diff options
| author | Junio C Hamano <gitster@pobox.com> | 2015-10-20 15:24:00 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2015-10-20 15:24:01 -0700 |
| commit | 78891795df91a313fac590dd6cff9d8aace0dc9a (patch) | |
| tree | 6acc4a524a76633c058d675481b266b1fc56a222 /diff.c | |
| parent | 614a2aced1ba739dfe5bf17a85f9d376efb235b1 (diff) | |
| parent | 34e02deb60b4db22243d47846eb926de9e0d1cf9 (diff) | |
| download | git-78891795df91a313fac590dd6cff9d8aace0dc9a.tar.gz | |
Merge branch 'jk/war-on-sprintf'
Many allocations that is manually counted (correctly) that are
followed by strcpy/sprintf have been replaced with a less error
prone constructs such as xstrfmt.
Macintosh-specific breakage was noticed and corrected in this
reroll.
* jk/war-on-sprintf: (70 commits)
name-rev: use strip_suffix to avoid magic numbers
use strbuf_complete to conditionally append slash
fsck: use for_each_loose_file_in_objdir
Makefile: drop D_INO_IN_DIRENT build knob
fsck: drop inode-sorting code
convert strncpy to memcpy
notes: document length of fanout path with a constant
color: add color_set helper for copying raw colors
prefer memcpy to strcpy
help: clean up kfmclient munging
receive-pack: simplify keep_arg computation
avoid sprintf and strcpy with flex arrays
use alloc_ref rather than hand-allocating "struct ref"
color: add overflow checks for parsing colors
drop strcpy in favor of raw sha1_to_hex
use sha1_to_hex_r() instead of strcpy
daemon: use cld->env_array when re-spawning
stat_tracking_info: convert to argv_array
http-push: use an argv_array for setup_revisions
fetch-pack: use argv_array for index-pack / unpack-objects
...
Diffstat (limited to 'diff.c')
| -rw-r--r-- | diff.c | 21 |
1 files changed, 10 insertions, 11 deletions
@@ -322,7 +322,7 @@ static struct diff_tempfile { */ const char *name; - char hex[41]; + char hex[GIT_SHA1_HEXSZ + 1]; char mode[10]; /* @@ -2882,9 +2882,8 @@ static void prep_temp_blob(const char *path, struct diff_tempfile *temp, die_errno("unable to write temp-file"); close_tempfile(&temp->tempfile); temp->name = get_tempfile_path(&temp->tempfile); - strcpy(temp->hex, sha1_to_hex(sha1)); - temp->hex[40] = 0; - sprintf(temp->mode, "%06o", mode); + sha1_to_hex_r(temp->hex, sha1); + xsnprintf(temp->mode, sizeof(temp->mode), "%06o", mode); strbuf_release(&buf); strbuf_release(&template); free(path_dup); @@ -2901,8 +2900,8 @@ static struct diff_tempfile *prepare_temp_file(const char *name, * a '+' entry produces this for file-1. */ temp->name = "/dev/null"; - strcpy(temp->hex, "."); - strcpy(temp->mode, "."); + xsnprintf(temp->hex, sizeof(temp->hex), "."); + xsnprintf(temp->mode, sizeof(temp->mode), "."); return temp; } @@ -2930,16 +2929,16 @@ static struct diff_tempfile *prepare_temp_file(const char *name, /* we can borrow from the file in the work tree */ temp->name = name; if (!one->sha1_valid) - strcpy(temp->hex, sha1_to_hex(null_sha1)); + sha1_to_hex_r(temp->hex, null_sha1); else - strcpy(temp->hex, sha1_to_hex(one->sha1)); + sha1_to_hex_r(temp->hex, one->sha1); /* Even though we may sometimes borrow the * contents from the work tree, we always want * one->mode. mode is trustworthy even when * !(one->sha1_valid), as long as * DIFF_FILE_VALID(one). */ - sprintf(temp->mode, "%06o", one->mode); + xsnprintf(temp->mode, sizeof(temp->mode), "%06o", one->mode); } return temp; } @@ -4085,9 +4084,9 @@ const char *diff_unique_abbrev(const unsigned char *sha1, int len) if (abblen < 37) { static char hex[41]; if (len < abblen && abblen <= len + 2) - sprintf(hex, "%s%.*s", abbrev, len+3-abblen, ".."); + xsnprintf(hex, sizeof(hex), "%s%.*s", abbrev, len+3-abblen, ".."); else - sprintf(hex, "%s...", abbrev); + xsnprintf(hex, sizeof(hex), "%s...", abbrev); return hex; } return sha1_to_hex(sha1); |