_multi[gr_screen.res][0], Brief_stage_text_coords_multi[gr_screen.res][1], buf); } else { @@ -1962,7 +1962,8 @@ int brief_color_text_init(char *src, int w, int instance) Max_briefing_line_len = 1; for (i=0; istages[stage_num].new_text == NULL){ - strcpy(msg, ""); + SDL_strlcpy(msg, "", sizeof(msg)); } else { - strcpy(msg, Briefing->stages[stage_num].new_text); + SDL_strlcpy(msg, Briefing->stages[stage_num].new_text, sizeof(msg)); } } else { - strcpy(msg, XSTR( "Please review your objectives for this mission.", 395)); + SDL_strlcpy(msg, XSTR( "Please review your objectives for this mission.", 395), sizeof(msg)); } if (gr_screen.res == GR_640) { diff --git a/src/mission/missioncampaign.cpp b/src/mission/missioncampaign.cpp index f94b269..abe22ea 100644 --- a/src/mission/missioncampaign.cpp +++ b/src/mission/missioncampaign.cpp @@ -283,9 +283,9 @@ int mission_campaign_get_info(const char *filename, char *name, int *type, int * // open localization lcl_ext_open(); - strcpy(fname, filename); + SDL_strlcpy(fname, filename, sizeof(fname)); if ((strlen(fname) < 4) || SDL_strcasecmp(fname + strlen(fname) - 4, FS_CAMPAIGN_FILE_EXT)){ - strcat(fname, FS_CAMPAIGN_FILE_EXT); + SDL_strlcat(fname, FS_CAMPAIGN_FILE_EXT, sizeof(fname)); } SDL_assert(strlen(fname) < MAX_FILENAME_LEN); @@ -416,7 +416,7 @@ void mission_campaign_build_list( int multiplayer ) Num_campaigns = 0; mission_campaign_maybe_add( BUILTIN_CAMPAIGN, multiplayer); - strcpy(wild_card, "Data/Missions"); + SDL_strlcpy(wild_card, "Data/Missions", sizeof(wild_card)); dirp = opendir(wild_card); if (dirp) { @@ -429,8 +429,7 @@ void mission_campaign_build_list( int multiplayer ) continue; char fn[MAX_PATH]; - snprintf(fn, MAX_PATH-1, "%s/%s", wild_card, dir->d_name); - fn[MAX_PATH-1] = 0; + SDL_snprintf(fn, sizeof(fn), "%s/%s", wild_card, dir->d_name); struct stat buf; if (stat(fn, &buf) == -1) { @@ -455,8 +454,8 @@ void mission_campaign_build_list( int multiplayer ) mission_campaign_maybe_add( BUILTIN_CAMPAIGN, multiplayer); memset(wild_card, 0, 256); - strcpy(wild_card, NOX("data\\missions\\*")); - strcat(wild_card, FS_CAMPAIGN_FILE_EXT); + SDL_strlcpy(wild_card, NOX("data\\missions\\*"), sizeof(wild_card)); + SDL_strlcat(wild_card, FS_CAMPAIGN_FILE_EXT, sizeof(wild_card)); find_handle = _findfirst( wild_card, &find ); if( find_handle != -1 ) { if ( !(find.attrib & _A_SUBDIR) && SDL_strcasecmp(find.name, BUILTIN_CAMPAIGN) ){ @@ -549,7 +548,7 @@ int mission_campaign_load( const char *filename, int load_savefile ) // nodes previously used by another campaign. mission_campaign_close(); - strcpy( Campaign.filename, filename ); + SDL_strlcpy( Campaign.filename, filename, sizeof(Campaign.filename) ); // only initialize the sexpression stuff when Fred isn't running. It'll screw things up major // if it does @@ -562,16 +561,14 @@ int mission_campaign_load( const char *filename, int load_savefile ) memset( &Campaign, 0, sizeof(Campaign) ); // copy filename to campaign structure minus the extension - len = strlen(filename) - 4; - SDL_assert(len < MAX_FILENAME_LEN); - strncpy(Campaign.filename, filename, len); - Campaign.filename[len] = 0; + len = min(strlen(filename) - 4 + 1, sizeof(Campaign.filename)); + SDL_strlcpy(Campaign.filename, filename, len); required_string("$Name:"); stuff_string( name, F_NAME, NULL ); //Store campaign name in the global struct - strcpy( Campaign.name, name ); + SDL_strlcpy( Campaign.name, name, sizeof(Campaign.name) ); required_string( "$Type:" ); stuff_string( type, F_NAME, NULL ); @@ -739,15 +736,15 @@ int mission_campaign_load_by_name( const char *filename ) // make sure to tack on .fsc on the end if its not there already if(strlen(filename) > 0){ - strncpy(real_filename, filename, MAX_FILENAME_LEN); + SDL_strlcpy(real_filename, filename, MAX_FILENAME_LEN); if(strlen(real_filename) > 4){ - strcpy(test,real_filename+(strlen(real_filename)-4)); + SDL_strlcpy(test, real_filename+(strlen(real_filename)-4), sizeof(test)); if(strcmp(test, FS_CAMPAIGN_FILE_EXT)!=0){ - strcat(real_filename, FS_CAMPAIGN_FILE_EXT); + SDL_strlcat(real_filename, FS_CAMPAIGN_FILE_EXT, sizeof(real_filename)); } } else { - strcat(real_filename, FS_CAMPAIGN_FILE_EXT); + SDL_strlcat(real_filename, FS_CAMPAIGN_FILE_EXT, sizeof(real_filename)); } } else { Error(LOCATION,"Tried to load campaign file with illegal length/extension!"); @@ -768,7 +765,7 @@ int mission_campaign_load_by_name( const char *filename ) int mission_campaign_load_by_name_csfe( const char *filename, const char *callsign ) { Game_mode |= GM_NORMAL; - strcpy(Player->callsign, callsign); + SDL_strlcpy(Player->callsign, callsign, sizeof(Player->callsign)); return mission_campaign_load_by_name( filename); } @@ -780,7 +777,7 @@ void mission_campaign_init() } // Fill in the root of the campaign save filename -void mission_campaign_savefile_generate_root(char *filename) +void mission_campaign_savefile_generate_root(char *filename, const int max_len) { char base[_MAX_FNAME]; @@ -791,7 +788,7 @@ void mission_campaign_savefile_generate_root(char *filename) _splitpath( Campaign.filename, NULL, NULL, base, NULL ); SDL_assert ( (strlen(base) + strlen(Player->callsign) + 1) < _MAX_FNAME ); - sprintf( filename, NOX("%s.%s."), Player->callsign, base ); + SDL_snprintf( filename, max_len, NOX("%s.%s."), Player->callsign, base ); } // mission_campaign_savefile_save saves the state of the campaign. This function will probably always be called @@ -805,11 +802,11 @@ int mission_campaign_savefile_save() int i,j, mission_count; memset(filename, 0, _MAX_FNAME); - mission_campaign_savefile_generate_root(filename); + mission_campaign_savefile_generate_root(filename, sizeof(filename)); // name the file differently depending on whether we're in single player or multiplayer mode // single player : *.csg - strcat( filename, NOX("csg")); + SDL_strlcat( filename, NOX("csg"), sizeof(filename) ); fp = cfopen(filename,"wb", CFILE_NORMAL, CF_TYPE_SINGLE_PLAYERS); @@ -871,11 +868,11 @@ int mission_campaign_savefile_save() // out to disk. Write out a seperate file to do this. We will only read it in if we actually // find the file. memset(filename, 0, _MAX_FNAME); - mission_campaign_savefile_generate_root(filename); + mission_campaign_savefile_generate_root(filename, sizeof(filename)); // name the file differently depending on whether we're in single player or multiplayer mode // single player : *.csg - strcat( filename, NOX("css")); + SDL_strlcat( filename, NOX("css"), sizeof(filename) ); fp = cfopen(filename,"wb", CFILE_NORMAL, CF_TYPE_SINGLE_PLAYERS); @@ -917,7 +914,7 @@ int campaign_savefile_save(const char *pname) else Game_mode |= GM_MULTIPLAYER; - strcpy(Player->callsign, pname); + SDL_strlcpy(Player->callsign, pname, sizeof(Player->callsign)); //memcpy(&Campaign, camp, sizeof(campaign)); return mission_campaign_savefile_save(); } @@ -939,14 +936,14 @@ void mission_campaign_savefile_delete( const char *cfilename, int is_multi ) return; // no such thing as a multiplayer campaign savefile } - sprintf( filename, NOX("%s.%s.csg"), Player->callsign, base ); + SDL_snprintf( filename, sizeof(filename), NOX("%s.%s.csg"), Player->callsign, base ); cf_delete( filename, CF_TYPE_SINGLE_PLAYERS ); } void campaign_delete_save( const char *cfn, const char *pname) { - strcpy(Player->callsign, pname); + SDL_strlcpy(Player->callsign, pname, sizeof(Player->callsign)); mission_campaign_savefile_delete(cfn); } @@ -968,7 +965,7 @@ void mission_campaign_delete_all_savefiles( const char *pilot_name, int is_multi ext = NOX(".csg"); dir_type = CF_TYPE_SINGLE_PLAYERS; - sprintf(spec, NOX("%s.*%s"), pilot_name, ext); + SDL_snprintf(spec, sizeof(spec), NOX("%s.*%s"), pilot_name, ext); // HACK HACK HACK HACK!!!! cf_get_file_list is not reentrant. Pretty dumb because it should // be. I have to save any file filters @@ -978,8 +975,8 @@ void mission_campaign_delete_all_savefiles( const char *pilot_name, int is_multi Get_file_list_filter = filter_save; for (i=0; icallsign) + 1) < _MAX_FNAME ); if(Game_mode & GM_MULTIPLAYER) - sprintf( filename, NOX("%s.%s.msg"), Player->callsign, base ); + SDL_snprintf( filename, sizeof(filename), NOX("%s.%s.msg"), Player->callsign, base ); else - sprintf( filename, NOX("%s.%s.csg"), Player->callsign, base ); + SDL_snprintf( filename, sizeof(filename), NOX("%s.%s.csg"), Player->callsign, base ); fp = cfopen(filename, "rb", CFILE_NORMAL, CF_TYPE_SINGLE_PLAYERS ); if ( !fp ) @@ -1125,7 +1122,7 @@ void mission_campaign_savefile_load( const char *cfilename ) // now, try and read in the campaign stats saved information. This code was added for the 1.03 patch // since the stats data was never written out to disk. We try and open the file, and if we cannot find // it, then simply return - sprintf( filename, NOX("%s.%s.css"), Player->callsign, base ); + SDL_snprintf( filename, sizeof(filename), NOX("%s.%s.css"), Player->callsign, base ); fp = cfopen(filename, "rb", CFILE_NORMAL, CF_TYPE_SINGLE_PLAYERS ); if ( !fp ) @@ -1164,7 +1161,7 @@ void campaign_savefile_load(const char *fname, const char *pname) } else Game_mode |= GM_MULTIPLAYER; - strcpy(Player->callsign, pname); + SDL_strlcpy(Player->callsign, pname, sizeof(Player->callsign)); mission_campaign_savefile_load(fname); } @@ -1178,7 +1175,7 @@ int mission_campaign_next_mission() return -1; Campaign.current_mission = Campaign.next_mission; - strncpy( Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, MAX_FILENAME_LEN ); // check for end of loop. if (Campaign.current_mission == Campaign.loop_reentry) { @@ -1210,7 +1207,7 @@ int mission_campaign_previous_mission() // reset the player stats to be the stats from this level memcpy( &Player->stats, &Campaign.missions[Campaign.current_mission].stats, sizeof(Player->stats) ); - strncpy( Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, MAX_FILENAME_LEN ); Num_granted_ships = 0; Num_granted_weapons = 0; @@ -1408,11 +1405,11 @@ void mission_campaign_store_goals_and_events() if ( strlen(Mission_goals[i].name) == 0 ) { char name[NAME_LENGTH]; - sprintf(name, NOX("Goal #%d"), i); + SDL_snprintf(name, sizeof(name), NOX("Goal #%d"), i); //Warning(LOCATION, "Mission goal in mission %s must have a +Name field! using %s for campaign save file\n", mission->name, name); - strcpy( mission->goals[i].name, name); + SDL_strlcpy( mission->goals[i].name, name, sizeof(mission->goals[0].name)); } else - strcpy( mission->goals[i].name, Mission_goals[i].name ); + SDL_strlcpy( mission->goals[i].name, Mission_goals[i].name, sizeof(mission->goals[0].name) ); SDL_assert ( Mission_goals[i].satisfied != GOAL_INCOMPLETE ); // should be true or false at this point!!! mission->goals[i].status = (char)Mission_goals[i].satisfied; } @@ -1434,11 +1431,11 @@ void mission_campaign_store_goals_and_events() if ( strlen(Mission_events[i].name) == 0 ) { char name[NAME_LENGTH]; - sprintf(name, NOX("Event #%d"), i); + SDL_snprintf(name, sizeof(name), NOX("Event #%d"), i); nprintf(("Warning", "Mission goal in mission %s must have a +Name field! using %s for campaign save file\n", mission->name, name)); - strcpy( mission->events[i].name, name); + SDL_strlcpy( mission->events[i].name, name, sizeof(mission->events[0].name)); } else - strcpy( mission->events[i].name, Mission_events[i].name ); + SDL_strlcpy( mission->events[i].name, Mission_events[i].name, sizeof(mission->events[0].name) ); // getting status for the events is a little different. If the formula value for the event entry // is -1, then we know the value of the result field will never change. If the formula is @@ -1661,7 +1658,7 @@ void read_mission_goal_list(int num) } Campaign.missions[num].notes = (char *) malloc(strlen(notes) + 1); - strcpy(Campaign.missions[num].notes, notes); + SDL_strlcpy(Campaign.missions[num].notes, notes, strlen(notes) + 1); } } @@ -1681,7 +1678,7 @@ void read_mission_goal_list(int num) if (z == 1){ stuff_string(events[event_count], F_NAME, NULL); } else { - sprintf(events[event_count], NOX("Event #%d"), event_count + 1); + SDL_snprintf(events[event_count], NAME_LENGTH, NOX("Event #%d"), event_count + 1); } event_count++; @@ -1704,7 +1701,7 @@ void read_mission_goal_list(int num) if (z == 1){ stuff_string(goals[count], F_NAME, NULL); } else { - sprintf(goals[count], NOX("Goal #%d"), count + 1); + SDL_snprintf(goals[count], NAME_LENGTH, NOX("Goal #%d"), count + 1); } count++; @@ -1719,7 +1716,7 @@ void read_mission_goal_list(int num) memset(Campaign.missions[num].goals, 0, count * sizeof(mgoal)); for (i=0; i= m_num_lines) || (m_line_sizes[n] < 1)) @@ -668,8 +668,8 @@ void goal_text::display(int n, int y) y += Goal_screen_text_y; if (*m_lines[n] == '*') { // header line gr_set_color_fast(&Color_text_heading); - strncpy(buf, m_lines[n] + 1, m_line_sizes[n] - 1); - buf[m_line_sizes[n] - 1] = 0; + len = min(m_line_sizes[n], sizeof(buf)); + SDL_strlcpy(buf, m_lines[n] + 1, len); gr_get_string_size(&w, &h, buf); y1 = y + h / 2 - 1; @@ -678,8 +678,8 @@ void goal_text::display(int n, int y) } else { gr_set_color_fast(&Color_text_normal); - strncpy(buf, m_lines[n], m_line_sizes[n]); - buf[m_line_sizes[n]] = 0; + len = min(m_line_sizes[n] + 1, sizeof(buf)); + SDL_strlcpy(buf, m_lines[n], len); } gr_printf(Goal_screen_text_x, y, buf); diff --git a/src/mission/missionhotkey.cpp b/src/mission/missionhotkey.cpp index 86c4cf8..89a55eb 100644 --- a/src/mission/missionhotkey.cpp +++ b/src/mission/missionhotkey.cpp @@ -629,7 +629,7 @@ void mission_hotkey_maybe_save_sets() for ( hitem = GET_FIRST(plist); hitem != END_OF_LIST(plist); hitem = GET_NEXT(hitem) ) { SDL_assert( Num_hotkeys_saved < MAX_HOTKEY_TARGET_ITEMS ); hkp->setnum = i; - strcpy( hkp->name, Ships[hitem->objp->instance].ship_name ); + SDL_strlcpy( hkp->name, Ships[hitem->objp->instance].ship_name, sizeof(hkp->name) ); hkp++; Num_hotkeys_saved++; } @@ -1376,7 +1376,7 @@ void mission_hotkey_do_frame(float frametime) // draw the big "F10" in the little box gr_set_font(FONT2); gr_set_color_fast(&Color_text_normal); - strcpy(buf, Scan_code_text[Key_sets[Cur_hotkey]]); + SDL_strlcpy(buf, Scan_code_text[Key_sets[Cur_hotkey]], sizeof(buf)); gr_get_string_size(&w, &h, buf); gr_printf(Hotkey_function_name_coords[gr_screen.res][0] + (Hotkey_function_name_coords[gr_screen.res][2] - w) / 2, Hotkey_function_name_coords[gr_screen.res][1], buf); @@ -1470,7 +1470,7 @@ void mission_hotkey_do_frame(float frametime) } // draw ship/wing name - strcpy(buf, Hotkey_lines[line].label); + SDL_strlcpy(buf, Hotkey_lines[line].label, sizeof(buf)); if (Hotkey_lines[line].type == HOTKEY_LINE_SUBSHIP) { // indent gr_force_fit_string(buf, 255, Hotkey_list_coords[gr_screen.res][0] + Hotkey_list_coords[gr_screen.res][2] - (Hotkey_ship_x[gr_screen.res]+20)); diff --git a/src/mission/missionload.cpp b/src/mission/missionload.cpp index cb702df..f59add9 100644 --- a/src/mission/missionload.cpp +++ b/src/mission/missionload.cpp @@ -234,7 +234,7 @@ void ml_update_recent_missions(char *filename) for ( i = 0; i < Num_recent_missions; i++ ) { - strcpy( tmp[i], Recent_missions[i] ); + SDL_strlcpy( tmp[i], Recent_missions[i], sizeof(tmp[0]) ); } // get a pointer to just the basename of the filename (including extension) @@ -246,12 +246,12 @@ void ml_update_recent_missions(char *filename) } SDL_assert(strlen(p) < MAX_FILENAME_LEN); - strcpy( Recent_missions[0], p ); + SDL_strlcpy( Recent_missions[0], p, sizeof(Recent_missions[0]) ); j = 1; for ( i = 0; i < Num_recent_missions; i++ ) { if ( SDL_strcasecmp(Recent_missions[0], tmp[i]) ) { - strcpy(Recent_missions[j++], tmp[i]); + SDL_strlcpy(Recent_missions[j++], tmp[i], sizeof(Recent_missions[0])); if ( j >= MAX_RECENT_MISSIONS ) { break; } @@ -273,14 +273,14 @@ int mission_load() mprintf(("MISSION LOAD: '%s'\n", Game_current_mission_filename)); - strncpy(filename, Game_current_mission_filename, 127); - ext = strchr(filename, '.'); + SDL_strlcpy(filename, Game_current_mission_filename, sizeof(filename)); + ext = SDL_strchr(filename, '.'); if (ext) { mprintf(( "Hmmm... Extension passed to mission_load...\n" )); *ext = 0; // remove any extension! } - strcat(filename, FS_MISSION_FILE_EXT); + SDL_strlcat(filename, FS_MISSION_FILE_EXT, sizeof(filename)); // does the magical mission parsing // creates all objects, except for the player object @@ -357,13 +357,11 @@ extern int mission_campaign_get_filenames(const char *filename, char dest[][NAME void mission_load_menu_init() { int i; - char wild_card[256]; + char wild_card[6]; SDL_assert( mlm_active == 0 ); mlm_active = 1; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_MISSION_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_MISSION_FILE_EXT); mlm_nfiles = cf_get_file_list( MLM_MAX_MISSIONS, mlm_missions, CF_TYPE_MISSIONS, wild_card, CF_SORT_NAME ); jtmp_nfiles = 0; @@ -388,10 +386,10 @@ void mission_load_menu_init() mission_campaign_build_list(0); for ( i = 0; i < Num_campaigns; i++ ) { - strcpy(Campaign_name_list[i+1], Campaign_names[i]); + SDL_strlcpy(Campaign_name_list[i+1], Campaign_names[i], sizeof(Campaign_name_list[0])); } - strcpy(Campaign_name_list[0], NOX("All campaigns")); - strcpy(Campaign_name_list[1], NOX("Player Missions")); + SDL_strlcpy(Campaign_name_list[0], NOX("All campaigns"), sizeof(Campaign_name_list[0])); + SDL_strlcpy(Campaign_name_list[1], NOX("Player Missions"), sizeof(Campaign_name_list[0])); for ( i = 0; i < Num_campaigns+2; i++ ) { campaign_names[i] = Campaign_name_list[i]; @@ -496,34 +494,34 @@ void mission_load_menu_do() } } - char mission_name_final[512] = ""; + char mission_name_final[MAX_FILENAME_LEN] = ""; if ( selected > -1 ) { Campaign.current_mission = -1; if ( use_recent_flag ) { - strncpy( mission_name_final, recent_missions[selected], MAX_FILENAME_LEN ); + SDL_strlcpy( mission_name_final, recent_missions[selected], sizeof(mission_name_final) ); } else { char mission_name[NAME_LENGTH]; if ( Campaign_filter_index == 0 ) { - strcpy(mission_name, mlm_missions[selected]); + SDL_strlcpy(mission_name, mlm_missions[selected], sizeof(mission_name)); } else if (Campaign_filter_index == 1 ) { - strcpy( mission_name, jtmp_missions[selected]); + SDL_strlcpy( mission_name, jtmp_missions[selected], sizeof(mission_name) ); } else { - strcpy(mission_name, Campaign_missions[selected]); + SDL_strlcpy(mission_name, Campaign_missions[selected], sizeof(mission_name)); } - strncpy( mission_name_final, mission_name, MAX_FILENAME_LEN ); + SDL_strlcpy( mission_name_final, mission_name, sizeof(mission_name_final) ); } // go #ifdef PD_BUILD // if this valid if((game_find_builtin_mission(mission_name_final) != NULL) || strstr(mission_name_final, "peterdrake")){ - strcpy(Game_current_mission_filename, mission_name_final); + SDL_strlcpy(Game_current_mission_filename, mission_name_final, sizeof(Game_current_mission_filename)); mprintf(( "Selected '%s'\n", Game_current_mission_filename )); gameseq_post_event(GS_EVENT_START_GAME); } #else - strcpy(Game_current_mission_filename, mission_name_final); + SDL_strlcpy(Game_current_mission_filename, mission_name_final, sizeof(Game_current_mission_filename)); mprintf(( "Selected '%s'\n", Game_current_mission_filename )); gameseq_post_event(GS_EVENT_START_GAME); #endif diff --git a/src/mission/missionlog.cpp b/src/mission/missionlog.cpp index 084475b..016957a 100644 --- a/src/mission/missionlog.cpp +++ b/src/mission/missionlog.cpp @@ -409,15 +409,15 @@ void mission_log_add_entry(int type, const char *pname, const char *sname, int i entry->type = type; if ( pname ) { SDL_assert (strlen(pname) < NAME_LENGTH); - strcpy(entry->pname, pname); + SDL_strlcpy(entry->pname, pname, sizeof(entry->pname)); } else - strcpy( entry->pname, EMPTY_LOG_NAME ); + SDL_strlcpy( entry->pname, EMPTY_LOG_NAME, sizeof(entry->pname) ); if ( sname ) { SDL_assert (strlen(sname) < NAME_LENGTH); - strcpy(entry->sname, sname); + SDL_strlcpy(entry->sname, sname, sizeof(entry->sname)); } else - strcpy( entry->sname, EMPTY_LOG_NAME ); + SDL_strlcpy( entry->sname, EMPTY_LOG_NAME, sizeof(entry->sname) ); entry->index = info_index; entry->flags = 0; @@ -603,11 +603,11 @@ void mission_log_add_entry_multi( int type, const char *pname, const char *sname entry->type = type; if ( pname ) { SDL_assert (strlen(pname) < NAME_LENGTH); - strcpy(entry->pname, pname); + SDL_strlcpy(entry->pname, pname, sizeof(entry->pname)); } if ( sname ) { SDL_assert (strlen(sname) < NAME_LENGTH); - strcpy(entry->sname, sname); + SDL_strlcpy(entry->sname, sname, sizeof(entry->sname)); } entry->index = index; @@ -818,7 +818,7 @@ void message_log_init_scrollback(int pw) message_log_add_segs(XSTR( " Kill: ", 405), LOG_COLOR_NORMAL); message_log_add_segs(entry->sname, c); if (entry->index >= 0) { - sprintf(text, NOX(" (%d%%)"), entry->index); + SDL_snprintf(text, sizeof(text), NOX(" (%d%%)"), entry->index); message_log_add_segs(text, LOG_COLOR_BRIGHT); } } @@ -838,9 +838,9 @@ void message_log_init_scrollback(int pw) case LOG_WING_ARRIVE: if (entry->index > 1){ - sprintf(text, XSTR( "Arrived (wave %d)", 407), entry->index); + SDL_snprintf(text, sizeof(text), XSTR( "Arrived (wave %d)", 407), entry->index); } else { - strcpy(text, XSTR( "Arrived", 406)); + SDL_strlcpy(text, XSTR( "Arrived", 406), sizeof(text)); } message_log_add_segs(text, LOG_COLOR_NORMAL); break; @@ -924,11 +924,11 @@ void message_log_init_scrollback(int pw) break; // don't display this line } - sprintf( text, XSTR( "%s objective ", 419), Goal_type_text(type) ); + SDL_snprintf( text, sizeof(text), XSTR( "%s objective ", 419), Goal_type_text(type) ); if ( entry->type == LOG_GOAL_SATISFIED ) - strcat(text, XSTR( "satisfied.", 420)); + SDL_strlcat(text, XSTR( "satisfied.", 420), sizeof(text)); else - strcat(text, XSTR( "failed.", 421)); + SDL_strlcat(text, XSTR( "failed.", 421), sizeof(text)); message_log_add_segs(text, LOG_COLOR_BRIGHT, (entry->type == LOG_GOAL_SATISFIED?LOG_FLAG_GOAL_TRUE:LOG_FLAG_GOAL_FAILED) ); break; @@ -998,7 +998,7 @@ void mission_log_scrollback(int line, int list_x, int list_y, int list_w, int li break; } - strcpy(buf, seg->text); + SDL_strlcpy(buf, seg->text, sizeof(buf)); if (seg->x < ACTION_X) gr_force_fit_string(buf, 256, ACTION_X - OBJECT_X - 8); else diff --git a/src/mission/missionmessage.cpp b/src/mission/missionmessage.cpp index 57d3d12..e82af40 100644 --- a/src/mission/missionmessage.cpp +++ b/src/mission/missionmessage.cpp @@ -632,7 +632,7 @@ int add_avi( const char *avi_name ) } // would have returned if a slot existed. - strcpy( Message_avis[Num_message_avis].name, avi_name ); + SDL_strlcpy( Message_avis[Num_message_avis].name, avi_name, MAX_FILENAME_LEN ); Message_avis[Num_message_avis].num = -1; Num_message_avis++; return (Num_message_avis - 1); @@ -651,7 +651,7 @@ int add_wave( const char *wave_name ) return i; } - strcpy( Message_waves[Num_message_waves].name, wave_name ); + SDL_strlcpy( Message_waves[Num_message_waves].name, wave_name, MAX_FILENAME_LEN ); Message_waves[Num_message_waves].num = -1; Num_message_waves++; return (Num_message_waves - 1); @@ -1077,7 +1077,7 @@ void message_load_wave(int index, const char *filename) game_snd tmp_gs; memset(&tmp_gs, 0, sizeof(game_snd)); - strcpy( tmp_gs.filename, filename ); + SDL_strlcpy( tmp_gs.filename, filename, sizeof(tmp_gs.filename) ); Message_waves[index].num = snd_load( &tmp_gs ); if ( Message_waves[index].num == -1 ) { nprintf (("messaging", "Cannot load message wave: %s. Will not play\n", Message_waves[index].name )); @@ -1114,7 +1114,7 @@ void message_play_wave( message_q *q ) } // if we need to bash the wave name because of "conversion" to terran command, do it here - strcpy( filename, Message_waves[index].name ); + SDL_strlcpy( filename, Message_waves[index].name, sizeof(filename) ); if ( q->flags & MQF_CONVERT_TO_COMMAND ) { char *p, new_filename[MAX_FILENAME_LEN]; @@ -1122,7 +1122,7 @@ void message_play_wave( message_q *q ) // bash the filename here. Look for "[1-6]_" at the front of the message. If found, then // convert to TC_* - p = strchr(filename, '_' ); + p = SDL_strchr(filename, '_' ); if ( p == NULL ) { mprintf(("Cannot convert %s to terran command wave -- find Sandeep or Allender\n", Message_waves[index].name)); return; @@ -1130,9 +1130,9 @@ void message_play_wave( message_q *q ) // prepend the command name, and then the rest of the filename. p++; - strcpy( new_filename, COMMAND_WAVE_PREFIX ); - strcat( new_filename, p ); - strcpy( filename, new_filename ); + SDL_strlcpy( new_filename, COMMAND_WAVE_PREFIX, sizeof(new_filename) ); + SDL_strlcat( new_filename, p, sizeof(new_filename) ); + SDL_strlcpy( filename, new_filename, sizeof(filename) ); } // load the sound file into memory @@ -1219,8 +1219,8 @@ void message_play_anim( message_q *q ) anim_info = &Message_avis[m->avi_info.index]; // get the filename. Strip off the extension since we won't need it anyway - strcpy(ani_name, anim_info->name); - p = strchr(ani_name, '.'); // gets us to the extension + SDL_strlcpy(ani_name, anim_info->name, sizeof(ani_name)); + p = SDL_strchr(ani_name, '.'); // gets us to the extension if ( p ) { *p = '\0'; } @@ -1239,7 +1239,7 @@ void message_play_anim( message_q *q ) // so the correct head plays. if ( q->flags & MQF_CONVERT_TO_COMMAND ) { persona_index = Command_persona; - strcpy( ani_name, COMMAND_HEAD_PREFIX ); + SDL_strlcpy( ani_name, COMMAND_HEAD_PREFIX, sizeof(ani_name) ); } if ( Personas[persona_index].flags & (PERSONA_FLAG_WINGMAN | PERSONA_FLAG_SUPPORT) ) { @@ -1250,18 +1250,18 @@ void message_play_anim( message_q *q ) } else { rand_index = (Missiontime % MAX_WINGMAN_HEADS); } - sprintf(ani_name, "%s%c", ani_name, 'a'+rand_index); + SDL_snprintf(ani_name, sizeof(ani_name), "%s%c", ani_name, 'a'+rand_index); subhead_selected = TRUE; } else if ( Personas[persona_index].flags & (PERSONA_FLAG_COMMAND | PERSONA_FLAG_LARGE) ) { // get a random head -- it's one of two. rand_index = (Missiontime % MAX_COMMAND_HEADS); - sprintf(ani_name, "%s%c", ani_name, 'a'+rand_index); + SDL_snprintf(ani_name, sizeof(ani_name), "%s%c", ani_name, 'a'+rand_index); subhead_selected = TRUE; } if (!subhead_selected) { // choose between a and b rand_index = (Missiontime % MAX_WINGMAN_HEADS); - sprintf(ani_name, "%s%c", ani_name, 'a'+rand_index); + SDL_snprintf(ani_name, sizeof(ani_name), "%s%c", ani_name, 'a'+rand_index); mprintf(("message '%s' with invalid head. Fix by assigning persona to the message.\n", m->name)); } nprintf(("Messaging", "playing head %s for %s\n", ani_name, q->who_from)); @@ -1535,7 +1535,7 @@ void message_queue_process() Message_wave_duration = 0; // translate tokens in message to the real things - message_translate_tokens(buf, m->message); + message_translate_tokens(buf, sizeof(buf), m->message); // AL: added 07/14/97.. only play avi/sound if in gameplay if ( gameseq_get_state() != GS_STATE_GAME_PLAY ) @@ -1570,7 +1570,7 @@ void message_queue_process() #ifndef NDEBUG // debug only -- if the message is a builtin message, put in parens whether or not the voice played if ( Playing_messages[Num_messages_playing].wave == -1 ) { - strcat( buf, NOX("..(no wavefile for voice)")); + SDL_strlcat( buf, NOX("..(no wavefile for voice)"), sizeof(buf)); snd_play(&Snds[SND_CUE_VOICE]); } #endif @@ -1630,7 +1630,7 @@ void message_queue_message( int message_num, int priority, int timing, const cha MessageQ[i].builtin_type = builtin_type; MessageQ[i].min_delay_stamp = timestamp(delay); MessageQ[i].group = group; - strcpy(MessageQ[i].who_from, who_from); + SDL_strlcpy(MessageQ[i].who_from, who_from, NAME_LENGTH); // SPECIAL HACK -- if the who_from is terran command, and there is a wingman persona attached // to this message, then set a bit to tell the wave/anim playing code to play the command version diff --git a/src/mission/missionparse.cpp b/src/mission/missionparse.cpp index 61c9159..a291565 100644 --- a/src/mission/missionparse.cpp +++ b/src/mission/missionparse.cpp @@ -695,7 +695,7 @@ void parse_mission_info(mission *pm) if (optional_string("$Mission Desc:")) stuff_string(pm->mission_desc, F_MULTITEXT, NULL, MISSION_DESC_LENGTH); else - strcpy(pm->mission_desc, NOX("No description\n")); + SDL_strlcpy(pm->mission_desc, NOX("No description\n"), sizeof(pm->mission_desc)); pm->game_type = MISSION_TYPE_SINGLE; // default to single player only if ( optional_string("+Game Type:")) { @@ -807,8 +807,8 @@ void parse_mission_info(mission *pm) } // possible squadron reassignment - strcpy(The_mission.squad_name, ""); - strcpy(The_mission.squad_filename, ""); + SDL_strlcpy(The_mission.squad_name, "", sizeof(The_mission.squad_name)); + SDL_strlcpy(The_mission.squad_filename, "", sizeof(The_mission.squad_filename)); if(optional_string("+SquadReassignName:")){ stuff_string(The_mission.squad_name, F_NAME, NULL); if(optional_string("+SquadReassignLogo:")){ @@ -817,8 +817,8 @@ void parse_mission_info(mission *pm) } // always clear out squad reassignments if not single player if(Game_mode & GM_MULTIPLAYER){ - strcpy(The_mission.squad_name, ""); - strcpy(The_mission.squad_filename, ""); + SDL_strlcpy(The_mission.squad_name, "", sizeof(The_mission.squad_name)); + SDL_strlcpy(The_mission.squad_filename, "", sizeof(The_mission.squad_filename)); mprintf(("Ignoring squadron reassignment")); } // reassign the player @@ -1415,7 +1415,7 @@ int parse_create_object(p_object *objp) Ships[shipnum].group = objp->group; Ships[shipnum].team = objp->team; - strcpy(Ships[shipnum].ship_name, objp->name); + SDL_strlcpy(Ships[shipnum].ship_name, objp->name, sizeof(Ships[0].ship_name)); Ships[shipnum].escort_priority = objp->escort_priority; Ships[shipnum].special_exp_index = objp->special_exp_index; Ships[shipnum].respawn_priority = objp->respawn_priority; @@ -1888,7 +1888,7 @@ int parse_object(mission *pm, int flag, p_object *objp) objp->cargo1 = -1; int temp; - find_and_stuff_or_add("$Cargo 1:", &temp, F_NAME, Cargo_names, &Num_cargo, MAX_CARGO, "cargo"); + find_and_stuff_or_add("$Cargo 1:", &temp, F_NAME, Cargo_names, NAME_LENGTH, &Num_cargo, MAX_CARGO, "cargo"); objp->cargo1 = char(temp); if ( optional_string("$Cargo 2:") ) { char buf[NAME_LENGTH]; @@ -2040,9 +2040,9 @@ int parse_object(mission *pm, int flag, p_object *objp) // put this information into the Initially_docked array. We will need to use this // informatin later since not all ships will initially get created. - strcpy(Initially_docked[Total_initially_docked].dockee, objp->docked_with); - strcpy(Initially_docked[Total_initially_docked].docker_point, objp->docker_point); - strcpy(Initially_docked[Total_initially_docked].dockee_point, objp->dockee_point); + SDL_strlcpy(Initially_docked[Total_initially_docked].dockee, objp->docked_with, NAME_LENGTH); + SDL_strlcpy(Initially_docked[Total_initially_docked].docker_point, objp->docker_point, NAME_LENGTH); + SDL_strlcpy(Initially_docked[Total_initially_docked].dockee_point, objp->dockee_point, NAME_LENGTH); Initially_docked[Total_initially_docked].docker = objp; Total_initially_docked++; } @@ -2215,7 +2215,7 @@ void parse_common_object_data(p_object *objp) int index = string_lookup(cargo_name, (const char **)Cargo_names, Num_cargo, "cargo", 0); if (index == -1 && (Num_cargo < MAX_CARGO)) { index = Num_cargo; - strcpy(Cargo_names[Num_cargo++], cargo_name); + SDL_strlcpy(Cargo_names[Num_cargo++], cargo_name, NAME_LENGTH); } Subsys_status[i].subsys_cargo_name = index; } @@ -2463,7 +2463,7 @@ int parse_wing_create_ships( wing *wingp, int num_to_create, int force, int spec wingp->total_arrived_count++; if ( wingp->num_waves > 1 ){ - sprintf(objp->name, NOX("%s %d"), wingp->name, wingp->total_arrived_count); + SDL_snprintf(objp->name, sizeof(objp->name), NOX("%s %d"), wingp->name, wingp->total_arrived_count); } objnum = parse_create_object(objp); @@ -3040,7 +3040,7 @@ void parse_waypoints(mission *pm) // If no name exists, then use a standard name if ( Jump_nodes[Num_jump_nodes - 1].name[0] == 0 ) { - sprintf(Jump_nodes[Num_jump_nodes - 1].name, "Jump Node %d", Num_jump_nodes); + SDL_snprintf(Jump_nodes[Num_jump_nodes - 1].name, NAME_LENGTH, "Jump Node %d", Num_jump_nodes); } } @@ -3162,7 +3162,7 @@ void parse_bitmap(mission *pm) if(Num_suns < MAX_STARFIELD_BITMAPS){ Suns[Num_suns] = b; - strcpy(Suns[Num_suns].filename, b.filename); + SDL_strlcpy(Suns[Num_suns].filename, b.filename, sizeof(b.filename)); Num_suns++; } } @@ -3237,7 +3237,7 @@ void parse_bitmaps(mission *pm) nebula_close(); // neb2 info - strcpy(Neb2_texture_name, "Eraseme3"); + SDL_strlcpy(Neb2_texture_name, "Eraseme3", sizeof(Neb2_texture_name)); Neb2_poof_flags = ((1<<0) | (1<<1) | (1<<2) | (1<<3) | (1<<4) | (1<<5)); if(optional_string("+Neb2:")){ stuff_string(Neb2_texture_name, F_NAME, NULL); @@ -3327,7 +3327,7 @@ void parse_bitmaps(mission *pm) // if we have room, store it if(Num_suns < MAX_STARFIELD_BITMAPS){ Suns[Num_suns] = b; - strcpy(Suns[Num_suns].filename, b.filename); + SDL_strlcpy(Suns[Num_suns].filename, b.filename, sizeof(b.filename)); Num_suns++; } } @@ -3368,7 +3368,7 @@ void parse_bitmaps(mission *pm) // if we have room, store it if(Num_starfield_bitmaps < MAX_STARFIELD_BITMAPS){ Starfield_bitmap_instance[Num_starfield_bitmaps] = b; - strcpy(Starfield_bitmap_instance[Num_starfield_bitmaps].filename, b.filename); + SDL_strlcpy(Starfield_bitmap_instance[Num_starfield_bitmaps].filename, b.filename, sizeof(b.filename)); Num_starfield_bitmaps++; } } @@ -3637,8 +3637,8 @@ void post_process_mission() if ( result ) { char sexp_str[8192], text[8192]; - convert_sexp_to_string( i, sexp_str, SEXP_ERROR_CHECK_MODE); - sprintf(text, "%s.\n\nIn sexpression: %s\n(Error appears to be: %s)", + convert_sexp_to_string( i, sexp_str, sizeof(sexp_str), SEXP_ERROR_CHECK_MODE); + SDL_snprintf(text, sizeof(text), "%s.\n\nIn sexpression: %s\n(Error appears to be: %s)", sexp_error_message(result), sexp_str, Sexp_nodes[bindex].text); if (!Fred_running) @@ -3875,7 +3875,7 @@ int parse_main(const char *mission_name, int flags) } if (!Fred_running) - strcpy(Mission_filename, mission_name); + SDL_strlcpy(Mission_filename, mission_name, sizeof(Mission_filename)); return 0; } @@ -4829,7 +4829,7 @@ int get_parse_name_index(const char *name) SDL_assert(i < MAX_SHIPS + MAX_WINGS); SDL_assert(strlen(name) < NAME_LENGTH); - strcpy(Parse_names[i], name); + SDL_strlcpy(Parse_names[i], name, NAME_LENGTH); return Num_parse_names++; } @@ -4892,7 +4892,7 @@ void mission_add_to_arriving_support( object *requester_objp ) return; } - strcpy( Arriving_repair_targets[Num_arriving_repair_targets], Ships[requester_objp->instance].ship_name ); + SDL_strlcpy( Arriving_repair_targets[Num_arriving_repair_targets], Ships[requester_objp->instance].ship_name, NAME_LENGTH ); Num_arriving_repair_targets++; if ( MULTIPLAYER_MASTER ){ @@ -4983,7 +4983,7 @@ void mission_warp_in_support_ship( object *requester_objp ) // create a name for the ship. use "Support #". look for collisions until one isn't found anymore i = 1; do { - sprintf(pobj->name, NOX("Support %d"), i); + SDL_snprintf(pobj->name, sizeof(pobj->name), NOX("Support %d"), i); if ( (ship_name_lookup(pobj->name) == -1) && (ship_find_exited_ship_by_name(pobj->name) == -1) ) break; i++; @@ -5032,7 +5032,7 @@ void mission_warp_in_support_ship( object *requester_objp ) break; if ( i == Num_cargo ) { - strcpy(Cargo_names[i], NOX("Nothing")); + SDL_strlcpy(Cargo_names[i], NOX("Nothing"), NAME_LENGTH); Num_cargo++; } pobj->cargo1 = char(i); @@ -5126,7 +5126,7 @@ int mission_remove_scheduled_repair( object *objp ) // ship is found -- compress the array for ( i = index; i < Num_arriving_repair_targets - 1; i++ ) - strcpy( Arriving_repair_targets[i], Arriving_repair_targets[i+1] ); + SDL_strlcpy( Arriving_repair_targets[i], Arriving_repair_targets[i+1], NAME_LENGTH ); Num_arriving_repair_targets--; @@ -5158,7 +5158,7 @@ int mission_parse_lookup_alt(char *name) } static int mission_parse_lookup_alt_index_warn = 1; -void mission_parse_lookup_alt_index(int index, char *out) +void mission_parse_lookup_alt_index(int index, char *out, const int max_outlen) { // sanity if(out == NULL){ @@ -5173,7 +5173,7 @@ void mission_parse_lookup_alt_index(int index, char *out) } // stuff it - strcpy(out, Mission_alt_types[index]); + SDL_strlcpy(out, Mission_alt_types[index], max_outlen); } int mission_parse_add_alt(char *name) @@ -5186,7 +5186,7 @@ int mission_parse_add_alt(char *name) // maybe add if(Mission_alt_type_count < MAX_ALT_TYPE_NAMES){ // stuff the name - strncpy(Mission_alt_types[Mission_alt_type_count++], name, NAME_LENGTH); + SDL_strlcpy(Mission_alt_types[Mission_alt_type_count++], name, NAME_LENGTH); // done return Mission_alt_type_count - 1; diff --git a/src/mission/missiontraining.cpp b/src/mission/missiontraining.cpp index b9eac82..dd6ded0 100644 --- a/src/mission/missiontraining.cpp +++ b/src/mission/missiontraining.cpp @@ -352,7 +352,7 @@ training_msg_mods Training_msg_mods[MAX_TRAINING_MSG_MODS]; // local module prototypes void training_process_msg(char *msg); -void message_translate_tokens(char *buf, char *text); +void message_translate_tokens(char *buf, const int max_buflen, char *text); #define NUM_DIRECTIVE_GAUGES 3 @@ -445,13 +445,14 @@ void training_obj_display() c = &Color_normal; if (Training_obj_lines[i + offset] & TRAINING_OBJ_LINES_KEY) { - message_translate_tokens(buf, Mission_events[z].objective_key_text); // remap keys + message_translate_tokens(buf, sizeof(buf), Mission_events[z].objective_key_text); // remap keys // gr_set_color_fast(&Color_normal); c = &Color_bright_green; } else { - strcpy(buf, Mission_events[z].objective_text); + SDL_strlcpy(buf, Mission_events[z].objective_text, sizeof(buf)); if (Mission_events[z].count){ - sprintf(buf + strlen(buf), NOX(" [%d]"), Mission_events[z].count); + int len = strlen(buf); + SDL_snprintf(buf + len, sizeof(buf) - len, NOX(" [%d]"), Mission_events[z].count); } // if this is a multiplayer tvt game, and this is event is not for my team, don't display it @@ -787,10 +788,10 @@ void training_mission_shutdown() } // translates special tokens. Handles one token only. -char *translate_msg_token(char *str) +char *translate_msg_token(char *str, const int max_len) { if (!SDL_strcasecmp(str, NOX("wp"))) { - sprintf(str, "%d", Training_context_goal_waypoint + 1); + SDL_snprintf(str, max_len, "%d", Training_context_goal_waypoint + 1); return str; } @@ -798,26 +799,28 @@ char *translate_msg_token(char *str) } // translates all special tokens in a message, producing the new finalized message to be displayed -void message_translate_tokens(char *buf, char *text) +void message_translate_tokens(char *buf, const int max_buflen, char *text) { char temp[40], *toke1, *toke2, *ptr; int r; + int len; *buf = 0; - toke1 = strchr(text, '$'); - toke2 = strchr(text, '#'); + toke1 = SDL_strchr(text, '$'); + toke2 = SDL_strchr(text, '#'); while (toke1 || toke2) { // is either token types present? if (!toke2 || (toke1 && (toke1 < toke2))) { // found $ before # - strncpy(buf, text, toke1 - text + 1); // copy text up to token + len = min(toke1 - text + 1, max_buflen); + SDL_strlcpy(buf, text, len); // copy text up to token buf += toke1 - text + 1; text = toke1 + 1; // advance pointers past processed data - toke2 = strchr(text, '$'); + toke2 = SDL_strchr(text, '$'); if (!toke2) // No second one? break; - strncpy(temp, text, toke2 - text); // isolate token into seperate buffer - temp[toke2 - text] = 0; // null terminate string + len = min(toke2 - text + 1, max_buflen); + SDL_strlcpy(temp, text, len); // isolate token into seperate buffer ptr = (char *)translate_key(temp); // try and translate key if (ptr) { // was key translated properly? if (!SDL_strcasecmp(ptr, NOX("none")) && (Training_bind_warning != Missiontime)) { @@ -836,36 +839,37 @@ void message_translate_tokens(char *buf, char *text) } buf--; // erase the $ - strcpy(buf, ptr); // put translated key in place of token + SDL_strlcpy(buf, ptr, max_buflen); // put translated key in place of token buf += strlen(buf); text = toke2 + 1; } } else { - strncpy(buf, text, toke2 - text + 1); // copy text up to token + len = min(toke2 - text + 1, max_buflen); + SDL_strlcpy(buf, text, len); // copy text up to token buf += toke2 - text + 1; text = toke2 + 1; // advance pointers past processed data - toke1 = strchr(text, '#'); + toke1 = SDL_strchr(text, '#'); if (toke1) // No second one? break; - strncpy(temp, text, toke1 - text); // isolate token into seperate buffer - temp[toke1 - text] = 0; // null terminate string - ptr = translate_msg_token(temp); // try and translate key + len = min(toke1 - text + 1, max_buflen); + SDL_strlcpy(temp, text, len); // isolate token into seperate buffer + ptr = translate_msg_token(temp, sizeof(temp)); // try and translate key if (ptr) { // was key translated properly? buf--; // erase the # - strcpy(buf, ptr); // put translated key in place of token + SDL_strlcpy(buf, ptr, max_buflen); // put translated key in place of token buf += strlen(buf); text = toke1 + 1; } } - toke1 = strchr(text, '$'); - toke2 = strchr(text, '#'); + toke1 = SDL_strchr(text, '$'); + toke2 = SDL_strchr(text, '#'); } - strcpy(buf, text); + SDL_strlcpy(buf, text, max_buflen); return; } @@ -931,7 +935,7 @@ int message_play_training_voice(int index) } else { game_snd tmp_gs; memset(&tmp_gs, 0, sizeof(game_snd)); - strcpy(tmp_gs.filename, Message_waves[index].name); + SDL_strlcpy(tmp_gs.filename, Message_waves[index].name, sizeof(tmp_gs.filename)); Message_waves[index].num = snd_load(&tmp_gs); if (Message_waves[index].num < 0) { nprintf(("Warning", "Cannot load message wave: %s. Will not play\n", Message_waves[index].name)); @@ -969,9 +973,9 @@ void message_training_setup(int m, int length) return; } - message_translate_tokens(Training_buf, Messages[m].message); + message_translate_tokens(Training_buf, sizeof(Training_buf), Messages[m].message); HUD_add_to_scrollback(Training_buf, HUD_SOURCE_TRAINING); - strcpy(Training_text, Messages[m].message); + SDL_strlcpy(Training_text, Messages[m].message, sizeof(Training_text)); if (message_play_training_voice(Messages[m].wave_info.index) < 0) { if (length > 0) @@ -1073,7 +1077,7 @@ void message_training_display() return; } - message_translate_tokens(Training_buf, Training_text); + message_translate_tokens(Training_buf, sizeof(Training_buf), Training_text); training_process_msg(Training_text); Training_num_lines = split_str(Training_buf, TRAINING_LINE_WIDTH, Training_line_sizes, Training_lines, MAX_TRAINING_MSG_LINES); SDL_assert(Training_num_lines > 0); @@ -1153,7 +1157,7 @@ void training_process_msg(char *msg) int count; char *src, *dest, buf[8192]; - message_translate_tokens(buf, msg); + message_translate_tokens(buf, sizeof(buf), msg); count = 0; src = buf; dest = Training_buf; diff --git a/src/missionui/chatbox.cpp b/src/missionui/chatbox.cpp index a9afad3..4c91c01 100644 --- a/src/missionui/chatbox.cpp +++ b/src/missionui/chatbox.cpp @@ -645,7 +645,7 @@ void chatbox_set_mode(int mode_flags) // set up the display/init variables based upon what mode we chode switch(size){ case 0: - strcpy(Chatbox_mask, Chatbox_small_bitmap_mask_fname[gr_screen.res]); + SDL_strlcpy(Chatbox_mask, Chatbox_small_bitmap_mask_fname[gr_screen.res], sizeof(Chatbox_mask)); Chatbox_x1 = Chatbox_small_coords[gr_screen.res][CHATBOX_X_COORD]; Chatbox_y1 = Chatbox_small_coords[gr_screen.res][CHATBOX_Y_COORD]; Chatbox_icon_x = Chatbox_small_display_coords[gr_screen.res][CHATBOX_X_COORD] - CHATBOX_TEAM_ICON_SPACE; @@ -661,7 +661,7 @@ void chatbox_set_mode(int mode_flags) break; case 1: - strcpy(Chatbox_mask, Chatbox_big_bitmap_mask_fname[gr_screen.res]); + SDL_strlcpy(Chatbox_mask, Chatbox_big_bitmap_mask_fname[gr_screen.res], sizeof(Chatbox_mask)); Chatbox_x1 = Chatbox_big_coords[gr_screen.res][CHATBOX_X_COORD]; Chatbox_y1 = Chatbox_big_coords[gr_screen.res][CHATBOX_Y_COORD]; Chatbox_icon_x = Chatbox_big_display_coords[gr_screen.res][CHATBOX_X_COORD] - CHATBOX_TEAM_ICON_SPACE; @@ -1021,6 +1021,7 @@ void chatbox_add_line(const char *msg, int pid, int add_id) int n_chars[3]; char *p_str[3]; // for the initial line (unindented) char msg_extra[CHATBOX_STRING_LEN]; + int len; if(!Chatbox_created){ return; @@ -1029,12 +1030,12 @@ void chatbox_add_line(const char *msg, int pid, int add_id) // maybe stick on who sent the message if(add_id){ if(MULTI_STANDALONE(Net_players[pid])){ - sprintf(msg_extra, NOX("%s %s"), NOX(""), msg ); + SDL_snprintf(msg_extra, sizeof(msg_extra), NOX("%s %s"), NOX(""), msg ); } else { - sprintf(msg_extra, NOX("%s: %s"), Net_players[pid].player->short_callsign, msg ); + SDL_snprintf(msg_extra, sizeof(msg_extra), NOX("%s: %s"), Net_players[pid].player->short_callsign, msg ); } } else { - strcpy(msg_extra,msg); + SDL_strlcpy(msg_extra, msg, sizeof(msg_extra)); } SDL_assert(strlen(msg_extra) < (CHATBOX_STRING_LEN - 2)); @@ -1054,13 +1055,9 @@ void chatbox_add_line(const char *msg, int pid, int add_id) Brief_chat_indents[Brief_current_add_line] = 0; // copy in the chars - strncpy(&Brief_chat_lines[Brief_current_add_line][1],p_str[0],CHATBOX_STRING_LEN - 1); - if(n_chars[0] >= CHATBOX_STRING_LEN){ - Brief_chat_lines[Brief_current_add_line][CHATBOX_STRING_LEN - 1] = '\0'; - } else { - Brief_chat_lines[Brief_current_add_line][n_chars[0] + 1] = '\0'; - } - + len = min(n_chars[0] + 1, CHATBOX_STRING_LEN); + SDL_strlcpy(&Brief_chat_lines[Brief_current_add_line][1], p_str[0], len); + // increment the total line count if we haven't reached the max already if(Num_brief_chat_lines= CHATBOX_STRING_LEN){ - Brief_chat_lines[Brief_current_add_line][CHATBOX_STRING_LEN - 1] = '\0'; - } else { - Brief_chat_lines[Brief_current_add_line][n_chars[idx] + 1] = '\0'; - } - + len = min(n_chars[idx] + 1, CHATBOX_STRING_LEN); + SDL_strlcpy(&Brief_chat_lines[Brief_current_add_line][1], p_str[idx], len); + // increment the total line count if we haven't reached the max already if(Num_brief_chat_linescloseup_label, XSTR( "asteroid", 431)); + SDL_strlcpy(pof_filename, Asteroid_info[ASTEROID_TYPE_BIG].pof_files[0], sizeof(pof_filename)); + SDL_strlcpy(Closeup_icon->closeup_label, XSTR( "asteroid", 431), sizeof(Closeup_icon->closeup_label)); (void) vm_vec_make(&Closeup_cam_pos, 0.0f, 0.0f, -334.0f); Closeup_zoom = 0.5f; #endif break; case ICON_JUMP_NODE: - strcpy(pof_filename, NOX("subspacenode.pof")); - strcpy(Closeup_icon->closeup_label, XSTR( "jump node", 432)); + SDL_strlcpy(pof_filename, NOX("subspacenode.pof"), sizeof(pof_filename)); + SDL_strlcpy(Closeup_icon->closeup_label, XSTR( "jump node", 432), sizeof(Closeup_icon->closeup_label)); (void) vm_vec_make(&Closeup_cam_pos, 0.0f, 0.0f, -2700.0f); Closeup_zoom = 0.5f; Closeup_one_revolution_time = ONE_REV_TIME * 3; break; case ICON_UNKNOWN: case ICON_UNKNOWN_WING: - strcpy(pof_filename, NOX("unknownship.pof")); - strcpy(Closeup_icon->closeup_label, XSTR( "unknown", 433)); + SDL_strlcpy(pof_filename, NOX("unknownship.pof"), sizeof(pof_filename)); + SDL_strlcpy(Closeup_icon->closeup_label, XSTR( "unknown", 433), sizeof(Closeup_icon->closeup_label)); (void) vm_vec_make(&Closeup_cam_pos, 0.0f, 0.0f, -22.0f); Closeup_zoom = 0.5f; break; @@ -1678,13 +1678,13 @@ int brief_setup_closeup(brief_icon *bi) SDL_assert( Closeup_icon->ship_class != -1 ); sip = &Ship_info[Closeup_icon->ship_class]; - strcpy(Closeup_icon->closeup_label,sip->name); + SDL_strlcpy(Closeup_icon->closeup_label,sip->name, sizeof(Closeup_icon->closeup_label)); // cut any text off after (and including) '#' char brief_truncate_label(Closeup_icon->closeup_label); if ( sip->flags & (SIF_SMALL_SHIP|SIF_BIG_SHIP|SIF_HUGE_SHIP|SIF_SENTRYGUN) ) { - strcat(Closeup_icon->closeup_label, XSTR( " class", 434)); + SDL_strlcat(Closeup_icon->closeup_label, XSTR( " class", 434), MAX_LABEL_LEN); } break; } diff --git a/src/missionui/missioncmdbrief.cpp b/src/missionui/missioncmdbrief.cpp index 25ab774..a40a897 100644 --- a/src/missionui/missioncmdbrief.cpp +++ b/src/missionui/missioncmdbrief.cpp @@ -640,7 +640,7 @@ void cmd_brief_ani_wave_init(int index) name = Cur_cmd_brief->stage[index].ani_filename; if (!name[0] || !SDL_strcasecmp(name, NOX("")) || !SDL_strcasecmp(name, NOX("none.ani"))) { name = NOX("CB_default"); - strcpy(Cur_cmd_brief->stage[index].ani_filename, name); + SDL_strlcpy(Cur_cmd_brief->stage[index].ani_filename, name, sizeof(Cur_cmd_brief->stage[0].ani_filename)); } int load_attempts = 0; @@ -872,7 +872,7 @@ void cmd_brief_do_frame(float frametime) gr_set_font(FONT1); gr_set_color_fast(&Color_text_heading); - sprintf(buf, XSTR( "Stage %d of %d", 464), Cur_stage + 1, Cur_cmd_brief->num_stages); + SDL_snprintf(buf, sizeof(buf), XSTR( "Stage %d of %d", 464), Cur_stage + 1, Cur_cmd_brief->num_stages); gr_get_string_size(&w, NULL, buf); gr_string(Cmd_text_wnd_coords[gr_screen.res][CMD_X_COORD] + Cmd_text_wnd_coords[gr_screen.res][CMD_W_COORD] - w, Cmd_stage_y[gr_screen.res], buf); diff --git a/src/missionui/missiondebrief.cpp b/src/missionui/missiondebrief.cpp index 60877b8..7660d22 100644 --- a/src/missionui/missiondebrief.cpp +++ b/src/missionui/missiondebrief.cpp @@ -1316,7 +1316,7 @@ void debrief_choose_promotion_voice() int i, j; if(Campaign.current_mission < 0){ - sprintf(Promotion_stage.voice, NOX("9_%s"), Ranks[Promoted].promotion_voice_base); + SDL_snprintf(Promotion_stage.voice, sizeof(Promotion_stage.voice), NOX("9_%s"), Ranks[Promoted].promotion_voice_base); return; } @@ -1328,7 +1328,7 @@ void debrief_choose_promotion_voice() for (j=0; jstats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("9_%s"), Badge_info[Player->stats.m_badge_earned].voice_base); #else // default to FS1 guy - sprintf(Badge_stage.voice, NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); #endif } if ((Campaign.missions[Campaign.current_mission].name) && (Campaign.filename)) { #ifdef MAKE_FS1 if ( Player->on_bastion ) { - sprintf(Badge_stage.voice, NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base2); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base2); return; } else { - sprintf(Badge_stage.voice, NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); return; } #else @@ -1376,7 +1376,7 @@ void debrief_choose_badge_voice() for (j=0; jstats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("%d_%s"), Debrief_promotion_voice_mapping[i][j].persona_index, Badge_info[Player->stats.m_badge_earned].voice_base); return; } } @@ -1387,10 +1387,10 @@ void debrief_choose_badge_voice() #ifndef MAKE_FS1 // default to petrarch - sprintf(Badge_stage.voice, NOX("9_%s"), Badge_info[Player->stats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("9_%s"), Badge_info[Player->stats.m_badge_earned].voice_base); #else // default to FS1 guy - sprintf(Badge_stage.voice, NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); + SDL_snprintf(Badge_stage.voice, sizeof(Badge_stage.voice), NOX("%s"), Badge_info[Player->stats.m_badge_earned].voice_base); #endif } @@ -1421,14 +1421,14 @@ void debrief_award_init() } else { ver = 0; } - sprintf(buf, NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_WINGS], ver); + SDL_snprintf(buf, sizeof(buf), NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_WINGS], ver); Wings_bitmap = bm_load(buf); #ifndef MAKE_FS1 } else if (Player->stats.m_medal_earned == 17) { // special hack for the soc crest Crest_bitmap = bm_load(Debrief_award_filename[gr_screen.res][DB_AWARD_SOC]); #endif } else { - sprintf(buf, NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_MEDAL], Player->stats.m_medal_earned); + SDL_snprintf(buf, sizeof(buf), NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_MEDAL], Player->stats.m_medal_earned); Medal_bitmap = bm_load(buf); } @@ -1440,7 +1440,7 @@ void debrief_award_init() // handle promotions if ( Player->stats.m_promotion_earned != -1 ) { Promoted = Player->stats.m_promotion_earned; - sprintf(buf, NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_RANK], Promoted + 1); + SDL_snprintf(buf, sizeof(buf), NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_RANK], Promoted + 1); Rank_bitmap = bm_load(buf); Promotion_stage.new_text = Ranks[Promoted].promotion_text; @@ -1458,7 +1458,7 @@ void debrief_award_init() // only grant badge if earned and allowed. (no_promotion really means no promotion and no badges) if ( Player->stats.m_badge_earned != -1 ) { i = Player->stats.m_badge_earned; - sprintf(buf, NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_BADGE], i + 1); + SDL_snprintf(buf, sizeof(buf), NOX("%s%.2d"), Debrief_award_filename[gr_screen.res][DB_AWARD_BADGE], i + 1); Badge_bitmap = bm_load(buf); Badge_stage.new_text = Badge_info[i].promotion_text; @@ -1527,13 +1527,13 @@ void debrief_traitor_init() // DKA 9/13/99 Only 1 traitor msg for FS2 #ifdef MAKE_FS1 if ( Player->on_bastion ) { - strcpy(stagep->voice, NOX("3_")); + SDL_strlcpy(stagep->voice, NOX("3_"), sizeof(stagep->voice)); } else { - strcpy(stagep->voice, NOX("1_")); + SDL_strlcpy(stagep->voice, NOX("1_"), sizeof(stagep->voice)); } #endif - strcat(stagep->voice, traitor_voice_file); + SDL_strlcat(stagep->voice, traitor_voice_file, sizeof(stagep->voice)); required_string("$Recommendation text:"); if ( Fred_running ) { @@ -1584,7 +1584,7 @@ void debrief_multi_list_init() // switch stats display to this newly selected player set_player_stats(Multi_list[0].net_player_index); - strcpy(Debrief_current_callsign, Multi_list[0].callsign); + SDL_strlcpy(Debrief_current_callsign, Multi_list[0].callsign, sizeof(Debrief_current_callsign)); Debrief_player = Player; } @@ -1637,7 +1637,7 @@ void debrief_multi_list_draw() // switch stats display to this newly selected player set_player_stats(Multi_list[idx].net_player_index); - strcpy(Debrief_current_callsign, Multi_list[idx].callsign); + SDL_strlcpy(Debrief_current_callsign, Multi_list[idx].callsign, sizeof(Debrief_current_callsign)); Debrief_player = Net_players[Multi_list[idx].net_player_index].player; break; } @@ -1704,9 +1704,9 @@ void debrief_multi_list_draw() } } - strcpy(str,Multi_list[z].callsign); + SDL_strlcpy(str, Multi_list[z].callsign, sizeof(str)); if(Net_players[Multi_list[z].net_player_index].flags & NETINFO_FLAG_OBSERVER && !(Net_players[Multi_list[z].net_player_index].flags & NETINFO_FLAG_OBS_PLAYER)){ - strcat(str,XSTR( "(O)", 438)); + SDL_strlcat(str, XSTR( "(O)", 438), sizeof(str)); } // bli @@ -1726,19 +1726,19 @@ void debrief_kick_selected_player() } // get optional mission popup text -void debrief_assemble_optional_mission_popup_text(char *buffer, char *mission_loop_desc) +void debrief_assemble_optional_mission_popup_text(char *buffer, const int buf_len, char *mission_loop_desc) { SDL_assert(buffer != NULL); // base message if (mission_loop_desc == NULL) { - strcpy(buffer, XSTR("", 1490)); + SDL_strlcpy(buffer, XSTR("", 1490), buf_len); mprintf(("No mission loop description avail")); } else { - strcpy(buffer, mission_loop_desc); + SDL_strlcpy(buffer, mission_loop_desc, buf_len); } - strcat(buffer, XSTR("\n\n\nDo you want to play the optional mission?", 1491)); + SDL_strlcat(buffer, XSTR("\n\n\nDo you want to play the optional mission?", 1491), buf_len); } // what to do when the accept button is hit @@ -1931,7 +1931,7 @@ void debrief_render_stagenum() if (Num_stages < 2) return; - sprintf(buf, XSTR( "%d of %d", 445), Current_stage + 1, Num_stages); + SDL_snprintf(buf, sizeof(buf), XSTR( "%d of %d", 445), Current_stage + 1, Num_stages); gr_get_string_size(&w, NULL, buf); gr_set_color_fast(&Color_bright_blue); gr_string(Debrief_stage_info_coords[gr_screen.res][0] - w, Debrief_stage_info_coords[gr_screen.res][1], buf); @@ -1943,7 +1943,7 @@ void debrief_render_mission_time(int y_loc) { char time_str[30]; - game_format_time(Missiontime, time_str); + game_format_time(Missiontime, time_str, sizeof(time_str)); gr_string(0, y_loc, XSTR( "Mission Time", 446)); gr_string(Debrief_text_x2[gr_screen.res], y_loc, time_str); } @@ -2234,8 +2234,8 @@ void debrief_setup_ship_kill_stats(int stage_num) kill_info->num = kill_arr[i]; - strcpy(kill_info->text, Ship_info[i].name); - strcat(kill_info->text, NOX(":")); + SDL_strlcpy(kill_info->text, Ship_info[i].name, sizeof(kill_info->text)); + SDL_strlcat(kill_info->text, NOX(":"), sizeof(kill_info->text)); } Num_text_lines += 2; @@ -2261,7 +2261,7 @@ void debrief_check_buttons() if ((z >= 0) && (z < Multi_list_size)) { // switch stats display to this newly selected player set_player_stats(Multi_list[z].net_player_index); - strcpy(Debrief_current_callsign, Multi_list[z].callsign); + SDL_strlcpy(Debrief_current_callsign, Multi_list[z].callsign, sizeof(Debrief_current_callsign)); Debrief_player = Net_players[Multi_list[z].net_player_index].player; Multi_list_select = z; debrief_setup_ship_kill_stats(Current_stage); @@ -2282,6 +2282,7 @@ void debrief_text_stage_init(const char *src, int type) int i, n_lines, n_chars[MAX_DEBRIEF_LINES]; char line[MAX_DEBRIEF_LINE_LEN]; char *p_str[MAX_DEBRIEF_LINES]; + int len; n_lines = split_str(src, Debrief_text_wnd_coords[gr_screen.res][2], n_chars, p_str, MAX_DEBRIEF_LINES); SDL_assert(n_lines >= 0); @@ -2294,7 +2295,8 @@ void debrief_text_stage_init(const char *src, int type) for ( i=0; icallsign); + SDL_strlcpy(Debrief_current_callsign, Player->callsign, sizeof(Debrief_current_callsign)); Debrief_player = Player; // Debrief_current_net_player_index = debrief_multi_list[0].net_player_index; @@ -2721,7 +2723,7 @@ void debrief_add_award_text(char *str) int field_width = (Medal_bitmap > 0) ? Debrief_award_text_width[gr_screen.res][DB_WITH_MEDAL] : Debrief_award_text_width[gr_screen.res][DB_WITHOUT_MEDAL]; // copy in the line - strcpy(Debrief_award_text[Debrief_award_text_num_lines], str); + SDL_strlcpy(Debrief_award_text[Debrief_award_text_num_lines], str, AWARD_TEXT_MAX_LINE_LENGTH); // maybe translate for displaying if (Lcl_gr) { @@ -2737,7 +2739,7 @@ void debrief_add_award_text(char *str) if (Debrief_award_text_num_lines < AWARD_TEXT_MAX_LINES) { line2 = split_str_once(Debrief_award_text[Debrief_award_text_num_lines-1], field_width); if (line2 != NULL) { - sprintf(Debrief_award_text[Debrief_award_text_num_lines], " %s", line2); // indent a space + SDL_snprintf(Debrief_award_text[Debrief_award_text_num_lines], AWARD_TEXT_MAX_LINE_LENGTH, " %s", line2); // indent a space } Debrief_award_text_num_lines++; // leave blank line even if it all fits into 1 } @@ -2940,7 +2942,7 @@ void debrief_do_frame(float frametime) // draw the title of the mission gr_set_color_fast(&Color_bright_white); - strcpy(buf, The_mission.name); + SDL_strlcpy(buf, The_mission.name, sizeof(buf)); gr_force_fit_string(buf, 255, Debrief_title_coords[gr_screen.res][2]); gr_string(Debrief_title_coords[gr_screen.res][0], Debrief_title_coords[gr_screen.res][1], buf); @@ -3061,7 +3063,7 @@ void debrief_rebuild_player_list() if ( MULTI_CONNECTED((*np)) && !MULTI_STANDALONE((*np))){ list = &Multi_list[Multi_list_size++]; list->net_player_index = i; - strcpy(list->callsign, np->player->callsign); + SDL_strlcpy(list->callsign, np->player->callsign, sizeof(list->callsign)); // make sure to leave some room to blit the team indicator gr_force_fit_string(list->callsign, CALLSIGN_LEN - 1, Debrief_list_coords[gr_screen.res][2] - MULTI_LIST_TEAM_OFFSET); diff --git a/src/missionui/missionscreencommon.cpp b/src/missionui/missionscreencommon.cpp index 9d40756..e82fdc5 100644 --- a/src/missionui/missionscreencommon.cpp +++ b/src/missionui/missionscreencommon.cpp @@ -645,7 +645,7 @@ void common_set_interface_palette(const char *filename) if ( (InterfacePaletteBitmap != -1) && !SDL_strcasecmp(filename, buf) ) return; // already set to this palette - strcpy(buf, filename); + SDL_strlcpy(buf, filename, sizeof(buf)); // unload the interface bitmap from memory if (InterfacePaletteBitmap != -1) { diff --git a/src/missionui/missionshipchoice.cpp b/src/missionui/missionshipchoice.cpp index c1cac1f..c1d3a67 100644 --- a/src/missionui/missionshipchoice.cpp +++ b/src/missionui/missionshipchoice.cpp @@ -1400,7 +1400,7 @@ void ship_select_blit_ship_info() gr_set_color_fast(header); gr_string(Ship_info_coords[gr_screen.res][SHIP_SELECT_X_COORD], y_start,XSTR("Max Velocity",742)); y_start += 10; - sprintf(str,XSTR("%d m/s",743),(int)sip->max_vel.xyz.z); + SDL_snprintf(str,sizeof(str),XSTR("%d m/s",743),(int)sip->max_vel.xyz.z); gr_set_color_fast(text); gr_string(Ship_info_coords[gr_screen.res][SHIP_SELECT_X_COORD]+4, y_start,str); y_start += 10; @@ -1855,7 +1855,7 @@ void draw_ship_icon_with_number(int screen_offset, int ship_class) gr_bitmap(Ship_list_coords[gr_screen.res][screen_offset][0], Ship_list_coords[gr_screen.res][screen_offset][1]); // blit the number - sprintf(buf, "%d", Ss_pool[ship_class] ); + SDL_snprintf(buf, sizeof(buf), "%d", Ss_pool[ship_class] ); gr_set_color_fast(&Color_white); gr_string(num_x, num_y, buf); } @@ -1895,16 +1895,16 @@ anim* ss_load_individual_animation(int ship_class) // If we are in 1024x768, we first want to append "2_" in front of the filename if (gr_screen.res == GR_1024) { SDL_assert(strlen(Ship_info[ship_class].anim_filename) <= 30); - strcpy(animation_filename, "2_"); - strcat(animation_filename, Ship_info[ship_class].anim_filename); + SDL_strlcpy(animation_filename, "2_", sizeof(animation_filename)); + SDL_strlcat(animation_filename, Ship_info[ship_class].anim_filename, sizeof(animation_filename)); // now check if file exists // GRR must add a .ANI at the end for detection - strcat(animation_filename, ".ani"); + SDL_strlcat(animation_filename, ".ani", sizeof(animation_filename)); p_anim = anim_load(animation_filename, 1); if (p_anim == NULL) { // failed loading hi-res, revert to low res - strcpy(animation_filename, Ship_info[ship_class].anim_filename); + SDL_strlcpy(animation_filename, Ship_info[ship_class].anim_filename, sizeof(animation_filename)); p_anim = anim_load(animation_filename, 1); mprintf(("Ship ANI: Can not find %s, using lowres version instead.\n", animation_filename)); } else { @@ -1922,7 +1922,7 @@ anim* ss_load_individual_animation(int ship_class) } */ } else { - strcpy(animation_filename, Ship_info[ship_class].anim_filename); + SDL_strlcpy(animation_filename, Ship_info[ship_class].anim_filename, sizeof(animation_filename)); p_anim = anim_load(animation_filename, 1); } @@ -2042,8 +2042,8 @@ void commit_pressed() // save the player loadout if ( !(Game_mode & GM_MULTIPLAYER) ) { - strcpy(Player_loadout.filename, Game_current_mission_filename); - strcpy(Player_loadout.last_modified, The_mission.modified); + SDL_strlcpy(Player_loadout.filename, Game_current_mission_filename, sizeof(Player_loadout.filename)); + SDL_strlcpy(Player_loadout.last_modified, The_mission.modified, sizeof(Player_loadout.last_modified)); wss_save_loadout(); } @@ -2649,7 +2649,7 @@ int ss_return_ship(int wing_block, int wing_slot, int *ship_index, p_object **pp // player ship, return the player callsign // // input: ensure at least NAME_LENGTH bytes allocated for name buffer -void ss_return_name(int wing_block, int wing_slot, char *name) +void ss_return_name(int wing_block, int wing_slot, char *name, const int max_namelen) { ss_slot_info *ws; wing *wp; @@ -2658,13 +2658,13 @@ void ss_return_name(int wing_block, int wing_slot, char *name) wp = &Wings[Ss_wings[wing_block].wingnum]; if (!Wss_num_wings) { - strcpy(name, Player->callsign); + SDL_strlcpy(name, Player->callsign, max_namelen); return; } // Check to see if ship is on the ship_arrivals[] list if ( ws->sa_index != -1 ) { - strcpy(name, ship_arrivals[ws->sa_index].name); + SDL_strlcpy(name, ship_arrivals[ws->sa_index].name, max_namelen); } else { ship *sp; sp = &Ships[wp->ship_index[wing_slot]]; @@ -2673,12 +2673,12 @@ void ss_return_name(int wing_block, int wing_slot, char *name) if(Game_mode & GM_MULTIPLAYER){ int player_index = multi_find_player_by_object(&Objects[sp->objnum]); if(player_index != -1){ - strcpy(name,Net_players[player_index].player->callsign); + SDL_strlcpy(name,Net_players[player_index].player->callsign, max_namelen); } else { - strcpy(name,sp->ship_name); + SDL_strlcpy(name,sp->ship_name, max_namelen); } } else { - strcpy(name, sp->ship_name); + SDL_strlcpy(name, sp->ship_name, max_namelen); } } } diff --git a/src/missionui/missionweaponchoice.cpp b/src/missionui/missionweaponchoice.cpp index 4a15250..4665509 100644 --- a/src/missionui/missionweaponchoice.cpp +++ b/src/missionui/missionweaponchoice.cpp @@ -1245,7 +1245,7 @@ void wl_render_overhead_view(float frametime) } else { // high-res char filename[NAME_LENGTH+2] = "2_"; - strcat(filename, Ship_info[ship_class].overhead_filename); + SDL_strlcat(filename, Ship_info[ship_class].overhead_filename, sizeof(filename)); wl_ship->overhead_bitmap = bm_load(filename); } if ( wl_ship->overhead_bitmap < 0 ) { @@ -1257,7 +1257,7 @@ void wl_render_overhead_view(float frametime) gr_bitmap(Wl_overhead_coords[gr_screen.res][0], Wl_overhead_coords[gr_screen.res][1]); } - ss_return_name(Selected_wl_slot/4, Selected_wl_slot%4, name); + ss_return_name(Selected_wl_slot/4, Selected_wl_slot%4, name, sizeof(name)); gr_set_color_fast(&Color_normal); gr_string(Wl_ship_name_coords[gr_screen.res][0], Wl_ship_name_coords[gr_screen.res][1], name); } @@ -1447,17 +1447,17 @@ void wl_load_anim(int weapon_class) // If we are in 1024x768, we first want to append "2_" in front of the filename if (gr_screen.res == GR_1024) { SDL_assert(strlen(Weapon_info[weapon_class].anim_filename) <= 30); - strcpy(animation_filename, "2_"); - strcat(animation_filename, Weapon_info[weapon_class].anim_filename); + SDL_strlcpy(animation_filename, "2_", sizeof(animation_filename)); + SDL_strlcat(animation_filename, Weapon_info[weapon_class].anim_filename, sizeof(animation_filename)); // now check if file exists // GRR must add a .ANI at the end for detection - strcat(animation_filename,".ani"); + SDL_strlcat(animation_filename,".ani", sizeof(animation_filename)); icon->anim = anim_load(animation_filename, 1); if (icon->anim == NULL) { mprintf(("Weapon ANI: Can not find %s, using lowres version instead.\n",animation_filename)); - strcpy(animation_filename, Weapon_info[weapon_class].anim_filename); + SDL_strlcpy(animation_filename, Weapon_info[weapon_class].anim_filename, sizeof(animation_filename)); icon->anim = anim_load(animation_filename, 1); } @@ -1472,7 +1472,7 @@ void wl_load_anim(int weapon_class) } */ } else { - strcpy(animation_filename, Weapon_info[weapon_class].anim_filename); + SDL_strlcpy(animation_filename, Weapon_info[weapon_class].anim_filename, sizeof(animation_filename)); // load the compressed ship animation into memory // NOTE: if last parm of load_anim is 1, the anim file is mapped to memory icon->anim = anim_load(animation_filename, 1); @@ -2603,7 +2603,7 @@ void wl_weapon_desc_start_wipe() Weapon_desc_wipe_done = 0; // break title into two lines if too long - strcpy(Weapon_desc_lines[0], Weapon_info[Selected_wl_class].title); + SDL_strlcpy(Weapon_desc_lines[0], Weapon_info[Selected_wl_class].title, WEAPON_DESC_MAX_LENGTH); gr_get_string_size(&w, &h, Weapon_info[Selected_wl_class].title, title_len); if (w > Weapon_title_max_width[gr_screen.res]) { // split @@ -2617,7 +2617,7 @@ void wl_weapon_desc_start_wipe() } Weapon_desc_lines[0][currchar_src] = '\0'; // shorten line 0 - strcpy(Weapon_desc_lines[1], &(Weapon_desc_lines[0][currchar_src+1])); // copy remainder into line 1 + SDL_strlcpy(Weapon_desc_lines[1], &(Weapon_desc_lines[0][currchar_src+1]), WEAPON_DESC_MAX_LENGTH); // copy remainder into line 1 } else { // entire title in line 0, thus line 1 is empty Weapon_desc_lines[1][0] = '\0'; @@ -2991,8 +2991,8 @@ void weapon_select_do(float frametime) if (Lcl_gr) { // might have to get weapon name translation char display_name[128]; - strncpy(display_name, Weapon_info[Carried_wl_icon.weapon_class].name, 128); - lcl_translate_wep_name(display_name); + SDL_strlcpy(display_name, Weapon_info[Carried_wl_icon.weapon_class].name, sizeof(display_name)); + lcl_translate_wep_name(display_name, sizeof(display_name)); popup(PF_USE_AFFIRMATIVE_ICON, 1, POPUP_OK, XSTR( "A %s is unable to carry %s weaponry", 633), Ship_info[ship_class].name, display_name); } else { popup(PF_USE_AFFIRMATIVE_ICON, 1, POPUP_OK, XSTR( "A %s is unable to carry %s weaponry", 633), Ship_info[ship_class].name, Weapon_info[Carried_wl_icon.weapon_class].name); @@ -3103,7 +3103,7 @@ void wl_render_icon_count(int num, int x, int y) int number_to_draw = (num > 1000) ? 999 : num; // cap count @ 999 SDL_assert(number_to_draw >= 0); - sprintf(buf, "%d", number_to_draw); + SDL_snprintf(buf, sizeof(buf), "%d", number_to_draw); gr_get_string_size(&num_w, &num_h, buf, strlen(buf)); // render diff --git a/src/missionui/redalert.cpp b/src/missionui/redalert.cpp index 5b9d29a..d52f2da 100644 --- a/src/missionui/redalert.cpp +++ b/src/missionui/redalert.cpp @@ -713,7 +713,7 @@ void red_alert_store_wingman_status() Red_alert_num_slots_used = 0; // store the mission filename for the red alert precursor mission - strcpy(Red_alert_precursor_mission, Game_current_mission_filename);; + SDL_strlcpy(Red_alert_precursor_mission, Game_current_mission_filename, sizeof(Red_alert_precursor_mission)); // store status for all existing ships for ( so = GET_FIRST(&Ship_obj_list); so != END_OF_LIST(&Ship_obj_list); so = GET_NEXT(so) ) { @@ -737,7 +737,7 @@ void red_alert_store_wingman_status() ras = &Red_alert_wingman_status[Red_alert_num_slots_used]; Red_alert_num_slots_used++; - strcpy(ras->name, shipp->ship_name); + SDL_strlcpy(ras->name, shipp->ship_name, sizeof(ras->name)); ras->hull = Objects[shipp->objnum].hull_strength; ras->ship_class = shipp->ship_info_index; red_alert_store_weapons(ras, &shipp->weapons); @@ -756,7 +756,7 @@ void red_alert_store_wingman_status() ras = &Red_alert_wingman_status[Red_alert_num_slots_used]; Red_alert_num_slots_used++; - strcpy(ras->name, Ships_exited[idx].ship_name); + SDL_strlcpy(ras->name, Ships_exited[idx].ship_name, sizeof(ras->name)); ras->hull = float(Ships_exited[idx].hull_strength); ras->ship_class = RED_ALERT_EXITED_SHIP_CLASS; //shipp->ship_info_index; red_alert_store_weapons(ras, NULL); diff --git a/src/model/modelread.cpp b/src/model/modelread.cpp index 3ef48b1..41cd9ac 100644 --- a/src/model/modelread.cpp +++ b/src/model/modelread.cpp @@ -897,7 +897,7 @@ void model_init() } // routine to parse out values from a user property field of an object -void get_user_prop_value(char *buf, char *value) +void get_user_prop_value(char *buf, char *value, const int max_vlen) { char *p, *p1, c; @@ -909,7 +909,7 @@ void get_user_prop_value(char *buf, char *value) p1++; c = *p1; *p1 = '\0'; - strcpy(value, p); + SDL_strlcpy(value, p, max_vlen); *p1 = c; } @@ -936,7 +936,7 @@ void model_copy_subsystems( int n_subsystems, model_subsystem *d_sp, model_subsy dest->turn_rate = source->turn_rate; dest->turret_gun_sobj = source->turret_gun_sobj; - strcpy( dest->name, source->name ); + SDL_strlcpy( dest->name, source->name, sizeof(dest->name) ); if ( dest->type == SUBSYSTEM_TURRET ) { int nfp; @@ -950,7 +950,7 @@ void model_copy_subsystems( int n_subsystems, model_subsystem *d_sp, model_subsy dest->turret_firing_point[nfp] = source->turret_firing_point[nfp]; if ( dest->flags & MSS_FLAG_CREWPOINT ) - strcpy(dest->crewspot, source->crewspot); + SDL_strlcpy(dest->crewspot, source->crewspot, sizeof(dest->crewspot)); } break; } @@ -969,11 +969,11 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * char lcdname[256]; if ( (p = strstr(props, "$name")) != NULL) - get_user_prop_value(p+5, subsystemp->name); + get_user_prop_value(p+5, subsystemp->name, sizeof(subsystemp->name)); else - strcpy( subsystemp->name, dname ); + SDL_strlcpy( subsystemp->name, dname, sizeof(subsystemp->name) ); - strcpy(lcdname, dname); + SDL_strlcpy(lcdname, dname, sizeof(lcdname)); SDL_strlwr(lcdname); // check the name for it's specific type @@ -986,16 +986,16 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * subsystemp->type = SUBSYSTEM_TURRET; if ( (p = strstr(props, "$fov")) != NULL ) - get_user_prop_value(p+4, buf); // get the value of the fov + get_user_prop_value(p+4, buf, sizeof(buf)); // get the value of the fov else - strcpy(buf,"180"); + SDL_strlcpy(buf,"180", sizeof(buf)); angle = ANG_TO_RAD(atoi(buf))/2.0f; subsystemp->turret_fov = (float)cos(angle); subsystemp->turret_num_firing_points = 0; if ( (p = strstr(props, "$crewspot")) != NULL) { subsystemp->flags |= MSS_FLAG_CREWPOINT; - get_user_prop_value(p+9, subsystemp->crewspot); + get_user_prop_value(p+9, subsystemp->crewspot, sizeof(subsystemp->crewspot)); } } else if ( strstr(lcdname, "navigation") ) { @@ -1023,7 +1023,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // get time for (a) complete rotation (b) step (c) activation float turn_time; - get_user_prop_value(p+7, buf); + get_user_prop_value(p+7, buf, sizeof(buf)); turn_time = (float)atof(buf); // CASE OF STEPPED ROTATION @@ -1034,7 +1034,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // get number of steps if ( (p = strstr(props, "$steps")) != NULL) { - get_user_prop_value(p+6, buf); + get_user_prop_value(p+6, buf, sizeof(buf)); subsystemp->stepped_rotation->num_steps = atoi(buf); } else { subsystemp->stepped_rotation->num_steps = 8; @@ -1042,7 +1042,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // get pause time if ( (p = strstr(props, "$t_paused")) != NULL) { - get_user_prop_value(p+9, buf); + get_user_prop_value(p+9, buf, sizeof(buf)); subsystemp->stepped_rotation->t_pause = (float)atof(buf); } else { subsystemp->stepped_rotation->t_pause = 2.0f; @@ -1050,7 +1050,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // get transition time - time to go between steps if ( (p = strstr(props, "$t_transit")) != NULL) { - get_user_prop_value(p+10, buf); + get_user_prop_value(p+10, buf, sizeof(buf)); subsystemp->stepped_rotation->t_transit = (float)atof(buf); } else { subsystemp->stepped_rotation->t_transit = 2.0f; @@ -1058,7 +1058,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // get fraction of time spent in accel if ( (p = strstr(props, "$fraction_accel")) != NULL) { - get_user_prop_value(p+15, buf); + get_user_prop_value(p+15, buf, sizeof(buf)); subsystemp->stepped_rotation->fraction = (float)atof(buf); SDL_assert(subsystemp->stepped_rotation->fraction > 0 && subsystemp->stepped_rotation->fraction < 0.5); } else { @@ -1076,7 +1076,7 @@ static void set_subsystem_info( model_subsystem *subsystemp, char *props, char * // CASE OF AI ROTATION else if ( (p = strstr(props, "$ai")) != NULL) { - get_user_prop_value(p+8, buf); + get_user_prop_value(p+8, buf, sizeof(buf)); subsystemp->flags |= MSS_FLAG_AI_ROTATE; // get parameters - ie, speed / dist / other ?? @@ -1136,7 +1136,7 @@ void do_new_subsystem( int n_subsystems, model_subsystem *slist, int subobj_num, subsystemp->pnt = *pnt; // use the offset to get the center point of the subsystem subsystemp->radius = rad; set_subsystem_info( subsystemp, props, subobj_name); - strcpy(subsystemp->subobj_name, subobj_name); // copy the object name + SDL_strlcpy(subsystemp->subobj_name, subobj_name, sizeof(subsystemp->subobj_name)); // copy the object name return; } } @@ -1154,7 +1154,7 @@ void do_new_subsystem( int n_subsystems, model_subsystem *slist, int subobj_num, #ifndef NDEBUG if ( ss_fp ) { char tmp_buffer[128]; - sprintf(tmp_buffer, "$Subsystem:\t\t\t%s,1,0.0\n", subobj_name); + SDL_snprintf(tmp_buffer, sizeof(tmp_buffer), "$Subsystem:\t\t\t%s,1,0.0\n", subobj_name); cfputs(tmp_buffer, ss_fp); } #endif @@ -1170,13 +1170,13 @@ void print_family_tree( polymodel *obj, int modelnum, const char * ident, int is if (strlen(ident)==0 ) { mprintf(( " %s", obj->submodel[modelnum].name )); - sprintf( temp, " " ); + SDL_snprintf( temp, sizeof(temp), " " ); } else if ( islast ) { mprintf(( "%s��%s", ident, obj->submodel[modelnum].name )); - sprintf( temp, "%s ", ident ); + SDL_snprintf( temp, sizeof(temp), "%s ", ident ); } else { mprintf(( "%s��%s", ident, obj->submodel[modelnum].name )); - sprintf( temp, "%s� ", ident ); + SDL_snprintf( temp, sizeof(temp), "%s� ", ident ); } mprintf(( "\n" )); @@ -1247,7 +1247,7 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode int i,j; #ifndef NDEBUG - strcpy(Global_filename, filename); + SDL_strlcpy(Global_filename, filename, sizeof(Global_filename)); #endif fp = cfopen(filename,"rb"); @@ -1264,7 +1264,7 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode char bname[_MAX_FNAME]; _splitpath(filename, NULL, NULL, bname, NULL); - sprintf(debug_name, "%s.subsystems", bname); + sprintf(debug_name, sizeof(), "%s.subsystems", bname); ss_fp = cfopen(debug_name, "wb", CFILE_NORMAL, CF_TYPE_TABLES ); if ( !ss_fp ) { mprintf(( "Can't open debug file for writing subsystems for %s\n", filename)); @@ -1294,7 +1294,7 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode pm->version = version; SDL_assert( strlen(filename) < FILENAME_LEN ); - strncpy(pm->filename, filename, FILENAME_LEN); + SDL_strlcpy(pm->filename, filename, FILENAME_LEN); memset( &pm->view_positions, 0, sizeof(pm->view_positions) ); @@ -1493,14 +1493,14 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode } if ( pm->submodel[n].name[0] == '\0' ) { - strcpy(pm->submodel[n].name, "unknown object name"); + SDL_strlcpy(pm->submodel[n].name, "unknown object name", MAX_NAME_LEN); } bool rotating_submodel_has_subsystem = !(pm->submodel[n].movement_type == MOVEMENT_TYPE_ROT); if ( ( p = strstr(props, "$special"))!= NULL ) { char type[32]; - get_user_prop_value(p+9, type); + get_user_prop_value(p+9, type, sizeof(type)); if ( !SDL_strcasecmp(type, "subsystem") ) { // if we have a subsystem, put it into the list! do_new_subsystem( n_subsystems, subsystems, n, pm->submodel[n].rad, &pm->submodel[n].offset, props, pm->submodel[n].name, pm->id ); rotating_submodel_has_subsystem = true; @@ -1652,9 +1652,9 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode cfread_string_len( props, MAX_PROP_LEN, fp ); if ( (p = strstr(props, "$name"))!= NULL ) - get_user_prop_value(p+5, bay->name); + get_user_prop_value(p+5, bay->name, sizeof(bay->name)); else - sprintf(bay->name, "", 'A' + i); + SDL_snprintf(bay->name, sizeof(bay->name), "", 'A' + i); bay->num_spline_paths = cfread_int( fp ); if ( bay->num_spline_paths > 0 ) { bay->splines = (int *)malloc(sizeof(int) * bay->num_spline_paths); @@ -1829,7 +1829,7 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode } else if ( ( p = strstr(props, "$special"))!= NULL ) { char type[32]; - get_user_prop_value(p+9, type); + get_user_prop_value(p+9, type, sizeof(type)); if ( !SDL_strcasecmp(type, "subsystem") ) // if we have a subsystem, put it into the list! do_new_subsystem( n_subsystems, subsystems, -1, radius, &pnt, props, &name[1], pm->id ); // skip the first '$' character of the name } else if ( strstr(name, "$enginelarge") || strstr(name, "$enginehuge") ){ @@ -1911,8 +1911,8 @@ int read_model_file(polymodel * pm, const char *filename, int n_subsystems, mode // get rid of leading '$' char in name if ( pm->paths[i].parent_name[0] == '$' ) { char tmpbuf[MAX_NAME_LEN]; - strcpy(tmpbuf, pm->paths[i].parent_name+1); - strcpy(pm->paths[i].parent_name, tmpbuf); + SDL_strlcpy(tmpbuf, pm->paths[i].parent_name+1, sizeof(tmpbuf)); + SDL_strlcpy(pm->paths[i].parent_name, tmpbuf, MAX_NAME_LEN); } // store the sub_model index (ie index into pm->submodel) of the parent pm->paths[i].parent_submodel = -1; @@ -2127,8 +2127,8 @@ int model_load(const char *filename, int n_subsystems, model_subsystem *subsyste int j; char destroyed_name[128]; - strcpy( destroyed_name, pm->submodel[i].name ); - strcat( destroyed_name, "-destroyed" ); + SDL_strlcpy( destroyed_name, pm->submodel[i].name, sizeof(destroyed_name) ); + SDL_strlcat( destroyed_name, "-destroyed", sizeof(destroyed_name) ); for (j=0; jn_models; j++ ) { if ( !SDL_strcasecmp( pm->submodel[j].name, destroyed_name )) { // mprintf(( "Found destroyed model for '%s'\n", pm->submodel[i].name )); @@ -2141,8 +2141,8 @@ int model_load(const char *filename, int n_subsystems, model_subsystem *subsyste // This debris comes from a destroyed subsystem when ship is still alive char live_debris_name[128]; - strcpy( live_debris_name, "debris-" ); - strcat( live_debris_name, pm->submodel[i].name ); + SDL_strlcpy( live_debris_name, "debris-", sizeof(live_debris_name) ); + SDL_strlcat( live_debris_name, pm->submodel[i].name, sizeof(live_debris_name) ); pm->submodel[i].num_live_debris = 0; diff --git a/src/movie/mvelib.cpp b/src/movie/mvelib.cpp index c34315f..438644f 100644 --- a/src/movie/mvelib.cpp +++ b/src/movie/mvelib.cpp @@ -76,10 +76,10 @@ MVEFILE *mvefile_open(const char *filename) file->next_segment = 0; // lower case filename for checking - strncpy(lower_name, filename, strlen(filename)+1); + SDL_strlcpy(lower_name, filename, sizeof(lower_name)); SDL_strlwr(lower_name); // upper case filename for checking - strncpy(upper_name, filename, strlen(filename)+1); + SDL_strlcpy(upper_name, filename, sizeof(upper_name)); SDL_strupr(upper_name); // NOTE: CF_TYPE *must* be ANY to get movies off of the CDs diff --git a/src/nebedit/nebstubs.cpp b/src/nebedit/nebstubs.cpp index b8c1b35..084472e 100644 --- a/src/nebedit/nebstubs.cpp +++ b/src/nebedit/nebstubs.cpp @@ -80,7 +80,7 @@ int Game_subspace_effect; void game_load_palette(){} void game_format_time(int, char*){} float Freespace_gamma; -void get_version_string(char*){} +void get_version_string(char*, const int){} int game_get_default_skill_level(){return 0;} int game_cd_changed(){return 0;} void game_set_view_clip(){} diff --git a/src/nebula/neb.cpp b/src/nebula/neb.cpp index 75f9758..743e222 100644 --- a/src/nebula/neb.cpp +++ b/src/nebula/neb.cpp @@ -325,7 +325,7 @@ void neb2_init() stuff_string(name, F_NAME, NULL); if(Neb2_bitmap_count < MAX_NEB2_BITMAPS){ - strcpy(Neb2_bitmap_filenames[Neb2_bitmap_count++], name); + SDL_strlcpy(Neb2_bitmap_filenames[Neb2_bitmap_count++], name, sizeof(Neb2_bitmap_filenames[0])); } } @@ -337,7 +337,7 @@ void neb2_init() stuff_string(name, F_NAME, NULL); if(Neb2_poof_count < MAX_NEB2_POOFS){ - strcpy(Neb2_poof_filenames[Neb2_poof_count++], name); + SDL_strlcpy(Neb2_poof_filenames[Neb2_poof_count++], name, sizeof(Neb2_poof_filenames[0])); } } diff --git a/src/network/multi.cpp b/src/network/multi.cpp index 0a47302..06ec206 100644 --- a/src/network/multi.cpp +++ b/src/network/multi.cpp @@ -1666,7 +1666,7 @@ void standalone_main_init() Net_player->flags |= (NETINFO_FLAG_AM_MASTER | NETINFO_FLAG_CONNECTED | NETINFO_FLAG_DO_NETWORKING | NETINFO_FLAG_MISSION_OK); Net_player->state = NETPLAYER_STATE_WAITING; Net_player->player = Player; - strcpy(Player->callsign, "server"); + SDL_strlcpy(Player->callsign, "server", sizeof(Player->callsign)); Net_player->p_info.addr = Psnet_my_addr; Net_player->s_info.xfer_handle = -1; Net_player->player_id = multi_get_new_id(); diff --git a/src/network/multi_campaign.cpp b/src/network/multi_campaign.cpp index 13aaaab..dcfeed8 100644 --- a/src/network/multi_campaign.cpp +++ b/src/network/multi_campaign.cpp @@ -224,7 +224,7 @@ void multi_campaign_start(char *filename) Netgame.campaign_mode = MP_CAMPAIGN; // set the campaign filename - strcpy(Netgame.campaign_name,filename); + SDL_strlcpy(Netgame.campaign_name, filename, sizeof(Netgame.campaign_name)); // add the campaign mode flag Game_mode |= GM_CAMPAIGN_MODE; @@ -237,17 +237,14 @@ void multi_campaign_start(char *filename) mission_campaign_next_mission(); // setup various filenames and mission names - strcpy(Netgame.mission_name,Campaign.missions[Campaign.current_mission].name); - strcpy(Netgame.campaign_name,filename); - strcpy(Game_current_mission_filename,Netgame.mission_name); + SDL_strlcpy(Netgame.mission_name ,Campaign.missions[Campaign.current_mission].name, sizeof(Netgame.mission_name)); + SDL_strlcpy(Netgame.campaign_name, filename, sizeof(Netgame.campaign_name)); + SDL_strlcpy(Game_current_mission_filename, Netgame.mission_name, sizeof(Game_current_mission_filename)); // if we're the standalone server, set the mission and campaign names if(Game_mode & GM_STANDALONE_SERVER){ memset(str,0,255); - strcpy(str,Netgame.mission_name); - strcat(str," ("); - strcat(str,Netgame.campaign_name); - strcat(str,")"); + SDL_snprintf(str, sizeof(str), "%s (%s)", Netgame.mission_name,Netgame.campaign_name ); // set the control on the stand_gui std_multi_set_standalone_mission_name(str); @@ -286,16 +283,13 @@ void multi_campaign_next_mission() // now we should be sequencing through the next stage (mission load, etc) // this will eventually be replaced with the real filename of the next mission if(Campaign.current_mission != -1){ - strncpy(Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, MAX_FILENAME_LEN); - strcpy(Netgame.mission_name,Game_current_mission_filename); + SDL_strlcpy(Game_current_mission_filename, Campaign.missions[Campaign.current_mission].name, sizeof(Game_current_mission_filename)); + SDL_strlcpy(Netgame.mission_name, Game_current_mission_filename, sizeof(Netgame.mission_name)); // if we're the standalone server, set the mission and campaign names if(Game_mode & GM_STANDALONE_SERVER){ memset(str,0,255); - strcpy(str,Netgame.mission_name); - strcat(str," ("); - strcat(str,Netgame.campaign_name); - strcat(str,")"); + SDL_snprintf(str, sizeof(str), "%s (%s)", Netgame.mission_name, Netgame.campaign_name); // set the control on the stand_gui std_multi_set_standalone_mission_name(str); @@ -391,12 +385,12 @@ void multi_campaign_client_store_goals(int mission_num) // copy mission goals into the campaign goals for(idx=0;idxplayer->image_filename, NOX(".pcx")); if(with_ext != NULL){ - strcpy(Net_player->player->image_filename, with_ext); + SDL_strlcpy(Net_player->player->image_filename, with_ext, MAX_FILENAME_LEN); } // host should put his own pic file in the list now @@ -432,7 +432,7 @@ void multi_data_send_my_junk() if(ok_to_send){ with_ext = cf_add_ext(Net_player->player->squad_filename, NOX(".pcx")); if(with_ext != NULL){ - strcpy(Net_player->player->squad_filename,with_ext); + SDL_strlcpy(Net_player->player->squad_filename, with_ext, MAX_FILENAME_LEN); } // host should put his own pic file in the list now @@ -515,7 +515,7 @@ int multi_data_add_new(char *filename, int player_index) // assign the data memset(&Multi_data[slot], 0, sizeof(np_data)); // clear the slot out - strcpy(Multi_data[slot].filename, filename); // copy the filename + SDL_strlcpy(Multi_data[slot].filename, filename, MAX_FILENAME_LEN); // copy the filename Multi_data[slot].used = 1; // set it as being in use Multi_data[slot].player_id = Net_players[player_index].player_id; // player id of who's sending the file Multi_data[slot].status[player_index] = 2; // mark his status appropriately diff --git a/src/network/multi_dogfight.cpp b/src/network/multi_dogfight.cpp index e5f41ee..8ce8df9 100644 --- a/src/network/multi_dogfight.cpp +++ b/src/network/multi_dogfight.cpp @@ -170,7 +170,7 @@ void multi_df_blit_kill_matrix(); // stuff a string representing the # of kills, player X had on player Y (where X and Y are indices into Multi_df_score) // returns the # of kills -int multi_df_stuff_kills(char *kills, int player_x, int player_y); +int multi_df_stuff_kills(char *kills, const int max_klen, int player_x, int player_y); // ---------------------------------------------------------------------------------------------------- @@ -328,7 +328,7 @@ void multi_df_debrief_do() chatbox_render(); // draw the mission title - strcpy(buf, The_mission.name); + SDL_strlcpy(buf, The_mission.name, sizeof(buf)); gr_force_fit_string(buf, 255, Kill_matrix_title_coords[gr_screen.res][2]); gr_set_color_fast(&Color_bright_white); gr_string(Kill_matrix_title_coords[gr_screen.res][0], Kill_matrix_title_coords[gr_screen.res][1], buf); @@ -413,7 +413,7 @@ void multi_df_setup_kill_matrix() } s->stats = Net_players[idx].player->stats; - strcpy(s->callsign, Net_players[idx].player->callsign); + SDL_strlcpy(s->callsign, Net_players[idx].player->callsign, sizeof(s->callsign)); s->np_index = idx; } } @@ -443,7 +443,7 @@ void multi_df_blit_kill_matrix() cy = top_y_start; for(idx=0; idx= 0); @@ -487,10 +487,10 @@ void multi_df_blit_kill_matrix() for(s_idx=0; s_idx= 0); if(Multi_df_score[idx].np_index >= 0){ gr_set_color_fast(Color_netplayer[Multi_df_score[idx].np_index]); @@ -508,7 +508,7 @@ void multi_df_blit_kill_matrix() // draw the row total gr_set_color_fast(Color_netplayer[Multi_df_score[idx].np_index]); - sprintf(squashed_string, "(%d)", row_total); + SDL_snprintf(squashed_string, sizeof(squashed_string), "(%d)", row_total); gr_get_string_size(&str_len, NULL, squashed_string); gr_string(Multi_df_display_coords[gr_screen.res][0] + Multi_df_display_coords[gr_screen.res][2] - (MULTI_DF_TOTAL_ADJUST + str_len), cy, squashed_string); @@ -541,11 +541,11 @@ void multi_df_blit_kill_matrix() // stuff a string representing the # of kills, player X had on player Y (where X and Y are indices into Multi_df_score) // returns the # of kills -int multi_df_stuff_kills(char *kills, int player_x, int player_y) +int multi_df_stuff_kills(char *kills, const int max_klen, int player_x, int player_y) { multi_df_score *s = &Multi_df_score[player_x]; - strcpy(kills, ""); + SDL_strlcpy(kills, "", max_klen); - sprintf(kills, "%d", s->stats.m_dogfight_kills[Multi_df_score[player_y].np_index]); + SDL_snprintf(kills, sizeof(max_klen), "%d", s->stats.m_dogfight_kills[Multi_df_score[player_y].np_index]); return s->stats.m_dogfight_kills[Multi_df_score[player_y].np_index]; } diff --git a/src/network/multi_endgame.cpp b/src/network/multi_endgame.cpp index 36ce3cc..97592cc 100644 --- a/src/network/multi_endgame.cpp +++ b/src/network/multi_endgame.cpp @@ -606,40 +606,40 @@ void multi_endgame_popup(int notify_code,int error_code,int wsa_error) } else { // if there is a winsock error code, stick it on the end of the text if(wsa_error != -1){ - sprintf(err_msg,NOX("WSAERROR : %d\n\n"),wsa_error); + SDL_snprintf(err_msg, sizeof(err_msg), NOX("WSAERROR : %d\n\n"), wsa_error); flags |= PF_TITLE_RED; } else { - strcpy(err_msg,""); + SDL_strlcpy(err_msg, "", sizeof(err_msg)); } // setup the error message string if(notify_code != MULTI_END_NOTIFY_NONE){ switch(notify_code){ case MULTI_END_NOTIFY_KICKED : - strcat(err_msg,XSTR("You have been kicked",651)); + SDL_strlcat(err_msg,XSTR("You have been kicked",651),sizeof(err_msg)); break; case MULTI_END_NOTIFY_SERVER_LEFT: - strcat(err_msg,XSTR("The server has left the game",652)); + SDL_strlcat(err_msg,XSTR("The server has left the game",652),sizeof(err_msg)); break; case MULTI_END_NOTIFY_FILE_REJECTED: - strcat(err_msg,XSTR("Your mission file has been rejected by the server",653)); + SDL_strlcat(err_msg,XSTR("Your mission file has been rejected by the server",653),sizeof(err_msg)); break; case MULTI_END_NOTIFY_EARLY_END: - strcat(err_msg,XSTR("The game has ended while you were ingame joining",654)); + SDL_strlcat(err_msg,XSTR("The game has ended while you were ingame joining",654),sizeof(err_msg)); break; case MULTI_END_NOTIFY_INGAME_TIMEOUT: - strcat(err_msg,XSTR("You have waited too long to select a ship",655)); + SDL_strlcat(err_msg,XSTR("You have waited too long to select a ship",655),sizeof(err_msg)); break; case MULTI_END_NOTIFY_KICKED_BAD_XFER: - strcat(err_msg,XSTR("You were kicked because mission file xfer failed",998)); + SDL_strlcat(err_msg,XSTR("You were kicked because mission file xfer failed",998),sizeof(err_msg)); break; case MULTI_END_NOTIFY_KICKED_CANT_XFER: - strcat(err_msg,XSTR("You were kicked because you do not have the builtin mission",999)); - strcat(err_msg, NOX(" ")); - strcat(err_msg, Game_current_mission_filename); + SDL_strlcat(err_msg,XSTR("You were kicked because you do not have the builtin mission",999),sizeof(err_msg)); + SDL_strlcat(err_msg, NOX(" "), sizeof(err_msg)); + SDL_strlcat(err_msg, Game_current_mission_filename, sizeof(err_msg)); break; case MULTI_END_NOTIFY_KICKED_INGAME_ENDED: - strcat(err_msg,XSTR("You were kicked because you were ingame joining a game that has ended",1000)); + SDL_strlcat(err_msg,XSTR("You were kicked because you were ingame joining a game that has ended",1000),sizeof(err_msg)); break; default : Int3(); @@ -647,43 +647,43 @@ void multi_endgame_popup(int notify_code,int error_code,int wsa_error) } else { switch(error_code){ case MULTI_END_ERROR_CONTACT_LOST : - strcat(err_msg,XSTR("Contact with server has been lost",656)); + SDL_strlcat(err_msg,XSTR("Contact with server has been lost",656),sizeof(err_msg)); break; case MULTI_END_ERROR_CONNECT_FAIL : - strcat(err_msg,XSTR("Failed to connect to server on reliable socket",657)); + SDL_strlcat(err_msg,XSTR("Failed to connect to server on reliable socket",657),sizeof(err_msg)); break; case MULTI_END_ERROR_LOAD_FAIL : - strcat(err_msg,XSTR("Failed to load mission file properly",658)); + SDL_strlcat(err_msg,XSTR("Failed to load mission file properly",658),sizeof(err_msg)); break; case MULTI_END_ERROR_INGAME_SHIP : - strcat(err_msg,XSTR("Unable to create ingame join player ship",659)); + SDL_strlcat(err_msg,XSTR("Unable to create ingame join player ship",659),sizeof(err_msg)); break; case MULTI_END_ERROR_INGAME_BOGUS : - strcat(err_msg,XSTR("Recevied bogus packet data while ingame joining",660)); + SDL_strlcat(err_msg,XSTR("Recevied bogus packet data while ingame joining",660),sizeof(err_msg)); break; case MULTI_END_ERROR_STRANS_FAIL : - strcat(err_msg,XSTR("Server transfer failed (obsolete)",661)); + SDL_strlcat(err_msg,XSTR("Server transfer failed (obsolete)",661),sizeof(err_msg)); break; case MULTI_END_ERROR_SHIP_ASSIGN: - strcat(err_msg,XSTR("Server encountered errors trying to assign players to ships",662)); + SDL_strlcat(err_msg,XSTR("Server encountered errors trying to assign players to ships",662),sizeof(err_msg)); break; case MULTI_END_ERROR_HOST_LEFT: - strcat(err_msg,XSTR("Host has left the game, aborting...",663)); + SDL_strlcat(err_msg,XSTR("Host has left the game, aborting...",663),sizeof(err_msg)); break; case MULTI_END_ERROR_XFER_FAIL: - strcat(err_msg,XSTR("There was an error receiving the mission file!",665)); + SDL_strlcat(err_msg,XSTR("There was an error receiving the mission file!",665),sizeof(err_msg)); break; case MULTI_END_ERROR_WAVE_COUNT: - strcat(err_msg,XSTR("The player wings Alpha, Beta, Gamma, and Zeta must have only 1 wave. One of these wings currently has more than 1 wave.", 987)); + SDL_strlcat(err_msg,XSTR("The player wings Alpha, Beta, Gamma, and Zeta must have only 1 wave. One of these wings currently has more than 1 wave.", 987),sizeof(err_msg)); break; case MULTI_END_ERROR_TEAM0_EMPTY: - strcat(err_msg,XSTR("All players from team 1 have left the game", 1466)); + SDL_strlcat(err_msg,XSTR("All players from team 1 have left the game", 1466),sizeof(err_msg)); break; case MULTI_END_ERROR_TEAM1_EMPTY: - strcat(err_msg,XSTR("All players from team 2 have left the game", 1467)); + SDL_strlcat(err_msg,XSTR("All players from team 2 have left the game", 1467),sizeof(err_msg)); break; case MULTI_END_ERROR_CAPTAIN_LEFT: - strcat(err_msg,XSTR("Team captain(s) have left the game, aborting...",664)); + SDL_strlcat(err_msg,XSTR("Team captain(s) have left the game, aborting...",664),sizeof(err_msg)); break; default : Int3(); diff --git a/src/network/multi_ingame.cpp b/src/network/multi_ingame.cpp index c9443d7..216a6c1 100644 --- a/src/network/multi_ingame.cpp +++ b/src/network/multi_ingame.cpp @@ -593,7 +593,7 @@ void multi_ingame_sync_init() multi_oo_reset_sequencing(); // send the file signature to the host for possible mission file transfer - strcpy(Netgame.mission_name,Game_current_mission_filename); + SDL_strlcpy(Netgame.mission_name, Game_current_mission_filename, sizeof(Netgame.mission_name)); send_file_sig_packet(Multi_current_file_checksum,Multi_current_file_length); Ingame_ships_deleted = 0; @@ -1264,8 +1264,7 @@ void multi_ingame_handle_timeout() int time_left = timestamp_until(Ingame_time_left) / 1000; char tl_string[100]; gr_set_color_fast(&Color_bright); - memset(tl_string,0,100); - sprintf(tl_string,XSTR("Time remaining : %d s\n",682),time_left); + SDL_snprintf(tl_string,sizeof(tl_string),XSTR("Time remaining : %d s\n",682),time_left); gr_string(Multi_ingame_timer_coords[gr_screen.res][0], Multi_ingame_timer_coords[gr_screen.res][1], tl_string); } @@ -1349,7 +1348,7 @@ void process_ingame_ships_packet( ubyte *data, header *hinfo ) Objects[objnum].net_signature = net_signature; // assign any common data - strcpy(Ships[ship_num].ship_name, ship_name); + SDL_strlcpy(Ships[ship_num].ship_name, ship_name, NAME_LENGTH); Ships[ship_num].flags = sflags; Ships[ship_num].team = team; Ships[ship_num].wingnum = (int)wing_data; diff --git a/src/network/multi_kick.cpp b/src/network/multi_kick.cpp index 4c611d4..c900af6 100644 --- a/src/network/multi_kick.cpp +++ b/src/network/multi_kick.cpp @@ -214,8 +214,7 @@ void multi_kick_player(int player_index, int ban, int reason) // wait until he either shuts his connection down or he times out) // add the string to the chatbox and the hud (always safe - if it is not inited, nothing bad will happen) char str[512]; - memset(str, 0, 512); - sprintf(str, XSTR("", 1501), Net_players[player_index].player->callsign); + SDL_snprintf(str, sizeof(str), XSTR("", 1501), Net_players[player_index].player->callsign); multi_display_chat_msg(str, player_index, 0); } // otherwise, we should send the packet indicating that this guy should be kicked @@ -274,25 +273,25 @@ void multi_dcf_kick() } // fill in the passed string with the appropriate "kicked" string -void multi_kick_get_text(net_player *pl, int reason, char *str) +void multi_kick_get_text(net_player *pl, int reason, char *str, const int max_strlen) { // safety net if((pl == NULL) || (pl->player == NULL)){ - strcpy(str, NOX("")); + SDL_strlcpy(str, NOX(""), max_strlen); } switch(reason){ case KICK_REASON_BAD_XFER: - sprintf(str, XSTR("<%s was kicked because of mission file xfer failure>", 1003), pl->player->callsign); + SDL_snprintf(str, max_strlen, XSTR("<%s was kicked because of mission file xfer failure>", 1003), pl->player->callsign); break; case KICK_REASON_CANT_XFER: - sprintf(str, XSTR("<%s was kicked for not having builtin mission %s>", 1004), pl->player->callsign, Game_current_mission_filename); + SDL_snprintf(str, max_strlen, XSTR("<%s was kicked for not having builtin mission %s>", 1004), pl->player->callsign, Game_current_mission_filename); break; case KICK_REASON_INGAME_ENDED: - sprintf(str, XSTR("<%s was kicked for ingame joining an ended game>",1005), pl->player->callsign); + SDL_snprintf(str, max_strlen, XSTR("<%s was kicked for ingame joining an ended game>",1005), pl->player->callsign); break; default: - sprintf(str, XSTR("<%s was kicked>",687), pl->player->callsign); + SDL_snprintf(str, max_strlen, XSTR("<%s was kicked>",687), pl->player->callsign); break; } } diff --git a/src/network/multi_log.cpp b/src/network/multi_log.cpp index 4bcf0cf..8b3979d 100644 --- a/src/network/multi_log.cpp +++ b/src/network/multi_log.cpp @@ -198,7 +198,7 @@ void ml_printf(const char *format, ...) // format the text va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); // log the string @@ -227,12 +227,12 @@ void ml_string(const char *string, int add_time) timer = time(NULL); strftime(time_str, 128, "%m/%d %H:%M:%S~ ", localtime(&timer)); - strcpy(tmp, time_str); - strcat(tmp, string); + SDL_strlcpy(tmp, time_str, sizeof(tmp)); + SDL_strlcat(tmp, string, sizeof(tmp)); } else{ - strcpy(tmp, string); + SDL_strlcpy(tmp, string, sizeof(tmp)); } - strcat(tmp, "\n"); + SDL_strlcat(tmp, "\n", sizeof(tmp)); // now print it to the logfile if necessary cfputs(tmp, Multi_log_out); diff --git a/src/network/multi_observer.cpp b/src/network/multi_observer.cpp index ad6336a..8985a62 100644 --- a/src/network/multi_observer.cpp +++ b/src/network/multi_observer.cpp @@ -172,7 +172,7 @@ int multi_obs_create_player(int player_num,char *name,net_addr_t *addr,player *p Net_players[player_num].s_info.reliable_buffer_size = 0; // callsign and short callsign - strcpy(pl->callsign,name); + SDL_strlcpy(pl->callsign, name, sizeof(pl->callsign)); pilot_set_short_callsign(pl,SHORT_CALLSIGN_PIXEL_W); pl->flags |= PLAYER_FLAGS_STRUCTURE_IN_USE; @@ -227,7 +227,7 @@ void multi_obs_create_observer_client() // make ship hidden from sensors so that this observer cannot target it. Observers really have two ships // one observer, and one "Player_ship". Observer needs to ignore the Player_ship. Player_ship->flags |= SF_HIDDEN_FROM_SENSORS; - strcpy(Player_ship->ship_name, XSTR("Observer Ship",688)); + SDL_strlcpy(Player_ship->ship_name, XSTR("Observer Ship",688), sizeof(Player_ship->ship_name)); Player_ai = &Ai_info[Ships[Objects[pobj_num].instance].ai_index]; // configure the hud to be in "observer" mode diff --git a/src/network/multi_options.cpp b/src/network/multi_options.cpp index c40b25c..1f9f053 100644 --- a/src/network/multi_options.cpp +++ b/src/network/multi_options.cpp @@ -252,13 +252,13 @@ void multi_options_read_config() Multi_options_g.log = (Cmdline_multi_log) ? 1 : 0; Multi_options_g.datarate_cap = OO_HIGH_RATE_DEFAULT; - strcpy(Multi_options_g.user_tracker_ip, ""); - strcpy(Multi_options_g.game_tracker_ip, ""); - strcpy(Multi_options_g.pxo_ip, ""); - strcpy(Multi_options_g.pxo_rank_url, ""); - strcpy(Multi_options_g.pxo_create_url, ""); - strcpy(Multi_options_g.pxo_verify_url, ""); - strcpy(Multi_options_g.pxo_banner_url, ""); + SDL_strlcpy(Multi_options_g.user_tracker_ip, "", sizeof(Multi_options_g.user_tracker_ip)); + SDL_strlcpy(Multi_options_g.game_tracker_ip, "", sizeof(Multi_options_g.game_tracker_ip)); + SDL_strlcpy(Multi_options_g.pxo_ip, "", sizeof(Multi_options_g.pxo_ip)); + SDL_strlcpy(Multi_options_g.pxo_rank_url, "", sizeof(Multi_options_g.pxo_rank_url)); + SDL_strlcpy(Multi_options_g.pxo_create_url, "", sizeof(Multi_options_g.pxo_create_url)); + SDL_strlcpy(Multi_options_g.pxo_verify_url, "", sizeof(Multi_options_g.pxo_verify_url)); + SDL_strlcpy(Multi_options_g.pxo_banner_url, "", sizeof(Multi_options_g.pxo_banner_url)); // standalone values Multi_options_g.std_max_players = -1; @@ -307,7 +307,7 @@ void multi_options_read_config() // set the standalone server's permanent name NEXT_TOKEN(); if(tok != NULL){ - strncpy(Multi_options_g.std_pname, tok, STD_NAME_LEN); + SDL_strlcpy(Multi_options_g.std_pname, tok, STD_NAME_LEN); } } else if(SETTING("+no_voice")){ @@ -334,7 +334,7 @@ void multi_options_read_config() // set the standalone host password NEXT_TOKEN(); if(tok != NULL){ - strncpy(Multi_options_g.std_passwd, tok, STD_PASSWD_LEN); + SDL_strlcpy(Multi_options_g.std_passwd, tok, STD_PASSWD_LEN); STUB_FUNCTION; } @@ -362,49 +362,49 @@ void multi_options_read_config() // ip addr of user tracker NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.user_tracker_ip, tok); + SDL_strlcpy(Multi_options_g.user_tracker_ip, tok, sizeof(Multi_options_g.user_tracker_ip)); } } else if(SETTING("+game_server")){ // ip addr of game tracker NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.game_tracker_ip, tok); + SDL_strlcpy(Multi_options_g.game_tracker_ip, tok, sizeof(Multi_options_g.game_tracker_ip)); } } else if(SETTING("+chat_server")){ // ip addr of pxo chat server NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.pxo_ip, tok); + SDL_strlcpy(Multi_options_g.pxo_ip, tok, sizeof(Multi_options_g.pxo_ip)); } } else if(SETTING("+rank_url")){ // url of pilot rankings page NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.pxo_rank_url, tok); + SDL_strlcpy(Multi_options_g.pxo_rank_url, tok, sizeof(Multi_options_g.pxo_rank_url)); } } else if(SETTING("+create_url")){ // url of pxo account create page NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.pxo_create_url, tok); + SDL_strlcpy(Multi_options_g.pxo_create_url, tok, sizeof(Multi_options_g.pxo_create_url)); } } else if(SETTING("+verify_url")){ // url of pxo account verify page NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.pxo_verify_url, tok); + SDL_strlcpy(Multi_options_g.pxo_verify_url, tok, sizeof(Multi_options_g.pxo_verify_url)); } } else if(SETTING("+banner_url")){ // url of pxo account verify page NEXT_TOKEN(); if(tok != NULL){ - strcpy(Multi_options_g.pxo_banner_url, tok); + SDL_strlcpy(Multi_options_g.pxo_banner_url, tok, sizeof(Multi_options_g.pxo_banner_url)); } } else if(SETTING("+datarate")){ @@ -422,13 +422,13 @@ void multi_options_read_config() if(tok != NULL){ char *ip = strtok(tok, ":"); if(ip != NULL){ - strcpy(Multi_options_proxy, ip); + SDL_strlcpy(Multi_options_proxy, ip, sizeof(Multi_options_proxy)); } ip = strtok(NULL, ""); if(ip != NULL){ Multi_options_proxy_port = (ushort)atoi(ip); } else { - strcpy(Multi_options_proxy, ""); + SDL_strlcpy(Multi_options_proxy, "", sizeof(Multi_options_proxy)); } } } @@ -508,7 +508,7 @@ void multi_options_local_load(multi_local_options *options, net_player *pxo_pl) // stuff pxo squad info #ifndef MAKE_FS1 if(pxo_pl != NULL){ - strcpy(pxo_pl->p_info.pxo_squad_name, Multi_tracker_squad_name); + SDL_strlcpy(pxo_pl->p_info.pxo_squad_name, Multi_tracker_squad_name, LOGIN_LEN); } #endif } @@ -725,16 +725,14 @@ void multi_options_process_packet(unsigned char *data, header *hinfo) Netgame.max_players = max_players; } - strcpy(Netgame.campaign_name,ng.campaign_name); + SDL_strlcpy(Netgame.campaign_name, ng.campaign_name, sizeof(Netgame.campaign_name)); } Netgame.campaign_mode = 1; // put brackets around the campaign name if(Game_mode & GM_STANDALONE_SERVER){ - strcpy(str,"("); - strcat(str,Netgame.campaign_name); - strcat(str,")"); + SDL_snprintf(str, sizeof(str), "(%s)", Netgame.campaign_name); std_multi_set_standalone_mission_name(str); } } @@ -749,8 +747,8 @@ void multi_options_process_packet(unsigned char *data, header *hinfo) // setting this to -1 will prevent us from being seen on the network Netgame.max_players = -1; } - strcpy(Netgame.mission_name,ng.mission_name); - strcpy(Game_current_mission_filename,Netgame.mission_name); + SDL_strlcpy(Netgame.mission_name, ng.mission_name, sizeof(Netgame.mission_name)); + SDL_strlcpy(Game_current_mission_filename, Netgame.mission_name, sizeof(Game_current_mission_filename)); } Netgame.campaign_mode = 0; diff --git a/src/network/multi_pause.cpp b/src/network/multi_pause.cpp index e02f107..33d06a0 100644 --- a/src/network/multi_pause.cpp +++ b/src/network/multi_pause.cpp @@ -551,7 +551,7 @@ void multi_pause_render_callsign() // write out the callsign of the player who paused the game if((Multi_pause_pauser != NULL) && (Multi_pause_pauser->player != NULL)){ memset(pause_str,0,100); - strcpy(pause_str,Multi_pause_pauser->player->callsign); + SDL_strlcpy(pause_str, Multi_pause_pauser->player->callsign, sizeof(pause_str)); // blit it gr_set_color_fast(&Color_bright); diff --git a/src/network/multi_pinfo.cpp b/src/network/multi_pinfo.cpp index 79752b7..b8b4b4b 100644 --- a/src/network/multi_pinfo.cpp +++ b/src/network/multi_pinfo.cpp @@ -422,9 +422,9 @@ void multi_pinfo_popup_init(net_player *np) // zero bitmap info Mp_pilot.bitmap = -1; - strcpy(Mp_pilot.filename, ""); + SDL_strlcpy(Mp_pilot.filename, "", sizeof(Mp_pilot.filename)); Mp_squad.bitmap = -1; - strcpy(Mp_squad.filename, ""); + SDL_strlcpy(Mp_squad.filename, "", sizeof(Mp_squad.filename)); // set the player status multi_pinfo_reset_player(np); @@ -583,19 +583,19 @@ void multi_pinfo_blit_pilot_image() // if there is no image if(strlen(Mp_pilot.filename) <= 0){ - strcpy(place_text,XSTR("No/Invalid Image", 1053)); + SDL_strlcpy(place_text, XSTR("No/Invalid Image", 1053), sizeof(place_text)); } // if the image is xferring else if(multi_xfer_lookup(Mp_pilot.filename)){ - strcpy(place_text,XSTR("Image Transferring", 691)); + SDL_strlcpy(place_text, XSTR("Image Transferring", 691), sizeof(place_text)); } // if we're not accepting images else if(!(Net_player->p_info.options.flags & MLO_FLAG_ACCEPT_PIX) || !(Netgame.options.flags & MSO_FLAG_ACCEPT_PIX)){ - strcpy(place_text,XSTR("No Image", 692)); + SDL_strlcpy(place_text, XSTR("No Image", 692), sizeof(place_text)); } // otherwise we wait else { - strcpy(place_text,XSTR("Waiting", 690)); + SDL_strlcpy(place_text, XSTR("Waiting", 690), sizeof(place_text)); } // center the text @@ -630,19 +630,19 @@ void multi_pinfo_blit_squadron_logo() // if there is no image if(strlen(p->squad_filename) <= 0){ - strcpy(place_text,XSTR("No/Invalid Image", 1053)); + SDL_strlcpy(place_text, XSTR("No/Invalid Image", 1053), sizeof(place_text)); } // if the image is xferring else if(multi_xfer_lookup(p->squad_filename)){ - strcpy(place_text,XSTR("Image Transferring", 691)); + SDL_strlcpy(place_text, XSTR("Image Transferring", 691), sizeof(place_text)); } // if we're not accepting images else if(!(Net_player->p_info.options.flags & MLO_FLAG_ACCEPT_PIX) || !(Netgame.options.flags & MSO_FLAG_ACCEPT_PIX)){ - strcpy(place_text,XSTR("No Image", 692)); + SDL_strlcpy(place_text, XSTR("No Image", 692), sizeof(place_text)); } // otherwise we wait else { - strcpy(place_text,XSTR("Waiting", 690)); + SDL_strlcpy(place_text, XSTR("Waiting", 690), sizeof(place_text)); } // center the text @@ -802,19 +802,19 @@ void multi_pinfo_build_stats() } } */ - sprintf(Multi_pinfo_stats_vals[MPI_FIGHTER_KILLS], "%d", sc->kill_count); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_FIGHTER_KILLS], MAX_LABEL_TEXT, "%d", sc->kill_count); // sprintf(Multi_pinfo_stats_vals[MPI_OTHER_KILLS],"%d",other_kills); // missions flown - sprintf(Multi_pinfo_stats_vals[MPI_MISSIONS_FLOWN],"%d",(int)sc->missions_flown); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_MISSIONS_FLOWN], MAX_LABEL_TEXT, "%d", (int)sc->missions_flown); // flight time - game_format_time(fl2f((float)sc->flight_time),Multi_pinfo_stats_vals[MPI_FLIGHT_TIME]); + game_format_time(fl2f((float)sc->flight_time), Multi_pinfo_stats_vals[MPI_FLIGHT_TIME], MAX_LABEL_TEXT); // last flown if(sc->last_flown == 0){ - strcpy(Multi_pinfo_stats_vals[MPI_LAST_FLOWN],XSTR("No missions flown",693)); + SDL_strlcpy(Multi_pinfo_stats_vals[MPI_LAST_FLOWN], XSTR("No missions flown", 693), MAX_LABEL_TEXT); } else { time_t last_flown_tmp; tm *tmr = gmtime(&last_flown_tmp); @@ -822,29 +822,29 @@ void multi_pinfo_build_stats() if(tmr != NULL){ strftime(Multi_pinfo_stats_vals[MPI_LAST_FLOWN],MAX_LABEL_TEXT,"%m/%d/%y %H:%M",tmr); } else { - strcpy(Multi_pinfo_stats_vals[MPI_LAST_FLOWN], ""); + SDL_strlcpy(Multi_pinfo_stats_vals[MPI_LAST_FLOWN], "", MAX_LABEL_TEXT); } } // rank - strcpy(Multi_pinfo_stats_vals[MPI_RANK],Ranks[sc->rank].name); + SDL_strlcpy(Multi_pinfo_stats_vals[MPI_RANK], Ranks[sc->rank].name, MAX_LABEL_TEXT); // primary shots fired - sprintf(Multi_pinfo_stats_vals[MPI_PSHOTS_FIRED],"%d",sc->p_shots_fired); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_PSHOTS_FIRED], MAX_LABEL_TEXT, "%d", sc->p_shots_fired); // primary shots hit // sprintf(Multi_pinfo_stats_vals[MPI_PSHOTS_HIT],"%d",sc->p_shots_hit); // primary hit pct - sprintf(Multi_pinfo_stats_vals[MPI_PSHOTS_PCT],"%d%%",(int)(100.0f * ((float)sc->p_shots_hit / (float)sc->p_shots_fired))); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_PSHOTS_PCT], MAX_LABEL_TEXT, "%d%%", (int)(100.0f * ((float)sc->p_shots_hit / (float)sc->p_shots_fired))); // primary shots fired - sprintf(Multi_pinfo_stats_vals[MPI_SSHOTS_FIRED],"%d",sc->s_shots_fired); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_SSHOTS_FIRED], MAX_LABEL_TEXT, "%d", sc->s_shots_fired); // primary shots hit // sprintf(Multi_pinfo_stats_vals[MPI_SSHOTS_HIT],"%d",sc->s_shots_hit); // primary hit pct - sprintf(Multi_pinfo_stats_vals[MPI_SSHOTS_PCT],"%d%%",(int)(100.0f * ((float)sc->s_shots_hit / (float)sc->s_shots_fired))); + SDL_snprintf(Multi_pinfo_stats_vals[MPI_SSHOTS_PCT], MAX_LABEL_TEXT, "%d%%", (int)(100.0f * ((float)sc->s_shots_hit / (float)sc->s_shots_fired))); } // if the pilot's image was currently loading when we started the popup, load it up now if its finished @@ -915,12 +915,12 @@ void multi_pinfo_reset_player(net_player *np) Multi_pinfo_popup_player = np; // unload any old image data if necessary - strcpy(Mp_pilot.filename, ""); + SDL_strlcpy(Mp_pilot.filename, "", sizeof(Mp_pilot.filename)); if(Mp_pilot.bitmap != -1){ bm_release(Mp_pilot.bitmap); Mp_pilot.bitmap = -1; } - strcpy(Mp_squad.filename, ""); + SDL_strlcpy(Mp_squad.filename, "", sizeof(Mp_squad.filename)); if(Mp_squad.bitmap != -1){ bm_release(Mp_squad.bitmap); Mp_squad.bitmap = -1; @@ -928,11 +928,11 @@ void multi_pinfo_reset_player(net_player *np) // try and load pilot pic/squad logo if(strlen(np->player->image_filename) > 0){ - strcpy(Mp_pilot.filename, np->player->image_filename); + SDL_strlcpy(Mp_pilot.filename, np->player->image_filename, sizeof(Mp_pilot.filename)); Mp_pilot.bitmap = bm_load_duplicate(Mp_pilot.filename); } if(strlen(np->player->squad_filename) > 0){ - strcpy(Mp_squad.filename, np->player->squad_filename); + SDL_strlcpy(Mp_squad.filename, np->player->squad_filename, sizeof(Mp_squad.filename)); Mp_squad.bitmap = bm_load_duplicate(Mp_squad.filename); } diff --git a/src/network/multi_pmsg.cpp b/src/network/multi_pmsg.cpp index 6366aa5..a84287c 100644 --- a/src/network/multi_pmsg.cpp +++ b/src/network/multi_pmsg.cpp @@ -376,7 +376,7 @@ int multi_msg_text_process(int k) str[0] = (char)key_text; str[1] = '\0'; - strcat(Multi_msg_text,str); + SDL_strlcat(Multi_msg_text, str, sizeof(Multi_msg_text)); } break; } @@ -385,7 +385,7 @@ int multi_msg_text_process(int k) } // return 0 or 1 if there is multi text to be rendered (filling in txt if necessary) -int multi_msg_message_text(char *txt) +int multi_msg_message_text(char *txt, const int txt_len) { // if we're not in text message mode, return 0 if(!Multi_msg_text_enter){ @@ -396,29 +396,29 @@ int multi_msg_message_text(char *txt) switch(Multi_msg_mode){ // messaging all players case MULTI_MSG_ALL: - strcpy(txt,XSTR("ALL : ",694)); + SDL_strlcpy(txt, XSTR("ALL : ", 694), txt_len); break; // messaging friendly players case MULTI_MSG_FRIENDLY: - strcpy(txt,XSTR("FRIENDLY : ",695)); + SDL_strlcpy(txt, XSTR("FRIENDLY : ", 695), txt_len); break; // messaging hostile players case MULTI_MSG_HOSTILE: - strcpy(txt,XSTR("HOSTILE : ",696)); + SDL_strlcpy(txt, XSTR("HOSTILE : ", 696), txt_len); break; // messaging targeted ship case MULTI_MSG_TARGET: - strcpy(txt,XSTR("TARGET : ",697)); + SDL_strlcpy(txt, XSTR("TARGET : ", 697), txt_len); break; default : Int3(); } - strcat(txt,Multi_msg_text); - strcat(txt,"_"); + SDL_strlcat(txt, Multi_msg_text, txt_len); + SDL_strlcat(txt, "_", txt_len); return 1; } @@ -510,7 +510,7 @@ int multi_msg_check_command(char *str) } // store the text as the actual parameter - strcpy(param,predicate); + SDL_strlcpy(param, predicate, sizeof(param)); drop_leading_white_space(param); // go through all existing commands and see what we can do @@ -526,7 +526,7 @@ int multi_msg_check_command(char *str) // apply the results as a general expression, if we're in message all mode if(Multi_msg_mode == MULTI_MSG_ALL){ - strcpy(Multi_msg_text,param); + SDL_strlcpy(Multi_msg_text, param, sizeof(Multi_msg_text)); // send the chat packet send_game_chat_packet(Net_player, Multi_msg_text, MULTI_MSG_EXPR,NULL, prefix); @@ -593,7 +593,7 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in memset(temp_string,0,100); // add the message header - sprintf(hud_string,XSTR("ORDER FROM <%s> : ",699),source->player->callsign); + SDL_snprintf(hud_string,sizeof(hud_string),XSTR("ORDER FROM <%s> : ",699),source->player->callsign); // get the target obj if possible target_obj = NULL; @@ -606,8 +606,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // attack my target case ATTACK_TARGET_ITEM : if((target_obj != NULL) && (target_obj->type == OBJ_SHIP)){ - sprintf(temp_string,XSTR("Attack %s",700),Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Attack %s",700),Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -616,8 +616,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // disable my target case DISABLE_TARGET_ITEM: if((target_obj != NULL) && (target_obj->type == OBJ_SHIP)){ - sprintf(temp_string,XSTR("Disable %s",701),Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Disable %s",701),Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -626,8 +626,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // protect my target case PROTECT_TARGET_ITEM: if((target_obj != NULL) && (target_obj->type == OBJ_SHIP)){ - sprintf(temp_string,XSTR("Protect %s",702),Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Protect %s",702),Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -636,8 +636,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // ignore my target case IGNORE_TARGET_ITEM: if((target_obj != NULL) && (target_obj->type == OBJ_SHIP)){ - sprintf(temp_string,XSTR("Ignore %s",703),Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Ignore %s",703),Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -646,8 +646,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // disarm my target case DISARM_TARGET_ITEM: if((target_obj != NULL) && (target_obj->type == OBJ_SHIP)){ - sprintf(temp_string,XSTR("Disarm %s",704),Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Disarm %s",704),Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -656,8 +656,8 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // disable subsystem on my target case DISABLE_SUBSYSTEM_ITEM: if((target_obj != NULL) && (target_obj->type == OBJ_SHIP) && (subsys_type != -1) && (subsys_type != 0)){ - sprintf(temp_string,XSTR("Disable subsystem %s on %s",705),Multi_msg_subsys_name[subsys_type],Ships[target_obj->instance].ship_name); - strcat(hud_string,temp_string); + SDL_snprintf(temp_string,sizeof(temp_string),XSTR("Disable subsystem %s on %s",705),Multi_msg_subsys_name[subsys_type],Ships[target_obj->instance].ship_name); + SDL_strlcat(hud_string, temp_string, sizeof(hud_string)); } else { should_display = 0; } @@ -665,17 +665,17 @@ void multi_msg_show_squadmsg(net_player *source,int command,ushort target_sig,in // form on my wing case FORMATION_ITEM: - strcat(hud_string,XSTR("Form on my wing",706)); + SDL_strlcat(hud_string, XSTR("Form on my wing",706), sizeof(hud_string)); break; // cover me case COVER_ME_ITEM: - strcat(hud_string,XSTR("Cover me",707)); + SDL_strlcat(hud_string, XSTR("Cover me",707), sizeof(hud_string)); break; // engage enemy case ENGAGE_ENEMY_ITEM: - strcat(hud_string,XSTR("Engage enemy!",708)); + SDL_strlcat(hud_string, XSTR("Engage enemy!",708), sizeof(hud_string)); break; default : diff --git a/src/network/multi_rate.cpp b/src/network/multi_rate.cpp index c92cb46..75a0c1b 100644 --- a/src/network/multi_rate.cpp +++ b/src/network/multi_rate.cpp @@ -152,7 +152,7 @@ int multi_rate_add(int np_index, const char *type, int size) m = &Multi_rate[np_index][idx]; // type string - strcpy(m->type, type); + SDL_strlcpy(m->type, type, sizeof(m->type)); // alltime m->total_bytes += size; diff --git a/src/network/multi_respawn.cpp b/src/network/multi_respawn.cpp index c2e3c9e..88a4d45 100644 --- a/src/network/multi_respawn.cpp +++ b/src/network/multi_respawn.cpp @@ -402,7 +402,7 @@ void multi_respawn_build_points() if((Ships[Objects[moveup->objnum].instance].respawn_priority > 0) && (Multi_respawn_priority_count < MAX_PRIORITY_POINTS)){ r = &Multi_respawn_priority_ships[Multi_respawn_priority_count++]; - strcpy(r->ship_name, Ships[Objects[moveup->objnum].instance].ship_name); + SDL_strlcpy(r->ship_name, Ships[Objects[moveup->objnum].instance].ship_name, sizeof(r->ship_name)); r->team = Ships[Objects[moveup->objnum].instance].team; } moveup = GET_NEXT(moveup); diff --git a/src/network/multi_team.cpp b/src/network/multi_team.cpp index f5dfd22..92db707 100644 --- a/src/network/multi_team.cpp +++ b/src/network/multi_team.cpp @@ -741,9 +741,9 @@ void multi_team_report() SEND_AND_DISPLAY("----****"); // display scores - sprintf(report, XSTR("", 1275), Multi_team0_score); + SDL_snprintf(report, sizeof(report), XSTR("", 1275), Multi_team0_score); SEND_AND_DISPLAY(report); - sprintf(report, XSTR("", 1276), Multi_team1_score); + SDL_snprintf(report, sizeof(report), XSTR("", 1276), Multi_team1_score); SEND_AND_DISPLAY(report); // display winner diff --git a/src/network/multi_update.cpp b/src/network/multi_update.cpp index 995f98e..bb0b4eb 100644 --- a/src/network/multi_update.cpp +++ b/src/network/multi_update.cpp @@ -154,18 +154,16 @@ int multi_update_http_init() char local_file[512] = ""; // url - strcpy(url_file, VERSION_URL); + SDL_strlcpy(url_file, VERSION_URL, sizeof(url_file)); // local file - strcpy(local_file, Cfile_root_dir); - strcat(local_file, DIR_SEPARATOR_STR); - strcat(local_file, VERSION_LOC_FNAME); + SDL_snprintf(local_file, sizeof(local_file), "%s%s%s", Cfile_root_dir, DIR_SEPARATOR_STR, VERSION_LOC_FNAME); // new file Multi_update_get = new InetGetFile(url_file, local_file); if(Multi_update_get == NULL){ // error string - strcpy(Multi_update_error_string, XSTR("Could not get data from website", 977)); + SDL_strlcpy(Multi_update_error_string, XSTR("Could not get data from website", 977), sizeof(Multi_update_error_string)); return 0; } @@ -183,7 +181,7 @@ int multi_update_http_do() // sanity if(Multi_update_get == NULL){ // error string - strcpy(Multi_update_error_string, XSTR("Could not get data from website", 977)); + SDL_strlcpy(Multi_update_error_string, XSTR("Could not get data from website", 977), sizeof(Multi_update_error_string)); return 2; } @@ -194,7 +192,7 @@ int multi_update_http_do() Multi_update_get = NULL; // error string - strcpy(Multi_update_error_string, XSTR("Could not get data from website", 977)); + SDL_strlcpy(Multi_update_error_string, XSTR("Could not get data from website", 977), sizeof(Multi_update_error_string)); return 2; } @@ -228,10 +226,8 @@ int multi_update_error_verifying() char out_str[512]; memset(out_str, 0, 512); - strcpy(out_str, "("); - strcat(out_str, Multi_update_error_string); - strcat(out_str, ")\n\n"); - strcat(out_str, XSTR("There was an error verifying your version of Freespace, if you continue, you will not necessarily be up to date", 978)); + SDL_snprintf(out_str, sizeof(out_str), "(%s)\n\n%s", Multi_update_error_string, + XSTR("There was an error verifying your version of Freespace, if you continue, you will not necessarily be up to date", 978)); switch(popup(PF_USE_AFFIRMATIVE_ICON | PF_USE_NEGATIVE_ICON, 2, XSTR("&Go back", 1524), XSTR("&Continue", 1525), out_str)){ // continue on in freespace like nothing happened @@ -274,9 +270,9 @@ int multi_update_gobaby() extern char Multi_options_proxy[512]; extern ushort Multi_options_proxy_port; if(strlen(Multi_options_proxy) > 0){ - sprintf(msg, "%s (%s : %d)", XSTR("Verifying Freespace Version",981), Multi_options_proxy, Multi_options_proxy_port); + SDL_snprintf(msg, sizeof(msg), "%s (%s : %d)", XSTR("Verifying Freespace Version",981), Multi_options_proxy, Multi_options_proxy_port); } else { - strcpy(msg, XSTR("Verifying Freespace Version",981)); + SDL_strlcpy(msg, XSTR("Verifying Freespace Version",981), sizeof(msg)); } ret_code = popup_till_condition(multi_update_http_do, XSTR("Cancel",948), msg); diff --git a/src/network/multi_voice.cpp b/src/network/multi_voice.cpp index a1083f1..f61112c 100644 --- a/src/network/multi_voice.cpp +++ b/src/network/multi_voice.cpp @@ -2148,8 +2148,7 @@ void multi_voice_alg_play_window(int stream_index) int player_index = find_player_id(Multi_voice_stream[stream_index].stream_from); if(player_index != -1){ - memset(voice_msg,0,256); - sprintf(voice_msg,XSTR("<%s is speaking>",712),Net_players[player_index].player->callsign); + SDL_snprintf(voice_msg, sizeof(voice_msg), XSTR("<%s is speaking>", 712), Net_players[player_index].player->callsign); // display a chat message (write to the correct spot - hud, standalone gui, chatbox, etc) multi_display_chat_msg(voice_msg,player_index,0); diff --git a/src/network/multi_xfer.cpp b/src/network/multi_xfer.cpp index 6a443b8..d3261fa 100644 --- a/src/network/multi_xfer.cpp +++ b/src/network/multi_xfer.cpp @@ -323,7 +323,7 @@ void multi_xfer_send_final(xfer_entry *xe); void multi_xfer_send_header(xfer_entry *xe); // convert the filename into the prefixed ex_filename -void multi_xfer_conv_prefix(char *filename, char *ex_filename); +void multi_xfer_conv_prefix(char *filename, char *ex_filename, const int max_len); // get a new xfer sig ushort multi_xfer_get_sig(); @@ -416,7 +416,7 @@ int multi_xfer_send_file(PSNET_SOCKET_RELIABLE who, char *filename, int cfile_fl memset(&temp_entry,0,sizeof(xfer_entry)); // set the filename - strcpy(temp_entry.filename,filename); + SDL_strlcpy(temp_entry.filename, filename, sizeof(temp_entry.filename)); // attempt to open the file temp_entry.file = NULL; @@ -1128,16 +1128,11 @@ void multi_xfer_process_header(ubyte *data, PSNET_SOCKET_RELIABLE who, ushort si xe->sig = sig; // copy the filename and get the prefixed xfer filename -#ifdef PLAT_UNIX + SDL_strlcpy(xe->filename, filename, sizeof(xe->filename)); // lower case all filenames to avoid case issues - char *tmp_filename = filename; - - SDL_strlwr(tmp_filename); - strcpy(xe->filename, tmp_filename); -#else - strcpy(xe->filename, filename); -#endif - multi_xfer_conv_prefix(xe->filename, xe->ex_filename); + SDL_strlwr(xe->filename); + + multi_xfer_conv_prefix(xe->filename, xe->ex_filename, sizeof(xe->ex_filename)); #ifdef MULTI_XFER_VERBOSE nprintf(("Network","MULTI XFER : converted filename %s to %s\n",xe->filename, xe->ex_filename)); #endif @@ -1342,7 +1337,7 @@ void multi_xfer_send_header(xfer_entry *xe) } // convert the filename into the prefixed ex_filename -void multi_xfer_conv_prefix(char *filename,char *ex_filename) +void multi_xfer_conv_prefix(char *filename, char *ex_filename, const int max_len) { char temp[MAX_FILENAME_LEN+50]; @@ -1350,13 +1345,13 @@ void multi_xfer_conv_prefix(char *filename,char *ex_filename) memset(temp, 0, MAX_FILENAME_LEN+50); // copy in the prefix - strcpy(temp, MULTI_XFER_FNAME_PREFIX); + SDL_strlcpy(temp, MULTI_XFER_FNAME_PREFIX, sizeof(temp)); // stick on the original name - strcat(temp, filename); + SDL_strlcat(temp, filename, sizeof(temp)); // copy the whole thing to the outgoing filename - strcpy(ex_filename, temp); + SDL_strlcpy(ex_filename, temp, max_len); } // get a new xfer sig diff --git a/src/network/multimsgs.cpp b/src/network/multimsgs.cpp index 9a8e22c..9672a8c 100644 --- a/src/network/multimsgs.cpp +++ b/src/network/multimsgs.cpp @@ -1250,7 +1250,7 @@ void process_join_packet(ubyte* data, header* hinfo) // } // } else if(Netgame.mode == NG_MODE_RESTRICTED){ host_restr_mode = MULTI_JOIN_RESTR_MODE_1; - sprintf(join_string,XSTR("Player %s has tried to join, accept y/n ?",715),jr.callsign); + SDL_snprintf(join_string,sizeof(join_string),XSTR("Player %s has tried to join, accept y/n ?",715),jr.callsign); // } SDL_assert(host_restr_mode != -1); @@ -1371,16 +1371,16 @@ void process_new_player_packet(ubyte* data, header* hinfo) // copy in the filename if(strlen(new_player_image) > 0){ - strcpy(Net_players[new_player_num].player->image_filename, new_player_image); + SDL_strlcpy(Net_players[new_player_num].player->image_filename, new_player_image, MAX_FILENAME_LEN); } else { - strcpy(Net_players[new_player_num].player->image_filename, ""); + SDL_strlcpy(Net_players[new_player_num].player->image_filename, "", MAX_FILENAME_LEN); } // copy his pilot squad filename Net_players[new_player_num].player->insignia_texture = -1; player_set_squad_bitmap(Net_players[new_player_num].player, new_player_squad); // copy in his pxo squad name - strcpy(Net_players[new_player_num].p_info.pxo_squad_name, new_player_pxo_squad); + SDL_strlcpy(Net_players[new_player_num].p_info.pxo_squad_name, new_player_pxo_squad, LOGIN_LEN); // since we just created the player, set the last_heard_time here. Net_players[new_player_num].last_heard_time = timer_get_fixed_seconds(); @@ -1394,7 +1394,7 @@ void process_new_player_packet(ubyte* data, header* hinfo) // add a chat message if(Net_players[new_player_num].player->callsign != NULL){ - sprintf(notify_string,XSTR("<%s has joined>",717),Net_players[new_player_num].player->callsign); + SDL_snprintf(notify_string,sizeof(notify_string),XSTR("<%s has joined>",717),Net_players[new_player_num].player->callsign); multi_display_chat_msg(notify_string,0,0); } } @@ -1568,7 +1568,7 @@ void send_accept_packet(int new_player_num, int code, int ingame_join_team) // add a chat message if(Net_players[new_player_num].player->callsign != NULL){ - sprintf(notify_string,XSTR("<%s has joined>",717), Net_players[new_player_num].player->callsign); + SDL_snprintf(notify_string,sizeof(notify_string),XSTR("<%s has joined>",717), Net_players[new_player_num].player->callsign); multi_display_chat_msg(notify_string, 0, 0); } @@ -1644,14 +1644,14 @@ void process_accept_player_data( ubyte *data, header *hinfo ) } // copy his image filename - strcpy(Net_players[player_num].player->image_filename, image_name); + SDL_strlcpy(Net_players[player_num].player->image_filename, image_name, MAX_FILENAME_LEN); // copy his pilot squad filename Net_players[player_num].player->insignia_texture = -1; player_set_squad_bitmap(Net_players[player_num].player, squad_name); // copy his pxo squad name - strcpy(Net_players[player_num].p_info.pxo_squad_name, pxo_squad_name); + SDL_strlcpy(Net_players[player_num].p_info.pxo_squad_name, pxo_squad_name, LOGIN_LEN); // set his player id# Net_players[player_num].player_id = player_id; @@ -1956,7 +1956,7 @@ void process_leave_game_packet(ubyte* data, header* hinfo) // display the result memset(str, 0, 512); - multi_kick_get_text(&Net_players[player_num], kicked_reason, str); + multi_kick_get_text(&Net_players[player_num], kicked_reason, str, sizeof(str)); multi_display_chat_msg(str, player_num, 0); } } @@ -1965,7 +1965,7 @@ void process_leave_game_packet(ubyte* data, header* hinfo) if (Net_player->flags & NETINFO_FLAG_AM_MASTER) { char msg[255]; - sprintf(msg, XSTR("%s has left the game",719), Net_players[player_num].player->callsign ); + SDL_snprintf(msg, sizeof(msg), XSTR("%s has left the game",719), Net_players[player_num].player->callsign ); if (!(Game_mode & GM_STANDALONE_SERVER)){ HUD_sourced_printf(HUD_SOURCE_HIDDEN, msg); @@ -2231,7 +2231,7 @@ void process_netgame_update_packet( ubyte *data, header *hinfo ) multi_handle_state_special(); Multi_sync_mode = MULTI_SYNC_PRE_BRIEFING; - strncpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); gameseq_post_event(GS_EVENT_MULTI_MISSION_SYNC); } // if coming from the debriefing state @@ -2244,7 +2244,7 @@ void process_netgame_update_packet( ubyte *data, header *hinfo ) multi_flush_mission_stuff(); Multi_sync_mode = MULTI_SYNC_PRE_BRIEFING; - strncpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); gameseq_post_event(GS_EVENT_MULTI_MISSION_SYNC); } } @@ -2256,7 +2256,7 @@ void process_netgame_update_packet( ubyte *data, header *hinfo ) // do any special processing for forced state transitions multi_handle_state_special(); - strncpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); + SDL_strlcpy( Game_current_mission_filename, Netgame.mission_name, MAX_FILENAME_LEN ); gameseq_post_event(GS_EVENT_START_BRIEFING); } } @@ -2734,7 +2734,7 @@ void process_ship_kill_packet( ubyte *data, header *hinfo ) Net_players[pnum].player->killer_objtype = killer_objtype; Net_players[pnum].player->killer_species = killer_species; Net_players[pnum].player->killer_weapon_index = killer_weapon_index; - strcpy( Net_players[pnum].player->killer_parent_name, killer_name ); + SDL_strlcpy( Net_players[pnum].player->killer_parent_name, killer_name, NAME_LENGTH ); } } @@ -3707,8 +3707,8 @@ void process_mission_item_packet(ubyte *data,header *hinfo) GET_DATA(valid_status); if ( Multi_create_mission_count < MULTI_CREATE_MAX_LIST_ITEMS ) { - strcpy(Multi_create_mission_list[Multi_create_mission_count].filename, filename ); - strcpy(Multi_create_mission_list[Multi_create_mission_count].name, name ); + SDL_strlcpy(Multi_create_mission_list[Multi_create_mission_count].filename, filename, MAX_FILENAME_LEN ); + SDL_strlcpy(Multi_create_mission_list[Multi_create_mission_count].name, name, NAME_LENGTH ); Multi_create_mission_list[Multi_create_mission_count].flags = flags; Multi_create_mission_list[Multi_create_mission_count].respawn = respawn; Multi_create_mission_list[Multi_create_mission_count].max_players = max_players; @@ -3720,8 +3720,8 @@ void process_mission_item_packet(ubyte *data,header *hinfo) } } else if ( type == CAMPAIGN_LIST_ITEMS ) { if ( Multi_create_campaign_count < MULTI_CREATE_MAX_LIST_ITEMS ) { - strcpy(Multi_create_campaign_list[Multi_create_campaign_count].filename, filename ); - strcpy(Multi_create_campaign_list[Multi_create_campaign_count].name, name ); + SDL_strlcpy(Multi_create_campaign_list[Multi_create_campaign_count].filename, filename, MAX_FILENAME_LEN ); + SDL_strlcpy(Multi_create_campaign_list[Multi_create_campaign_count].name, name, NAME_LENGTH ); Multi_create_campaign_list[Multi_create_campaign_count].flags = flags; Multi_create_campaign_list[Multi_create_campaign_count].respawn = 0; Multi_create_campaign_list[Multi_create_campaign_count].max_players = max_players; @@ -4466,7 +4466,7 @@ void process_file_sig_request(ubyte *data, header *hinfo) PACKET_SET_SIZE(); // set the current mission filename - strcpy(Game_current_mission_filename,Netgame.mission_name); + SDL_strlcpy(Game_current_mission_filename, Netgame.mission_name, sizeof(Game_current_mission_filename)); // get the checksum multi_get_mission_checksum(Game_current_mission_filename); @@ -4641,8 +4641,8 @@ void process_netplayer_load_packet(ubyte *data, header *hinfo) GET_STRING(str); PACKET_SET_SIZE(); - strcpy(Netgame.mission_name,str); - strcpy(Game_current_mission_filename,str); + SDL_strlcpy(Netgame.mission_name, str, sizeof(Netgame.mission_name)); + SDL_strlcpy(Game_current_mission_filename, str, sizeof(Game_current_mission_filename)); if(!Multi_mission_loaded){ // MWA 2/3/98 -- ingame join changes!!! @@ -5134,7 +5134,7 @@ void process_mission_sync_packet(ubyte *data, header *hinfo) // get the single mission filename GET_STRING(Game_current_mission_filename); - strcpy(Netgame.mission_name,Game_current_mission_filename); + SDL_strlcpy(Netgame.mission_name, Game_current_mission_filename, sizeof(Netgame.mission_name)); } } PACKET_SET_SIZE(); diff --git a/src/network/multiteamselect.cpp b/src/network/multiteamselect.cpp index 42239dc..9d228c0 100644 --- a/src/network/multiteamselect.cpp +++ b/src/network/multiteamselect.cpp @@ -1030,14 +1030,14 @@ void multi_ts_assign_players_all() if(Netgame.type_flags & NG_TYPE_TEAM){ switch(Netgame.host->p_info.team){ case 0 : - strcpy(name_lookup,NOX("alpha 1")); + SDL_strlcpy(name_lookup, NOX("alpha 1"), sizeof(name_lookup)); break; case 1 : - strcpy(name_lookup,NOX("zeta 1")); + SDL_strlcpy(name_lookup, NOX("zeta 1"), sizeof(name_lookup)); break; } } else { - strcpy(name_lookup,NOX("alpha 1")); + SDL_strlcpy(name_lookup, NOX("alpha 1"), sizeof(name_lookup)); } shipnum = ship_name_lookup(name_lookup); @@ -1463,16 +1463,16 @@ void multi_ts_blit_wing_callsigns() // if there is a player in the slot if(Multi_ts_team[Net_player->p_info.team].multi_ts_player[idx] != NULL){ // make sure the string fits - strcpy(callsign,Multi_ts_team[Net_player->p_info.team].multi_ts_player[idx]->player->callsign); + SDL_strlcpy(callsign, Multi_ts_team[Net_player->p_info.team].multi_ts_player[idx]->player->callsign, sizeof(callsign)); } else { // determine if this is a locked AI ship pobj = mission_parse_get_arrival_ship(Ships[Objects[Multi_ts_team[Net_player->p_info.team].multi_ts_objnum[idx]].instance].ship_name); if((pobj == NULL) || !(pobj->flags & OF_PLAYER_SHIP)){ - strcpy(callsign, NOX("<")); - strcat(callsign,XSTR("AI",738)); // [[ Artificial Intellegence ]] - strcat(callsign, NOX(">")); + SDL_strlcpy(callsign, NOX("<"), sizeof(callsign)); + SDL_strlcat(callsign, XSTR("AI", 738), sizeof(callsign)); // [[ Artificial Intellegence ]] + SDL_strlcat(callsign, NOX(">"), sizeof(callsign)); } else { - strcpy(callsign,XSTR("AI",738)); // [[ Artificial Intellegence ]] + SDL_strlcpy(callsign, XSTR("AI", 738), sizeof(callsign)); // [[ Artificial Intellegence ]] } } @@ -1510,7 +1510,7 @@ void multi_ts_blit_avail_ships() ss_blit_ship_icon(Multi_ts_avail_coords[display_count][gr_screen.res][MULTI_TS_X_COORD],Multi_ts_avail_coords[display_count][gr_screen.res][MULTI_TS_Y_COORD],idx,multi_ts_avail_bmap_num(display_count)); // blit the ship count available - sprintf(count,"%d",Ss_pool[idx]); + SDL_snprintf(count,sizeof(count),"%d",Ss_pool[idx]); gr_set_color_fast(&Color_normal); gr_string(Multi_ts_avail_coords[display_count][gr_screen.res][MULTI_TS_X_COORD] - 20,Multi_ts_avail_coords[display_count][gr_screen.res][MULTI_TS_Y_COORD],count); @@ -1730,7 +1730,7 @@ void multi_ts_blit_ship_info() // blit the max velocity gr_set_color_fast(&Color_normal); gr_string(Multi_ts_ship_info_coords[gr_screen.res][MULTI_TS_X_COORD], y_start,XSTR("Max Velocity",742)); - sprintf(str,XSTR("%d m/s",743),(int)sip->max_vel.xyz.z); + SDL_snprintf(str,sizeof(str),XSTR("%d m/s",743),(int)sip->max_vel.xyz.z); gr_set_color_fast(&Color_bright); gr_string(Multi_ts_ship_info_coords[gr_screen.res][MULTI_TS_X_COORD] + 150, y_start,str); y_start += 10; @@ -1802,11 +1802,11 @@ void multi_ts_blit_status_bar() // mode specific text switch(Multi_ts_status_bar_mode){ case 0 : - strcpy(text,XSTR("Ships/Weapons Locked",749)); + SDL_strlcpy(text, XSTR("Ships/Weapons Locked", 749), sizeof(text)); blit = 1; break; case 1 : - strcpy(text,XSTR("Ships/Weapons Are Now Free",750)); + SDL_strlcpy(text, XSTR("Ships/Weapons Are Now Free", 750), sizeof(text)); blit = 1; break; } @@ -2630,7 +2630,7 @@ void multi_ts_blit_carried_icon() break; case MULTI_TS_PLAYER_LIST: // get the final length of the string so we can calculate a valid offset - strcpy(callsign,Multi_ts_team[Net_player->p_info.team].multi_ts_player[Multi_ts_carried_from_index]->player->callsign); + SDL_strlcpy(callsign, Multi_ts_team[Net_player->p_info.team].multi_ts_player[Multi_ts_carried_from_index]->player->callsign, sizeof(callsign)); gr_force_fit_string(callsign,CALLSIGN_LEN,Multi_ts_slot_text_coords[Multi_ts_carried_from_index][gr_screen.res][MULTI_TS_W_COORD]); gr_get_string_size(&callsign_w,NULL,callsign); diff --git a/src/network/multiui.cpp b/src/network/multiui.cpp index eb6d0b8..f300695 100644 --- a/src/network/multiui.cpp +++ b/src/network/multiui.cpp @@ -619,7 +619,7 @@ void multi_common_set_text(const char *str, int auto_scroll) if(strlen(str) > MULTI_COMMON_MAX_TEXT){ return ; } else { - strcpy(Multi_common_all_text,str); + SDL_strlcpy(Multi_common_all_text, str, sizeof(Multi_common_all_text)); } // split the whole thing up @@ -638,7 +638,7 @@ void multi_common_add_text(const char *str, int auto_scroll) if((strlen(str) + strlen(Multi_common_all_text)) > MULTI_COMMON_MAX_TEXT){ return ; } else { - strcat(Multi_common_all_text,str); + SDL_strlcat(Multi_common_all_text, str, sizeof(Multi_common_all_text)); } // split the whole thing up @@ -661,7 +661,8 @@ void multi_common_split_text() for ( i = 0; i < n_lines; i++ ) { SDL_assert(n_chars[i] < MULTI_COMMON_TEXT_MAX_LINE_LENGTH); - strncpy(Multi_common_text[i], p_str[i], n_chars[i]); + int len = min(n_chars[i] + 1, MULTI_COMMON_TEXT_MAX_LINE_LENGTH); + SDL_strlcpy(Multi_common_text[i], p_str[i], len); Multi_common_text[i][n_chars[i]] = 0; drop_leading_white_space(Multi_common_text[i]); } @@ -718,7 +719,7 @@ int Multi_common_notify_stamp; void multi_common_notify_init() { - strcpy(Multi_common_notify_text,""); + SDL_strlcpy(Multi_common_notify_text, "", sizeof(Multi_common_notify_text)); Multi_common_notify_stamp = -1; } @@ -726,7 +727,7 @@ void multi_common_notify_init() void multi_common_add_notify(const char *str) { if(str){ - strcpy(Multi_common_notify_text,str); + SDL_strlcpy(Multi_common_notify_text, str, sizeof(Multi_common_notify_text)); Multi_common_notify_stamp = timestamp(MULTI_COMMON_NOTIFY_TIME); } } @@ -1234,7 +1235,7 @@ DCF(mj_make, "") for(idx=0; idxflags & AG_FLAG_STANDALONE){ - strcat(str,MJ_CHAR_STANDALONE); + SDL_strlcat(str, MJ_CHAR_STANDALONE, sizeof(str)); } if(moveup->flags & AG_FLAG_CAMPAIGN){ - strcat(str,MJ_CHAR_CAMPAIGN); + SDL_strlcat(str, MJ_CHAR_CAMPAIGN, sizeof(str)); } // tack on the actual server name - strcat(str," "); - strcat(str,moveup->name); + SDL_strlcat(str, " ", sizeof(str)); + SDL_strlcat(str, moveup->name, sizeof(str)); if(strlen(moveup->mission_name) > 0){ - strcat(str, " / "); - strcat(str,moveup->mission_name); + SDL_strlcat(str, " / ", sizeof(str)); + SDL_strlcat(str, moveup->mission_name, sizeof(str)); } // make sure the string fits in the display area and draw it @@ -1823,7 +1824,7 @@ void multi_join_display_games() if(moveup->ping.ping_avg > 0){ if(moveup->ping.ping_avg > 1000){ gr_set_color_fast(&Color_bright_red); - strcpy(str,XSTR("> 1 sec",761)); + SDL_strlcpy(str, XSTR("> 1 sec",761), sizeof(str)); } else { // set the appropriate ping time color indicator if(moveup->ping.ping_avg > MJ_PING_YELLOW){ @@ -1834,8 +1835,7 @@ void multi_join_display_games() gr_set_color_fast(&Color_bright_green); } - sprintf(str,"%d",moveup->ping.ping_avg); - strcat(str,XSTR(" ms",762)); // [[ Milliseconds ]] + SDL_snprintf(str, sizeof(str), "%d%s", moveup->ping.ping_avg, XSTR(" ms",762)); } gr_string(Mj_ping_coords[gr_screen.res][MJ_X_COORD],y_start,str); @@ -1847,7 +1847,7 @@ void multi_join_display_games() } else { gr_set_color_fast(&Color_text_normal); } - sprintf(str,"%d",moveup->num_players); + SDL_snprintf(str, sizeof(str), "%d", moveup->num_players); gr_get_string_size(&w,&h,str); gr_string(Mj_players_coords[gr_screen.res][MJ_X_COORD] + (Mj_players_coords[gr_screen.res][MJ_W_COORD] - w)/2,y_start,str); @@ -1908,27 +1908,27 @@ void multi_join_blit_game_status(active_game *game, int y) switch( game->flags & AG_FLAG_STATE_MASK ){ case AG_FLAG_FORMING: gr_set_color_fast(&Color_bright_green); - strcpy(status_text,XSTR("Forming",764)); + SDL_strlcpy(status_text, XSTR("Forming", 764), sizeof(status_text)); break; case AG_FLAG_BRIEFING: gr_set_color_fast(&Color_bright_red); - strcpy(status_text,XSTR("Briefing",765)); + SDL_strlcpy(status_text, XSTR("Briefing", 765), sizeof(status_text)); break; case AG_FLAG_DEBRIEF: gr_set_color_fast(&Color_bright_red); - strcpy(status_text,XSTR("Debrief",766)); + SDL_strlcpy(status_text, XSTR("Debrief", 766), sizeof(status_text)); break; case AG_FLAG_PAUSE: gr_set_color_fast(&Color_bright_red); - strcpy(status_text,XSTR("Paused",767)); + SDL_strlcpy(status_text, XSTR("Paused", 767), sizeof(status_text)); break; case AG_FLAG_IN_MISSION: gr_set_color_fast(&Color_bright_red); - strcpy(status_text,XSTR("Playing",768)); + SDL_strlcpy(status_text, XSTR("Playing", 768), sizeof(status_text)); break; default: gr_set_color_fast(&Color_bright); - strcpy(status_text,XSTR("Unknown",769)); + SDL_strlcpy(status_text, XSTR("Unknown", 769), sizeof(status_text)); break; } gr_get_string_size(&str_w,NULL,status_text); @@ -1974,7 +1974,7 @@ void multi_join_load_tcp_addrs() // copy the server ip address memset(&addr,0,sizeof(net_addr)); addr.type = NET_TCP; - psnet_string_to_addr(&addr,line); + psnet_string_to_addr(&addr, line, sizeof(line)); if ( addr.port == 0 ){ addr.port = DEFAULT_GAME_PORT; } @@ -2380,7 +2380,7 @@ void multi_join_send_join_request(int as_observer) // if the netgame is in password mode, put up a request for the password if(Multi_join_selected_item->flags & AG_FLAG_PASSWD){ - if(!multi_passwd_popup(Multi_join_request.passwd)){ + if(!multi_passwd_popup(Multi_join_request.passwd, sizeof(Multi_join_request.passwd))){ return; } @@ -2388,13 +2388,13 @@ void multi_join_send_join_request(int as_observer) } // fill out the join request struct - strcpy(Multi_join_request.callsign,Player->callsign); + SDL_strlcpy(Multi_join_request.callsign, Player->callsign, sizeof(Multi_join_request.callsign)); if(strlen(Player->image_filename) > 0){ - strcpy(Multi_join_request.image_filename, Player->image_filename); + SDL_strlcpy(Multi_join_request.image_filename, Player->image_filename, sizeof(Multi_join_request.image_filename)); } #ifndef MAKE_FS1 if(strlen(Player->squad_filename) > 0){ - strcpy(Multi_join_request.squad_filename, Player->squad_filename); + SDL_strlcpy(Multi_join_request.squad_filename, Player->squad_filename, sizeof(Multi_join_request.squad_filename)); } #endif @@ -2417,7 +2417,7 @@ void multi_join_send_join_request(int as_observer) // pxo squad info #ifndef MAKE_FS1 - strncpy(Multi_join_request.pxo_squad_name, Multi_tracker_squad_name, LOGIN_LEN); + SDL_strlcpy(Multi_join_request.pxo_squad_name, Multi_tracker_squad_name, LOGIN_LEN); #endif // version of this server @@ -2813,7 +2813,7 @@ void multi_sg_rank_scroll_up(); void multi_sg_rank_scroll_down(); void multi_sg_rank_display_stuff(); void multi_sg_rank_process_select(); -void multi_sg_rank_build_name(char *in,char *out); +void multi_sg_rank_build_name(char *in, char *out, const int max_outlen); void multi_sg_check_passwd(); void multi_sg_check_name(); void multi_sg_release_passwd(); @@ -2915,7 +2915,7 @@ void multi_start_game_init() // if starting a netgame, set the name of the game and any other options that are appropriate if ( Cmdline_start_netgame ) { if ( Cmdline_game_name != NULL ) { - strcpy( Multi_sg_netgame->name, Cmdline_game_name ); + SDL_strlcpy( Multi_sg_netgame->name, Cmdline_game_name, sizeof(Multi_sg_netgame->name) ); Multi_sg_game_name.set_text(Multi_sg_netgame->name); } @@ -2927,7 +2927,7 @@ void multi_start_game_init() Multi_sg_netgame->mode = NG_MODE_RESTRICTED; } else if ( Cmdline_game_password != NULL ) { Multi_sg_netgame->mode = NG_MODE_PASSWORD; - strcpy(Multi_sg_netgame->passwd, Cmdline_game_password); + SDL_strlcpy(Multi_sg_netgame->passwd, Cmdline_game_password, sizeof(Multi_sg_netgame->passwd)); Multi_sg_game_passwd.set_text(Multi_sg_netgame->passwd); } @@ -3289,12 +3289,12 @@ void multi_sg_init_gamenet() // setup the default game name, taking care of string length and player callsigns memset(out_name,0,128); memset(buf,0,128); - pilot_format_callsign_personal(Player->callsign,out_name); - sprintf(buf, XSTR("%s game",782), out_name); // [[ %s will be a pilot's name ]] + pilot_format_callsign_personal(Player->callsign, out_name, sizeof(out_name)); + SDL_snprintf(buf, sizeof(buf), XSTR("%s game",782), out_name); // [[ %s will be a pilot's name ]] if ( strlen(buf) > MAX_GAMENAME_LEN ){ - strcpy(buf, XSTR("Temporary name",783)); + SDL_strlcpy(buf, XSTR("Temporary name",783), sizeof(buf)); } - strcpy(Multi_sg_netgame->name, buf); + SDL_strlcpy(Multi_sg_netgame->name, buf, sizeof(Multi_sg_netgame->name)); // set the default qos and duration multi_voice_maybe_update_vars(Netgame.options.voice_qos,Netgame.options.voice_record_time); @@ -3433,7 +3433,7 @@ void multi_sg_rank_display_stuff() } // print the text - multi_sg_rank_build_name(Ranks[idx].name,rank_name); + multi_sg_rank_build_name(Ranks[idx].name, rank_name, sizeof(rank_name)); gr_string(Msg_rank_list_coords[gr_screen.res][MSG_X_COORD],y,rank_name); // increment stuff @@ -3478,24 +3478,24 @@ void multi_sg_rank_process_select() gamesnd_play_iface(SND_GENERAL_FAIL); memset(string,0,255); - sprintf(string,XSTR("Illegal value for a host of your rank (%s)\n",784),Ranks[Net_player->player->stats.rank].name); + SDL_snprintf(string,sizeof(string),XSTR("Illegal value for a host of your rank (%s)\n",784),Ranks[Net_player->player->stats.rank].name); multi_common_add_notify(string); } } } } -void multi_sg_rank_build_name(char *in,char *out) +void multi_sg_rank_build_name(char *in, char *out, const int max_outlen) { char use[100]; char *first; - strcpy(use,in); + SDL_strlcpy(use, in, sizeof(use)); first = strtok(use," "); // just copy the string if(first == NULL){ - strcpy(out,in); + SDL_strlcpy(out, in, max_outlen); } // if the first part of the string is lieutenant, then abbreivate it and tack on the rest of the string @@ -3504,15 +3504,14 @@ void multi_sg_rank_build_name(char *in,char *out) // if he's not just a plain lieutenant if(first != NULL){ - strcpy(out,XSTR("Lt. ",786)); // [[ lieutenant ]] - strcat(out,first); + SDL_snprintf(out, max_outlen, "%s%s", XSTR("Lt. ",786), first); // [[ lieutenant ]] } // if he _is_ just a plain lieutenant else { - strcpy(out,in); + SDL_strlcpy(out, in, max_outlen); } } else { - strcpy(out,in); + SDL_strlcpy(out, in, max_outlen); } } @@ -3982,7 +3981,7 @@ void multi_create_sw_clicked(); // since we can selectively filter out mission/campaign types we always need to map a selected index (which is relative // to the displayed list), to an absolute index (which is relative to the total file list - some of which may filtered out) -void multi_create_select_to_filename(int select_index,char *filename); +void multi_create_select_to_filename(int select_index, char *filename, const int max_filelen); int multi_create_select_to_index(int select_index); int Multi_create_should_show_popup = 0; @@ -4773,9 +4772,9 @@ void multi_create_plist_blit_normal() } // make sure the string will fit, then display it - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); if(Net_players[idx].flags & NETINFO_FLAG_OBSERVER){ - strcat(str,XSTR("(O)",787)); // [[ Observer ]] + SDL_strlcat(str, XSTR("(O)",787), sizeof(str)); // [[ Observer ]] } gr_force_fit_string(str,CALLSIGN_LEN,Mc_players_coords[gr_screen.res][MC_W_COORD] - total_offset); gr_string(Mc_players_coords[gr_screen.res][MC_X_COORD] + total_offset,y_start,str); @@ -4846,9 +4845,9 @@ void multi_create_plist_blit_team() } // make sure the string will fit - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); if(Net_players[idx].flags & NETINFO_FLAG_OBSERVER){ - strcat(str,XSTR("(O)",787)); + SDL_strlcat(str, XSTR("(O)",787), sizeof(str)); } gr_force_fit_string(str,CALLSIGN_LEN,Mc_players_coords[gr_screen.res][MC_W_COORD] - total_offset); @@ -4912,9 +4911,9 @@ void multi_create_plist_blit_team() } // make sure the string will fit - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); if(Net_players[idx].flags & NETINFO_FLAG_OBSERVER){ - strcat(str,XSTR("(O)",787)); + SDL_strlcat(str, XSTR("(O)",787), sizeof(str)); } gr_force_fit_string(str,CALLSIGN_LEN,Mc_players_coords[gr_screen.res][MC_W_COORD] - total_offset); @@ -4951,12 +4950,10 @@ void multi_create_list_scroll_down() void multi_create_list_load_missions() { char *fname, mission_name[NAME_LENGTH+1]; - char wild_card[256]; + char wild_card[6]; int file_count,idx; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_MISSION_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_MISSION_FILE_EXT); file_count = cf_get_file_list_preallocated(MULTI_CREATE_MAX_LIST_ITEMS, Multi_create_files_array, NULL, CF_TYPE_MISSIONS, wild_card); Multi_create_mission_count = 0; @@ -5002,8 +4999,8 @@ void multi_create_list_load_missions() multi_create_info *mcip; mcip = &Multi_create_mission_list[Multi_create_mission_count]; - strcpy(mcip->filename, filename ); - strcpy(mcip->name, mission_name ); + SDL_strlcpy(mcip->filename, filename, sizeof(mcip->filename)); + SDL_strlcpy(mcip->name, mission_name, sizeof(mcip->name)); mcip->flags = flags; mcip->respawn = m_respawn; mcip->max_players = (ubyte)max_players; @@ -5034,7 +5031,7 @@ void multi_create_list_load_campaigns() int idx, file_count; int campaign_type,max_players; char title[255]; - char wild_card[256]; + char wild_card[6]; // maybe create a standalone dialog if(Game_mode & GM_STANDALONE_SERVER){ @@ -5043,9 +5040,7 @@ void multi_create_list_load_campaigns() } Multi_create_campaign_count = 0; - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_CAMPAIGN_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_CAMPAIGN_FILE_EXT); file_count = cf_get_file_list_preallocated(MULTI_CREATE_MAX_LIST_ITEMS, Multi_create_files_array, NULL, CF_TYPE_MISSIONS, wild_card); for(idx = 0; idx < file_count; idx++){ int flags; @@ -5072,14 +5067,14 @@ void multi_create_list_load_campaigns() } // if the campaign is a multiplayer campaign, then add the data to the campaign list items - flags = mission_campaign_parse_is_multi( filename, name ); + flags = mission_campaign_parse_is_multi( filename, name, sizeof(name) ); if( flags != CAMPAIGN_TYPE_SINGLE && mission_campaign_get_info(filename,title,&campaign_type,&max_players)) { if ( Multi_create_campaign_count < MULTI_CREATE_MAX_LIST_ITEMS ) { multi_create_info *mcip; mcip = &Multi_create_campaign_list[Multi_create_campaign_count]; - strcpy(mcip->filename, filename ); - strcpy(mcip->name, name ); + SDL_strlcpy(mcip->filename, filename, sizeof(mcip->filename)); + SDL_strlcpy(mcip->name, name, sizeof(mcip->name)); // setup various flags if ( flags == CAMPAIGN_TYPE_MULTI_COOP ){ @@ -5163,7 +5158,7 @@ void multi_create_list_do() } // highlight the selected item - multi_create_select_to_filename(Multi_create_list_select,selected_name); + multi_create_select_to_filename(Multi_create_list_select, selected_name, sizeof(selected_name)); if(!strcmp(selected_name,Multi_create_file_list[idx].filename)){ gr_set_color_fast(&Color_text_selected); } else { @@ -5174,16 +5169,16 @@ void multi_create_list_do() multi_create_list_blit_icons(idx, y_start); // force fit the mission name string - strcpy(selected_name,Multi_create_file_list[idx].name); + SDL_strlcpy(selected_name, Multi_create_file_list[idx].name, sizeof(selected_name)); gr_force_fit_string(selected_name,255,Mc_column1_w[gr_screen.res]); gr_string(Mc_mission_name_x[gr_screen.res],y_start,selected_name); // draw the max players if in mission mode - sprintf(selected_name,"%d",(int)Multi_create_file_list[idx].max_players); + SDL_snprintf(selected_name,sizeof(selected_name),"%d",(int)Multi_create_file_list[idx].max_players); gr_string(Mc_mission_count_x[gr_screen.res],y_start,selected_name); // force fit the mission filename string - strcpy(selected_name,Multi_create_file_list[idx].filename); + SDL_strlcpy(selected_name, Multi_create_file_list[idx].filename, sizeof(selected_name)); gr_force_fit_string(selected_name,255,Mc_column3_w[gr_screen.res]); gr_string(Mc_mission_fname_x[gr_screen.res],y_start,selected_name); @@ -5223,9 +5218,9 @@ void multi_create_list_select_item(int n) // set the mission name if(Multi_create_list_mode == MULTI_CREATE_SHOW_MISSIONS){ - multi_create_select_to_filename(n,ng->mission_name); + multi_create_select_to_filename(n, ng->mission_name, sizeof(ng->mission_name)); } else { - multi_create_select_to_filename(n,ng->campaign_name); + multi_create_select_to_filename(n, ng->campaign_name, sizeof(ng->campaign_name)); } // make sure the netgame type is properly set @@ -5264,7 +5259,7 @@ void multi_create_list_select_item(int n) ng->max_players = mission_parse_get_multi_mission_info( ng->mission_name ); SDL_assert(ng->max_players > 0); - strcpy(ng->title,The_mission.name); + SDL_strlcpy(ng->title, The_mission.name, sizeof(ng->title)); // set the information area text multi_common_set_text(The_mission.mission_desc); @@ -5296,7 +5291,7 @@ void multi_create_list_select_item(int n) // if we successfully got the # of players else { memset(ng->title,0,NAME_LENGTH+1); - strcpy(ng->title,title); + SDL_strlcpy(ng->title, title, sizeof(ng->title)); ng->max_players = max_players; } @@ -5411,9 +5406,9 @@ void multi_create_accept_hit() Netgame.campaign_mode = MP_SINGLE; // setup various filenames and mission names - multi_create_select_to_filename(Multi_create_list_select,selected_name); - strncpy( Game_current_mission_filename, selected_name, MAX_FILENAME_LEN ); - strncpy(Netgame.mission_name,selected_name,MAX_FILENAME_LEN); + multi_create_select_to_filename(Multi_create_list_select, selected_name, sizeof(selected_name)); + SDL_strlcpy( Game_current_mission_filename, selected_name, MAX_FILENAME_LEN ); + SDL_strlcpy( Netgame.mission_name, selected_name, MAX_FILENAME_LEN ); // NETLOG ml_printf(NOX("Starting single mission %s, with %d players"), Game_current_mission_filename, multi_num_players()); @@ -5430,7 +5425,7 @@ void multi_create_accept_hit() Netgame.campaign_mode = MP_CAMPAIGN; // start a campaign instead of a single mission - multi_create_select_to_filename(Multi_create_list_select,selected_name); + multi_create_select_to_filename(Multi_create_list_select, selected_name, sizeof(selected_name)); multi_campaign_start(selected_name); start_campaign = 1; @@ -5560,7 +5555,7 @@ short multi_create_get_mouse_id() return -1; } -void multi_create_select_to_filename(int select_index,char *filename) +void multi_create_select_to_filename(int select_index, char *filename, const int max_filelen) { int idx; @@ -5573,7 +5568,7 @@ void multi_create_select_to_filename(int select_index,char *filename) // if we found the item if(select_index < 0){ - strcpy(filename,Multi_create_file_list[idx].filename); + SDL_strlcpy(filename, Multi_create_file_list[idx].filename, max_filelen); return; } } @@ -5585,13 +5580,13 @@ void multi_create_select_to_filename(int select_index,char *filename) // if we found the item if(select_index < 0){ - strcpy(filename,Multi_create_file_list[idx].filename); + SDL_strlcpy(filename, Multi_create_file_list[idx].filename, max_filelen); return; } } } - strcpy(filename,""); + SDL_strlcpy(filename, "", max_filelen); } int multi_create_select_to_index(int select_index) @@ -5697,9 +5692,9 @@ int multi_create_ok_to_commit() // message everyone - haha if(Net_players[idx].player != NULL){ - sprintf(err_string, "%s %s", Net_players[idx].player->callsign, XSTR("has hacked tables/data", 1271)); + SDL_snprintf(err_string, sizeof(err_string), "%s %s", Net_players[idx].player->callsign, XSTR("has hacked tables/data", 1271)); } else { - sprintf(err_string, "somebody %s", XSTR("has hacked tables/data", 1271)); + SDL_snprintf(err_string, sizeof(err_string), "somebody %s", XSTR("has hacked tables/data", 1271)); } send_game_chat_packet(Net_player, err_string, MULTI_MSG_ALL, NULL, NULL, 1); } @@ -5737,7 +5732,7 @@ int multi_create_ok_to_commit() observer_count = multi_num_observers(); if(observer_count > Netgame.options.max_observers){ // print up the error string - sprintf(err_string,XSTR("There are too many observers in the game\n\nMax : %d\nCurrently %d\n\nPlease dump a few",791),Netgame.options.max_observers,observer_count); + SDL_snprintf(err_string,sizeof(err_string),XSTR("There are too many observers in the game\n\nMax : %d\nCurrently %d\n\nPlease dump a few",791),Netgame.options.max_observers,observer_count); popup(PF_USE_AFFIRMATIVE_ICON, 1, POPUP_OK, err_string); return 0; @@ -5747,7 +5742,7 @@ int multi_create_ok_to_commit() player_count = multi_num_players(); if(player_count > Netgame.max_players){ // print up the error string - sprintf(err_string,XSTR("There are too many players in the game\n\nMax : %d\nCurrently %d\n\nPlease dump a few", 792), Netgame.max_players,player_count); + SDL_snprintf(err_string,sizeof(err_string),XSTR("There are too many players in the game\n\nMax : %d\nCurrently %d\n\nPlease dump a few", 792), Netgame.max_players,player_count); popup(PF_USE_AFFIRMATIVE_ICON, 1, POPUP_OK, err_string); return 0; @@ -6827,30 +6822,30 @@ void multi_ho_get_options() // get the # of observers memset(resp_str,0,10); - sprintf(resp_str,"%d",Netgame.options.max_observers); + SDL_snprintf(resp_str,sizeof(resp_str),"%d",Netgame.options.max_observers); Multi_ho_obs.set_text(resp_str); // set the respawn count if(Netgame.campaign_mode == MP_SINGLE){ memset(resp_str,0,10); - sprintf(resp_str,"%d",Netgame.respawn); + SDL_snprintf(resp_str,sizeof(resp_str),"%d",Netgame.respawn); Multi_ho_respawns.set_text(resp_str); } // set the mission time limit memset(resp_str,0,10); float tl = f2fl(Netgame.options.mission_time_limit); - sprintf(resp_str,"%d",(int)(tl / 60.0f)); + SDL_snprintf(resp_str,sizeof(resp_str),"%d",(int)(tl / 60.0f)); Multi_ho_time_limit.set_text(resp_str); // set the furball kill limit memset(resp_str,0,10); - sprintf(resp_str,"%d",Netgame.options.kill_limit); + SDL_snprintf(resp_str,sizeof(resp_str),"%d",Netgame.options.kill_limit); Multi_ho_kill_limit.set_text(resp_str); // set the token wait time memset(resp_str,0,10); - sprintf(resp_str,"%d",Netgame.options.voice_token_wait / 1000); + SDL_snprintf(resp_str,sizeof(resp_str),"%d",Netgame.options.voice_token_wait / 1000); Multi_ho_voice_wait.set_text(resp_str); // get whether we're in host/captains only modify mode @@ -6886,7 +6881,7 @@ void multi_ho_display_record_time() half_seconds = ((((Multi_ho_sliders[gr_screen.res][MULTI_HO_SLIDER_VOICE_DUR].slider.pos + 1) * 500) % 1000) / 500) * 5; // format the string - sprintf(time_str,"%d.%d",full_seconds,half_seconds); + SDL_snprintf(time_str,sizeof(time_str),"%d.%d",full_seconds,half_seconds); gr_set_color_fast(&Color_bright); gr_string(Ho_vd_coords[gr_screen.res][MULTI_HO_X_COORD],Ho_vd_coords[gr_screen.res][MULTI_HO_Y_COORD],time_str); } @@ -6903,7 +6898,7 @@ int multi_ho_check_values() // if the value is invalid, let the user know if(atoi(val_txt) > Multi_ho_mission_respawn){ memset(val_txt,0,255); - sprintf(val_txt,XSTR("Warning\nRespawn count in greater than mission specified max (%d)",796),Multi_ho_mission_respawn); + SDL_snprintf(val_txt,sizeof(val_txt),XSTR("Warning\nRespawn count in greater than mission specified max (%d)",796),Multi_ho_mission_respawn); popup(PF_USE_AFFIRMATIVE_ICON | PF_TITLE_RED | PF_TITLE_BIG,1,POPUP_OK,val_txt); return 0; } @@ -6914,7 +6909,7 @@ int multi_ho_check_values() // if the value is invalid, force it to be valid if(atoi(val_txt) > MULTI_HO_MAX_TIME_LIMIT){ memset(val_txt,0,255); - sprintf(val_txt,XSTR("Warning\nMission time limit is greater than max allowed (%d)",797),MULTI_HO_MAX_TIME_LIMIT); + SDL_snprintf(val_txt,sizeof(val_txt),XSTR("Warning\nMission time limit is greater than max allowed (%d)",797),MULTI_HO_MAX_TIME_LIMIT); popup(PF_USE_AFFIRMATIVE_ICON | PF_TITLE_RED | PF_TITLE_BIG,1,POPUP_OK,val_txt); return 0; } @@ -6924,7 +6919,7 @@ int multi_ho_check_values() // if the value is invalid, force it to be valid if(atoi(val_txt) > MULTI_HO_MAX_OBS){ memset(val_txt,0,255); - sprintf(val_txt,XSTR("Warning\nObserver count is greater than max allowed (%d)",798),MULTI_HO_MAX_OBS); + SDL_snprintf(val_txt,sizeof(val_txt),XSTR("Warning\nObserver count is greater than max allowed (%d)",798),MULTI_HO_MAX_OBS); popup(PF_USE_AFFIRMATIVE_ICON | PF_TITLE_RED | PF_TITLE_BIG,1,POPUP_OK,val_txt); return 0; } @@ -6934,7 +6929,7 @@ int multi_ho_check_values() // if the value is invalid, force it to be valid if(atoi(val_txt) > MULTI_HO_MAX_KILL_LIMIT){ memset(val_txt,0,255); - sprintf(val_txt,XSTR("Warning\nMission kill limit is greater than max allowed (%d)",799),MULTI_HO_MAX_KILL_LIMIT); + SDL_snprintf(val_txt,sizeof(val_txt),XSTR("Warning\nMission kill limit is greater than max allowed (%d)",799),MULTI_HO_MAX_KILL_LIMIT); popup(PF_USE_AFFIRMATIVE_ICON | PF_TITLE_RED | PF_TITLE_BIG,1,POPUP_OK,val_txt); return 0; } @@ -6943,7 +6938,7 @@ int multi_ho_check_values() Multi_ho_voice_wait.get_text(val_txt); if(atoi(val_txt) > MULTI_HO_MAX_TOKEN_WAIT){ memset(val_txt,0,255); - sprintf(val_txt,XSTR("Warning\nvoice wait time is greater than max allowed (%d)",800),MULTI_HO_MAX_TOKEN_WAIT); + SDL_snprintf(val_txt,sizeof(val_txt),XSTR("Warning\nvoice wait time is greater than max allowed (%d)",800),MULTI_HO_MAX_TOKEN_WAIT); popup(PF_USE_AFFIRMATIVE_ICON | PF_TITLE_RED | PF_TITLE_BIG,1,POPUP_OK,val_txt); return 0; } @@ -7001,7 +6996,7 @@ void multi_ho_blit_max_respawns() } // otherwise blit the max as specified by the current mission file - sprintf(string,"(%d)",Multi_ho_mission_respawn); + SDL_snprintf(string,sizeof(string),"(%d)",Multi_ho_mission_respawn); gr_set_color_fast(&Color_normal); gr_string(Ho_max_rsp_coords[gr_screen.res][MULTI_HO_X_COORD], Ho_max_rsp_coords[gr_screen.res][MULTI_HO_Y_COORD], string); } @@ -7339,11 +7334,11 @@ void multi_game_client_setup_do_frame() // blit the mission filename if possible if(Netgame.campaign_mode){ if(strlen(Netgame.campaign_name) > 0){ - strcpy(mission_text,Netgame.campaign_name); + SDL_strlcpy(mission_text, Netgame.campaign_name, sizeof(mission_text)); if(strlen(Netgame.title) > 0){ - strcat(mission_text,", "); - strcat(mission_text,Netgame.title); + SDL_strlcat(mission_text, ", ", sizeof(mission_text)); + SDL_strlcat(mission_text, Netgame.title, sizeof(mission_text)); } gr_set_color_fast(&Color_bright_white); @@ -7351,11 +7346,11 @@ void multi_game_client_setup_do_frame() } } else { if(strlen(Netgame.mission_name) > 0){ - strcpy(mission_text,Netgame.mission_name); + SDL_strlcpy(mission_text, Netgame.mission_name, sizeof(mission_text)); if(strlen(Netgame.title) > 0){ - strcat(mission_text,", "); - strcat(mission_text,Netgame.title); + SDL_strlcat(mission_text, ", ", sizeof(mission_text)); + SDL_strlcat(mission_text, Netgame.title, sizeof(mission_text)); } gr_set_color_fast(&Color_bright_white); @@ -7555,9 +7550,9 @@ void multi_jw_plist_blit_normal() } // make sure the string will fit, then display it - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); if(Net_players[idx].flags & NETINFO_FLAG_OBSERVER){ - strcat(str,"(0)"); + SDL_strlcat(str, "(0)", sizeof(str)); } gr_force_fit_string(str,CALLSIGN_LEN,Mjw_players_coords[gr_screen.res][MJW_W_COORD] - total_offset); gr_string(Mjw_players_coords[gr_screen.res][MJW_X_COORD] + total_offset,y_start,str); @@ -7629,7 +7624,7 @@ void multi_jw_plist_blit_team() } // make sure the string will fit - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); gr_force_fit_string(str,CALLSIGN_LEN,Mjw_players_coords[gr_screen.res][MJW_W_COORD] - total_offset); // display him in the correct half of the list depending on his team @@ -7686,9 +7681,9 @@ void multi_jw_plist_blit_team() } // make sure the string will fit - strcpy(str,Net_players[idx].player->callsign); + SDL_strlcpy(str, Net_players[idx].player->callsign, sizeof(str)); if(Net_players[idx].flags & NETINFO_FLAG_OBSERVER){ - strcat(str,"(0)"); + SDL_strlcat(str, "(0)", sizeof(str)); } gr_force_fit_string(str,CALLSIGN_LEN,Mjw_players_coords[gr_screen.res][MJW_W_COORD] - total_offset); @@ -8312,14 +8307,14 @@ void multi_sync_blit_screen_all() // if we've got a valid xfer handle if((pct_complete >= 0.0) && (pct_complete <= 1.0)){ - sprintf(txt,XSTR("Mission file xfer %d%%",828),(int)(pct_complete * 100.0f)); + SDL_snprintf(txt,sizeof(txt),XSTR("Mission file xfer %d%%",828),(int)(pct_complete * 100.0f)); } // otherwise else { - strcpy(txt,XSTR("Mission file xfer",829)); + SDL_strlcpy(txt, XSTR("Mission file xfer", 829), sizeof(txt)); } } else { - strcpy(txt,XSTR("Mission file xfer",829)); + SDL_strlcpy(txt, XSTR("Mission file xfer", 829), sizeof(txt)); } } // clients should display only for themselves (which is the only thing they know) @@ -8330,16 +8325,16 @@ void multi_sync_blit_screen_all() // if we've got a valid xfer handle if((pct_complete >= 0.0) && (pct_complete <= 1.0)){ - sprintf(txt,XSTR("Mission file xfer %d%%",828),(int)(pct_complete * 100.0f)); + SDL_snprintf(txt,sizeof(txt),XSTR("Mission file xfer %d%%",828),(int)(pct_complete * 100.0f)); } // otherwise else { - strcpy(txt,XSTR("Mission file xfer",829)); + SDL_strlcpy(txt, XSTR("Mission file xfer", 829), sizeof(txt)); } } // otherwise else { - strcpy(txt,XSTR("Mission file xfer",829)); + SDL_strlcpy(txt, XSTR("Mission file xfer", 829), sizeof(txt)); } } @@ -8917,7 +8912,7 @@ void multi_sync_display_name(const char *name, int index, int np_index) char fit[CALLSIGN_LEN]; // make sure the string actually fits - strcpy(fit,name); + SDL_strlcpy(fit, name, sizeof(fit)); // if we're in team vs. team mode if(Netgame.type_flags & NG_TYPE_TEAM){ @@ -8994,7 +8989,7 @@ void multi_sync_display_status(const char *status, int index) char fit[250]; // make sure the string actually fits - strcpy(fit, status); + SDL_strlcpy(fit, status, sizeof(fit)); gr_force_fit_string(fit, 250, Ms_status2_coords[gr_screen.res][MS_W_COORD] - 20); gr_set_color_fast(&Color_bright); gr_string(Ms_status2_coords[gr_screen.res][MS_X_COORD], Ms_status2_coords[gr_screen.res][MS_Y_COORD] + (index * 10), fit); @@ -9276,7 +9271,7 @@ void multi_maybe_set_mission_loop() if ( (Campaign.missions[cur].has_mission_loop && (Campaign.loop_mission != -1)) && !require_repeat_mission ) { char buffer[512]; - debrief_assemble_optional_mission_popup_text(buffer, Campaign.missions[cur].mission_loop_desc); + debrief_assemble_optional_mission_popup_text(buffer, sizeof(buffer), Campaign.missions[cur].mission_loop_desc); int choice = popup(0 , 2, POPUP_NO, POPUP_YES, buffer); if (choice == 1) { @@ -9749,7 +9744,7 @@ void multi_passwd_process_buttons() } // run the passwd popup -void multi_passwd_do(char *passwd) +void multi_passwd_do(char *passwd, const int max_passlen) { int k; @@ -9770,7 +9765,7 @@ void multi_passwd_do(char *passwd) // if the input box text has changed if(Multi_pwd_passwd.changed()){ - strcpy(passwd,""); + SDL_strlcpy(passwd, "", max_passlen); Multi_pwd_passwd.get_text(passwd); } @@ -9793,7 +9788,7 @@ void multi_passwd_do(char *passwd) } // bring up the password string popup, fill in passwd (return 1 if accept was pressed, 0 if cancel was pressed) -int multi_passwd_popup(char *passwd) +int multi_passwd_popup(char *passwd, const int max_plen) { // if the popup is already running for some reason, don't do anything if(Multi_passwd_running){ @@ -9804,7 +9799,7 @@ int multi_passwd_popup(char *passwd) multi_passwd_init(); // run the popup - multi_passwd_do(passwd); + multi_passwd_do(passwd, max_plen); // shut everything down multi_passwd_close(); diff --git a/src/network/multiutil.cpp b/src/network/multiutil.cpp index 78c0794..0489ee9 100644 --- a/src/network/multiutil.cpp +++ b/src/network/multiutil.cpp @@ -969,7 +969,7 @@ int multi_create_player( int net_player_num, player *pl, char* name, net_addr_t* Net_players[net_player_num].s_info.reliable_buffer_size = 0; // various ack handles - strcpy(pl->callsign, name); + SDL_strlcpy(pl->callsign, name, sizeof(pl->callsign)); pilot_set_short_callsign(pl, SHORT_CALLSIGN_PIXEL_W); // calculate the short callsign pl->flags |= PLAYER_FLAGS_STRUCTURE_IN_USE; pl->objnum = -1; @@ -1090,7 +1090,7 @@ void delete_player(int player_num,int kicked_reason) if(Net_players[player_num].flags & NETINFO_FLAG_KICKED){ char str[512]; memset(str, 0, 512); - multi_kick_get_text(&Net_players[player_num], Net_players[player_num].s_info.kick_reason, str); + multi_kick_get_text(&Net_players[player_num], Net_players[player_num].s_info.kick_reason, str, sizeof(str)); multi_display_chat_msg(str, player_num, 0); } else { send_leave_game_packet(Net_players[player_num].player_id, kicked_reason); @@ -1138,7 +1138,7 @@ void delete_player(int player_num,int kicked_reason) // display a message that this guy has left if(Net_players[player_num].player->callsign){ - sprintf(notify_string,XSTR("<%s has left>",901),Net_players[player_num].player->callsign); + SDL_snprintf(notify_string,sizeof(notify_string),XSTR("<%s has left>",901),Net_players[player_num].player->callsign); multi_display_chat_msg(notify_string,0,0); } @@ -1246,15 +1246,15 @@ void fill_net_addr(net_addr_t* addr, ubyte* address, ubyte* net_id, ushort port) // // -char* get_text_address( char * text, ubyte * address ) +char* get_text_address( char * text, const int max_textlen, ubyte * address ) { in_addr temp_addr; switch ( Multi_options_g.protocol ) { case NET_IPX: - strcpy( text, XSTR("[ipx address here]",903) ); // TODO: find equiv to inet_ntoa() for IPX - sprintf(text, "%x %x %x %x %x %x", address[0], + SDL_strlcpy( text, XSTR("[ipx address here]",903), max_textlen ); // TODO: find equiv to inet_ntoa() for IPX + SDL_snprintf(text, max_textlen, "%x %x %x %x %x %x", address[0], address[1], address[2], address[3], @@ -1265,7 +1265,7 @@ char* get_text_address( char * text, ubyte * address ) case NET_TCP: memcpy(&temp_addr.s_addr, address, 4); - strcpy( text, inet_ntoa(temp_addr) ); + SDL_strlcpy( text, inet_ntoa(temp_addr), max_textlen ); break; default: @@ -1501,7 +1501,7 @@ int multi_is_builtin_mission() // get the full filename memset(name,0,512); - strcpy(name,Game_current_mission_filename); + SDL_strlcpy(name, Game_current_mission_filename, sizeof(name)); cf_add_ext(name, FS_MISSION_FILE_EXT); // if this mission is builtin @@ -1805,7 +1805,7 @@ void multi_create_standalone_object() // make ship hidden from sensors so that this observer cannot target it. Observers really have two ships // one observer, and one "Player_ship". Observer needs to ignore the Player_ship. Player_ship->flags |= SF_HIDDEN_FROM_SENSORS; - strcpy(Player_ship->ship_name, XSTR("Standalone Ship",904)); + SDL_strlcpy(Player_ship->ship_name, XSTR("Standalone Ship",904), sizeof(Player_ship->ship_name)); Player_ai = &Ai_info[Ships[Objects[pobj_num].instance].ai_index]; } @@ -1874,9 +1874,9 @@ active_game *multi_update_active_games(active_game *ag) // copy in the game information memcpy(&gp->server_addr,&ag->server_addr,sizeof(net_addr_t)); - strcpy(gp->name,ag->name); - strcpy(gp->mission_name,ag->mission_name); - strcpy(gp->title,ag->title); + SDL_strlcpy(gp->name, ag->name, sizeof(gp->name)); + SDL_strlcpy(gp->mission_name, ag->mission_name, sizeof(gp->mission_name)); + SDL_strlcpy(gp->title, ag->title, sizeof(gp->title)); gp->num_players = ag->num_players; gp->flags = ag->flags; @@ -1892,11 +1892,11 @@ active_game *multi_update_active_games(active_game *ag) // otherwise update the netgame info we have for this guy else { memset(gp->name,0,MAX_GAMENAME_LEN+1); - strcpy(gp->name,ag->name); + SDL_strlcpy(gp->name, ag->name, sizeof(gp->name)); memset(gp->mission_name,0,NAME_LENGTH+1); - strcpy(gp->mission_name,ag->mission_name); + SDL_strlcpy(gp->mission_name, ag->mission_name, sizeof(gp->mission_name)); memset(gp->title,0,NAME_LENGTH+1); - strcpy(gp->title,ag->title); + SDL_strlcpy(gp->title, ag->title, sizeof(gp->title)); gp->num_players = ag->num_players; gp->flags = ag->flags; } @@ -1906,9 +1906,9 @@ active_game *multi_update_active_games(active_game *ag) // copy in the game information memcpy(&gp->server_addr,&ag->server_addr,sizeof(net_addr_t)); - strcpy(gp->name,ag->name); - strcpy(gp->mission_name,ag->mission_name); - strcpy(gp->title,ag->title); + SDL_strlcpy(gp->name, ag->name, sizeof(gp->name)); + SDL_strlcpy(gp->mission_name, ag->mission_name, sizeof(gp->mission_name)); + SDL_strlcpy(gp->title, ag->title, sizeof(gp->title)); gp->num_players = ag->num_players; gp->flags = ag->flags; @@ -2574,9 +2574,9 @@ void multi_process_valid_join_request(join_request *jr, net_addr_t *who_from, in // copy his pilot image filename if(strlen(jr->image_filename) > 0){ - strcpy(Net_players[net_player_num].player->image_filename, jr->image_filename); + SDL_strlcpy(Net_players[net_player_num].player->image_filename, jr->image_filename, MAX_FILENAME_LEN); } else { - strcpy(Net_players[net_player_num].player->image_filename, ""); + SDL_strlcpy(Net_players[net_player_num].player->image_filename, "", MAX_FILENAME_LEN); } // copy his pilot squad filename @@ -2600,9 +2600,9 @@ void multi_process_valid_join_request(join_request *jr, net_addr_t *who_from, in // store pxo info #ifndef MAKE_FS1 if(strlen(jr->pxo_squad_name) > 0){ - strcpy(Net_players[net_player_num].p_info.pxo_squad_name, jr->pxo_squad_name); + SDL_strlcpy(Net_players[net_player_num].p_info.pxo_squad_name, jr->pxo_squad_name, LOGIN_LEN); } else { - strcpy(Net_players[net_player_num].p_info.pxo_squad_name, ""); + SDL_strlcpy(Net_players[net_player_num].p_info.pxo_squad_name, "", LOGIN_LEN); } #endif @@ -2624,9 +2624,9 @@ void multi_process_valid_join_request(join_request *jr, net_addr_t *who_from, in // copy his pilot image filename if(strlen(jr->image_filename) > 0){ - strcpy(Net_players[net_player_num].player->image_filename, jr->image_filename); + SDL_strlcpy(Net_players[net_player_num].player->image_filename, jr->image_filename, MAX_FILENAME_LEN); } else { - strcpy(Net_players[net_player_num].player->image_filename, ""); + SDL_strlcpy(Net_players[net_player_num].player->image_filename, "", MAX_FILENAME_LEN); } // copy his pilot squad filename @@ -2650,9 +2650,9 @@ void multi_process_valid_join_request(join_request *jr, net_addr_t *who_from, in // store pxo info #ifndef MAKE_FS1 if(strlen(jr->pxo_squad_name) > 0){ - strcpy(Net_players[net_player_num].p_info.pxo_squad_name, jr->pxo_squad_name); + SDL_strlcpy(Net_players[net_player_num].p_info.pxo_squad_name, jr->pxo_squad_name, LOGIN_LEN); } else { - strcpy(Net_players[net_player_num].p_info.pxo_squad_name, ""); + SDL_strlcpy(Net_players[net_player_num].p_info.pxo_squad_name, "", LOGIN_LEN); } #endif @@ -3190,10 +3190,10 @@ void multi_update_valid_missions() if(tok == NULL){ continue; } - strcpy(temp, tok); + SDL_strlcpy(temp, tok, sizeof(temp)); drop_trailing_white_space(temp); drop_leading_white_space(temp); - strcpy(next_filename, temp); + SDL_strlcpy(next_filename, temp, sizeof(next_filename)); // read in the status string memset(status_string, 0, 50); @@ -3202,10 +3202,10 @@ void multi_update_valid_missions() if(tok == NULL){ continue; } - strcpy(temp, tok); + SDL_strlcpy(temp, tok, sizeof(temp)); drop_trailing_white_space(temp); drop_leading_white_space(temp); - strcpy(status_string, temp); + SDL_strlcpy(status_string, temp, sizeof(status_string)); // try and find the file file_index = multi_create_lookup_mission(next_filename); @@ -3353,7 +3353,7 @@ void multi_spew_pxo_checksums(int max_files, char *outfile) { char **file_names; char full_name[MAX_FILENAME_LEN+1]; - char wild_card[256]; + char wild_card[6]; int count, idx; uint checksum; FILE *out; @@ -3361,9 +3361,7 @@ void multi_spew_pxo_checksums(int max_files, char *outfile) // allocate filename space file_names = (char**)malloc(sizeof(char*) * max_files); if(file_names != NULL){ - memset(wild_card, 0, 256); - strcpy(wild_card, NOX("*")); - strcat(wild_card, FS_MISSION_FILE_EXT); + SDL_snprintf(wild_card, sizeof(wild_card), "*%s", FS_MISSION_FILE_EXT); count = cf_get_file_list(max_files, file_names, CF_TYPE_MISSIONS, wild_card); // open the outfile @@ -3375,7 +3373,7 @@ void multi_spew_pxo_checksums(int max_files, char *outfile) // do all the checksums for(idx=0; idxcallsign,"Player %d",idx); + SDL_snprintf(Net_players[idx].player->callsign, CALLSIGN_LEN, "Player %d", idx); Net_players[idx].flags |= NETINFO_FLAG_CONNECTED; } } diff --git a/src/network/psnet.cpp b/src/network/psnet.cpp index 45f191e..4aaae72 100644 --- a/src/network/psnet.cpp +++ b/src/network/psnet.cpp @@ -1273,11 +1273,11 @@ int psnet_same( net_addr * a1, net_addr * a2 ) // // -char* psnet_addr_to_string( char * text, net_addr * address ) +char* psnet_addr_to_string( char * text, const int max_textlen, net_addr * address ) { if ( Network_status != NETWORK_STATUS_RUNNING ) { - strcpy( text, XSTR("[no networking]",910) ); + SDL_strlcpy( text, XSTR("[no networking]",910), max_textlen ); return text; } @@ -1285,7 +1285,7 @@ char* psnet_addr_to_string( char * text, net_addr * address ) switch ( address->type ) { case NET_IPX: - sprintf(text, "%x %x %x %x: %x %x %x %x %x %x", address->net_id[0], + SDL_snprintf(text, max_textlen, "%x %x %x %x: %x %x %x %x %x %x", address->net_id[0], address->net_id[1], address->net_id[2], address->net_id[3], @@ -1299,7 +1299,7 @@ char* psnet_addr_to_string( char * text, net_addr * address ) case NET_TCP: memcpy(&temp_addr.s_addr, address->addr, 4); - strcpy( text, inet_ntoa(temp_addr) ); + SDL_strlcpy( text, inet_ntoa(temp_addr), max_textlen ); break; default: @@ -1317,20 +1317,20 @@ char* psnet_addr_to_string( char * text, net_addr * address ) // // -void psnet_string_to_addr( net_addr * address, char * text ) +void psnet_string_to_addr( net_addr * address, char * text, const int max_textlen ) { struct hostent *he; char str[255], *c, *port; in_addr addr; if ( Network_status != NETWORK_STATUS_RUNNING ) { - strcpy( text, XSTR("[no networking]",910) ); + SDL_strlcpy( text, XSTR("[no networking]",910), max_textlen ); return; } // copy the text string to local storage to look for ports SDL_assert( strlen(text) < 255 ); - strcpy(str, text); + SDL_strlcpy(str, text, sizeof(str)); c = strrchr(str, ':'); port = NULL; if ( c ) { @@ -2217,7 +2217,7 @@ int psnet_is_valid_numeric_ip(char *ip) int val1,val2,val3,val4; // get the first ip value - strcpy(copy,ip); + SDL_strlcpy(copy, ip, sizeof(copy)); token = strtok(copy,"."); if(token == NULL){ return 0; @@ -2287,7 +2287,7 @@ int psnet_is_valid_ip_string( char *ip_string, int allow_port ) // our addresses may have ports, so make local copy and remove port number SDL_assert( strlen(ip_string) < 255 ); - strcpy(str, ip_string); + SDL_strlcpy(str, ip_string, sizeof(str)); c = strrchr(str, ':'); if ( c ){ *c = '\0'; diff --git a/src/network/psnet2.cpp b/src/network/psnet2.cpp index bfa5e78..0a676c0 100644 --- a/src/network/psnet2.cpp +++ b/src/network/psnet2.cpp @@ -915,11 +915,11 @@ int psnet_get_network_status() } // convert a net_addr to a string -char* psnet_addr_to_string( char * text, net_addr_t * address ) +char* psnet_addr_to_string( char * text, const int max_textlen, net_addr_t * address ) { if ( Network_status != NETWORK_STATUS_RUNNING ) { - strcpy( text, XSTR("[no networking]",910) ); + SDL_strlcpy( text, XSTR("[no networking]",910), max_textlen ); return text; } @@ -927,7 +927,7 @@ char* psnet_addr_to_string( char * text, net_addr_t * address ) switch ( address->type ) { case NET_IPX: - sprintf(text, "%x %x %x %x: %x %x %x %x %x %x", address->net_id[0], + SDL_snprintf(text, max_textlen, "%x %x %x %x: %x %x %x %x %x %x", address->net_id[0], address->net_id[1], address->net_id[2], address->net_id[3], @@ -941,7 +941,7 @@ char* psnet_addr_to_string( char * text, net_addr_t * address ) case NET_TCP: memcpy(&temp_addr.s_addr, address->addr, 4); - strcpy( text, inet_ntoa(temp_addr) ); + SDL_strlcpy( text, inet_ntoa(temp_addr), max_textlen ); break; default: @@ -954,20 +954,20 @@ char* psnet_addr_to_string( char * text, net_addr_t * address ) } // convert a string to a net addr -void psnet_string_to_addr( net_addr_t * address, char * text ) +void psnet_string_to_addr( net_addr_t * address, char * text, const int max_textlen ) { struct hostent *he; char str[255], *c, *port; in_addr addr; if ( Network_status != NETWORK_STATUS_RUNNING ) { - strcpy( text, XSTR("[no networking]",910) ); + SDL_strlcpy( text, XSTR("[no networking]",910), max_textlen ); return; } // copy the text string to local storage to look for ports SDL_assert( strlen(text) < 255 ); - strcpy(str, text); + SDL_strlcpy(str, text, sizeof(str)); c = strrchr(str, ':'); port = NULL; if ( c ) { @@ -1181,7 +1181,7 @@ int psnet_is_valid_ip_string( char *ip_string, int allow_port ) // our addresses may have ports, so make local copy and remove port number SDL_assert( strlen(ip_string) < 255 ); - strcpy(str, ip_string); + SDL_strlcpy(str, ip_string, sizeof(str)); c = strrchr(str, ':'); if ( c ){ *c = '\0'; @@ -2374,7 +2374,7 @@ int psnet_is_valid_numeric_ip(char *ip) int val1,val2,val3,val4; // get the first ip value - strcpy(copy,ip); + SDL_strlcpy(copy, ip, sizeof(copy)); token = strtok(copy,"."); if(token == NULL){ return 0; diff --git a/src/object/objectsnd.cpp b/src/object/objectsnd.cpp index d245270..b2b40e3 100644 --- a/src/object/objectsnd.cpp +++ b/src/object/objectsnd.cpp @@ -348,17 +348,17 @@ DCF(objsnd, "Persistant sound stuff" ) continue; //strcpy(buf1,"OFF"); } else { - strcpy(buf1,"ON"); + SDL_strlcpy(buf1, "ON", sizeof(buf1)); } if ( Objects[osp->objnum].type == OBJ_SHIP ) { - strcpy(buf2, Ships[Objects[osp->objnum].instance].ship_name); + SDL_strlcpy(buf2, Ships[Objects[osp->objnum].instance].ship_name, sizeof(buf2)); } else if ( Objects[osp->objnum].type == OBJ_DEBRIS ) { - strcpy(buf2, "Debris"); + SDL_strlcpy(buf2, "Debris", sizeof(buf2)); } else { - strcpy(buf2, "Unknown"); + SDL_strlcpy(buf2, "Unknown", sizeof(buf2)); } vector source_pos; diff --git a/src/osapi/osapi.cpp b/src/osapi/osapi.cpp index 9537c66..7a31083 100644 --- a/src/osapi/osapi.cpp +++ b/src/osapi/osapi.cpp @@ -257,7 +257,7 @@ void os_set_title( const char *title ) memset(windowTitle, 0, sizeof(windowTitle)); - strncpy(windowTitle, title, sizeof(windowTitle)-1); + SDL_strlcpy(windowTitle, title, sizeof(windowTitle)); SDL_SetWindowTitle(GL_window, title); } diff --git a/src/osapi/osregistry.cpp b/src/osapi/osregistry.cpp index 28aced7..706f7d2 100644 --- a/src/osapi/osregistry.cpp +++ b/src/osapi/osregistry.cpp @@ -114,10 +114,10 @@ static char *trim_string(char *str) return NULL; /* kill any comment */ - ptr = strchr(str, ';'); + ptr = SDL_strchr(str, ';'); if (ptr) *ptr = 0; - ptr = strchr(str, '#'); + ptr = SDL_strchr(str, '#'); if (ptr) *ptr = 0; @@ -165,7 +165,7 @@ static Profile *profile_read(const char *file) if (*ptr == '[') { ptr++; - char *pend = strchr(ptr, ']'); + char *pend = SDL_strchr(ptr, ']'); if (pend != NULL) { // if (pend[1]) { /* trailing garbage! */ } @@ -189,7 +189,7 @@ static Profile *profile_read(const char *file) char *key = ptr; char *value = NULL; - ptr = strchr(ptr, '='); + ptr = SDL_strchr(ptr, '='); if (ptr != NULL) { *ptr = 0; ptr++; diff --git a/src/osapi/outwnd.cpp b/src/osapi/outwnd.cpp index 44d2a57..f782daf 100644 --- a/src/osapi/outwnd.cpp +++ b/src/osapi/outwnd.cpp @@ -217,17 +217,17 @@ void load_filter_info(void) Outwnd_no_filter_file = 1; outwnd_filter[outwnd_filter_count] = &real_outwnd_filter[outwnd_filter_count]; - strcpy( outwnd_filter[outwnd_filter_count]->name, "error" ); + SDL_strlcpy( outwnd_filter[outwnd_filter_count]->name, "error", FILTER_NAME_LENGTH ); outwnd_filter[outwnd_filter_count]->state = 1; outwnd_filter_count++; outwnd_filter[outwnd_filter_count] = &real_outwnd_filter[outwnd_filter_count]; - strcpy( outwnd_filter[outwnd_filter_count]->name, "general" ); + SDL_strlcpy( outwnd_filter[outwnd_filter_count]->name, "general", FILTER_NAME_LENGTH ); outwnd_filter[outwnd_filter_count]->state = 1; outwnd_filter_count++; outwnd_filter[outwnd_filter_count] = &real_outwnd_filter[outwnd_filter_count]; - strcpy( outwnd_filter[outwnd_filter_count]->name, "warning" ); + SDL_strlcpy( outwnd_filter[outwnd_filter_count]->name, "warning", FILTER_NAME_LENGTH ); outwnd_filter[outwnd_filter_count]->state = 1; outwnd_filter_count++; @@ -253,7 +253,7 @@ void load_filter_info(void) inbuf[z] = 0; SDL_assert(strlen(inbuf+1) < FILTER_NAME_LENGTH); - strcpy(outwnd_filter[outwnd_filter_count]->name, inbuf + 1); + SDL_strlcpy(outwnd_filter[outwnd_filter_count]->name, inbuf + 1, FILTER_NAME_LENGTH); if ( !SDL_strcasecmp( outwnd_filter[outwnd_filter_count]->name, "error" ) ) { outwnd_filter[outwnd_filter_count]->state = 1; @@ -307,7 +307,7 @@ void outwnd_printf2(const char *format, ...) va_list args; va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); outwnd_print("General", tmp); } @@ -318,7 +318,7 @@ void outwnd_printf(const char *id, const char *format, ...) va_list args; va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); outwnd_print(id, tmp); } @@ -369,7 +369,7 @@ void outwnd_print(const char *id, const char *tmp) SDL_assert(strlen(id) < FILTER_NAME_LENGTH); outwnd_filter[i] = &real_outwnd_filter[i]; // note: this assumes the list doesn't have gaps (from deleting an element for example) - strcpy(outwnd_filter[i]->name, id); + SDL_strlcpy(outwnd_filter[i]->name, id, FILTER_NAME_LENGTH); outwnd_filter[i]->state = 1; outwnd_filter_count = i + 1; save_filter_info(); diff --git a/src/palman/palman.cpp b/src/palman/palman.cpp index b5e873e..318348a 100644 --- a/src/palman/palman.cpp +++ b/src/palman/palman.cpp @@ -351,8 +351,8 @@ void palette_load_table( const char * filename ) int w, h; int pcx_error; - strcpy( palette_base_filename, filename ); - char * p = strchr(palette_base_filename,'.'); + SDL_strlcpy( palette_base_filename, filename, sizeof(palette_base_filename) ); + char * p = SDL_strchr(palette_base_filename,'.'); if ( p ) { *p = 0; } @@ -499,8 +499,8 @@ void palette_write_cached1( const char *name ) CFILE *fp; char new_name[128]; - strcpy( new_name, name ); - strcat( new_name, ".clr" ); + SDL_strlcpy( new_name, name, sizeof(new_name) ); + SDL_strlcat( new_name, ".clr", sizeof(new_name) ); // mprintf(( "Writing palette cache file '%s'\n", new_name )); @@ -544,8 +544,8 @@ int palette_read_cached( const char *name ) uint id, new_checksum; ubyte new_palette[768]; - strcpy( new_name, name ); - strcat( new_name, ".clr" ); + SDL_strlcpy( new_name, name, sizeof(new_name) ); + SDL_strlcat( new_name, ".clr", sizeof(new_name) ); // mprintf(( "Reading palette '%s'\n", name )); @@ -723,11 +723,11 @@ void palette_update(const char *name_with_extension, int restrict_font_to_128) // mprintf(( "<<<<<<<<< PALETTE UPDATE (%s) >>>>>>>>>>>\n", (name_with_extension?name_with_extension:"null") )); - strcpy( name, name_with_extension ); - char *p = strchr( name, '.' ); + SDL_strlcpy( name, name_with_extension, sizeof(name) ); + char *p = SDL_strchr( name, '.' ); if ( p ) *p = 0; - strcpy( palette_name, name ); + SDL_strlcpy( palette_name, name, sizeof(palette_name) ); tmp_checksum = palette_compute_checksum( gr_palette ); if ( tmp_checksum == gr_palette_checksum ) return; @@ -877,7 +877,7 @@ void palette_use_bm_palette(int n) ubyte tmp[768]; char name[128]; - bm_get_palette(n, tmp, name); // get the palette for this bitmap + bm_get_palette(n, tmp, name, sizeof(name)); // get the palette for this bitmap gr_set_palette(name, tmp); // load the new palette. } diff --git a/src/parse/parselo.cpp b/src/parse/parselo.cpp index 0590a47..699dae6 100644 --- a/src/parse/parselo.cpp +++ b/src/parse/parselo.cpp @@ -239,7 +239,7 @@ void diag_printf(const char *format, ...) va_list args; va_start(args, format); - vsprintf(buffer, format, args); + SDL_vsnprintf(buffer, sizeof(buffer), format, args); va_end(args); nprintf(("Parse", "%s", buffer)); @@ -321,19 +321,18 @@ void error_display(int error_level, const char *format, ...) va_list args; if (error_level == 0) { - strcpy(error_text, "Warning"); + SDL_strlcpy(error_text, "Warning", sizeof(error_text)); Warning_count++; } else { - strcpy(error_text, "Error"); + SDL_strlcpy(error_text, "Error", sizeof(error_text)); Error_count++; } nprintf((error_text, "%s(%i):%s: ", Current_filename, get_line_num(), error_text)); va_start(args, format); - vsprintf(buffer, format, args); + SDL_vsnprintf(buffer, sizeof(buffer), format, args); va_end(args); - SDL_assert(strlen(buffer) < 1024); nprintf((error_text, "%s", buffer)); Warning(LOCATION, "%s(%i):\n%s: %s", Current_filename, get_line_num(), error_text, buffer); @@ -349,11 +348,11 @@ void advance_to_eoln(const char *more_terminators) terminators[0] = EOLN; terminators[1] = (char)EOF_CHAR; if (more_terminators != NULL) - strcpy(&terminators[2], more_terminators); + SDL_strlcpy(&terminators[2], more_terminators, sizeof(terminators)); else terminators[2] = 0; - while (strchr(terminators, *Mp) == NULL) + while (SDL_strchr(terminators, *Mp) == NULL) Mp++; } @@ -671,11 +670,11 @@ void copy_to_eoln(char *outstr, const char *more_terminators, const char *instr, terminators[0] = EOLN; terminators[1] = (char)EOF_CHAR; if (more_terminators != NULL) - strcpy(&terminators[2], more_terminators); + SDL_strlcpy(&terminators[2], more_terminators, sizeof(terminators)); else terminators[2] = 0; - while (((ch = *instr++) != 0) && (strchr(terminators, ch) == NULL) && (count < max)) { + while (((ch = *instr++) != 0) && (SDL_strchr(terminators, ch) == NULL) && (count < max)) { *outstr++ = ch; count++; } @@ -726,8 +725,7 @@ void copy_text_until(char *outstr, const char *instr, const char *endstr, int ma } if (foundstr - instr + strlen(endstr) < (uint) max_chars) { - strncpy(outstr, instr, foundstr - instr); - outstr[foundstr - instr] = 0; + SDL_strlcpy(outstr, instr, foundstr - instr + 1); } else { nprintf(("Error", "Error. Too much text (%i chars, %i allowed) before %s\n", @@ -1156,7 +1154,7 @@ void read_file_text(const char *filename, int mode) if (!filename) longjmp(parse_abort, 10); - strcpy(Current_filename, filename); + SDL_strlcpy(Current_filename, filename, sizeof(Current_filename)); mf = cfopen(filename, "rb", CFILE_NORMAL, mode); if (mf == NULL) { nprintf(("Error", "Wokka! Error opening mission.txt!\n")); @@ -1673,8 +1671,8 @@ int match_and_stuff(int f_type, const char *strlist[], int max, const char *desc return string_lookup(token, strlist, max, description, 0); } -void find_and_stuff_or_add(const char *id, int *addr, int f_type, char *strlist[], int *total, - int max, const char *description) +void find_and_stuff_or_add(const char *id, int *addr, int f_type, char *strlist[], const int max_strlen, + int *total, int max, const char *description) { char token[128]; @@ -1687,7 +1685,7 @@ void find_and_stuff_or_add(const char *id, int *addr, int f_type, char *strlist[ if (*addr == -1) // not in list, so lets try and add it. { SDL_assert(*total < max); - strcpy(strlist[*total], token); + SDL_strlcpy(strlist[*total], token, max_strlen); *addr = (*total)++; } } diff --git a/src/parse/sexp.cpp b/src/parse/sexp.cpp index 8b60b28..52332a6 100644 --- a/src/parse/sexp.cpp +++ b/src/parse/sexp.cpp @@ -649,6 +649,7 @@ int Training_context_at_waypoint; float Training_context_distance; char Sexp_error_text[MAX_SEXP_TEXT]; char *Sexp_string; //[1024] = {0}; +int Sexp_string_len; sexp_node Sexp_nodes[MAX_SEXP_NODES]; sexp_variable Sexp_variables[MAX_SEXP_VARIABLES]; @@ -708,7 +709,7 @@ int alloc_sexp(const char *text, int type, int subtype, int first, int rest) } SDL_assert(strlen(text) < TOKEN_LENGTH); - strcpy(Sexp_nodes[i].text, text); + SDL_strlcpy(Sexp_nodes[i].text, text, TOKEN_LENGTH); SDL_assert(type >= 0); Sexp_nodes[i].type = type; Sexp_nodes[i].subtype = subtype; @@ -1870,8 +1871,7 @@ int get_string(char *str) int len; len = strcspn(Mp + 1, "\""); - strncpy(str, Mp + 1, len); - str[len] = 0; + SDL_strlcpy(str, Mp + 1, len+1); Mp += len + 2; return len; @@ -1889,14 +1889,13 @@ void get_sexp_text_for_variable(char *text, char *token) // get variable name (up to '[' end_index = strcspn(token, "["); SDL_assert( (end_index != 0) && (end_index < TOKEN_LENGTH-1) ); - strncpy(text, token, end_index); - text[end_index] = '\0'; + SDL_strlcpy(text, token, end_index+1); if ( !Fred_running ) { // freespace - get index into Sexp_variables array sexp_var_index = get_index_sexp_variable_name(text); SDL_assert(sexp_var_index != -1); - sprintf(text, "%d", sexp_var_index); + SDL_snprintf(text, TOKEN_LENGTH, "%d", sexp_var_index); } } @@ -1930,24 +1929,24 @@ int get_sexp(char *token) len = strcspn(Mp + 1, "\""); SDL_assert(Mp[len + 1] == '\"'); // hit EOF first (unterminated string) - SDL_assert(len < TOKEN_LENGTH); // token is too long. + SDL_assert_release(len < TOKEN_LENGTH); // token is too long. // check if string variable if ( *(Mp + 1) == SEXP_VARIABLE_CHAR ) { // reduce length by 1 for end \" int length = len - 1; - SDL_assert(length < 2*TOKEN_LENGTH+2); + SDL_assert_release(length >= 1); + // SDL_assert(length < 2*TOKEN_LENGTH+2); // start copying after skipping 1st char - strncpy(token, Mp + 2, length); - token[length] = 0; + SDL_strlcpy(token, Mp + 2, length+1); get_sexp_text_for_variable(variable_text, token); node = alloc_sexp(variable_text, (SEXP_ATOM | SEXP_FLAG_VARIABLE), SEXP_ATOM_STRING, -1, -1); } else { - strncpy(token, Mp + 1, len); - token[len] = 0; + SDL_strlcpy(token, Mp + 1, len+1); + node = alloc_sexp(token, SEXP_ATOM, SEXP_ATOM_STRING, -1, -1); } @@ -2074,7 +2073,7 @@ int stuff_sexp_variable_list() } // -void build_sexp_text_string(char *buffer, int node, int mode) +void build_sexp_text_string(char *buffer, const int max_bufsize, int node, int mode) { if (Sexp_nodes[node].type & SEXP_FLAG_VARIABLE) { @@ -2089,14 +2088,14 @@ void build_sexp_text_string(char *buffer, int node, int mode) // Error check - can be Fred or Freespace if (mode == SEXP_ERROR_CHECK_MODE) { if ( Fred_running ) { - sprintf(buffer, "%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); } else { - sprintf(buffer, "%s[%s] ", Sexp_variables[sexp_variables_index].variable_name, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "%s[%s] ", Sexp_variables[sexp_variables_index].variable_name, Sexp_variables[sexp_variables_index].text); } } else { // Save as string - only Fred SDL_assert(mode == SEXP_SAVE_MODE); - sprintf(buffer, "@%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "@%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); } } else { // string @@ -2106,22 +2105,22 @@ void build_sexp_text_string(char *buffer, int node, int mode) // Error check - can be Fred or Freespace if (mode == SEXP_ERROR_CHECK_MODE) { if ( Fred_running ) { - sprintf(buffer, "%s[%s] ", Sexp_variables[sexp_variables_index].variable_name, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "%s[%s] ", Sexp_variables[sexp_variables_index].variable_name, Sexp_variables[sexp_variables_index].text); } else { - sprintf(buffer, "%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "%s[%s] ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); } } else { // Save as string - only Fred SDL_assert(mode == SEXP_SAVE_MODE); - sprintf(buffer, "\"@%s[%s]\" ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); + SDL_snprintf(buffer, max_bufsize, "\"@%s[%s]\" ", Sexp_nodes[node].text, Sexp_variables[sexp_variables_index].text); } } } else { // not a variable if (Sexp_nodes[node].subtype == SEXP_ATOM_STRING) { - sprintf(buffer, "\"%s\" ", CTEXT(node)); + SDL_snprintf(buffer, max_bufsize, "\"%s\" ", CTEXT(node)); } else { - sprintf(buffer, "%s ", CTEXT(node)); + SDL_snprintf(buffer, max_bufsize, "%s ", CTEXT(node)); } } @@ -2135,14 +2134,14 @@ int build_sexp_string(int cur_node, int level, int mode) Sexp_build_flag = 0; offset = strlen(Sexp_string); - strcat(Sexp_string, "( "); + SDL_strlcat(Sexp_string, "( ", Sexp_string_len); node = cur_node; while (node != -1) { SDL_assert(node >= 0 && node < MAX_SEXP_NODES); if (Sexp_nodes[node].first == -1) { // build text to string - build_sexp_text_string(pstr, node, mode); - strcat(Sexp_string, pstr); + build_sexp_text_string(pstr, sizeof(pstr), node, mode); + SDL_strlcat(Sexp_string, pstr, Sexp_string_len); } else { build_sexp_string(Sexp_nodes[node].first, level + 1, mode); @@ -2151,7 +2150,7 @@ int build_sexp_string(int cur_node, int level, int mode) node = Sexp_nodes[node].rest; } - strcat(Sexp_string, ") "); + SDL_strlcat(Sexp_string, ") ", Sexp_string_len); len = strlen(Sexp_string) - offset; if (len > 40) { Sexp_string[offset] = 0; @@ -2167,41 +2166,42 @@ void build_extended_sexp_string(int cur_node, int level, int mode) char pstr[128]; int i, flag = 0, node; - strcat(Sexp_string, "( "); + SDL_strlcat(Sexp_string, "( ", Sexp_string_len); node = cur_node; while (node != -1) { if (flag) // not the first line? for (i=0; i= 0 && node < MAX_SEXP_NODES); if (Sexp_nodes[node].first == -1) { - build_sexp_text_string(pstr,node, mode); - strcat(Sexp_string, pstr); + build_sexp_text_string(pstr, sizeof(pstr),node, mode); + SDL_strlcat(Sexp_string, pstr, Sexp_string_len); } else { build_sexp_string(Sexp_nodes[node].first, level + 1, mode); } - strcat(Sexp_string, "\n"); + SDL_strlcat(Sexp_string, "\n", Sexp_string_len); node = Sexp_nodes[node].rest; } for (i=0; i= 0) build_sexp_string(cur_node, 0, mode); else - strcpy(Sexp_string, "( )"); + SDL_strlcpy(Sexp_string, "( )", Sexp_string_len); } // determine if the named ship or wing hasn't arrived yet (wing or ship must be on arrival list) @@ -2379,7 +2379,7 @@ int rand_sexp(int n, int multiple=0) if (!multiple) { // set .value and .text so random number is generated only once. Sexp_nodes[n].value = SEXP_NUM_EVAL; - sprintf(Sexp_nodes[n].text, "%d", rand_num); + SDL_snprintf(Sexp_nodes[n].text, TOKEN_LENGTH, "%d", rand_num); } } } @@ -4217,7 +4217,7 @@ int waypoint_lookup(char *name) while (ptr != END_OF_LIST(&obj_used_list)) { if (ptr->type == OBJ_WAYPOINT) { i = ptr->instance; - sprintf(buf, "%s:%d", Waypoint_lists[i / 65536].name, (i & 0xffff) + 1); + SDL_snprintf(buf, sizeof(buf), "%s:%d", Waypoint_lists[i / 65536].name, (i & 0xffff) + 1); if ( !SDL_strcasecmp(buf, name) ) return OBJ_INDEX(ptr); } @@ -4975,7 +4975,7 @@ void sexp_transfer_cargo( int n ) return; } } - strcpy(Cargo_names[i], "Nothing"); + SDL_strlcpy(Cargo_names[i], "Nothing", NAME_LENGTH); Num_cargo++; } } @@ -8940,7 +8940,7 @@ void update_block_names(const char *old_name, const char *new_name) for (i=0; i= 0) { - strcpy(Sexp_variables[index].text, text); - strcpy(Sexp_variables[index].variable_name, var_name); + SDL_strlcpy(Sexp_variables[index].text, text, TOKEN_LENGTH); + SDL_strlcpy(Sexp_variables[index].variable_name, var_name, TOKEN_LENGTH); Sexp_variables[index].type &= ~SEXP_VARIABLE_NOT_USED; Sexp_variables[index].type = (type | SEXP_VARIABLE_SET); } @@ -9456,7 +9456,7 @@ void sexp_modify_variable(char *text, int index) SDL_assert(Sexp_variables[index].type & SEXP_VARIABLE_SET); SDL_assert( !MULTIPLAYER_CLIENT ); - strcpy(Sexp_variables[index].text, text); + SDL_strlcpy(Sexp_variables[index].text, text, TOKEN_LENGTH); Sexp_variables[index].type |= SEXP_VARIABLE_MODIFIED; // do multi_callback_here @@ -9487,7 +9487,7 @@ void sexp_modify_variable(int n) // get new numerical value new_number = eval_sexp(Sexp_nodes[n].rest); - sprintf(number_as_str, "%d", new_number); + SDL_snprintf(number_as_str, sizeof(number_as_str), "%d", new_number); sexp_modify_variable(number_as_str, sexp_variable_index); } else { // get new string @@ -9508,8 +9508,8 @@ void sexp_fred_modify_variable(const char *text, const char *var_name, int index SDL_assert(Sexp_variables[index].type & SEXP_VARIABLE_SET); SDL_assert( (type & SEXP_VARIABLE_NUMBER) || (type & SEXP_VARIABLE_STRING) ); - strcpy(Sexp_variables[index].text, text); - strcpy(Sexp_variables[index].variable_name, var_name); + SDL_strlcpy(Sexp_variables[index].text, text, TOKEN_LENGTH); + SDL_strlcpy(Sexp_variables[index].variable_name, var_name, TOKEN_LENGTH); Sexp_variables[index].type = (SEXP_VARIABLE_SET | SEXP_VARIABLE_MODIFIED | type); } @@ -9623,7 +9623,7 @@ int sexp_variable_allocate_block(const char* block_name, int block_type) for (int idx=start; idxcallsign, NOX("Standalone")); - strcpy(Player->short_callsign, NOX("Standalone")); + SDL_strlcpy(Player->callsign, NOX("Standalone"), sizeof(Player->callsign)); + SDL_strlcpy(Player->short_callsign, NOX("Standalone"), sizeof(Player->short_callsign)); return 0; } @@ -728,7 +728,7 @@ int read_pilot_file(const char *callsign, int single, player *p) cfread_string_len( Recent_missions[i], MAX_FILENAME_LEN, file); // Remove the extension - p = strchr(Recent_missions[i], '.'); + p = SDL_strchr(Recent_missions[i], '.'); if (p) *p = 0; } @@ -787,7 +787,7 @@ int read_pilot_file(const char *callsign, int single, player *p) return errno; // restore the callsign into the Player structure - strcpy(p->callsign, callsign); + SDL_strlcpy(p->callsign, callsign, sizeof(p->callsign)); // restore the truncated callsign into Player structure pilot_set_short_callsign(p, SHORT_CALLSIGN_PIXEL_W); @@ -797,11 +797,11 @@ int read_pilot_file(const char *callsign, int single, player *p) // we'll distinguish them by putting an M and the end of the multiplayer callsign and a P at the end of a single player char cat[35]; - strcpy(cat, p->callsign); + SDL_strlcpy(cat, p->callsign, sizeof(cat)); if (is_multi) - strcat(cat, NOX("M")); + SDL_strlcat(cat, NOX("M"), sizeof(cat)); else - strcat(cat, NOX("S")); + SDL_strlcat(cat, NOX("S"), sizeof(cat)); os_config_write_string( NULL, "LastPlayer", cat ); /* @@ -930,8 +930,8 @@ int write_pilot_file_core(player *p) return 0; // This means there is no player, probably meaning he was deleted and game exited from same screen. SDL_assert((i > 0) && (i <= MAX_FILENAME_LEN - 4)); // ensure we won't overrun the buffer - strcpy( filename, p->callsign); - strcat( filename, NOX(".plr") ); + SDL_strlcpy( filename, p->callsign, sizeof(filename)); + SDL_strlcat( filename, NOX(".plr"), sizeof(filename) ); // determine if this pilot is a multiplayer pilot or not if (p->flags & PLAYER_FLAGS_IS_MULTI){ @@ -1304,8 +1304,8 @@ void init_new_pilot(player *p, int reset) } // unassigned squadron - strcpy(p->squad_name, XSTR("Unassigned", 1255)); - strcpy(p->squad_filename, ""); + SDL_strlcpy(p->squad_name, XSTR("Unassigned", 1255), sizeof(p->squad_name)); + SDL_strlcpy(p->squad_filename, "", sizeof(p->squad_filename)); // set him to be a single player pilot by default (the actual creation routines will change this if necessary) p->flags &= ~PLAYER_FLAGS_IS_MULTI; @@ -1344,7 +1344,7 @@ void init_new_pilot(player *p, int reset) void pilot_set_short_callsign(player *p, int max_width) { - strcpy(p->short_callsign, p->callsign); + SDL_strlcpy(p->short_callsign, p->callsign, sizeof(p->short_callsign)); gr_set_font(FONT1); gr_force_fit_string(p->short_callsign, CALLSIGN_LEN - 1, max_width); gr_get_string_size( &(p->short_callsign_width), NULL, p->short_callsign ); @@ -1355,12 +1355,12 @@ void pilot_set_random_pic(player *p) { // if there are no available pilot pics, set the image filename to null if (Num_pilot_images <= 0) { - strcpy(p->image_filename, ""); + SDL_strlcpy(p->image_filename, "", sizeof(p->image_filename)); } else { // pick a random name from the list int random_index = rand() % Num_pilot_images; SDL_assert((random_index >= 0) && (random_index < Num_pilot_images)); - strcpy(p->image_filename, Pilot_images_arr[random_index]); + SDL_strlcpy(p->image_filename, Pilot_images_arr[random_index], sizeof(p->image_filename)); } } @@ -1381,7 +1381,7 @@ void pilot_set_random_squad_pic(player *p) } // format a pilot's callsign into a "personal" form - ie, adding a 's or just an ' as appropriate -void pilot_format_callsign_personal(const char *in_callsign, char *out_callsign) +void pilot_format_callsign_personal(const char *in_callsign, char *out_callsign, const int out_size) { // don't do anything if we've got invalid strings if((in_callsign == NULL) || (out_callsign == NULL)){ @@ -1389,13 +1389,13 @@ void pilot_format_callsign_personal(const char *in_callsign, char *out_callsign) } // copy the original string - strcpy(out_callsign,in_callsign); + SDL_strlcpy(out_callsign, in_callsign, out_size); // tack on the appropriate postfix if(in_callsign[strlen(in_callsign) - 1] == 's'){ - strcat(out_callsign,XSTR( "\'", 45)); + SDL_strlcat(out_callsign,XSTR( "\'", 45), out_size); } else { - strcat(out_callsign,XSTR( "\'s", 46)); + SDL_strlcat(out_callsign,XSTR( "\'s", 46), out_size); } } @@ -1450,7 +1450,7 @@ void player_set_squad_bitmap(player *p, const char *fname) // try and set the new one if (fname != p->squad_filename) { - strncpy(p->squad_filename, fname, MAX_FILENAME_LEN); + SDL_strlcpy(p->squad_filename, fname, sizeof(p->squad_filename)); } if(strlen(p->squad_filename) > 0){ @@ -1483,7 +1483,7 @@ void player_set_squad(player *p, const char *squad_name) return; } - strncpy(p->squad_name, squad_name, NAME_LENGTH+1); + SDL_strlcpy(p->squad_name, squad_name, sizeof(p->squad_name)); } DCF(pilot,"Changes pilot stats. (Like reset campaign)" ) diff --git a/src/playerman/playercontrol.cpp b/src/playerman/playercontrol.cpp index bcec58e..d76f9ac 100644 --- a/src/playerman/playercontrol.cpp +++ b/src/playerman/playercontrol.cpp @@ -1588,14 +1588,14 @@ int player_process_pending_praise() return 1; } -int player_inspect_cap_subsys_cargo(float frametime, char *outstr); +int player_inspect_cap_subsys_cargo(float frametime, char *outstr, const int max_outstr); // See if the player should be inspecting cargo, and update progress. // input: frametime => time since last frame in seconds // input: outstr => (output parm) holds string that HUD should display // // exit: 1 => player should display outstr on HUD // 0 => don't display cargo on HUD -int player_inspect_cargo(float frametime, char *outstr) +int player_inspect_cargo(float frametime, char *outstr, const int max_outstr) { object *cargo_objp; ship *cargo_sp; @@ -1618,7 +1618,7 @@ int player_inspect_cargo(float frametime, char *outstr) // causes a FS1 mission not to finish since the subsytems and not // the ship are scanned if (cargo_sip->flags & SIF_HUGE_SHIP) { - return player_inspect_cap_subsys_cargo(frametime, outstr); + return player_inspect_cap_subsys_cargo(frametime, outstr, max_outstr); } #endif @@ -1653,9 +1653,9 @@ int player_inspect_cargo(float frametime, char *outstr) if ( cargo_sip->flags & (SIF_CARGO|SIF_TRANSPORT) ) { if ( cargo_name[0] == '#' ) - sprintf(outstr, XSTR( "passengers:\n %s", 83), cargo_name+1 ); + SDL_snprintf(outstr, max_outstr, XSTR( "passengers:\n %s", 83), cargo_name+1 ); else - sprintf(outstr,XSTR( "cargo: %s", 84), cargo_name ); + SDL_snprintf(outstr, max_outstr, XSTR( "cargo: %s", 84), cargo_name ); } else { int pn; @@ -1665,13 +1665,13 @@ int player_inspect_cargo(float frametime, char *outstr) pn = multi_find_player_by_object( cargo_objp ); // SDL_assert( pn != -1 ); if(pn == -1){ - strcpy(outstr, ""); + SDL_strlcpy(outstr, "", max_outstr); } else { - sprintf(outstr, "%s", Net_players[pn].player->short_callsign ); + SDL_snprintf(outstr, max_outstr, "%s", Net_players[pn].player->short_callsign); } } } else { - strcpy(outstr, XSTR( "Scanned", 85) ); + SDL_strlcpy(outstr, XSTR( "Scanned", 85), max_outstr); } // always bash cargo_inspect_time to 0 since AI ships can reveal cargo that we @@ -1689,9 +1689,9 @@ int player_inspect_cargo(float frametime, char *outstr) dot = vm_vec_dot(&vec_to_cargo, &Player_obj->orient.v.fvec); if ( dot < CARGO_MIN_DOT_TO_REVEAL ) { if ( !(cargo_sp->flags & SF_SCANNABLE) ) - strcpy(outstr,XSTR( "cargo: ", 86)); + SDL_strlcpy(outstr, XSTR( "cargo: ", 86), max_outstr); else - strcpy(outstr,XSTR( "not scanned", 87)); + SDL_strlcpy(outstr, XSTR( "not scanned", 87), max_outstr); hud_targetbox_end_flash(TBOX_FLASH_CARGO); Player->cargo_inspect_time = 0; return 1; @@ -1703,9 +1703,9 @@ int player_inspect_cargo(float frametime, char *outstr) } if ( !(cargo_sp->flags & SF_SCANNABLE) ) - strcpy(outstr,XSTR( "cargo: inspecting", 88)); + SDL_strlcpy(outstr, XSTR( "cargo: inspecting", 88), max_outstr); else - strcpy(outstr,XSTR( "scanning", 89)); + SDL_strlcpy(outstr, XSTR( "scanning", 89), max_outstr); if ( Player->cargo_inspect_time > cargo_sip->scan_time ) { ship_do_cargo_revealed( cargo_sp ); @@ -1714,9 +1714,9 @@ int player_inspect_cargo(float frametime, char *outstr) } } else { if ( !(cargo_sp->flags & SF_SCANNABLE) ) - strcpy(outstr,XSTR( "cargo: ", 86)); + SDL_strlcpy(outstr, XSTR( "cargo: ", 86), max_outstr); else - strcpy(outstr,XSTR( "not scanned", 87)); + SDL_strlcpy(outstr, XSTR( "not scanned", 87), max_outstr); } return 1; @@ -1724,7 +1724,7 @@ int player_inspect_cargo(float frametime, char *outstr) // exit: 1 => player should display outstr on HUD // 0 => don't display cargo on HUD -int player_inspect_cap_subsys_cargo(float frametime, char *outstr) +int player_inspect_cap_subsys_cargo(float frametime, char *outstr, const int max_outstr) { object *cargo_objp; ship *cargo_sp; @@ -1766,7 +1766,7 @@ int player_inspect_cap_subsys_cargo(float frametime, char *outstr) } SDL_assert ( cargo_name ); - sprintf(outstr,XSTR( "cargo: %s", 84), cargo_name ); + SDL_snprintf(outstr, max_outstr, XSTR( "cargo: %s", 84), cargo_name ); // always bash cargo_inspect_time to 0 since AI ships can reveal cargo that we // are in the process of scanning @@ -1792,7 +1792,7 @@ int player_inspect_cap_subsys_cargo(float frametime, char *outstr) subsys_in_view = hud_targetbox_subsystem_in_view(cargo_objp, &x, &y); if ( (dot < CARGO_MIN_DOT_TO_REVEAL) || (!subsys_in_view) ) { - strcpy(outstr,XSTR( "cargo: ", 86)); + SDL_strlcpy(outstr, XSTR( "cargo: ", 86), max_outstr); hud_targetbox_end_flash(TBOX_FLASH_CARGO); Player->cargo_inspect_time = 0; return 1; @@ -1803,7 +1803,7 @@ int player_inspect_cap_subsys_cargo(float frametime, char *outstr) Player->cargo_inspect_time += fl2i(frametime*1000+0.5f); } - strcpy(outstr,XSTR( "cargo: inspecting", 88)); + SDL_strlcpy(outstr, XSTR( "cargo: inspecting", 88), max_outstr); if ( Player->cargo_inspect_time > cargo_sip->scan_time ) { void ship_do_cap_subsys_cargo_revealed( ship *shipp, ship_subsys *subsys, int from_network ); @@ -1812,7 +1812,7 @@ int player_inspect_cap_subsys_cargo(float frametime, char *outstr) Player->cargo_inspect_time = 0; } } else { - strcpy(outstr,XSTR( "cargo: ", 86)); + SDL_strlcpy(outstr, XSTR( "cargo: ", 86), max_outstr); } return 1; @@ -1834,7 +1834,7 @@ float player_farthest_weapon_range() // input: weapon_info_index => weapon type that killed the player (can be -1 if no weapon involved) // killer_species => species of ship that fired weapon // weapon_name => output parameter... stores weapon name generated in this function -void player_generate_killer_weapon_name(int weapon_info_index, int killer_species, char *weapon_name) +void player_generate_killer_weapon_name(int weapon_info_index, int killer_species, char *weapon_name, const int max_len) { if ( weapon_info_index < 0 ) { return; @@ -1848,13 +1848,13 @@ void player_generate_killer_weapon_name(int weapon_info_index, int killer_specie switch ( killer_species ) { case SPECIES_TERRAN: - strcpy(weapon_name, Weapon_info[weapon_info_index].name); + SDL_strlcpy(weapon_name, Weapon_info[weapon_info_index].name, max_len); break; default: if ( Weapon_info[weapon_info_index].subtype == WP_MISSILE ) { - strcpy(weapon_name, XSTR( "missile", 90)); + SDL_strlcpy(weapon_name, XSTR( "missile", 90), max_len); } else { - strcpy(weapon_name, XSTR( "laser fire", 91)); + SDL_strlcpy(weapon_name, XSTR( "laser fire", 91), max_len); } break; } @@ -1862,20 +1862,20 @@ void player_generate_killer_weapon_name(int weapon_info_index, int killer_specie // function to generate the text for death of a player given the information stored in the player object. // a pointer to the text is returned -char *player_generate_death_text( player *player_p, char *death_text ) +char *player_generate_death_text( player *player_p, char *death_text, const int max_dtlen ) { char weapon_name[NAME_LENGTH]; weapon_name[0] = 0; - player_generate_killer_weapon_name(player_p->killer_weapon_index, player_p->killer_species, weapon_name); + player_generate_killer_weapon_name(player_p->killer_weapon_index, player_p->killer_species, weapon_name, sizeof(weapon_name)); switch ( player_p->killer_objtype ) { case OBJ_SHOCKWAVE: if ( weapon_name[0] ) { // sprintf(death_text, XSTR("%s was killed by a shockwave from a %s, fired by %s",-1), player_p->callsign, weapon_name, player_p->killer_parent_name); - sprintf(death_text, XSTR( "%s was killed by a missile shockwave", 92), player_p->callsign); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a missile shockwave", 92), player_p->callsign); } else { - sprintf(death_text, XSTR( "%s was killed by a shockwave from %s exploding", 93), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a shockwave from %s exploding", 93), player_p->callsign, player_p->killer_parent_name); } break; case OBJ_WEAPON: @@ -1885,43 +1885,43 @@ char *player_generate_death_text( player *player_p, char *death_text ) int ship_index; ship_index = ship_name_lookup(player_p->killer_parent_name, 1); if((ship_index >= 0) && (Player_ship != NULL) && (Player_ship->team == Ships[ship_index].team)){ - sprintf(death_text, XSTR( "%s was killed by friendly fire from %s", 1338), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by friendly fire from %s", 1338), player_p->callsign, player_p->killer_parent_name); } else { - sprintf(death_text, XSTR( "%s was killed by %s", 94), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by %s", 94), player_p->callsign, player_p->killer_parent_name); } break; case OBJ_SHIP: if ( player_p->flags & PLAYER_FLAGS_KILLED_BY_EXPLOSION ) { - sprintf(death_text, XSTR( "%s was killed by a blast from %s exploding", 95), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a blast from %s exploding", 95), player_p->callsign, player_p->killer_parent_name); } else if (player_p->flags & PLAYER_FLAGS_KILLED_BY_ENGINE_WASH) { - sprintf(death_text, XSTR( "%s was killed by engine wash from %s", 1494), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by engine wash from %s", 1494), player_p->callsign, player_p->killer_parent_name); } else { - sprintf(death_text, XSTR( "%s was killed by a collision with %s", 96), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a collision with %s", 96), player_p->callsign, player_p->killer_parent_name); } break; case OBJ_DEBRIS: - sprintf(death_text, XSTR( "%s was killed by a collision with debris", 97), player_p->callsign); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a collision with debris", 97), player_p->callsign); break; case OBJ_ASTEROID: - sprintf(death_text, XSTR( "%s was killed by a collision with an asteroid", 98), player_p->callsign); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a collision with an asteroid", 98), player_p->callsign); break; case OBJ_BEAM: if(strlen(player_p->killer_parent_name) <= 0){ Int3(); - sprintf(death_text, XSTR( "%s was killed by a beam from an unknown source", 1081), player_p->callsign); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed by a beam from an unknown source", 1081), player_p->callsign); } else { // is this from a friendly ship? int ship_index; ship_index = ship_name_lookup(player_p->killer_parent_name, 1); if((ship_index >= 0) && (Player_ship != NULL) && (Player_ship->team == Ships[ship_index].team)){ - sprintf(death_text, XSTR( "%s was destroyed by friendly beam fire from %s", 1339), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was destroyed by friendly beam fire from %s", 1339), player_p->callsign, player_p->killer_parent_name); } else { - sprintf(death_text, XSTR( "%s was destroyed by a beam from %s", 1082), player_p->callsign, player_p->killer_parent_name); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was destroyed by a beam from %s", 1082), player_p->callsign, player_p->killer_parent_name); } } break; default: - sprintf(death_text, XSTR( "%s was killed", 99), player_p->callsign); + SDL_snprintf(death_text, max_dtlen, XSTR( "%s was killed", 99), player_p->callsign); break; } @@ -1937,17 +1937,17 @@ void player_show_death_message() if ( Player->flags & PLAYER_KILLED_SELF ) { // reasons he killed himself if(Player->flags & PLAYER_FLAGS_KILLED_SELF_SHOCKWAVE){ - strcpy(death_text, XSTR( "You have killed yourself with a shockwave from your own weapon", 1421)); + SDL_strlcpy(death_text, XSTR( "You have killed yourself with a shockwave from your own weapon", 1421), sizeof(death_text)); } else if(Player->flags & PLAYER_FLAGS_KILLED_SELF_MISSILES){ - strcpy(death_text, XSTR( "You have killed yourself with your own missiles", 1422)); + SDL_strlcpy(death_text, XSTR( "You have killed yourself with your own missiles", 1422), sizeof(death_text)); } else { - strcpy(death_text, XSTR( "You have killed yourself", 100)); + SDL_strlcpy(death_text, XSTR( "You have killed yourself", 100), sizeof(death_text)); } Player->flags &= ~(PLAYER_FLAGS_KILLED_SELF_MISSILES | PLAYER_FLAGS_KILLED_SELF_SHOCKWAVE); } else { - player_generate_death_text( Player, death_text ); + player_generate_death_text( Player, death_text, sizeof(death_text) ); } HUD_fixed_printf(30.0f, death_text); @@ -2132,13 +2132,13 @@ void player_display_packlock_view() if ( !(Viewer_mode & (VM_CHASE|VM_EXTERNAL|VM_SLEWED)) ) { switch (padlock_view_index) { case 0: - strcpy(str, XSTR( "top view", 101)); break; + SDL_strlcpy(str, XSTR( "top view", 101), sizeof(str)); break; case 1: - strcpy(str, XSTR( "rear view", 102)); break; + SDL_strlcpy(str, XSTR( "rear view", 102), sizeof(str)); break; case 2: - strcpy(str, XSTR( "left view", 103)); break; + SDL_strlcpy(str, XSTR( "left view", 103), sizeof(str)); break; case 3: - strcpy(str, XSTR( "right view", 104)); break; + SDL_strlcpy(str, XSTR( "right view", 104), sizeof(str)); break; } HUD_fixed_printf(0.01f, str); diff --git a/src/pofview/pofviewstubs.cpp b/src/pofview/pofviewstubs.cpp index 81c9772..3651fdf 100644 --- a/src/pofview/pofviewstubs.cpp +++ b/src/pofview/pofviewstubs.cpp @@ -87,7 +87,7 @@ void game_load_palette(){} void game_format_time(int, char*){} int game_get_default_skill_level(){return 0;} float Freespace_gamma; -void get_version_string(char*){} +void get_version_string(char*, const int){} int Game_do_state_should_skip; vector Camera_pos; vector Dead_player_last_vel; diff --git a/src/popup/popup.cpp b/src/popup/popup.cpp index 5237433..2625aed 100644 --- a/src/popup/popup.cpp +++ b/src/popup/popup.cpp @@ -583,6 +583,7 @@ void popup_split_lines(popup_info *pi, int flags) int nlines, i, body_offset = 0; int n_chars[POPUP_MAX_LINES]; char *p_str[POPUP_MAX_LINES]; + int len; gr_set_font(FONT1); n_chars[0]=0; @@ -592,8 +593,8 @@ void popup_split_lines(popup_info *pi, int flags) if ( flags & (PF_TITLE | PF_TITLE_BIG) ) { // get first line out - strncpy(pi->title, p_str[0], n_chars[0]); - pi->title[n_chars[0]] = 0; + len = min(n_chars[0] + 1, POPUP_MAX_LINE_CHARS); + SDL_strlcpy(pi->title, p_str[0], len); body_offset = 1; } @@ -608,8 +609,8 @@ void popup_split_lines(popup_info *pi, int flags) for ( i = 0; i < pi->nlines; i++ ) { SDL_assert(n_chars[i+body_offset] < POPUP_MAX_LINE_CHARS); - strncpy(pi->msg_lines[i], p_str[i+body_offset], n_chars[i+body_offset]); - pi->msg_lines[i][n_chars[i+body_offset]] = 0; + len = min(n_chars[i+body_offset] + 1, POPUP_MAX_LINE_CHARS); + SDL_strlcpy(pi->msg_lines[i], p_str[i+body_offset], len); } gr_set_font(FONT1); @@ -1234,9 +1235,8 @@ int popup(int flags, int nchoices, ... ) // get msg text format = va_arg( args, char * ); Popup_info.raw_text[0] = 0; - vsprintf(Popup_info.raw_text, format, args); + SDL_vsnprintf(Popup_info.raw_text, sizeof(Popup_info.raw_text), format, args); va_end(args); - SDL_assert(strlen(Popup_info.raw_text) < POPUP_MAX_CHARS ); gamesnd_play_iface(SND_POPUP_APPEAR); // play sound when popup appears @@ -1288,9 +1288,8 @@ int popup_till_condition(int (*condition)(), ...) // get msg text format = va_arg( args, char * ); Popup_info.raw_text[0] = 0; - vsprintf(Popup_info.raw_text, format, args); + SDL_vsnprintf(Popup_info.raw_text, sizeof(Popup_info.raw_text), format, args); va_end(args); - Popup_info.raw_text[POPUP_MAX_CHARS-1] = '\0'; gamesnd_play_iface(SND_POPUP_APPEAR); // play sound when popup appears @@ -1324,7 +1323,7 @@ char *popup_input(int flags, const char *caption, int max_output_len) // get msg text SDL_assert(caption != NULL); - strcpy(Popup_info.raw_text, caption); + SDL_strlcpy(Popup_info.raw_text, caption, sizeof(Popup_info.raw_text)); SDL_assert(strlen(Popup_info.raw_text) < POPUP_MAX_CHARS ); // set input text length @@ -1368,7 +1367,7 @@ void popup_kill_any_active() void popup_change_text(const char *new_text) { // copy the raw text - strncpy(Popup_info.raw_text,new_text,POPUP_MAX_CHARS); + SDL_strlcpy(Popup_info.raw_text, new_text, sizeof(Popup_info.raw_text)); // recalculate all display information popup_split_lines(&Popup_info,Popup_flags); diff --git a/src/radar/radar.cpp b/src/radar/radar.cpp index 429824d..03379ac 100644 --- a/src/radar/radar.cpp +++ b/src/radar/radar.cpp @@ -786,7 +786,7 @@ void radar_draw_range() break; case RR_INFINITY: - sprintf(buf, NOX("%c"), Lcl_special_chars); + SDL_snprintf(buf, sizeof(buf), NOX("%c"), Lcl_special_chars); gr_printf(Radar_dist_coords[gr_screen.res][RR_INFINITY][0], Radar_dist_coords[gr_screen.res][RR_INFINITY][1], buf); break; diff --git a/src/ship/ai.cpp b/src/ship/ai.cpp index 90de62c..e27d30c 100644 --- a/src/ship/ai.cpp +++ b/src/ship/ai.cpp @@ -95,7 +95,7 @@ char *ai_get_goal_ship_name(const char *name, int *index) SDL_assert(Total_goal_ship_names < MAX_GOAL_SHIP_NAMES); SDL_assert(strlen(name) < NAME_LENGTH - 1); i = Total_goal_ship_names++; - strcpy(Goal_ship_names[i], name); + SDL_strlcpy(Goal_ship_names[i], name, NAME_LENGTH); *index = i; return Goal_ship_names[i]; } diff --git a/src/ship/aigoals.cpp b/src/ship/aigoals.cpp index 395ff73..ced8025 100644 --- a/src/ship/aigoals.cpp +++ b/src/ship/aigoals.cpp @@ -1633,7 +1633,7 @@ int ai_mission_goal_achievable( int objnum, ai_goal *aigp ) // debug code to save off the name of the dockpoints (if they exist). docker_name[0] = dockee_name[0] = '\0'; if ( aigp->flags & AIGF_DOCKER_NAME_VALID ) { - strcpy(docker_name, aigp->docker.name); + SDL_strlcpy(docker_name, aigp->docker.name, sizeof(docker_name)); modelnum = Ships[objp->instance].modelnum; index = model_find_dock_name_index(modelnum, aigp->docker.name); aigp->docker.index = index; @@ -1642,7 +1642,7 @@ int ai_mission_goal_achievable( int objnum, ai_goal *aigp ) if ( aigp->flags & AIGF_DOCKEE_NAME_VALID ) { shipnum = ship_name_lookup(aigp->ship_name); if ( shipnum != -1 ) { - strcpy(dockee_name, aigp->dockee.name); + SDL_strlcpy(dockee_name, aigp->dockee.name, sizeof(dockee_name)); modelnum = Ships[shipnum].modelnum; index = model_find_dock_name_index(modelnum, aigp->dockee.name); aigp->dockee.index = index; @@ -2343,6 +2343,6 @@ char *ai_add_dock_name(const char *str) SDL_assert(Num_ai_dock_names < MAX_AI_DOCK_NAMES); ptr = Ai_dock_names[Num_ai_dock_names++]; - strcpy(ptr, str); + SDL_strlcpy(ptr, str, NAME_LENGTH); return ptr; } diff --git a/src/ship/ship.cpp b/src/ship/ship.cpp index e4412b0..588eab6 100644 --- a/src/ship/ship.cpp +++ b/src/ship/ship.cpp @@ -1078,14 +1078,14 @@ int parse_ship() #endif #ifdef NDEBUG - if (strchr(sip->name, '#') && Fred_running) + if (SDL_strchr(sip->name, '#') && Fred_running) rtn = 1; #endif if ( sip->name[0] == '@' ) { char old_name[NAME_LENGTH]; - strcpy(old_name, sip->name); - strcpy(sip->name, old_name+1); + SDL_strlcpy(old_name, sip->name, sizeof(old_name)); + SDL_strlcpy(sip->name, old_name+1, sizeof(sip->name)); } diag_printf ("Ship name -- %s\n", sip->name); @@ -1162,7 +1162,7 @@ int parse_ship() stuff_string( sip->pof_file, F_NAME, NULL ); // optional hud targeting model - strcpy(sip->pof_file_hud, ""); + SDL_strlcpy(sip->pof_file_hud, "", sizeof(sip->pof_file_hud)); if(optional_string( "$POF target file:")){ stuff_string(sip->pof_file_hud, F_NAME, NULL); } @@ -1661,8 +1661,8 @@ int parse_ship() if ( index == -1 ) { char *p, name[NAME_LENGTH];; - strcpy( name, sip->name ); - p = strchr(name, '#'); + SDL_strlcpy( name, sip->name, sizeof(name) ); + p = SDL_strchr(name, '#'); if ( p ) *p = '\0'; Error(LOCATION, "Ship %s is a copy, but base ship %s couldn't be found.", sip->name, name); @@ -1848,7 +1848,7 @@ void ship_add_exited_ship( ship *sp, int reason ) Num_exited_ships++; } - strcpy( Ships_exited[entry].ship_name, sp->ship_name ); + SDL_strlcpy( Ships_exited[entry].ship_name, sp->ship_name, sizeof(Ships_exited[0].ship_name) ); Ships_exited[entry].obj_signature = Objects[sp->objnum].signature; Ships_exited[entry].team = sp->team; Ships_exited[entry].flags = reason; @@ -4457,8 +4457,7 @@ void ship_set_bay_path_nums(ship_info *sip, polymodel *pm) // iterate through the paths that exist in the polymodel, searching for $bayN pathnames for ( i = 0; i < pm->n_paths; i++ ) { if ( !SDL_strncasecmp(pm->paths[i].name, NOX("$bay"), 4) ) { - strncpy(bay_num_str, pm->paths[i].name+4, 2); - bay_num_str[2] = 0; + SDL_strlcpy(bay_num_str, pm->paths[i].name+4, sizeof(bay_num_str)); bay_num = atoi(bay_num_str); SDL_assert(bay_num >= 1 && bay_num <= MAX_SHIP_BAY_PATHS); pm->ship_bay->paths[bay_num-1] = i; @@ -4620,7 +4619,7 @@ int ship_create(matrix *orient, vector *pos, int ship_type) shipp->ai_index = ai_get_slot(n); SDL_assert( shipp->ai_index >= 0 ); - sprintf(shipp->ship_name, NOX("%s %d"), Ship_info[ship_type].name, n); + SDL_snprintf(shipp->ship_name, sizeof(shipp->ship_name), NOX("%s %d"), Ship_info[ship_type].name, n); ship_set_default_weapons(shipp, sip); // Moved up here because ship_set requires that weapon info be valid. MK, 4/28/98 ship_set(n, objnum, ship_type); @@ -5691,7 +5690,7 @@ int ship_fire_secondary( object *obj, int allow_swarm ) HUD_sourced_printf(HUD_SOURCE_HIDDEN, XSTR( "Too far from target to acquire lock", 487)); } else { char missile_name[NAME_LENGTH]; - strcpy(missile_name, wip->name); + SDL_strlcpy(missile_name, wip->name, sizeof(missile_name)); hud_end_string_at_first_hash_symbol(missile_name); HUD_sourced_printf(HUD_SOURCE_HIDDEN, XSTR( "Cannot fire %s without a lock", 488), missile_name); } @@ -5736,7 +5735,7 @@ int ship_fire_secondary( object *obj, int allow_swarm ) if ( obj == Player_obj ) if ( ship_maybe_play_secondary_fail_sound(wip) ) { char missile_name[NAME_LENGTH]; - strcpy(missile_name, Weapon_info[weapon].name); + SDL_strlcpy(missile_name, Weapon_info[weapon].name, sizeof(missile_name)); hud_end_string_at_first_hash_symbol(missile_name); HUD_sourced_printf(HUD_SOURCE_HIDDEN, XSTR( "Cannot fire %s due to weapons system damage", 489), missile_name); } @@ -6145,8 +6144,8 @@ int ship_info_base_lookup(int si_index) int i; char name[NAME_LENGTH], *p; - strcpy( name, Ship_info[si_index].name ); - p = strchr( name, '#' ); + SDL_strlcpy( name, Ship_info[si_index].name, sizeof(name) ); + p = SDL_strchr( name, '#' ); SDL_assert( p ); // get allender -- something bogus with ship copy *p = '\0'; @@ -8058,7 +8057,7 @@ int bitmask_2_bitnum(int num) // of what a ship's orders are. Feel free to use this function if // it suits your needs for something. // -char *ship_return_orders(char *outbuf, ship *sp) +char *ship_return_orders(char *outbuf, const int max_outbuf, ship *sp) { ai_info *aip; ai_goal *aigp; @@ -8077,17 +8076,17 @@ char *ship_return_orders(char *outbuf, ship *sp) if ( order_text == NULL ) return NULL; - strcpy(outbuf, order_text); + SDL_strlcpy(outbuf, order_text, max_outbuf); switch (aigp->ai_mode ) { case AI_GOAL_FORM_ON_WING: case AI_GOAL_GUARD_WING: case AI_GOAL_CHASE_WING: if ( aigp->ship_name ) { - strcat(outbuf, aigp->ship_name); - strcat(outbuf, XSTR( " Wing", 494)); + SDL_strlcat(outbuf, aigp->ship_name, max_outbuf); + SDL_strlcat(outbuf, XSTR( " Wing", 494), max_outbuf); } else { - strcpy(outbuf, XSTR( "no orders", 495)); + SDL_strlcpy(outbuf, XSTR( "no orders", 495), max_outbuf); } break; @@ -8100,19 +8099,19 @@ char *ship_return_orders(char *outbuf, ship *sp) case AI_GOAL_EVADE_SHIP: case AI_GOAL_REARM_REPAIR: if ( aigp->ship_name ) { - strcat(outbuf, aigp->ship_name); + SDL_strlcat(outbuf, aigp->ship_name, max_outbuf); } else { - strcpy(outbuf, XSTR( "no orders", 495)); + SDL_strlcpy(outbuf, XSTR( "no orders", 495), max_outbuf); } break; case AI_GOAL_DESTROY_SUBSYSTEM: { char name[NAME_LENGTH]; if ( aip->targeted_subsys != NULL ) { - sprintf(outbuf, XSTR( "atk %s %s", 496), aigp->ship_name, hud_targetbox_truncate_subsys_name(aip->targeted_subsys->system_info->name)); - strcat(outbuf, name); + SDL_snprintf(outbuf, max_outbuf, XSTR( "atk %s %s", 496), aigp->ship_name, hud_targetbox_truncate_subsys_name(aip->targeted_subsys->system_info->name, sizeof(aip->targeted_subsys->system_info->name))); + SDL_strlcat(outbuf, name, max_outbuf); } else { - strcpy(outbuf, XSTR( "no orders", 495) ); + SDL_strlcpy(outbuf, XSTR( "no orders", 495), max_outbuf); } break; } @@ -8139,7 +8138,7 @@ char *ship_return_orders(char *outbuf, ship *sp) // This function is called from HUD code to get a text description // of what a ship's orders are. Feel free to use this function if // it suits your needs for something. -char *ship_return_time_to_goal(char *outbuf, ship *sp) +char *ship_return_time_to_goal(char *outbuf, const int max_outbuf, ship *sp) { ai_info *aip; int time, seconds, minutes; @@ -8205,9 +8204,9 @@ char *ship_return_time_to_goal(char *outbuf, ship *sp) minutes = 99; seconds = 99; } - sprintf(outbuf, NOX("%02d:%02d"), minutes, seconds); + SDL_snprintf(outbuf, max_outbuf, NOX("%02d:%02d"), minutes, seconds); } else { - strcpy( outbuf, XSTR( "Unknown", 497) ); + SDL_strlcpy( outbuf, XSTR( "Unknown", 497), max_outbuf ); } return outbuf; diff --git a/src/ship/shiphit.cpp b/src/ship/shiphit.cpp index b3b2bd4..0c5f16e 100644 --- a/src/ship/shiphit.cpp +++ b/src/ship/shiphit.cpp @@ -1010,12 +1010,12 @@ void shiphit_record_player_killer(object *killer_objp, player *p) pnum = multi_find_player_by_object( &Objects[killer_objp->parent] ); if ( pnum != -1 ) { - strcpy(p->killer_parent_name, Net_players[pnum].player->callsign); + SDL_strlcpy(p->killer_parent_name, Net_players[pnum].player->callsign, sizeof(p->killer_parent_name)); } else { nprintf(("Network", "Couldn't find player object of weapon for killer of %s\n", p->callsign)); } } else { - strcpy(p->killer_parent_name, Ships[Objects[killer_objp->parent].instance].ship_name); + SDL_strlcpy(p->killer_parent_name, Ships[Objects[killer_objp->parent].instance].ship_name, sizeof(p->killer_parent_name)); } break; @@ -1033,12 +1033,12 @@ void shiphit_record_player_killer(object *killer_objp, player *p) pnum = multi_find_player_by_object( &Objects[killer_objp->parent] ); if ( pnum != -1 ) { - strcpy(p->killer_parent_name, Net_players[pnum].player->callsign); + SDL_strlcpy(p->killer_parent_name, Net_players[pnum].player->callsign, sizeof(p->killer_parent_name)); } else { nprintf(("Network", "Couldn't find player object of shockwave for killer of %s\n", p->callsign)); } } else { - strcpy(p->killer_parent_name, Ships[Objects[killer_objp->parent].instance].ship_name); + SDL_strlcpy(p->killer_parent_name, Ships[Objects[killer_objp->parent].instance].ship_name, sizeof(p->killer_parent_name)); } break; @@ -1061,12 +1061,12 @@ void shiphit_record_player_killer(object *killer_objp, player *p) pnum = multi_find_player_by_object( killer_objp ); if ( pnum != -1 ) { - strcpy(p->killer_parent_name, Net_players[pnum].player->callsign); + SDL_strlcpy(p->killer_parent_name, Net_players[pnum].player->callsign, sizeof(p->killer_parent_name)); } else { nprintf(("Network", "Couldn't find player object for killer of %s\n", p->callsign)); } } else { - strcpy(p->killer_parent_name, Ships[killer_objp->instance].ship_name); + SDL_strlcpy(p->killer_parent_name, Ships[killer_objp->instance].ship_name, sizeof(p->killer_parent_name)); } break; @@ -1089,11 +1089,11 @@ void shiphit_record_player_killer(object *killer_objp, player *p) p->killer_objtype = OBJ_BEAM; if(beam_obj != -1){ if((Objects[beam_obj].type == OBJ_SHIP) && (Objects[beam_obj].instance >= 0)){ - strcpy(p->killer_parent_name, Ships[Objects[beam_obj].instance].ship_name); + SDL_strlcpy(p->killer_parent_name, Ships[Objects[beam_obj].instance].ship_name, sizeof(p->killer_parent_name)); } p->killer_species = Ship_info[Ships[Objects[beam_obj].instance].ship_info_index].species; } else { - strcpy(p->killer_parent_name, ""); + SDL_strlcpy(p->killer_parent_name, "", sizeof(p->killer_parent_name)); } break; @@ -1806,9 +1806,9 @@ void ship_hit_kill(object *ship_obj, object *other_obj, float percent_killed, in // get first name np_index = multi_find_player_by_object(ship_obj); if((np_index >= 0) && (np_index < MAX_PLAYERS) && (Net_players[np_index].player != NULL)){ - strcpy(name1, Net_players[np_index].player->callsign); + SDL_strlcpy(name1, Net_players[np_index].player->callsign, sizeof(name1)); } else { - strcpy(name1, sp->ship_name); + SDL_strlcpy(name1, sp->ship_name, sizeof(name1)); } // argh @@ -1816,13 +1816,13 @@ void ship_hit_kill(object *ship_obj, object *other_obj, float percent_killed, in // second name if(killer_objp == NULL){ - strcpy(name2, killer_ship_name); + SDL_strlcpy(name2, killer_ship_name, sizeof(name2)); } else { np_index = multi_find_player_by_object(killer_objp); if((np_index >= 0) && (np_index < MAX_PLAYERS) && (Net_players[np_index].player != NULL)){ - strcpy(name2, Net_players[np_index].player->callsign); + SDL_strlcpy(name2, Net_players[np_index].player->callsign, sizeof(name2)); } else { - strcpy(name2, killer_ship_name); + SDL_strlcpy(name2, killer_ship_name, sizeof(name2)); } } } @@ -1889,7 +1889,7 @@ void ship_self_destruct( object *objp ) int np_index = multi_find_player_by_object(objp); if((np_index >= 0) && (np_index < MAX_PLAYERS) && MULTI_CONNECTED(Net_players[np_index]) && (Net_players[np_index].player != NULL)){ char msg[512] = ""; - sprintf(msg, "%s %s", Net_players[np_index].player->callsign, XSTR("Self destructed", 1476)); + SDL_snprintf(msg, sizeof(msg), "%s %s", Net_players[np_index].player->callsign, XSTR("Self destructed", 1476)); // send a message send_game_chat_packet(Net_player, msg, MULTI_MSG_ALL, NULL, NULL, 2); diff --git a/src/sound/sound.cpp b/src/sound/sound.cpp index a8844e7..c7741b5 100644 --- a/src/sound/sound.cpp +++ b/src/sound/sound.cpp @@ -443,7 +443,7 @@ void snd_spew_info() continue; } - sprintf(txt, "%s (%ds)\n", Sounds[idx].filename, Sounds[idx].info.duration); + SDL_snprintf(txt, sizeof(txt), "%s (%ds)\n", Sounds[idx].filename, Sounds[idx].info.duration); cfwrite_string(txt, out); } @@ -592,7 +592,7 @@ int snd_load(game_snd *gs) if ( rc == -1 ) return -1; - strncpy( snd->filename, gs->filename, MAX_FILENAME_LEN ); + SDL_strlcpy( snd->filename, gs->filename, sizeof(snd->filename) ); snd->flags = SND_F_USED; snd->sig = snd_next_sig++; diff --git a/src/starfield/starfield.cpp b/src/starfield/starfield.cpp index d04f545..880c73c 100644 --- a/src/starfield/starfield.cpp +++ b/src/starfield/starfield.cpp @@ -390,13 +390,13 @@ void stars_init() for(idx=0; idxfilename, filename); + SDL_strlcpy(bm->filename, filename, sizeof(bm->filename)); bm->xparent = 0; bm->bitmap = bm_load(bm->filename); SDL_assert(bm->bitmap != -1); @@ -424,7 +424,7 @@ void stars_init() stuff_string(filename, F_NAME, NULL); if(count < MAX_STARFIELD_BITMAPS){ bm = &Starfield_bitmaps[count++]; - strcpy(bm->filename, filename); + SDL_strlcpy(bm->filename, filename, sizeof(bm->filename)); bm->xparent = 1; bm->bitmap = bm_load(bm->filename); SDL_assert(bm->bitmap != -1); @@ -457,8 +457,8 @@ void stars_init() if(count < MAX_STARFIELD_BITMAPS){ bm = &Sun_bitmaps[count++]; - strcpy(bm->filename, filename); - strcpy(bm->glow_filename, glow_filename); + SDL_strlcpy(bm->filename, filename, sizeof(bm->filename)); + SDL_strlcpy(bm->glow_filename, glow_filename, sizeof(bm->glow_filename)); bm->xparent = 1; bm->bitmap = bm_load(bm->filename); bm->glow_bitmap = bm_load(bm->glow_filename); @@ -491,7 +491,7 @@ void stars_init() stuff_string(filename, F_NAME, NULL); if(count < MAX_DEBRIS_VCLIPS){ - strcpy(debris_vclips_normal[count++].name, filename); + SDL_strlcpy(debris_vclips_normal[count++].name, filename, sizeof(debris_vclips_normal[0].name)); } } SDL_assert(count == 4); @@ -503,7 +503,7 @@ void stars_init() stuff_string(filename, F_NAME, NULL); if(count < MAX_DEBRIS_VCLIPS){ - strcpy(debris_vclips_nebula[count++].name, filename); + SDL_strlcpy(debris_vclips_nebula[count++].name, filename, sizeof(debris_vclips_nebula[0].name)); } } @@ -517,21 +517,21 @@ void stars_init() for (idx=0; idxfilename, "Sun01"); - strcpy(bm->glow_filename, "Sunglow01"); + SDL_strlcpy(bm->filename, "Sun01", sizeof(bm->filename)); + SDL_strlcpy(bm->glow_filename, "Sunglow01", sizeof(bm->glow_filename)); bm->xparent = 1; bm->bitmap = bm_load(bm->filename); bm->glow_bitmap = bm_load(bm->glow_filename); @@ -598,7 +598,7 @@ void stars_level_init() mprintf(("Adding default sun\n")); // stuff some values - strcpy(Suns[0].filename, Sun_bitmaps[0].filename); + SDL_strlcpy(Suns[0].filename, Sun_bitmaps[0].filename, sizeof(Suns[0].filename)); Suns[0].scale_x = 1.0f; Suns[0].scale_y = 1.0f; Suns[0].div_x = 1; diff --git a/src/stats/medals.cpp b/src/stats/medals.cpp index 524d6a2..33fd40d 100644 --- a/src/stats/medals.cpp +++ b/src/stats/medals.cpp @@ -600,110 +600,110 @@ void medals_translate_name(char *name, int max_len) { #ifdef MAKE_FS1 if (!strcmp(name, "Conspicuous Gallantry")) { - strncpy(name, "Tapferkeitsmedaille", max_len); + SDL_strlcpy(name, "Tapferkeitsmedaille", max_len); } else if (!strcmp(name, "Vasudan Alliance")) { - strncpy(name, "Vasudanischen Allianz", max_len); + SDL_strlcpy(name, "Vasudanischen Allianz", max_len); } else if (!strcmp(name, "Distinguished Flying Cross")) { - strncpy(name, "Kreuz f\x81r Fliegerleistungen", max_len); + SDL_strlcpy(name, "Kreuz f\x81r Fliegerleistungen", max_len); } else if (!strcmp(name, "Commendation Medal")) { - strncpy(name, "Anerkennungsmedaille", max_len); + SDL_strlcpy(name, "Anerkennungsmedaille", max_len); } else if (!strcmp(name, "Galatea Survivor")) { - strncpy(name, "Galatea-\x9A""berlebender", max_len); + SDL_strlcpy(name, "Galatea-\x9A""berlebender", max_len); } else if (!strcmp(name, "Legion of Merit")) { - strncpy(name, "Verdienstlegion", max_len); + SDL_strlcpy(name, "Verdienstlegion", max_len); } else if (!strcmp(name, "Meritorious Unit")) { - strncpy(name, "Verdienstmedaille", max_len); + SDL_strlcpy(name, "Verdienstmedaille", max_len); } else if (!strcmp(name, "Medal of Honor")) { - strncpy(name, "Ehrenmedaille", max_len); + SDL_strlcpy(name, "Ehrenmedaille", max_len); } else if (!strcmp(name, "Galactic Service")) { - strncpy(name, "Galaktischer Dienst", max_len); + SDL_strlcpy(name, "Galaktischer Dienst", max_len); } else if (!strcmp(name, "Military Defense")) { - strncpy(name, "Verteidigungsmedaille", max_len); + SDL_strlcpy(name, "Verteidigungsmedaille", max_len); } else if (!strcmp(name, "Good Conduct")) { - strncpy(name, "Medaille f\x81r gute F\x81hrung", max_len); + SDL_strlcpy(name, "Medaille f\x81r gute F\x81hrung", max_len); } else if (!strcmp(name, "Distinguished Service Cross")) { - strncpy(name, "Kreuz f\x81r Einsatz", max_len); + SDL_strlcpy(name, "Kreuz f\x81r Einsatz", max_len); } else if (!strcmp(name, "Ace")) { - strncpy(name, "Bronzener Stern", max_len); + SDL_strlcpy(name, "Bronzener Stern", max_len); } else if (!strcmp(name, "Double Ace")) { - strncpy(name, "Silberner Stern", max_len); + SDL_strlcpy(name, "Silberner Stern", max_len); } else if (!strcmp(name, "Triple Ace")) { - strncpy(name, "Goldener Stern", max_len); + SDL_strlcpy(name, "Goldener Stern", max_len); } else if (!strcmp(name, "Wings")) { - strncpy(name, "Pilotenabzeichen", max_len); + SDL_strlcpy(name, "Pilotenabzeichen", max_len); } else if (!strcmp(name, "Rank")) { - strncpy(name, "Dienstgrad", max_len); + SDL_strlcpy(name, "Dienstgrad", max_len); } #else if (!strcmp(name, "Epsilon Pegasi Liberation")) { - strncpy(name, "Epsilon Pegasi Befreiungsmedaille", max_len); + SDL_strlcpy(name, "Epsilon Pegasi Befreiungsmedaille", max_len); } else if (!strcmp(name, "Imperial Order of Vasuda")) { - strncpy(name, "Imperialer Orden von Vasuda ", max_len); + SDL_strlcpy(name, "Imperialer Orden von Vasuda ", max_len); } else if (!strcmp(name, "Distinguished Flying Cross")) { - strncpy(name, "Fliegerkreuz Erster Klasse", max_len); + SDL_strlcpy(name, "Fliegerkreuz Erster Klasse", max_len); } else if (!strcmp(name, "SOC Service Medallion")) { - strncpy(name, "SEK-Dienstmedaille ", max_len); + SDL_strlcpy(name, "SEK-Dienstmedaille ", max_len); } else if (!strcmp(name, "Intelligence Cross")) { - strncpy(name, "Geheimdienstkreuz am Bande", max_len); + SDL_strlcpy(name, "Geheimdienstkreuz am Bande", max_len); } else if (!strcmp(name, "Order of Galatea")) { - strncpy(name, "Orden von Galatea ", max_len); + SDL_strlcpy(name, "Orden von Galatea ", max_len); } else if (!strcmp(name, "Meritorious Unit Commendation")) { - strncpy(name, "Ehrenspange der Allianz", max_len); + SDL_strlcpy(name, "Ehrenspange der Allianz", max_len); } else if (!strcmp(name, "Medal of Valor")) { - strncpy(name, "Tapferkeitsmedaille ", max_len); + SDL_strlcpy(name, "Tapferkeitsmedaille ", max_len); } else if (!strcmp(name, "GTVA Legion of Honor")) { - strncpy(name, "Orden der GTVA-Ehrenlegion", max_len); + SDL_strlcpy(name, "Orden der GTVA-Ehrenlegion", max_len); } else if (!strcmp(name, "Allied Defense Citation")) { - strncpy(name, "Alliierte Abwehrspange ", max_len); + SDL_strlcpy(name, "Alliierte Abwehrspange ", max_len); } else if (!strcmp(name, "Nebula Campaign Victory Star")) { - strncpy(name, "Nebel-Siegesstern", max_len); + SDL_strlcpy(name, "Nebel-Siegesstern", max_len); } else if (!strcmp(name, "NTF Campaign Victory Star")) { - strncpy(name, "NTF-Siegesstern ", max_len); + SDL_strlcpy(name, "NTF-Siegesstern ", max_len); } else if (!strcmp(name, "Rank")) { - strncpy(name, "Dienstgrad", max_len); + SDL_strlcpy(name, "Dienstgrad", max_len); } else if (!strcmp(name, "Wings")) { - strncpy(name, "Fliegerspange", max_len); + SDL_strlcpy(name, "Fliegerspange", max_len); } else if (!strcmp(name, "Ace")) { - strncpy(name, "Flieger-As", max_len); + SDL_strlcpy(name, "Flieger-As", max_len); } else if (!strcmp(name, "Double Ace")) { - strncpy(name, "Doppel-As ", max_len); + SDL_strlcpy(name, "Doppel-As ", max_len); } else if (!strcmp(name, "Triple Ace")) { - strncpy(name, "Dreifach-As ", max_len); + SDL_strlcpy(name, "Dreifach-As ", max_len); } else if (!strcmp(name, "SOC Unit Crest")) { - strncpy(name, "SEK-Abzeichen ", max_len); + SDL_strlcpy(name, "SEK-Abzeichen ", max_len); } #endif } @@ -713,58 +713,58 @@ void medals_translate_name(char *name, int max_len) void medals_translate_name_pl(char *name, int max_len) { if (!strcmp(name, "Epsilon Pegasi Liberation")) { - strncpy(name, "Order Wyzwolenia Epsilon Pegasi", max_len); + SDL_strlcpy(name, "Order Wyzwolenia Epsilon Pegasi", max_len); } else if (!strcmp(name, "Imperial Order of Vasuda")) { - strncpy(name, "Imperialny Order Vasudy", max_len); + SDL_strlcpy(name, "Imperialny Order Vasudy", max_len); } else if (!strcmp(name, "Distinguished Flying Cross")) { - strncpy(name, "Krzy\xBF Wybitnego Pilota", max_len); + SDL_strlcpy(name, "Krzy\xBF Wybitnego Pilota", max_len); } else if (!strcmp(name, "SOC Service Medallion")) { - strncpy(name, "Krzy\xBF S\xB3u\xBF\x62 Specjalnych", max_len); + SDL_strlcpy(name, "Krzy\xBF S\xB3u\xBF\x62 Specjalnych", max_len); } else if (!strcmp(name, "Intelligence Cross")) { - strncpy(name, "Krzy\xBF Wywiadu", max_len); + SDL_strlcpy(name, "Krzy\xBF Wywiadu", max_len); } else if (!strcmp(name, "Order of Galatea")) { - strncpy(name, "Order Galatei", max_len); + SDL_strlcpy(name, "Order Galatei", max_len); } else if (!strcmp(name, "Meritorious Unit Commendation")) { - strncpy(name, "Medal Pochwalny", max_len); + SDL_strlcpy(name, "Medal Pochwalny", max_len); } else if (!strcmp(name, "Medal of Valor")) { - strncpy(name, "Medal za Odwag\xEA", max_len); + SDL_strlcpy(name, "Medal za Odwag\xEA", max_len); } else if (!strcmp(name, "GTVA Legion of Honor")) { - strncpy(name, "Legia Honorowa GTVA", max_len); + SDL_strlcpy(name, "Legia Honorowa GTVA", max_len); } else if (!strcmp(name, "Allied Defense Citation")) { - strncpy(name, "Order za Obron\xEA Sojuszu", max_len); + SDL_strlcpy(name, "Order za Obron\xEA Sojuszu", max_len); } else if (!strcmp(name, "Nebula Campaign Victory Star")) { - strncpy(name, "Gwiazda Wiktorii Kampanii w Mg\xB3\x61wicy", max_len); + SDL_strlcpy(name, "Gwiazda Wiktorii Kampanii w Mg\xB3\x61wicy", max_len); } else if (!strcmp(name, "NTF Campaign Victory Star")) { - strncpy(name, "Gwiazda Wiktorii Kampanii NTF", max_len); + SDL_strlcpy(name, "Gwiazda Wiktorii Kampanii NTF", max_len); } else if (!strcmp(name, "Rank")) { - strncpy(name, "Ranga", max_len); + SDL_strlcpy(name, "Ranga", max_len); } else if (!strcmp(name, "Wings")) { - strncpy(name, "Skrzyd\xB3\x61", max_len); + SDL_strlcpy(name, "Skrzyd\xB3\x61", max_len); } else if (!strcmp(name, "Ace")) { - strncpy(name, "As", max_len); + SDL_strlcpy(name, "As", max_len); } else if (!strcmp(name, "Double Ace")) { - strncpy(name, "Podw\xF3jny As", max_len); + SDL_strlcpy(name, "Podw\xF3jny As", max_len); } else if (!strcmp(name, "Triple Ace")) { - strncpy(name, "Potr\xF3jny As", max_len); + SDL_strlcpy(name, "Potr\xF3jny As", max_len); } else if (!strcmp(name, "SOC Unit Crest")) { - strncpy(name, "Tarcza S\xB3u\xBF\x62 Specjalnych", max_len); + SDL_strlcpy(name, "Tarcza S\xB3u\xBF\x62 Specjalnych", max_len); } } @@ -776,39 +776,38 @@ void blit_label(char *label, int *coords, int num) { int x, y, sw; char text[256]; + char translated_label[256]; gr_set_color_fast(&Color_bright); // translate medal names before displaying // cant translate in table cuz the names are used in comparisons if (Lcl_gr) { - char translated_label[256]; - strncpy(translated_label, label, 256); - medals_translate_name(translated_label, 256); + SDL_strlcpy(translated_label, label, sizeof(translated_label)); + medals_translate_name(translated_label, sizeof(translated_label)); // set correct string if ( num > 1 ) { - sprintf( text, NOX("%s (%d)"), translated_label, num ); + SDL_snprintf( text, sizeof(text), NOX("%s (%d)"), translated_label, num ); } else { - sprintf( text, "%s", translated_label ); + SDL_snprintf( text, sizeof(text), "%s", translated_label ); } } else if(Lcl_pl) { - char translated_label[256]; - strncpy(translated_label, label, 256); - medals_translate_name_pl(translated_label, 256); + SDL_strlcpy(translated_label, label, sizeof(translated_label)); + medals_translate_name_pl(translated_label, sizeof(translated_label)); // set correct string if ( num > 1 ) { - sprintf( text, NOX("%s (%d)"), translated_label, num ); + SDL_snprintf( text, sizeof(text), NOX("%s (%d)"), translated_label, num ); } else { - sprintf( text, "%s", translated_label ); + SDL_snprintf( text, sizeof(text), "%s", translated_label ); } } else { // set correct string if ( num > 1 ) { - sprintf( text, NOX("%s (%d)"), label, num ); + SDL_snprintf( text, sizeof(text), NOX("%s (%d)"), label, num ); } else { - sprintf( text, "%s", label ); + SDL_snprintf( text, sizeof(text), "%s", label ); } } @@ -971,7 +970,7 @@ void init_medal_bitmaps() // possibly load a different filename that is specified by the bitmap filename // for this medal. if the player has > 1 of these types of medals, then determien // which of the possible version to use based on the player's count of this medal - strcpy( filename, Medals[idx].bitmap ); + SDL_strlcpy( filename, Medals[idx].bitmap, sizeof(filename) ); _splitpath( filename, NULL, NULL, base, NULL ); @@ -984,12 +983,12 @@ void init_medal_bitmaps() if ( num_medals > 1 ) { // append the proper character onto the end of the medal filename. Base version // has no character. next version is a, then b, etc. - sprintf( base, "%s%c", base, (num_medals-2)+'a'); + SDL_snprintf( base, sizeof(base), "%s%c", base, (num_medals-2)+'a'); } // hi-res support if (gr_screen.res == GR_1024) { - sprintf( filename, "2_%s", base ); + SDL_snprintf( filename, sizeof(filename), "2_%s", base ); } // base now contains the actual medal bitmap filename needed to load @@ -1003,7 +1002,7 @@ void init_medal_bitmaps() // load up rank insignia if (gr_screen.res == GR_1024) { char filename[NAME_LENGTH]; - sprintf(filename, "2_%s", Ranks[Player_score->rank].bitmap); + SDL_snprintf(filename, sizeof(filename), "2_%s", Ranks[Player_score->rank].bitmap); Rank_bm = bm_load(filename); } else { Rank_bm = bm_load(Ranks[Player_score->rank].bitmap); diff --git a/src/stats/scoring.cpp b/src/stats/scoring.cpp index 669588d..655fccb 100644 --- a/src/stats/scoring.cpp +++ b/src/stats/scoring.cpp @@ -918,7 +918,7 @@ void scoring_eval_kill(object *ship_obj) if((Net_player != NULL) && (Net_player->flags & NETINFO_FLAG_AM_MASTER) && (net_plr != NULL) && (dead_plr != NULL) && (net_plr->player != NULL) && (dead_plr->player != NULL)){ char dead_text[1024] = ""; - sprintf(dead_text, "%s gets the kill for %s", net_plr->player->callsign, dead_plr->player->callsign); + SDL_snprintf(dead_text, sizeof(dead_text), "%s gets the kill for %s", net_plr->player->callsign, dead_plr->player->callsign); send_game_chat_packet(Net_player, dead_text, MULTI_MSG_ALL, NULL, NULL, 2); HUD_printf(dead_text); } diff --git a/src/stats/stats.cpp b/src/stats/stats.cpp index 345b370..68d41ea 100644 --- a/src/stats/stats.cpp +++ b/src/stats/stats.cpp @@ -322,63 +322,63 @@ void show_stats_numbers(int stage, int sx, int sy, int dy,int add_mission) switch ( stage ) { case MISSION_STATS: // mission kills stats - sprintf(text,"%d",Active_player->stats.m_kill_count_ok); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.m_kill_count_ok); gr_printf(sx,sy,text); // stats_underline_text(sx,sy,text); sy += 2*dy; // mission primary weapon stats - sprintf(text,"%d",Active_player->stats.mp_shots_fired); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.mp_shots_fired); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.mp_shots_hit); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.mp_shots_hit); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.mp_bonehead_hits); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.mp_bonehead_hits); gr_printf(sx,sy,text); sy += dy; if(Active_player->stats.mp_shots_fired>0) pct=(float)100.0*((float)Active_player->stats.mp_shots_hit/(float)Active_player->stats.mp_shots_fired); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += dy; if(Active_player->stats.mp_bonehead_hits>0) pct=(float)100.0*((float)Active_player->stats.mp_bonehead_hits/(float)Active_player->stats.mp_shots_fired); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += 2*dy; // mission secondary weapon stats - sprintf(text,"%d",Active_player->stats.ms_shots_fired); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.ms_shots_fired); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.ms_shots_hit); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.ms_shots_hit); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.ms_bonehead_hits); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.ms_bonehead_hits); gr_printf(sx,sy,text); sy += dy; if(Active_player->stats.ms_shots_fired>0) pct=(float)100.0*((float)Active_player->stats.ms_shots_hit/(float)Active_player->stats.ms_shots_fired); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += dy; if(Active_player->stats.ms_bonehead_hits>0) pct=(float)100.0*((float)Active_player->stats.ms_bonehead_hits/(float)Active_player->stats.ms_shots_fired); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += 2*dy; // mission assists and player rescues (respawns) - sprintf(text,"%d",(int)Active_player->stats.m_assists); + SDL_snprintf(text,sizeof(text),"%d",(int)Active_player->stats.m_assists); gr_printf(sx,sy,text); sy += 2*dy; if(Game_mode & GM_MULTIPLAYER){ - sprintf(text,"%d",(int)Active_player->stats.m_player_deaths); + SDL_snprintf(text,sizeof(text),"%d",(int)Active_player->stats.m_player_deaths); gr_printf(sx,sy,text); sy += 2*dy; @@ -407,59 +407,59 @@ void show_stats_numbers(int stage, int sx, int sy, int dy,int add_mission) } // mission kills stats - sprintf(text,"%d",Active_player->stats.kill_count_ok + add.kill_count_ok); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.kill_count_ok + add.kill_count_ok); hud_num_make_mono(text); gr_printf(sx,sy,text); // stats_underline_text(sx,sy,text); sy += 2*dy; // alltime primary weapon stats - sprintf(text,"%d",Active_player->stats.p_shots_fired + add.p_shots_fired); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.p_shots_fired + add.p_shots_fired); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.p_shots_hit + add.p_shots_hit); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.p_shots_hit + add.p_shots_hit); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.p_bonehead_hits + add.p_bonehead_hits); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.p_bonehead_hits + add.p_bonehead_hits); gr_printf(sx,sy,text); sy += dy; if((Active_player->stats.p_shots_fired + add.p_shots_fired)>0) pct=(float)100.0*((float)(Active_player->stats.p_shots_hit+add.p_shots_hit)/(float)(Active_player->stats.p_shots_fired + add.p_shots_fired)); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += dy; if((Active_player->stats.p_bonehead_hits + add.p_bonehead_hits)>0) pct=(float)100.0*((float)(Active_player->stats.p_bonehead_hits+add.p_bonehead_hits)/(float)(Active_player->stats.p_shots_fired + add.p_shots_fired)); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += 2*dy; // alltime secondary weapon stats - sprintf(text,"%d",Active_player->stats.s_shots_fired + add.s_shots_fired); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.s_shots_fired + add.s_shots_fired); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.s_shots_hit + add.s_shots_hit); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.s_shots_hit + add.s_shots_hit); gr_printf(sx,sy,text); sy += dy; - sprintf(text,"%d",Active_player->stats.s_bonehead_hits + add.s_bonehead_hits); + SDL_snprintf(text,sizeof(text),"%d",Active_player->stats.s_bonehead_hits + add.s_bonehead_hits); gr_printf(sx,sy,text); sy += dy; if((Active_player->stats.s_shots_fired+add.s_shots_fired)>0) pct=(float)100.0*((float)(Active_player->stats.s_shots_hit + add.s_shots_hit)/(float)(Active_player->stats.s_shots_fired + add.s_shots_fired)); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += dy; if((Active_player->stats.s_bonehead_hits + add.s_bonehead_hits)>0) pct=(float)100.0*((float)(Active_player->stats.s_bonehead_hits+add.s_bonehead_hits)/(float)(Active_player->stats.s_shots_fired+add.s_shots_fired)); else pct=(float)0.0; - sprintf(text,"%d",(int)pct); strcat(text," %%"); + SDL_snprintf(text,sizeof(text),"%d",(int)pct); SDL_strlcat(text," %%", sizeof(text)); gr_printf(sx,sy,text); sy += 2*dy; // alltime assists - sprintf(text,"%d",(int)Active_player->stats.assists + add.assists); + SDL_snprintf(text,sizeof(text),"%d",(int)Active_player->stats.assists + add.assists); gr_printf(sx,sy,text); sy += 2*dy; diff --git a/src/tgautils/tgautils.cpp b/src/tgautils/tgautils.cpp index 393474f..561a56f 100644 --- a/src/tgautils/tgautils.cpp +++ b/src/tgautils/tgautils.cpp @@ -368,10 +368,10 @@ int targa_read_header(char *real_filename, int *w, int *h, int *bpp, ubyte *pale CFILE *targa_file; char filename[MAX_FILENAME_LEN]; - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) *p = 0; - strcat( filename, ".tga" ); + SDL_strlcat( filename, ".tga", sizeof(filename) ); targa_file = cfopen( filename , "rb" ); if ( !targa_file ){ @@ -503,10 +503,10 @@ int targa_read_bitmap(char *real_filename, ubyte *image_data, ubyte *palette, in ubyte r, g, b; // open the file - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) *p = 0; - strcat( filename, ".tga" ); + SDL_strlcat( filename, ".tga", sizeof(filename) ); targa_file = cfopen( filename , "rb" ); if ( !targa_file ){ @@ -706,10 +706,10 @@ int targa_write_bitmap(char *real_filename, ubyte *data, ubyte *palette, int w, int bytes_per_pixel = BYTES_PER_PIXEL(bpp); // open the file - strcpy( filename, real_filename ); - char *p = strchr( filename, '.' ); + SDL_strlcpy( filename, real_filename, sizeof(filename) ); + char *p = SDL_strchr( filename, '.' ); if ( p ) *p = 0; - strcat( filename, ".tga" ); + SDL_strlcat( filename, ".tga", sizeof(filename) ); f = cfopen( filename , "wb" ); if ( !f ){ diff --git a/src/ui/gadget.cpp b/src/ui/gadget.cpp index 7582f10..fd7e06f 100644 --- a/src/ui/gadget.cpp +++ b/src/ui/gadget.cpp @@ -249,22 +249,19 @@ int UI_GADGET::set_bmaps(const char *ani_fname, int nframes, int start_frame) // searching and therefore loading for(idx=start_frame; idx 0 ) { - strncpy( text, _text, _text_len ); + SDL_strlcpy( text, _text, _text_len+1 ); } text[_text_len] = 0; position = strlen(_text); @@ -474,12 +474,12 @@ int UI_INPUTBOX::validate_input(int chr) } // otherwise compare against the valid chars list - if((valid_chars) && strchr(valid_chars, chr)){ + if((valid_chars) && SDL_strchr(valid_chars, chr)){ return chr; } // otherwise compare against the invalid chars list0 - if((invalid_chars) && !strchr(invalid_chars,chr)){ + if((invalid_chars) && !SDL_strchr(invalid_chars,chr)){ return chr; } @@ -654,8 +654,7 @@ int UI_INPUTBOX::pressed() void UI_INPUTBOX::get_text(char *out) { - strncpy(out, text, length); - out[length] = 0; + SDL_strlcpy(out, text, length+1); } void UI_INPUTBOX::set_text(const char *in) @@ -666,7 +665,7 @@ void UI_INPUTBOX::set_text(const char *in) if (in_length > length) SDL_assert(0); // tried to force text into an input box that won't fit into allocated memory - strcpy(text, in); + SDL_strlcpy(text, in, length+1); if (flags & UI_INPUTBOX_FLAG_PASSWD) { memset(passwd_text, INPUTBOX_PASSWD_CHAR, strlen(text)); diff --git a/src/ui/slider.cpp b/src/ui/slider.cpp index aa4ddc7..b8ad45c 100644 --- a/src/ui/slider.cpp +++ b/src/ui/slider.cpp @@ -262,7 +262,7 @@ void UI_DOT_SLIDER_NEW::process(int focus) /// DOT_SLIDER class down here void UI_DOT_SLIDER::create(UI_WINDOW *wnd, int _x, int _y, const char *bm, int id, int end_buttons, int _num_pos) { - char filename[MAX_PATH_LEN]; + char filename[MAX_FILENAME_LEN]; int bx, by, bw, hotspot; has_end_buttons = end_buttons; @@ -281,7 +281,7 @@ void UI_DOT_SLIDER::create(UI_WINDOW *wnd, int _x, int _y, const char *bm, int i num_pos = _num_pos; - sprintf(filename, "%s%.2d", bm, hotspot); + SDL_snprintf(filename, sizeof(filename), "%s%.2d", bm, hotspot); first_frame = bm_load_animation(filename, &total_frames); if (first_frame < 0) { Error(LOCATION, "Could not load %s.ani\n", filename); @@ -305,7 +305,7 @@ void UI_DOT_SLIDER::create(UI_WINDOW *wnd, int _x, int _y, const char *bm, int i if ( has_end_buttons ) { // Second button is the up (increase) button - sprintf(filename, "%s%.2d", bm, id + 2); + SDL_snprintf(filename, sizeof(filename), "%s%.2d", bm, id + 2); up_button.create( wnd, "", _x + 216, _y, 22, 24, 1, 1 ); up_button.set_parent(this); up_button.set_highlight_action(common_play_highlight_sound); @@ -313,7 +313,7 @@ void UI_DOT_SLIDER::create(UI_WINDOW *wnd, int _x, int _y, const char *bm, int i up_button.link_hotspot(id + 2); // Third button is the down (decrease) button - sprintf(filename, "%s%.2d", bm, id); + SDL_snprintf(filename, sizeof(filename), "%s%.2d", bm, id); down_button.create( wnd, "", _x, _y, 22, 24, 1, 1 ); down_button.set_parent(this); down_button.set_highlight_action(common_play_highlight_sound); diff --git a/src/ui/window.cpp b/src/ui/window.cpp index 07cb403..b6027a8 100644 --- a/src/ui/window.cpp +++ b/src/ui/window.cpp @@ -754,7 +754,7 @@ void UI_WINDOW::draw_one_xstr(UI_XSTR *x, int frame) // print this puppy out int xoffset = lcl_get_xstr_offset(x->xstr_id, gr_screen.res); - strncpy(str, XSTR(x->xstr, x->xstr_id), 254); + SDL_strlcpy(str, XSTR(x->xstr, x->xstr_id), sizeof(str)); if(str[0] == '&'){ if(strlen(str) > 1){ gr_string((x->x) + xoffset, x->y, str + 1); diff --git a/src/vcodec/codec1.cpp b/src/vcodec/codec1.cpp index 3d36ae0..42694b5 100644 --- a/src/vcodec/codec1.cpp +++ b/src/vcodec/codec1.cpp @@ -737,7 +737,7 @@ static void Decode1(t_Sample* bufIn, t_Sample* bufOut, int size, int sizeOut) int leftIn = bufEnd - p, leftOut = bufOutEnd - q; char str[80]; - sprintf(str, "%d bytes left in source, %d bytes left in dest", + SDL_snprintf(str, sizeof(str), "%d bytes left in source, %d bytes left in dest", leftIn, leftOut); AfxMessageBox(str); diff --git a/src/weapon/emp.cpp b/src/weapon/emp.cpp index 8c33195..3bed391 100644 --- a/src/weapon/emp.cpp +++ b/src/weapon/emp.cpp @@ -128,7 +128,7 @@ const char Emp_random_char[NUM_RANDOM_CHARS] = // // maybe reformat a string -void emp_maybe_reformat_text(char *text, int max_len, int gauge_id); +void emp_maybe_reformat_text(char *text, const int max_len, int gauge_id); // randomize the chars in a string void emp_randomize_chars(char *str); @@ -517,7 +517,7 @@ void emp_hud_string(int x, int y, int gauge_id, const char *str) char tmp[256] = ""; // copy the string - strcpy(tmp, str); + SDL_strlcpy(tmp, str, sizeof(tmp)); // if the emp effect is not active, don't even bother messing with the text if(emp_active_local()){ @@ -539,7 +539,7 @@ void emp_hud_printf(int x, int y, int gauge_id, const char *format, ...) // format the text va_start(args, format); - vsprintf(tmp, format, args); + SDL_vsnprintf(tmp, sizeof(tmp), format, args); va_end(args); // if the emp effect is not active, don't even bother messing with the text @@ -555,7 +555,7 @@ void emp_hud_printf(int x, int y, int gauge_id, const char *format, ...) } // maybe reformat a string -void emp_maybe_reformat_text(char *text, int max_len, int gauge_id) +void emp_maybe_reformat_text(char *text, const int max_len, int gauge_id) { wacky_text *wt; @@ -571,7 +571,7 @@ void emp_maybe_reformat_text(char *text, int max_len, int gauge_id) // if the gauge is EG_NULL, empty the string if(gauge_id == EG_NULL){ - strcpy(text, ""); + SDL_strlcpy(text, "", max_len); return; } @@ -586,7 +586,7 @@ void emp_maybe_reformat_text(char *text, int max_len, int gauge_id) case EG_WEAPON_TITLE: case EG_WEAPON_P1: case EG_WEAPON_P2: case EG_WEAPON_P3: case EG_WEAPON_S1: case EG_WEAPON_S2: int wep_index; wep_index = (int)frand_range(0.0f, (float)(MAX_WEAPON_TYPES - 1)); - strcpy(wt->str, Weapon_info[ wep_index >= MAX_WEAPON_TYPES ? 0 : wep_index ].name); + SDL_strlcpy(wt->str, Weapon_info[ wep_index >= MAX_WEAPON_TYPES ? 0 : wep_index ].name, sizeof(wt->str)); break; // escort list @@ -595,32 +595,32 @@ void emp_maybe_reformat_text(char *text, int max_len, int gauge_id) int shipnum; shipnum = ship_get_random_ship(); if(shipnum >= 0){ - strcpy(wt->str, Ships[shipnum].ship_name); + SDL_strlcpy(wt->str, Ships[shipnum].ship_name, sizeof(wt->str)); } break; // directives title case EG_OBJ_TITLE: - strcpy(wt->str, ""); + SDL_strlcpy(wt->str, "", sizeof(wt->str)); break; // directives themselves case EG_OBJ1: case EG_OBJ2: case EG_OBJ3: case EG_OBJ4: case EG_OBJ5: - strcpy(wt->str, text); + SDL_strlcpy(wt->str, text, sizeof(wt->str)); emp_randomize_chars(wt->str); break; // target box info case EG_TBOX_EXTRA1: case EG_TBOX_EXTRA2: case EG_TBOX_EXTRA3: case EG_TBOX_CLASS: case EG_TBOX_DIST: case EG_TBOX_CARGO: case EG_TBOX_HULL: case EG_TBOX_NAME: case EG_TBOX_INTEG: - strcpy(wt->str, text); + SDL_strlcpy(wt->str, text, sizeof(wt->str)); emp_randomize_chars(wt->str); break; // squadmsg menu case EG_SQ1: case EG_SQ2: case EG_SQ3: case EG_SQ4: case EG_SQ5: case EG_SQ6: case EG_SQ7: case EG_SQ8: case EG_SQ9: case EG_SQ10: - strcpy(wt->str, text); + SDL_strlcpy(wt->str, text, sizeof(wt->str)); emp_randomize_chars(wt->str); break; @@ -633,11 +633,11 @@ void emp_maybe_reformat_text(char *text, int max_len, int gauge_id) wt->stamp = timestamp((int)frand_range(100.0f, 750.0f * (1.0f - Emp_intensity))); // copy the text - strcpy(text, wt->str); + SDL_strlcpy(text, wt->str, max_len); } // otherwise, use what we calculated last time else { - strcpy(text, wt->str); + SDL_strlcpy(text, wt->str, max_len); } } diff --git a/src/weapon/muzzleflash.cpp b/src/weapon/muzzleflash.cpp index f55cf42..857621b 100644 --- a/src/weapon/muzzleflash.cpp +++ b/src/weapon/muzzleflash.cpp @@ -152,7 +152,7 @@ void mflash_game_init() // if we have room left if(m->num_blobs < MAX_MFLASH_BLOBS){ - strcpy(m->blob_names[m->num_blobs], name); + SDL_strlcpy(m->blob_names[m->num_blobs], name, MAX_MFLASH_NAME_LEN); m->blob_offset[m->num_blobs] = offset; m->blob_radius[m->num_blobs] = radius; @@ -177,28 +177,28 @@ void mflash_game_init() m->blob_anims[idx] = -1; } - strncpy(m->name, "mflash_small", MAX_MFLASH_NAME_LEN); + SDL_strlcpy(m->name, "mflash_small", MAX_MFLASH_NAME_LEN); m->num_blobs = 4; SDL_assert(m->num_blobs <= MAX_MFLASH_BLOBS); idx = 0; - strncpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); + SDL_strlcpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); m->blob_offset[idx] = 1.0f; m->blob_radius[idx] = 6.0f; idx++; - strncpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); + SDL_strlcpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); m->blob_offset[idx] = 4.5f; m->blob_radius[idx] = 4.0f; idx++; - strncpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); + SDL_strlcpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); m->blob_offset[idx] = 6.0f; m->blob_radius[idx] = 3.0f; idx++; - strncpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); + SDL_strlcpy(m->blob_names[idx], "expmissilehit1", MAX_MFLASH_NAME_LEN); m->blob_offset[idx] = 8.5f; m->blob_radius[idx] = 3.0f; #endif diff --git a/src/weapon/weapons.cpp b/src/weapon/weapons.cpp index a28b3d4..f49aed1 100644 --- a/src/weapon/weapons.cpp +++ b/src/weapon/weapons.cpp @@ -546,7 +546,7 @@ void parse_weapon_expl_tbl() } // stuff default filename - strcpy(Weapon_expl_info[Num_weapon_expl].lod[0].filename, base_filename); + SDL_strlcpy(Weapon_expl_info[Num_weapon_expl].lod[0].filename, base_filename, MAX_FILENAME_LEN); // stuff LOD level filenames for(idx=1; idxwi_flags |= WIF_SPAWN; weaponp->spawn_type = (short)Num_spawn_types; skip_length = strlen(NOX("Spawn")) + strspn(&temp_string[strlen(NOX("Spawn"))], NOX(" \t")); - char *num_start = strchr(&temp_string[skip_length], ','); + char *num_start = SDL_strchr(&temp_string[skip_length], ','); if (num_start == NULL) { weaponp->spawn_count = DEFAULT_WEAPON_SPAWN_COUNT; - name_length = 999; + name_length = NAME_LENGTH; } else { weaponp->spawn_count = (short)atoi(num_start+1); - name_length = num_start - temp_string - skip_length; + name_length = min(num_start - temp_string - skip_length + 1, NAME_LENGTH); } - strncpy(Spawn_names[Num_spawn_types++], &(weapon_strings[i][skip_length]), name_length); + SDL_strlcpy(Spawn_names[Num_spawn_types++], &(weapon_strings[i][skip_length]), name_length); SDL_assert(Num_spawn_types < MAX_SPAWN_WEAPONS); } else Warning(LOCATION, "Illegal to have two spawn types for one weapon.\n" @@ -844,8 +844,8 @@ int parse_weapon() if ( wip->name[0] == '@' ) { char old_name[NAME_LENGTH]; - strcpy(old_name, wip->name); - strcpy(wip->name, old_name+1); + SDL_strlcpy(old_name, wip->name, sizeof(old_name)); + SDL_strlcpy(wip->name, old_name+1, sizeof(wip->name)); } wip->title[0] = 0; -- 2.39.2