Fixing more CodeQL alerts.

Perry Werneck
1 parent c24fe1f7
Showing 3 changed files with 10 additions and 10 deletions Show diff stats
src/core/ft/ft.c
src/core/ft/ft_dft.c
src/core/see.c
@@ -474,7 +474,7 @@ LIB3270_EXPORT int lib3270_ft_start(H3270 *hSession) {
 	// Erase the line and enter the command.
 	flen = kybd_prime(ft->host);
 	if (!flen || flen < strlen(buffer) - 1) {
-		lib3270_write_log(ft->host, "Unable to send command \"%s\" (flen=%d szBuffer=%d)",buffer,flen,strlen(buffer));
+		lib3270_write_log(ft->host, "ft", "Unable to send command \"%s\" (flen=%d szBuffer=%ld)",buffer,flen,strlen(buffer));
 		ft_failed(ft,_( "Unable to send file-transfer request" ));
 		return errno = EINVAL;
 	}
@@ -383,7 +383,7 @@ static void dft_get_request(H3270 *hSession) {
 			/* Binary read. */
 			numread = fread(bufptr, 1, numbytes, ft->local_file);
 			if (numread <= 0) {
-				lib3270_write_log(hSession,"Error %s reading source file (rc=%d)",strerror(errno),errno);
+				lib3270_write_log(hSession,"ft","Error %s reading source file (rc=%d)",strerror(errno),errno);
 				break;
 			}
  
@@ -293,24 +293,24 @@ static const char * see_validation(unsigned char setting) {
  
 	(void) strcpy(buf, "");
 	if (setting & XAV_FILL) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "fill");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "fill");
 		paren = ",";
 	}
 	if (setting & XAV_ENTRY) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "entry");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "entry");
 		paren = ",";
 	}
 	if (setting & XAV_TRIGGER) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "trigger");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "trigger");
 		paren = ",";
 	}
 	if (strcmp(paren, "("))
-		(void) strcat(buf, ")");
+		(void) strncat(buf, ")", 63);
 	else
-		(void) strcpy(buf, "(none)");
+		(void) strncpy(buf, "(none)", 63);
 	return buf;
 }
...	...	@@ -474,7 +474,7 @@ LIB3270_EXPORT int lib3270_ft_start(H3270 *hSession) {
474	474	// Erase the line and enter the command.
475	475	flen = kybd_prime(ft->host);
476	476	if (!flen \|\| flen < strlen(buffer) - 1) {
477		- lib3270_write_log(ft->host, "Unable to send command \"%s\" (flen=%d szBuffer=%d)",buffer,flen,strlen(buffer));
	477	+ lib3270_write_log(ft->host, "ft", "Unable to send command \"%s\" (flen=%d szBuffer=%ld)",buffer,flen,strlen(buffer));
478	478	ft_failed(ft,_( "Unable to send file-transfer request" ));
479	479	return errno = EINVAL;
480	480	}
...	...
...	...	@@ -383,7 +383,7 @@ static void dft_get_request(H3270 *hSession) {
383	383	/* Binary read. */
384	384	numread = fread(bufptr, 1, numbytes, ft->local_file);
385	385	if (numread <= 0) {
386		- lib3270_write_log(hSession,"Error %s reading source file (rc=%d)",strerror(errno),errno);
	386	+ lib3270_write_log(hSession,"ft","Error %s reading source file (rc=%d)",strerror(errno),errno);
387	387	break;
388	388	}
389	389
...	...
...	...	@@ -293,24 +293,24 @@ static const char * see_validation(unsigned char setting) {
293	293
294	294	(void) strcpy(buf, "");
295	295	if (setting & XAV_FILL) {
296		- (void) strcat(buf, paren);
297		- (void) strcat(buf, "fill");
	296	+ (void) strncat(buf, paren, 63);
	297	+ (void) strncat(buf, "fill");
298	298	paren = ",";
299	299	}
300	300	if (setting & XAV_ENTRY) {
301		- (void) strcat(buf, paren);
302		- (void) strcat(buf, "entry");
	301	+ (void) strncat(buf, paren, 63);
	302	+ (void) strncat(buf, "entry");
303	303	paren = ",";
304	304	}
305	305	if (setting & XAV_TRIGGER) {
306		- (void) strcat(buf, paren);
307		- (void) strcat(buf, "trigger");
	306	+ (void) strncat(buf, paren, 63);
	307	+ (void) strncat(buf, "trigger");
308	308	paren = ",";
309	309	}
310	310	if (strcmp(paren, "("))
311		- (void) strcat(buf, ")");
	311	+ (void) strncat(buf, ")", 63);
312	312	else
313		- (void) strcpy(buf, "(none)");
	313	+ (void) strncpy(buf, "(none)", 63);
314	314	return buf;
315	315	}
316	316
...	...