curlx: curlx_strcopy() instead of strcpy()

This function REQUIRES the size of the target buffer as well as the
length of the source string. Meant to make it harder to do a bad
strcpy().

Removes 23 calls to strcpy().

Closes #20067
This commit is contained in:
Daniel Stenberg 2025-12-21 23:40:24 +01:00
parent f099c2ca55
commit a535be4ea0
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
30 changed files with 195 additions and 97 deletions

View file

@ -29,13 +29,13 @@
/* The point of this function would be to return a string of the input data,
but never longer than 5 columns (+ one zero byte).
Add suffix k, M, G when suitable... */
static char *max5data(curl_off_t bytes, char *max5)
static char *max5data(curl_off_t bytes, char *max5, size_t mlen)
{
/* a signed 64-bit value is 8192 petabytes maximum */
const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 };
const char unit[] = { 'k', 'M', 'G', 'T', 'P', 'E', 0 };
int k = 0;
if(bytes < 100000) {
curl_msnprintf(max5, 6, "%5" CURL_FORMAT_CURL_OFF_T, bytes);
curl_msnprintf(max5, mlen, "%5" CURL_FORMAT_CURL_OFF_T, bytes);
return max5;
}
@ -43,14 +43,14 @@ static char *max5data(curl_off_t bytes, char *max5)
curl_off_t nbytes = bytes / 1024;
if(nbytes < 100) {
/* display with a decimal */
curl_msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0"
curl_msnprintf(max5, mlen, "%2" CURL_FORMAT_CURL_OFF_T ".%0"
CURL_FORMAT_CURL_OFF_T "%c", bytes / 1024,
(bytes % 1024) / (1024 / 10), unit[k]);
break;
}
else if(nbytes < 10000) {
/* no decimals */
curl_msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "%c", nbytes,
curl_msnprintf(max5, mlen, "%4" CURL_FORMAT_CURL_OFF_T "%c", nbytes,
unit[k]);
break;
}
@ -87,18 +87,18 @@ int xferinfo_cb(void *clientp,
/* Provide a string that is 2 + 1 + 2 + 1 + 2 = 8 letters long (plus the zero
byte) */
static void time2str(char *r, curl_off_t seconds)
static void time2str(char *r, size_t rlen, curl_off_t seconds)
{
curl_off_t h;
if(seconds <= 0) {
strcpy(r, "--:--:--");
curlx_strcopy(r, rlen, "--:--:--", 8);
return;
}
h = seconds / 3600;
if(h <= 99) {
curl_off_t m = (seconds - (h * 3600)) / 60;
curl_off_t s = (seconds - (h * 3600)) - (m * 60);
curl_msnprintf(r, 9, "%2" CURL_FORMAT_CURL_OFF_T
curl_msnprintf(r, rlen, "%2" CURL_FORMAT_CURL_OFF_T
":%02" CURL_FORMAT_CURL_OFF_T
":%02" CURL_FORMAT_CURL_OFF_T, h, m, s);
}
@ -108,10 +108,10 @@ static void time2str(char *r, curl_off_t seconds)
curl_off_t d = seconds / 86400;
h = (seconds - (d * 86400)) / 3600;
if(d <= 999)
curl_msnprintf(r, 9, "%3" CURL_FORMAT_CURL_OFF_T
curl_msnprintf(r, rlen, "%3" CURL_FORMAT_CURL_OFF_T
"d %02" CURL_FORMAT_CURL_OFF_T "h", d, h);
else
curl_msnprintf(r, 9, "%7" CURL_FORMAT_CURL_OFF_T "d", d);
curl_msnprintf(r, rlen, "%7" CURL_FORMAT_CURL_OFF_T "d", d);
}
}
@ -254,14 +254,14 @@ bool progress_meter(CURLM *multi, struct curltime *start, bool final)
if(dlknown && speed) {
curl_off_t est = all_dltotal / speed;
curl_off_t left = (all_dltotal - all_dlnow) / speed;
time2str(time_left, left);
time2str(time_total, est);
time2str(time_left, sizeof(time_left), left);
time2str(time_total, sizeof(time_total), est);
}
else {
time2str(time_left, 0);
time2str(time_total, 0);
time2str(time_left, sizeof(time_left), 0);
time2str(time_total, sizeof(time_total), 0);
}
time2str(time_spent, spent);
time2str(time_spent, sizeof(time_spent), spent);
(void)curl_multi_get_offt(multi, CURLMINFO_XFERS_ADDED, &xfers_added);
(void)curl_multi_get_offt(multi, CURLMINFO_XFERS_RUNNING, &xfers_running);
@ -281,14 +281,14 @@ bool progress_meter(CURLM *multi, struct curltime *start, bool final)
dlpercen, /* 3 letters */
ulpercen, /* 3 letters */
max5data(all_dlnow, buffer[0]),
max5data(all_ulnow, buffer[1]),
max5data(all_dlnow, buffer[0], sizeof(buffer[0])),
max5data(all_ulnow, buffer[1], sizeof(buffer[1])),
xfers_added,
xfers_running,
time_total,
time_spent,
time_left,
max5data(speed, buffer[2]), /* speed */
max5data(speed, buffer[2], sizeof(buffer[2])), /* speed */
final ? "\n" : "");
return TRUE;
}