Use strncpy instead of strcpy because again, buffer overflows

2026-02-25 09:33:50 +00:00 · 2018-03-06 01:59:05 -05:00 · 2018-03-06 01:59:05 -05:00 · 79c34c68db
commit 79c34c68db
parent 7769da9434
92 changed files with 298 additions and 279 deletions
--- a/Engine/source/persistence/taml/taml.cpp
+++ b/Engine/source/persistence/taml/taml.cpp
@ -708,7 +708,7 @@ ImplementEnumType(_TamlFormatMode,

            U32 nBufferSize = dStrlen(pFieldValue) + 1;
            FrameTemp<char> valueCopy(nBufferSize);
-            dStrcpy((char *)valueCopy, pFieldValue);
+            dStrcpy((char *)valueCopy, pFieldValue, nBufferSize);

            // Skip if field should not be written.
            if (!pSimObject->writeField(fieldName, valueCopy))
@ -1547,4 +1547,4 @@ ImplementEnumType(_TamlFormatMode,
      TiXmlElement* pAnyElement = new TiXmlElement("xs:any");
      pAnyElement->SetAttribute("processContents", "skip");
      pSequenceElement->LinkEndChild(pAnyElement);
-   }
+   }
--- a/Engine/source/persistence/taml/tamlCustom.cpp
+++ b/Engine/source/persistence/taml/tamlCustom.cpp
@ -53,7 +53,7 @@ void TamlCustomField::set( const char* pFieldName, const char* pFieldValue )
    }
 #endif
    // Copy field value.
-    dStrcpy( mFieldValue, pFieldValue );
+    dStrcpy( mFieldValue, pFieldValue, MAX_TAML_NODE_FIELDVALUE_LENGTH );
 }

 //-----------------------------------------------------------------------------
--- a/Engine/source/persistence/taml/tamlCustom.h
+++ b/Engine/source/persistence/taml/tamlCustom.h
@ -334,7 +334,7 @@ public:
        // Sanity!
        AssertFatal( fieldNameLength < sizeof(fieldNameBuffer), "TamlCustomField: Field name is too long." );

-        dStrcpy( fieldNameBuffer, mFieldName );
+        dStrcpy( fieldNameBuffer, mFieldName, 1024 );
        fieldNameBuffer[fieldNameLength-1] = 0;
        StringTableEntry fieldName = StringTable->insert( fieldNameBuffer );

@ -782,4 +782,4 @@ private:
    TamlCustomNodeVector mNodes;
 };

-#endif // _TAML_CUSTOM_H_
+#endif // _TAML_CUSTOM_H_
--- a/Engine/source/persistence/taml/tamlWriteNode.h
+++ b/Engine/source/persistence/taml/tamlWriteNode.h
@ -54,7 +54,7 @@ public:

            // Allocate and copy the value.
            mpValue = new char[ dStrlen(pValue)+1 ];
-            dStrcpy( (char *)mpValue, pValue );
+            dStrcpy( (char *)mpValue, pValue, dStrlen(pValue) + 1 );
        }
        

@ -113,4 +113,4 @@ public:
    TamlCustomNodes             mCustomNodes;
 };

-#endif // _TAML_WRITE_NODE_H_
+#endif // _TAML_WRITE_NODE_H_