0022961: Dangerous usage of 'buf' (strncpy doesn't always 0-terminate it) (cppcheck report)

2025-04-21 10:13:43 +03:00 · 2012-03-07 15:34:08 +04:00 · 2012-03-07 15:34:08 +04:00 · b67106756f
commit b67106756f
parent 56fabb3143
2 changed files with 28 additions and 24 deletions
--- a/src/VrmlData/VrmlData_Group.cxx
+++ b/src/VrmlData/VrmlData_Group.cxx
@ -323,19 +323,21 @@ VrmlData_ErrorStatus VrmlData_Group::Read (VrmlData_InBuffer& theBuffer)
            // because each name must remain unique in the global scene.
            if (aNode->Name())
              if (* aNode->Name() != '\0') {
-                char buf[1024];
+                TCollection_AsciiString buf;
-                strncpy (buf, aFileName.ToCString(), sizeof(buf));
+                buf += aFileName;
-                char * ptr = strchr (buf, '.');
+                Standard_Integer aCharLocation = buf.Location (1, '.', 1, buf.Length());
-                if (!ptr)
+                if (aCharLocation != 0)
-                  ptr = strchr (buf,'\0');
+                {
-                * ptr = '_';
+                  buf.Remove (aCharLocation, buf.Length() - aCharLocation + 1);
-                strncpy (ptr+1, aNode->Name(), (&buf[sizeof(buf)]-ptr)-2);
+                }
-                const size_t len = strlen(buf) + 1;
+                buf += '_';
                buf += aNode->Name();
                const size_t len = buf.Length();
                char * aNewName =
                  static_cast<char *> (Scene().Allocator()->Allocate (len));
                if (aNewName) {
                  aNode->myName = aNewName;
-                  memcpy (aNewName, buf, len);
+                  memcpy (aNewName, buf.ToCString(), len);
                }
              }
          }
--- a/src/VrmlData/VrmlData_Scene.cxx
+++ b/src/VrmlData/VrmlData_Scene.cxx
@ -1012,21 +1012,23 @@ VrmlData_ErrorStatus VrmlData_Scene::WriteNode
          aStatus = theNode->Write (thePrefix);
        else {
          // Name is written under DEF clause
-          char buf[1024], * ptr;
+          TCollection_AsciiString buf;
-          if (myNamedNodesOut.Contains (theNode)) {
+          if (myNamedNodesOut.Contains (theNode))
-            memcpy (buf, "USE ", 4);
+          {
-            strncpy (&buf[4], theNode->Name(), sizeof(buf)-5);
+            buf += "USE ";
-            aStatus = WriteLine (thePrefix, buf);
+            buf += theNode->Name();
-          } else {
+            aStatus = WriteLine (thePrefix, buf.ToCString());
-            if (thePrefix) {
+          } 
-              strncpy (buf, thePrefix, sizeof(buf));
+          else 
-              ptr = strchr (buf, '\0');
+          {
-              * ptr++ = ' ';
+            if (thePrefix)
-            } else
+            {
-              ptr = &buf[0];
+              buf += thePrefix;
-            strcpy (ptr, "DEF ");
+              buf += ' ';
-            strncpy (ptr+4, theNode->Name(), &buf[sizeof(buf)] - (ptr+5));
+            }
-            aStatus = theNode->Write (buf);
+            buf += "DEF ";
            buf += theNode->Name();
            aStatus = theNode->Write (buf.ToCString());
            const_cast<VrmlData_MapOfNode&>(myNamedNodesOut).Add (theNode);
          }
        }