Clear some _CRT_SECURE_NO_WARNINGS warnings.
Some of the complaints seem a bit questionable or their replacements
problematic, but not using strcat, strcpy, and strncpy is easy and
safer.
Change-Id: I64faf24b4f39d1ea410e883f026350094975a9b5
Reviewed-on: https://boringssl-review.googlesource.com/22125
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index afa39d7..8f89096 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -764,13 +764,13 @@
int PEM_def_callback(char *buf, int size, int rwflag, void *userdata)
{
- if (!buf || !userdata) {
+ if (!buf || !userdata || size < 0) {
return 0;
}
size_t len = strlen((char *)userdata);
if (len >= (size_t)size) {
return 0;
}
- strcpy(buf, (char *)userdata);
+ BUF_strlcpy(buf, userdata, (size_t)size);
return len;
}
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index d72f9ec..018c5d1 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -235,8 +235,7 @@
by_dir_entry_free(ent);
return 0;
}
- strncpy(ent->dir, ss, len);
- ent->dir[len] = '\0';
+ BUF_strlcpy(ent->dir, ss, len + 1);
if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
by_dir_entry_free(ent);
return 0;
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 33eafc4..f9f0308 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -102,8 +102,7 @@
buf = b->data;
OPENSSL_free(b);
}
- strncpy(buf, "NO X509_NAME", len);
- buf[len - 1] = '\0';
+ BUF_strlcpy(buf, "NO X509_NAME", len);
return buf;
}
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 6280651..b78a410 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -166,9 +166,9 @@
for (i = 0; i < 8; i++) {
BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]);
p += 2;
- strcat(oline, htmp);
+ BUF_strlcat(oline, htmp, sizeof(oline));
if (i != 7)
- strcat(oline, ":");
+ BUF_strlcat(oline, ":", sizeof(oline));
}
} else {
if (!X509V3_add_value("IP Address", "<invalid>", &ret))
@@ -588,8 +588,7 @@
objtmp = OPENSSL_malloc(objlen + 1);
if (objtmp == NULL)
return 0;
- strncpy(objtmp, value, objlen);
- objtmp[objlen] = 0;
+ BUF_strlcpy(objtmp, value, objlen + 1);
gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
OPENSSL_free(objtmp);
if (!gen->d.otherName->type_id)
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index 40f451f..ff96489 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -192,8 +192,7 @@
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
goto err;
}
- strncpy(objtmp, cnf->name, objlen);
- objtmp[objlen] = 0;
+ BUF_strlcpy(objtmp, cnf->name, objlen + 1);
acc->method = OBJ_txt2obj(objtmp, 0);
if (!acc->method) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT);
