From 7872137c67add02b3d5ac214811c1bcfa11e3ad6 Mon Sep 17 00:00:00 2001 From: Hiroshi Inoue Date: Sat, 3 Jun 2017 21:42:52 +0900 Subject: [PATCH] Cleanup the code by replacing strcpy() by strncpy_null(), strlcat() or snprintf_add(). --- connection.c | 58 +++++++++++++---------------------------------- convert.c | 21 +++++++++--------- descriptor.c | 3 ++- dlg_wingui.c | 8 +++---- environ.c | 9 ++++---- info.c | 45 ++++++++++++++++++------------------- mylog.c | 29 ++++++++++++------------ parse.c | 5 +++-- qresult.c | 18 ++++++++------- results.c | 63 ++++++++++++++++++---------------------------------- setup.c | 4 ++-- statement.c | 14 ++++++------ xalibname.c | 2 +- 13 files changed, 117 insertions(+), 162 deletions(-) diff --git a/connection.c b/connection.c index 6c677cc..52bc70f 100644 --- a/connection.c +++ b/connection.c @@ -813,7 +813,7 @@ handle_pgres_error(ConnectionClass *self, const PGresult *pgres, { char *sqlstate = PQresultErrorField(pgres, PG_DIAG_SQLSTATE); if (sqlstate) - strncpy_null(res->sqlstate, sqlstate, sizeof(res->sqlstate)); + STRCPY_FIXED(res->sqlstate, sqlstate); } if (NULL == pgres && @@ -1634,7 +1634,6 @@ CC_send_query_append(ConnectionClass *self, const char *query, QueryInfo *qi, UD int func_cs_count = 0; size_t query_buf_len = 0; char *query_buf = NULL; - char *query_buf_next; size_t query_len; /* QR_set_command() dups this string so doesn't need static */ @@ -1729,53 +1728,25 @@ CC_send_query_append(ConnectionClass *self, const char *query, QueryInfo *qi, UD CC_set_error(self, CONN_NO_MEMORY_ERROR, "Couldn't alloc buffer for query.", ""); goto cleanup; } - query_buf_next = query_buf; + query_buf[0] = '\0'; if (issue_begin) { - strcpy(query_buf_next, bgncmd); - query_buf_next += strlen(bgncmd); - *(query_buf_next++) = ';'; + snprintf_add(query_buf, query_buf_len, "%s;", bgncmd); discard_next_begin = TRUE; } if (query_rollback) { - strcpy(query_buf_next, svpcmd); - query_buf_next += strlen(svpcmd); - *(query_buf_next++) = ' '; - strcpy(query_buf_next, per_query_svp); - query_buf_next += strlen(per_query_svp); - *(query_buf_next++) = ';'; + snprintf_add(query_buf, query_buf_len, "%s %s;", svpcmd, per_query_svp); discard_next_savepoint = TRUE; } - memcpy(query_buf_next, query, query_len); - query_buf_next += query_len; - *query_buf_next = '\0'; + strlcat(query_buf, query, query_buf_len); if (appendq) { - *(query_buf_next++) = ';'; - strcpy(query_buf_next, appendq); - query_buf_next += strlen(appendq); - *query_buf_next = '\0'; + snprintf_add(query_buf, query_buf_len, ";%s", appendq); } if (query_rollback) { - *(query_buf_next++) = ';'; - strcpy(query_buf_next, rlscmd); - query_buf_next += strlen(rlscmd); - *(query_buf_next++) = ' '; - strcpy(query_buf_next, per_query_svp); - query_buf_next += strlen(per_query_svp); - *query_buf_next = '\0'; - } - - if (query_buf_next > query_buf + query_buf_len) - { - /* - * this should not happen, and if it does, we've already overrun - * the buffer and possibly corrupted memory. - */ - CC_set_error(self, CONNECTION_COULD_NOT_SEND, "query buffer overrun", func); - goto cleanup; + snprintf_add(query_buf, query_buf_len, ";%s %s", rlscmd, per_query_svp); } /* Set up notice receiver */ @@ -2111,7 +2082,7 @@ cleanup: !CC_get_errormsg(self)[0]) CC_set_errormsg(self, QR_get_message(retres)); if (!self->sqlstate[0]) - strcpy(self->sqlstate, retres->sqlstate); + STRCPY_FIXED(self->sqlstate, retres->sqlstate); } } } @@ -2385,7 +2356,7 @@ CC_lookup_lo(ConnectionClass *self) void CC_initialize_pg_version(ConnectionClass *self) { - strcpy(self->pg_version, "7.4"); + STRCPY_FIXED(self->pg_version, "7.4"); self->pg_version_major = 7; self->pg_version_minor = 4; } @@ -2440,15 +2411,16 @@ CC_get_current_schema(ConnectionClass *conn) int CC_mark_a_object_to_discard(ConnectionClass *conn, int type, const char *plan) { - int cnt = conn->num_discardp + 1; + int cnt = conn->num_discardp + 1, plansize; char *pname; CC_REALLOC_return_with_error(conn->discardp, char *, (cnt * sizeof(char *)), conn, "Couldn't alloc discardp.", -1); - CC_MALLOC_return_with_error(pname, char, (strlen(plan) + 2), + plansize = strlen(plan) + 2; + CC_MALLOC_return_with_error(pname, char, plansize, conn, "Couldn't alloc discardp mem.", -1); pname[0] = (char) type; /* 's':prepared statement 'p':cursor */ - strcpy(pname + 1, plan); + strncpy_null(pname + 1, plan, plansize - 1); conn->discardp[conn->num_discardp++] = pname; return 1; @@ -2551,7 +2523,7 @@ LIBPQ_connect(ConnectionClass *self) if (errmsg != NULL) snprintf(emsg, sizeof(emsg), "libpq connection parameter error:%s", errmsg); else - strncpy_null(emsg, "memory error? in PQconninfoParse", sizeof(emsg)); + STRCPY_FIXED(emsg, "memory error? in PQconninfoParse"); CC_set_error(self, CONN_OPENDB_ERROR, emsg, func); goto cleanup; } @@ -2706,7 +2678,7 @@ inolog("status=%d\n", pqret); if (!CC_get_username(self)[0]) { mylog("PQuser=%s\n", PQuser(pqconn)); - strncpy_null(self->connInfo.username, PQuser(pqconn), sizeof(self->connInfo.username)); + STRCPY_FIXED(self->connInfo.username, PQuser(pqconn)); } ret = 1; diff --git a/convert.c b/convert.c index a7a8b96..6249ae0 100644 --- a/convert.c +++ b/convert.c @@ -1469,13 +1469,13 @@ inolog("2stime fr=%d\n", std_time.fr); case 'n': case 'N': case '0': - strcpy(booltemp, "0"); + STRCPY_FIXED(booltemp, "0"); break; default: if (ci->true_is_minus1) - strcpy(booltemp, "-1"); + STRCPY_FIXED(booltemp, "-1"); else - strcpy(booltemp, "1"); + STRCPY_FIXED(booltemp, "1"); } neut_str = booltemp; } @@ -3815,7 +3815,8 @@ inolog("C_NUMERIC [prec=%d scale=%d]", ns->precision, ns->scale); if (0 == ns->precision) { - strcpy(chrform, "0"); + if (chrform) + strncpy_null(chrform, "0", 2); return; } @@ -4346,11 +4347,11 @@ mylog(" %s:C_WCHAR=%d contents=%s(%d)\n", __FUNCTION__, param_ctype, buffer, use } #ifdef WIN32 else if (_isnan(dbv)) - strcpy(param_string, NAN_STRING); + STRCPY_FIXED(param_string, NAN_STRING); else if (dbv < .0) - strcpy(param_string, MINFINITY_STRING); + STRCPY_FIXED(param_string, MINFINITY_STRING); else - strcpy(param_string, INFINITY_STRING); + STRCPY_FIXED(param_string, INFINITY_STRING); #endif /* WIN32 */ break; @@ -4365,11 +4366,11 @@ mylog(" %s:C_WCHAR=%d contents=%s(%d)\n", __FUNCTION__, param_ctype, buffer, use } #ifdef WIN32 else if (_isnan(flv)) - strcpy(param_string, NAN_STRING); + STRCPY_FIXED(param_string, NAN_STRING); else if (flv < .0) - strcpy(param_string, MINFINITY_STRING); + STRCPY_FIXED(param_string, MINFINITY_STRING); else - strcpy(param_string, INFINITY_STRING); + STRCPY_FIXED(param_string, INFINITY_STRING); #endif /* WIN32 */ break; diff --git a/descriptor.c b/descriptor.c index 64a2df2..598c17c 100644 --- a/descriptor.c +++ b/descriptor.c @@ -16,6 +16,7 @@ #include "descriptor.h" #include "statement.h" #include "qresult.h" +#include "misc.h" #include #include @@ -712,7 +713,7 @@ static PG_ErrorInfo *DC_create_errorinfo(const DescriptorClass *self) if (errornum < 0 || errornum >= sizeof(Descriptor_sqlstate) / sizeof(Descriptor_sqlstate[0])) errornum = 1 - LOWEST_DESC_ERROR; - strcpy(error->sqlstate, env_is_odbc3 ? Descriptor_sqlstate[errornum].ver3str : Descriptor_sqlstate[errornum].ver2str); + STRCPY_FIXED(error->sqlstate, env_is_odbc3 ? Descriptor_sqlstate[errornum].ver3str : Descriptor_sqlstate[errornum].ver2str); return error; } void diff --git a/dlg_wingui.c b/dlg_wingui.c index 94bd482..ffc2f33 100644 --- a/dlg_wingui.c +++ b/dlg_wingui.c @@ -123,7 +123,7 @@ GetDlgStuff(HWND hdlg, ConnInfo *ci) STR_TO_NAME(ci->password, medium_buf); GetDlgItemText(hdlg, IDC_PORT, ci->port, sizeof(ci->port)); sslposition = (int)(DWORD)SendMessage(GetDlgItem(hdlg, IDC_SSLMODE), CB_GETCURSEL, 0L, 0L); - strncpy_null(ci->sslmode, modetab[sslposition].modestr, sizeof(ci->sslmode)); + STRCPY_FIXED(ci->sslmode, modetab[sslposition].modestr); } static void @@ -396,7 +396,7 @@ ds_options1Proc(HWND hdlg, fbuf, sizeof(fbuf)); if (cmd <= 0) - strcpy(fbuf, "Advanced Options (%s) 1/3"); + STRCPY_FIXED(fbuf, "Advanced Options (%s) 1/3"); sprintf(strbuf, fbuf, ci->dsn); SetWindowText(hdlg, strbuf); } @@ -562,7 +562,7 @@ ds_options2Proc(HWND hdlg, fbuf, sizeof(fbuf)); if (cmd <= 0) - strcpy(fbuf, "Advanced Options (%s) 2/3"); + STRCPY_FIXED(fbuf, "Advanced Options (%s) 2/3"); sprintf(buf, fbuf, ci->dsn); SetWindowText(hdlg, buf); } @@ -812,7 +812,7 @@ mylog("!!!! %s:%d in\n", __FUNCTION__, wMsg); fbuf, sizeof(fbuf)); if (cmd <= 0) - strcpy(fbuf, "Advanced Options (%s) 3/3"); + STRCPY_FIXED(fbuf, "Advanced Options (%s) 3/3"); sprintf(buf, fbuf, ci->dsn); SetWindowText(hdlg, buf); } diff --git a/environ.c b/environ.c index 201db63..9fe5cb5 100644 --- a/environ.c +++ b/environ.c @@ -112,11 +112,12 @@ cleanup: return ret; } +#define SIZEOF_SQLSTATE 6 static void pg_sqlstate_set(const EnvironmentClass *env, UCHAR *szSqlState, const char *ver3str, const char *ver2str) { - strcpy((char *) szSqlState, EN_is_odbc3(env) ? ver3str : ver2str); + strncpy_null((char *) szSqlState, EN_is_odbc3(env) ? ver3str : ver2str, SIZEOF_SQLSTATE); } PG_ErrorInfo * @@ -297,7 +298,7 @@ PGAPI_ConnectError(HDBC hdbc, { mylog("CC_Get_error returned nothing.\n"); if (NULL != szSqlState) - strcpy((char *) szSqlState, "00000"); + strncpy_null((char *) szSqlState, "00000", SIZEOF_SQLSTATE); if (NULL != pcbErrorMsg) *pcbErrorMsg = 0; if ((NULL != szErrorMsg) && (cbErrorMsgMax > 0)) @@ -324,7 +325,7 @@ PGAPI_ConnectError(HDBC hdbc, if (NULL != szSqlState) { if (conn->sqlstate[0]) - strcpy((char *) szSqlState, conn->sqlstate); + STRCPY_FIXED((char *) szSqlState, conn->sqlstate); else switch (status) { @@ -492,7 +493,7 @@ PGAPI_Error(HENV henv, else { if (NULL != szSqlState) - strcpy((char *) szSqlState, "00000"); + strncpy_null((char *) szSqlState, "00000", SIZEOF_SQLSTATE); if (NULL != pcbErrorMsg) *pcbErrorMsg = 0; if ((NULL != szErrorMsg) && (cbErrorMsgMax > 0)) diff --git a/info.c b/info.c index 2ad5d71..84b7e32 100644 --- a/info.c +++ b/info.c @@ -231,7 +231,7 @@ mylog("CONVERT_FUNCTIONS=" FORMAT_ULEN "\n", value); p = "09.00.1399"; else { - strncpy_null(tmp, conn->pg_version, sizeof(tmp)); + STRCPY_FIXED(tmp, conn->pg_version); p = tmp; } break; @@ -1785,18 +1785,18 @@ retry_public_schema: tables_query[0] = '\0'; if (list_cat) - strncpy_null(tables_query, "select NULL, NULL, NULL", sizeof(tables_query)); + STRCPY_FIXED(tables_query, "select NULL, NULL, NULL"); else if (list_table_types) - strncpy_null(tables_query, "select NULL, NULL, relkind from (select 'r' as relkind union select 'v') as a", sizeof(tables_query)); + STRCPY_FIXED(tables_query, "select NULL, NULL, relkind from (select 'r' as relkind union select 'v') as a"); else if (list_schemas) { - strncpy_null(tables_query, "select NULL, nspname, NULL" - " from pg_catalog.pg_namespace n where true", sizeof(tables_query)); + STRCPY_FIXED(tables_query, "select NULL, nspname, NULL" + " from pg_catalog.pg_namespace n where true"); } else { /* view is represented by its relkind since 7.1 */ - strcpy(tables_query, "select relname, nspname, relkind" + STRCPY_FIXED(tables_query, "select relname, nspname, relkind" " from pg_catalog.pg_class c, pg_catalog.pg_namespace n"); strcat(tables_query, " where relkind in ('r', 'v')"); } @@ -1814,7 +1814,7 @@ retry_public_schema: * Parse the extra systable prefix configuration variable into an array * of prefixes. */ - strcpy(prefixes, ci->drivers.extra_systable_prefixes); + STRCPY_FIXED(prefixes, ci->drivers.extra_systable_prefixes); for (i = 0; i < MAX_PREFIXES; i++) { char *str = (i == 0) ? prefixes : NULL; @@ -2760,7 +2760,7 @@ retry_public_schema: /* * Create the query to find out if this is a view or not... */ - strcpy(columns_query, "select c.relhasrules, c.relkind, c.relhasoids"); + STRCPY_FIXED(columns_query, "select c.relhasrules, c.relkind, c.relhasoids"); strcat(columns_query, " from pg_catalog.pg_namespace u," " pg_catalog.pg_class c where " "u.oid = c.relnamespace"); @@ -3109,15 +3109,13 @@ PGAPI_Statistics(HSTMT hstmt, alcount *= 2; SC_REALLOC_gexit_with_error(column_names, struct columns_idx, alcount * sizeof(struct columns_idx), stmt, "Couldn't allocate memory for column names.", (result = SQL_ERROR)); } - column_names[total_columns].col_name = - (char *) malloc(strlen(column_name) + 1); + column_names[total_columns].col_name = strdup(column_name); if (!column_names[total_columns].col_name) { SC_set_error(stmt, STMT_NO_MEMORY_ERROR, "Couldn't allocate memory for column name.", func); result = SQL_ERROR; goto cleanup; } - strcpy(column_names[total_columns].col_name, column_name); column_names[total_columns].pnum = field_number; total_columns++; @@ -3492,7 +3490,7 @@ PGAPI_ColumnPrivileges(HSTMT hstmt, like_or_eq = eqop; escColumnName = simpleCatalogEscape(szColumnName, cbColumnName, conn); } - strcpy(column_query, "select '' as TABLE_CAT, table_schema as TABLE_SCHEM," + STRCPY_FIXED(column_query, "select '' as TABLE_CAT, table_schema as TABLE_SCHEM," " table_name, column_name, grantor, grantee," " privilege_type as PRIVILEGE, is_grantable from" " information_schema.column_privileges where true"); @@ -3723,13 +3721,12 @@ retry_public_schema: * possible index columns. Courtesy of Tom Lane - thomas * 2000-03-21 */ - strncpy_null(tables_query, + STRCPY_FIXED(tables_query, "select ta.attname, ia.attnum, ic.relname, n.nspname, tc.relname" " from pg_catalog.pg_attribute ta," " pg_catalog.pg_attribute ia, pg_catalog.pg_class tc," " pg_catalog.pg_index i, pg_catalog.pg_namespace n" - ", pg_catalog.pg_class ic" - , sizeof(tables_query)); + ", pg_catalog.pg_class ic"); qsize = strlen(tables_query); tsize = sizeof(tables_query) - qsize; tbqry = tables_query + qsize; @@ -3921,7 +3918,7 @@ getClientColumnName(ConnectionClass *conn, UInt4 relid, char *serverColumnName, { if (QR_get_num_cached_tuples(res) > 0) { - strncpy_null(saveattnum, QR_get_value_backend_text(res, 0, 0), sizeof(saveattnum)); + STRCPY_FIXED(saveattnum, QR_get_value_backend_text(res, 0, 0)); } else continueExec = FALSE; @@ -4872,7 +4869,7 @@ PGAPI_ProcedureColumns(HSTMT hstmt, escProcName = simpleCatalogEscape(szProcName, cbProcName, conn); } op_string = gen_opestr(like_or_eq, conn); - strcpy(proc_query, "select proname, proretset, prorettype, " + STRCPY_FIXED(proc_query, "select proname, proretset, prorettype, " "pronargs, proargtypes, nspname, p.oid"); ret_col = ext_pos = 7; poid_pos = 6; @@ -5256,7 +5253,7 @@ PGAPI_Procedures(HSTMT hstmt, * The following seems the simplest implementation */ op_string = gen_opestr(like_or_eq, conn); - strcpy(proc_query, "select '' as " "PROCEDURE_CAT" ", nspname as " "PROCEDURE_SCHEM" "," + STRCPY_FIXED(proc_query, "select '' as " "PROCEDURE_CAT" ", nspname as " "PROCEDURE_SCHEM" "," " proname as " "PROCEDURE_NAME" ", '' as " "NUM_INPUT_PARAMS" "," " '' as " "NUM_OUTPUT_PARAMS" ", '' as " "NUM_RESULT_SETS" "," " '' as " "REMARKS" "," @@ -5438,9 +5435,9 @@ retry_public_schema: escSchemaName = simpleCatalogEscape(szSchemaName, cbSchemaName, conn); op_string = gen_opestr(like_or_eq, conn); - strncpy_null(proc_query, "select relname, usename, relacl, nspname" + STRCPY_FIXED(proc_query, "select relname, usename, relacl, nspname" " from pg_catalog.pg_namespace, pg_catalog.pg_class ," - " pg_catalog.pg_user where", sizeof(proc_query)); + " pg_catalog.pg_user where"); if (escSchemaName) schema_strcat1(proc_query, " nspname %s'%.*s' and", op_string, escSchemaName, szTableName, cbTableName, conn); @@ -5472,7 +5469,7 @@ retry_public_schema: } } - strncpy_null(proc_query, "select usename, usesysid, usesuper from pg_user", sizeof(proc_query)); + STRCPY_FIXED(proc_query, "select usename, usesysid, usesuper from pg_user"); if (allures = CC_send_query(conn, proc_query, NULL, IGNORE_ABORT_ON_CONN, stmt), !QR_command_maybe_successful(allures)) { SC_set_error(stmt, STMT_EXEC_ERROR, "PGAPI_TablePrivileges query error", func); @@ -5711,9 +5708,9 @@ PGAPI_ForeignKeys_new(HSTMT hstmt, if (NULL != CurrCat(conn)) snprintf(catName, sizeof(catName), "'%s'::name", CurrCat(conn)); else - strcpy(catName, "NULL::name"); - strcpy(scmName1, "n2.nspname"); - strcpy(scmName2, "n1.nspname"); + STRCPY_FIXED(catName, "NULL::name"); + STRCPY_FIXED(scmName1, "n2.nspname"); + STRCPY_FIXED(scmName2, "n1.nspname"); escSchemaName = simpleCatalogEscape((SQLCHAR *) schema_needed, SQL_NTS, conn); snprintf(tables_query, sizeof(tables_query), diff --git a/mylog.c b/mylog.c index 5307d84..da7ca96 100644 --- a/mylog.c +++ b/mylog.c @@ -54,7 +54,7 @@ static char *logdir = NULL; void -generate_filename(const char *dirname, const char *prefix, char *filename) +generate_filename(const char *dirname, const char *prefix, char *filename, size_t filenamelen) { #ifdef WIN32 int pid; @@ -70,20 +70,19 @@ generate_filename(const char *dirname, const char *prefix, char *filename) if (dirname == 0 || filename == 0) return; - strcpy(filename, dirname); - strcat(filename, DIRSEPARATOR); + snprintf(filename, filenamelen, "%s%s", dirname, DIRSEPARATOR); if (prefix != 0) - strcat(filename, prefix); + strlcat(filename, prefix, filenamelen); #ifndef WIN32 if (ptr) - strcat(filename, ptr->pw_name); + strlcat(filename, ptr->pw_name, filenamelen); #endif - sprintf(filename, "%s%u%s", filename, pid, ".log"); + snprintf_add(filename, filenamelen, "%u%s", pid, ".log"); return; } static void -generate_homefile(const char *prefix, char *filename) +generate_homefile(const char *prefix, char *filename, size_t filenamelen) { char dir[PATH_MAX]; #ifdef WIN32 @@ -91,13 +90,13 @@ generate_homefile(const char *prefix, char *filename) dir[0] = '\0'; if (ptr=getenv("HOMEDRIVE"), NULL != ptr) - strcat(dir, ptr); + strlcat(dir, ptr, filenamelen); if (ptr=getenv("HOMEPATH"), NULL != ptr) - strcat(dir, ptr); + strlcat(dir, ptr, filenamelen); #else - strcpy(dir, "~"); + STRCPY_FIXED(dir, "~"); #endif /* WIN32 */ - generate_filename(dir, prefix, filename); + generate_filename(dir, prefix, filename, filenamelen); return; } @@ -218,7 +217,7 @@ static void MLOG_open() if (MLOGFP) return; - generate_filename(logdir ? logdir : MYLOGDIR, MYLOGFILE, filebuf); + generate_filename(logdir ? logdir : MYLOGDIR, MYLOGFILE, filebuf, sizeof(filebuf)); MLOGFP = fopen(filebuf, PG_BINARY_A); if (!MLOGFP) { @@ -226,7 +225,7 @@ static void MLOG_open() open_error = TRUE; snprintf(errbuf, sizeof(errbuf), "%s open error %d\n", filebuf, lasterror); - generate_homefile(MYLOGFILE, filebuf); + generate_homefile(MYLOGFILE, filebuf, sizeof(filebuf)); MLOGFP = fopen(filebuf, PG_BINARY_A); } if (MLOGFP) @@ -316,11 +315,11 @@ qlog(char *fmt,...) if (!QLOGFP) { - generate_filename(logdir ? logdir : QLOGDIR, QLOGFILE, filebuf); + generate_filename(logdir ? logdir : QLOGDIR, QLOGFILE, filebuf, sizeof(filebuf)); QLOGFP = fopen(filebuf, PG_BINARY_A); if (!QLOGFP) { - generate_homefile(QLOGFILE, filebuf); + generate_homefile(QLOGFILE, filebuf, sizeof(filebuf)); QLOGFP = fopen(filebuf, PG_BINARY_A); } if (QLOGFP) diff --git a/parse.c b/parse.c index 6e13331..8b60b2a 100644 --- a/parse.c +++ b/parse.c @@ -36,6 +36,7 @@ #include "catfunc.h" #include "multibyte.h" +#include "misc.h" #define FLD_INCR 32 #define TAB_INCR 8 @@ -1305,7 +1306,7 @@ parse_the_statement(StatementClass *stmt, BOOL check_hasoids, BOOL sqlsvr_check) delim = '\0'; token[0] = '\0'; - while (pptr = ptr, (delim != ',') ? strcpy(btoken, token) : (btoken[0] = '\0', NULL), (ptr = getNextToken(conn->ccsc, CC_get_escape(conn), pptr, token, sizeof(token), &delim, "e, &dquote, &numeric)) != NULL) + while (pptr = ptr, (delim != ',') ? STRCPY_FIXED(btoken, token) : (btoken[0] = '\0', NULL), (ptr = getNextToken(conn->ccsc, CC_get_escape(conn), pptr, token, sizeof(token), &delim, "e, &dquote, &numeric)) != NULL) { unquoted = !(quote || dquote); @@ -1426,7 +1427,7 @@ parse_the_statement(StatementClass *stmt, BOOL check_hasoids, BOOL sqlsvr_check) subqlevel = 0; } if (blevel >= old_blevel && ',' != delim) - strcpy(stoken, token); + STRCPY_FIXED(stoken, token); else stoken[0] = '\0'; } diff --git a/qresult.c b/qresult.c index 82d18c5..18195d4 100644 --- a/qresult.c +++ b/qresult.c @@ -373,25 +373,26 @@ void QR_add_message(QResultClass *self, const char *msg) { char *message = self->message; - size_t alsize, pos; + size_t alsize, pos, addlen; if (!msg || !msg[0]) return; + addlen = strlen(msg); if (message) { pos = strlen(message) + 1; - alsize = pos + strlen(msg) + 1; + alsize = pos + addlen + 1; } else { pos = 0; - alsize = strlen(msg) + 1; + alsize = addlen + 1; } if (message = realloc(message, alsize), NULL == message) return; if (pos > 0) message[pos - 1] = ';'; - strcpy(message + pos, msg); + strncpy_null(message + pos, msg, addlen + 1); self->message = message; } @@ -409,25 +410,26 @@ void QR_add_notice(QResultClass *self, const char *msg) { char *message = self->notice; - size_t alsize, pos; + size_t alsize, pos, addlen; if (!msg || !msg[0]) return; + addlen = strlen(msg); if (message) { pos = strlen(message) + 1; - alsize = pos + strlen(msg) + 1; + alsize = pos + addlen + 1; } else { pos = 0; - alsize = strlen(msg) + 1; + alsize = addlen + 1; } if (message = realloc(message, alsize), NULL == message) return; if (pos > 0) message[pos - 1] = ';'; - strcpy(message + pos, msg); + strncpy_null(message + pos, msg, addlen + 1); self->notice = message; } diff --git a/results.c b/results.c index 84b717d..f044de2 100644 --- a/results.c +++ b/results.c @@ -3026,7 +3026,7 @@ inolog("%s bestitem=%s bestqual=%s\n", func, SAFE_NAME(ti->bestitem), SAFE_NAME( *oideqstr = '\0'; else { - strcpy(oideqstr, andqual); + STRCPY_FIXED(oideqstr, andqual); snprintf_add(oideqstr, sizeof(oideqstr), bestqual, *oidint); } len = strlen(load_stmt); @@ -3279,6 +3279,7 @@ SC_pos_reload_with_key(StatementClass *stmt, SQLULEN global_ridx, UInt2 *count, return ret; } + RETCODE SC_pos_reload(StatementClass *stmt, SQLULEN global_ridx, UInt2 *count, Int4 logKind) { @@ -3296,8 +3297,9 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ UInt4 blocknum; SQLLEN kres_ridx; UInt2 offset; - char *qval = NULL, *sval = NULL; + char *qval = NULL; int keys_per_fetch = 10; + size_t allen = 0; for (i = SC_get_rowset_start(stmt), kres_ridx = GIdx2KResIdx(i, stmt, res), rowc = 0;; i++, kres_ridx++) { @@ -3309,11 +3311,7 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ { for (j = rowc; j < keys_per_fetch; j++) { - if (j) - strcpy(sval, ",NULL"); - else - strcpy(sval, "NULL"); - sval = strchr(sval, '\0'); + strlcat(qval, j ? ",NULL" : "NULL", allen); } } rowc = -1; /* end of loop */ @@ -3322,7 +3320,7 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ { QResultClass *qres; - strcpy(sval, ")"); + strlcat(qval, ")", allen); qres = CC_send_query(conn, qval, NULL, CREATE_KEYSET, stmt); if (QR_command_maybe_successful(qres)) { @@ -3379,7 +3377,6 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ if (!qval) { - size_t allen; if (res->reload_count > 0) keys_per_fetch = res->reload_count; @@ -3404,26 +3401,19 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ SC_MALLOC_return_with_error(qval, char, allen, stmt, "Couldn't alloc qval", -1); sprintf(qval, "PREPARE \"%s\"", planname); - sval = strchr(qval, '\0'); for (j = 0; j < keys_per_fetch; j++) { - if (j == 0) - strcpy(sval, "(tid"); - else - strcpy(sval, ",tid"); - sval = strchr(sval, '\0'); + strlcat(qval, j ? ",tid" : "(tid", allen); } - sprintf(sval, ") as %s where ctid in ", stmt->load_statement); - sval = strchr(sval, '\0'); + snprintf_add(qval, allen, ") as %s where ctid in ", stmt->load_statement); for (j = 0; j < keys_per_fetch; j++) { if (j == 0) - strcpy(sval, "($1"); + strlcat(qval, "($1", allen); else - sprintf(sval, ",$%d", j + 1); - sval = strchr(sval, '\0'); + snprintf_add(qval, allen, ",$%d", j + 1); } - strcpy(sval, ")"); + strlcat(qval, ")", allen); qres = CC_send_query(conn, qval, NULL, 0, stmt); if (QR_command_maybe_successful(qres)) { @@ -3445,26 +3435,20 @@ static SQLLEN LoadFromKeyset(StatementClass *stmt, QResultClass * res, int rows_ } if (res->reload_count > 0) { - sprintf(qval, "EXECUTE \"_KEYSET_%p\"(", res); - sval = qval; + snprintf(qval, allen, "EXECUTE \"_KEYSET_%p\"(", res); } else { - memcpy(qval, stmt->load_statement, lodlen); - sval = qval + lodlen; - sval[0]= '\0'; - strcpy(sval, " where ctid in ("); + snprintf(qval, allen, "%s where ctid in (", stmt->load_statement); } - sval = strchr(sval, '\0'); } if (0 != (res->keyset[kres_ridx].status & CURS_NEEDS_REREAD)) { getTid(res, kres_ridx, &blocknum, &offset); if (rowc) - sprintf(sval, ",'(%u,%u)'", blocknum, offset); + snprintf_add(qval, allen, ",'(%u,%u)'", blocknum, offset); else - sprintf(sval, "'(%u,%u)'", blocknum, offset); - sval = strchr(sval, '\0'); + snprintf_add(qval, allen, "'(%u,%u)'", blocknum, offset); rowc++; rcnt++; } @@ -3483,12 +3467,14 @@ static SQLLEN LoadFromKeyset_inh(StatementClass *stmt, QResultClass * res, int r UInt4 blocknum; SQLLEN kres_ridx; UInt2 offset; - char *qval = NULL, *sval = NULL; + char *qval = NULL; int keys_per_fetch = 10; const char *load_stmt = stmt->load_statement; const ssize_t from_pos = stmt->load_from_pos; const int max_identifier = 100; + size_t allen = 0; +mylog(" %s in rows_per_fetch=%d limitrow=%d\n", __FUNCTION__, rows_per_fetch, limitrow); new_oid = 0; for (i = SC_get_rowset_start(stmt), kres_ridx = GIdx2KResIdx(i, stmt, res), rowc = 0, oid = 0;; i++, kres_ridx++) { @@ -3509,7 +3495,7 @@ static SQLLEN LoadFromKeyset_inh(StatementClass *stmt, QResultClass * res, int r { QResultClass *qres; - strcpy(sval, ")"); + strlcat(qval, ")", allen); qres = CC_send_query(conn, qval, NULL, CREATE_KEYSET, stmt); if (QR_command_maybe_successful(qres)) { @@ -3565,9 +3551,6 @@ static SQLLEN LoadFromKeyset_inh(StatementClass *stmt, QResultClass * res, int r { if (!qval) { - size_t allen; - - if (rows_per_fetch >= pre_fetch_count * 2) keys_per_fetch = pre_fetch_count; else @@ -3582,16 +3565,14 @@ static SQLLEN LoadFromKeyset_inh(StatementClass *stmt, QResultClass * res, int r stmt, "Couldn't alloc qval", -1); } sprintf(qval, "%.*sfrom %s where ctid in (", (int) from_pos, load_stmt, ti_quote(stmt, new_oid)); - sval = strchr(qval, '\0'); } if (new_oid != oid) oid = new_oid; getTid(res, kres_ridx, &blocknum, &offset); if (rowc) - sprintf(sval, ",'(%u,%u)'", blocknum, offset); + snprintf_add(qval, allen, ",'(%u,%u)'", blocknum, offset); else - sprintf(sval, "'(%u,%u)'", blocknum, offset); - sval = strchr(sval, '\0'); + snprintf_add(qval, allen, "'(%u,%u)'", blocknum, offset); rowc++; rcnt++; } @@ -4244,7 +4225,7 @@ SC_pos_delete(StatementClass *stmt, ret = SQL_ERROR; if (qres) { - strcpy(res->sqlstate, qres->sqlstate); + STRCPY_FIXED(res->sqlstate, qres->sqlstate); res->message = qres->message; qres->message = NULL; } diff --git a/setup.c b/setup.c index 930ae4d..767befc 100644 --- a/setup.c +++ b/setup.c @@ -79,7 +79,7 @@ ConfigDSN(HWND hwnd, /* Save original data source name */ if (lpsetupdlg->ci.dsn[0]) - lstrcpy(lpsetupdlg->szDSN, lpsetupdlg->ci.dsn); + STRCPY_FIXED(lpsetupdlg->szDSN, lpsetupdlg->ci.dsn); else lpsetupdlg->szDSN[0] = '\0'; @@ -289,7 +289,7 @@ ConfigDlgProc(HWND hdlg, /* Save drivername */ if (!(lpsetupdlg->ci.drivername[0])) - lstrcpy(lpsetupdlg->ci.drivername, lpsetupdlg->lpszDrvr); + STRCPY_FIXED(lpsetupdlg->ci.drivername, lpsetupdlg->lpszDrvr); if (lpsetupdlg->fNewDSN || !ci->dsn[0]) ShowWindow(GetDlgItem(hdlg, IDC_MANAGEDSN), SW_HIDE); diff --git a/statement.c b/statement.c index 05f7c78..2069404 100644 --- a/statement.c +++ b/statement.c @@ -1270,12 +1270,12 @@ SC_create_errorinfo(const StatementClass *self) } if (NULL != res->message) { - strncpy_null(msg, res->message, sizeof(msg)); + STRCPY_FIXED(msg, res->message); detailmsg = resmsg = TRUE; } else if (NULL != res->messageref) { - strncpy_null(msg, res->messageref, sizeof(msg)); + STRCPY_FIXED(msg, res->messageref); detailmsg = resmsg = TRUE; } if (msg[0]) @@ -1324,11 +1324,11 @@ SC_create_errorinfo(const StatementClass *self) pgerror = ER_Constructor(self->__error_number, ermsg); if (!pgerror) return NULL; if (sqlstate) - strcpy(pgerror->sqlstate, sqlstate); + STRCPY_FIXED(pgerror->sqlstate, sqlstate); else if (conn) { if (!msgend && conn->sqlstate[0]) - strcpy(pgerror->sqlstate, conn->sqlstate); + STRCPY_FIXED(pgerror->sqlstate, conn->sqlstate); else { EnvironmentClass *env = (EnvironmentClass *) CC_get_env(conn); @@ -1339,7 +1339,7 @@ SC_create_errorinfo(const StatementClass *self) { errornum = 1 - LOWEST_STMT_ERROR; } - strcpy(pgerror->sqlstate, EN_is_odbc3(env) ? + STRCPY_FIXED(pgerror->sqlstate, EN_is_odbc3(env) ? Statement_sqlstate[errornum].ver3str : Statement_sqlstate[errornum].ver2str); } @@ -1432,7 +1432,7 @@ inolog("SC_set_error_from_res %p->%p check=%i\n", from_res ,self, check); repstate = TRUE; } if (repstate) - strcpy(self_res->sqlstate, from_res->sqlstate); + STRCPY_FIXED(self_res->sqlstate, from_res->sqlstate); } void @@ -1480,7 +1480,7 @@ inolog("SC_error_copy %p->%p check=%i\n", from ,self, check); repstate = TRUE; } if (repstate) - strcpy(self_res->sqlstate, from_res->sqlstate); + STRCPY_FIXED(self_res->sqlstate, from_res->sqlstate); } diff --git a/xalibname.c b/xalibname.c index 7c613d1..dbaf06b 100644 --- a/xalibname.c +++ b/xalibname.c @@ -67,7 +67,7 @@ const char *GetXaLibName(void) /* entry for security reason. */ _splitpath(dllpath, drive, dir, fname, ext); // _snprintf(xalibname, sizeof(xalibname), "%s%s", fname, ext); - strcpy(xalibname, "pgxalib.dll"); + strncpy(xalibname, "pgxalib.dll", sizeof(xalibname)); if (IsWow64()) { if ('\\' == *dir && -- 2.39.5