[Bf-blender-cvs] [2e6d427] master: Cleanup/security fix: do not use strcpy (at least in new code).

Bastien Montagne noreply at git.blender.org
Thu Aug 18 16:06:28 CEST 2016 

Commit: 2e6d4270cdd4dab1964af4427f833846e4aef4a7
Author: Bastien Montagne
Date:   Thu Aug 18 15:45:20 2016 +0200
Branches: master
https://developer.blender.org/rB2e6d4270cdd4dab1964af4427f833846e4aef4a7

Cleanup/security fix: do not use strcpy (at least in new code).

This function is only really secure in a very limited amount of cases,
and can especially bite you later if you change some buffer sizes...
So not worth bothering with it, just always use BLI_strncpy instead.

===================================================================

M	source/blender/blenkernel/intern/gpencil.c
M	source/blender/blenloader/intern/versioning_270.c
M	source/blender/editors/gpencil/gpencil_data.c
M	source/blender/editors/gpencil/gpencil_edit.c
M	source/blender/editors/gpencil/gpencil_paint.c
M	source/blender/makesrna/intern/rna_gpencil.c

===================================================================

diff --git a/source/blender/blenkernel/intern/gpencil.c b/source/blender/blenkernel/intern/gpencil.c
index e4bac0a..2242113 100644
--- a/source/blender/blenkernel/intern/gpencil.c
+++ b/source/blender/blenkernel/intern/gpencil.c
@@ -1268,7 +1268,7 @@ void BKE_gpencil_palettecolor_changename(bGPdata *gpd, char *oldname, const char
 		for (gpf = gpl->frames.first; gpf; gpf = gpf->next) {
 			for (gps = gpf->strokes.first; gps; gps = gps->next) {
 				if (STREQ(gps->colorname, oldname)) {
-					strcpy(gps->colorname, newname);
+					BLI_strncpy(gps->colorname, newname, sizeof(gps->colorname));
 				}
 			}
 		}
diff --git a/source/blender/blenloader/intern/versioning_270.c b/source/blender/blenloader/intern/versioning_270.c
index d735f09..f6ac42c 100644
--- a/source/blender/blenloader/intern/versioning_270.c
+++ b/source/blender/blenloader/intern/versioning_270.c
@@ -1318,7 +1318,7 @@ void blo_do_versions_270(FileData *fd, Library *UNUSED(lib), Main *main)
 							for (bGPDframe *gpf = gpl->frames.first; gpf; gpf = gpf->next) {
 								for (bGPDstroke *gps = gpf->strokes.first; gps; gps = gps->next) {
 									/* set stroke to palette and force recalculation */
-									strcpy(gps->colorname, gpl->info);
+									BLI_strncpy(gps->colorname, gpl->info, sizeof(gps->colorname));
 									gps->palcolor = NULL;
 									gps->flag |= GP_STROKE_RECALC_COLOR;
 									gps->thickness = gpl->thickness;
diff --git a/source/blender/editors/gpencil/gpencil_data.c b/source/blender/editors/gpencil/gpencil_data.c
index 8733c7b..2aa6d30 100644
--- a/source/blender/editors/gpencil/gpencil_data.c
+++ b/source/blender/editors/gpencil/gpencil_data.c
@@ -883,7 +883,7 @@ static int gp_stroke_change_color_exec(bContext *C, wmOperator *UNUSED(op))
 
 					/* asign new color (only if different) */
 					if (STREQ(gps->colorname, color->info) == false) {
-						strcpy(gps->colorname, color->info);
+						BLI_strncpy(gps->colorname, color->info, sizeof(gps->colorname));
 						gps->flag |= GP_STROKE_RECALC_COLOR;
 					}
 				}
@@ -1271,7 +1271,7 @@ static int gp_stroke_join_exec(bContext *C, wmOperator *op)
 						/* if new, set current color */
 						if (type == GP_STROKE_JOINCOPY) {
 							new_stroke->palcolor = palcolor;
-							strcpy(new_stroke->colorname, palcolor->info);
+							BLI_strncpy(new_stroke->colorname, palcolor->info, sizeof(new_stroke->colorname));
 							new_stroke->flag |= GP_STROKE_RECALC_COLOR;
 						}
 					}
diff --git a/source/blender/editors/gpencil/gpencil_edit.c b/source/blender/editors/gpencil/gpencil_edit.c
index b298769..e58178b 100644
--- a/source/blender/editors/gpencil/gpencil_edit.c
+++ b/source/blender/editors/gpencil/gpencil_edit.c
@@ -207,7 +207,7 @@ static void gp_duplicate_points(const bGPDstroke *gps, ListBase *new_strokes, co
 				
 				/* make a stupid copy first of the entire stroke (to get the flags too) */
 				gpsd = MEM_dupallocN(gps);
-				strcpy(gpsd->tmp_layerinfo, layername); /* saves original layer name */
+				BLI_strncpy(gpsd->tmp_layerinfo, layername, sizeof(gpsd->tmp_layerinfo)); /* saves original layer name */
 				
 				/* initialize triangle memory - will be calculated on next redraw */
 				gpsd->triangles = NULL;
@@ -266,7 +266,7 @@ static int gp_duplicate_exec(bContext *C, wmOperator *op)
 					
 					/* make direct copies of the stroke and its points */
 					gpsd = MEM_dupallocN(gps);
-					strcpy(gpsd->tmp_layerinfo, gpl->info);
+					BLI_strncpy(gpsd->tmp_layerinfo, gpl->info, sizeof(gpsd->tmp_layerinfo));
 					gpsd->points = MEM_dupallocN(gps->points);
 
 					/* triangle information - will be calculated on next redraw */
@@ -386,7 +386,7 @@ static int gp_strokes_copy_exec(bContext *C, wmOperator *op)
 					
 					/* make direct copies of the stroke and its points */
 					gpsd = MEM_dupallocN(gps);
-					strcpy(gpsd->tmp_layerinfo, gpl->info); /* saves original layer name */
+					BLI_strncpy(gpsd->tmp_layerinfo, gpl->info, sizeof(gpsd->tmp_layerinfo)); /* saves original layer name */
 					gpsd->points = MEM_dupallocN(gps->points);
 					
 					/* triangles cache - will be recalculated on next redraw */
diff --git a/source/blender/editors/gpencil/gpencil_paint.c b/source/blender/editors/gpencil/gpencil_paint.c
index e7e39a8..dacdc0c 100644
--- a/source/blender/editors/gpencil/gpencil_paint.c
+++ b/source/blender/editors/gpencil/gpencil_paint.c
@@ -924,7 +924,7 @@ static void gp_stroke_newfrombuffer(tGPsdata *p)
 	bGPDpalette *palette = BKE_gpencil_palette_getactive(p->gpd);
 	bGPDpalettecolor *palcolor = BKE_gpencil_palettecolor_getactive(palette);
 	gps->palcolor = palcolor;
-	strcpy(gps->colorname, palcolor->info);
+	BLI_strncpy(gps->colorname, palcolor->info, sizeof(gps->colorname));
 
 	/* add stroke to frame, usually on tail of the listbase, but if on back is enabled the stroke is added on listbase head 
 	* because the drawing order is inverse and the head stroke is the first to draw. This is very useful for artist
diff --git a/source/blender/makesrna/intern/rna_gpencil.c b/source/blender/makesrna/intern/rna_gpencil.c
index 48d7dcf..3ecaec7 100644
--- a/source/blender/makesrna/intern/rna_gpencil.c
+++ b/source/blender/makesrna/intern/rna_gpencil.c
@@ -483,7 +483,7 @@ static bGPDstroke *rna_GPencil_stroke_new(bGPDframe *frame, const char *colornam
 {
 	bGPDstroke *stroke = MEM_callocN(sizeof(bGPDstroke), "gp_stroke");
 	if (colorname) {
-		strcpy(stroke->colorname, colorname);
+		BLI_strncpy(stroke->colorname, colorname, sizeof(stroke->colorname));
 	}
 	stroke->palcolor = NULL;
 	stroke->flag |= GP_STROKE_RECALC_COLOR;

More information about the Bf-blender-cvs mailing list