[Bf-committers] strcmp->strncmp code update

Johan C. 0wl256 at gmail.com
Sun Jun 26 21:48:35 CEST 2011 

2011/6/26 Campbell Barton <ideasman42 at gmail.com>

> blenders strings are assumed to be zero terminated in many places so
> using strncpy and strncmp are not especially making blenders code less
> vulnerable to buffer overruns unless our own internal functions also
> accept a string lengths.
>
>
You probably mean the blenlib internals e.g. BLI_path_util.h , the macros
there are however not used everywhere...
Try to use this perl script on a list of filenames for example:
#!/usr/bin/perl -wT

use strict;
my $print;
for (my $i = 1; $i < $#ARGV; $i++)
{

open (FH, "< $ARGV[$i]);

while (<FH>)
{
    if (/(strcmp\()/)
    {
        if (/\((\w+)\((\w*)(\W*)(\w*)(\W*)(\w*)(\W*)(\, )(\w*)(\W*)\)/) {
            print "if \(std::strncmp\($2$3$4$5$6$7$8$9$10,
std::strlen\($9$10\)) == 0\) {\n";
        } else {
            $print+=$_;next;
        }
    } else {
        $print+=$_;;
    }

}

open (FH2, "> $ARGV[$i]);
{

    print(FH2,$print);

}

}
1;



>  On Sun, Jun 26, 2011 at 5:14 PM, Sergey I. Sharybin <g.ulairi at gmail.com>
> wrote:
> >  Hi,
> >
> > I can't see how such kind of replacement would help us. And we can't use
> > cstring dur to Blender is mostly written in C, not C++.
> >
> > Johan C. wrote:
> >> Hi,
> >>
> >> It'd be best to rewrite the strcmp functions with strncmp and using
> >> #include<cstring>  instead of libc string.h .
> >>
> >> So strcmp(1,2) would become std::strncmp(1,2,std::strlen(2));
> >>
> >> Love,
> >> erana
> >>
> >> PS: You can patch it with a line of perl.
> >> _______________________________________________
> >> Bf-committers mailing list
> >> Bf-committers at blender.org
> >> http://lists.blender.org/mailman/listinfo/bf-committers
> >>
> >
> >
> > --
> > With best regards, Sergey I. Sharybin
> >
> > _______________________________________________
> > Bf-committers mailing list
> > Bf-committers at blender.org
> > http://lists.blender.org/mailman/listinfo/bf-committers
> >
>
>
>
> --
> - Campbell
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
>

More information about the Bf-committers mailing list