Merge pull request #35 from PerryWerneck/develop

Fixing codeql warnings.

Merge pull request #35 from PerryWerneck/develop
Fixing codeql warnings.
Perry Werneck · GitHub
2 parents b4947287 96c0e360
Showing 8 changed files with 57 additions and 42 deletions Show diff stats
Makefile.in
src/core/ansi.c
src/core/cursor.c
src/core/ft/ft.c
src/core/ft/ft_dft.c
src/core/keyboard/kybd.c
src/core/see.c
src/mkfb/mkfb.c
@@ -95,7 +95,7 @@ BUILDDIR=@BUILDDIR@
 POTDIR=$(BUILDDIR)/.pot
-OBJDIR=$(BUILDDIR)/.obj
+OBJDIR=$(BUILDDIR)/.obj/@OSNAME@
 OBJDBG=$(OBJDIR)/Debug
 OBJRLS=$(OBJDIR)/Release
@@ -525,7 +525,9 @@ clean: \
 	cleanDebug \
 	cleanRelease
-	@rm -fr $(BUILDDIR)/.tmp/$(LIBNAME)
+	@rm -fr $(BUILDDIR)/.obj
+	@rm -fr $(BUILDDIR)/.bin
+	@rm -fr $(BUILDDIR)/.tmp
 	@rm -fr $(POTDIR)/$(LIBNAME)
 	@rm -f locale/*.pot
@@ -1729,7 +1729,7 @@ ansi_send_pf(H3270 *hSession, int nn) {
 	if (nn < 1 || ((size_t) nn) > sizeof(code)/sizeof(code[0]))
 		return;
-	(void) sprintf(fn_buf, ", "\033[%d~", code[nn-1]);33[%d~", code[nn-1]);
+	(void) snprintf(fn_buf, sizeof(fn_buf), ", "\033[%d~", code[nn-1]);33[%d~", code[nn-1]);
 	net_sends(hSession,fn_buf);
 }
@@ -90,7 +90,8 @@ LIB3270_EXPORT int lib3270_move_cursor(H3270 *hSession, LIB3270_DIRECTION dir, u
 			status_reset(hSession);
 		} else {
 			struct ta *ta = new_ta(hSession, TA_TYPE_CURSOR_MOVE);
-
+			if(!ta)
+				return -1;
 			ta->args.move.direction = dir;
 			ta->args.move.fn = lib3270_move_cursor;
 			ta->args.move.sel = sel;
@@ -474,7 +474,7 @@ LIB3270_EXPORT int lib3270_ft_start(H3270 *hSession) {
 	// Erase the line and enter the command.
 	flen = kybd_prime(ft->host);
 	if (!flen || flen < strlen(buffer) - 1) {
-		lib3270_write_log(ft->host, "Unable to send command \"%s\" (flen=%d szBuffer=%d)",buffer,flen,strlen(buffer));
+		lib3270_write_log(ft->host, "ft", "Unable to send command \"%s\" (flen=%d szBuffer=%ld)",buffer,flen,strlen(buffer));
 		ft_failed(ft,_( "Unable to send file-transfer request" ));
 		return errno = EINVAL;
 	}
@@ -383,7 +383,7 @@ static void dft_get_request(H3270 *hSession) {
 			/* Binary read. */
 			numread = fread(bufptr, 1, numbytes, ft->local_file);
 			if (numread <= 0) {
-				lib3270_write_log(hSession,"Error %s reading source file (rc=%d)",strerror(errno),errno);
+				lib3270_write_log(hSession,"ft","Error %s reading source file (rc=%d)",strerror(errno),errno);
 				break;
 			}
@@ -128,14 +128,16 @@ static const char dxl[] = &quot;0123456789abcdef&quot;;
  * Check for typeahead availability and create a new TA structure.
  *
  * @return new typeahead struct or NULL if it's not available.
+ * @retval NULL Host is not connected or malloc error.
  */
 struct ta * new_ta(H3270 *hSession, enum _ta_type type) {
-	struct ta *ta;
+	struct ta *ta = NULL;
 	// If no connection, forget it.
 	if (!lib3270_is_connected(hSession)) {
 		lib3270_ring_bell(hSession);
 		lib3270_write_event_trace(hSession,"typeahead action dropped (not connected)\n");
+		errno = ENOTCONN;
 		return NULL;
 	}
@@ -143,6 +145,7 @@ struct ta * new_ta(H3270 *hSession, enum _ta_type type) {
 	if (hSession->kybdlock & KL_OERR_MASK) {
 		lib3270_ring_bell(hSession);
 		lib3270_write_event_trace(hSession,"typeahead action dropped (operator error)\n");
+		errno = EINVAL;
 		return NULL;
 	}
@@ -150,6 +153,7 @@ struct ta * new_ta(H3270 *hSession, enum _ta_type type) {
 	if (hSession->kybdlock & KL_SCROLLED) {
 		lib3270_ring_bell(hSession);
 		lib3270_write_event_trace(hSession,"typeahead action dropped (scrolled)\n");
+		errno = EINVAL;
 		return NULL;
 	}
@@ -157,6 +161,7 @@ struct ta * new_ta(H3270 *hSession, enum _ta_type type) {
 	if (!hSession->typeahead) {
 		lib3270_ring_bell(hSession);
 		lib3270_write_event_trace(hSession,"typeahead action dropped (no typeahead)\n");
+		errno = EINVAL;
 		return NULL;
 	}
@@ -180,47 +180,47 @@ const char * see_attr(unsigned char fa) {
 	buf[0] = '\0';
 	if (fa & FA_PROTECT) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "protected");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "protected", 255);
 		paren = ",";
 		if (fa & FA_NUMERIC) {
-			(void) strcat(buf, paren);
-			(void) strcat(buf, "skip");
+			(void) strncat(buf, paren, 255);
+			(void) strncat(buf, "skip", 255);
 			paren = ",";
 		}
 	} else if (fa & FA_NUMERIC) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "numeric");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "numeric", 255);
 		paren = ",";
 	}
 	switch (fa & FA_INTENSITY) {
 	case FA_INT_NORM_NSEL:
 		break;
 	case FA_INT_NORM_SEL:
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "detectable");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "detectable", 255);
 		paren = ",";
 		break;
 	case FA_INT_HIGH_SEL:
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "intensified");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "intensified", 255);
 		paren = ",";
 		break;
 	case FA_INT_ZERO_NSEL:
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "nondisplay");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "nondisplay", 255);
 		paren = ",";
 		break;
 	}
 	if (fa & FA_MODIFY) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "modified");
+		(void) strncat(buf, paren, 255);
+		(void) strncat(buf, "modified", 255);
 		paren = ",";
 	}
 	if (strcmp(paren, "("))
-		(void) strcat(buf, ")");
+		(void) strncat(buf, ")", 255);
 	else
-		(void) strcpy(buf, "(default)");
+		(void) strncpy(buf, "(default)", 255);
 	return buf;
 }
@@ -293,24 +293,24 @@ static const char * see_validation(unsigned char setting) {
 	(void) strcpy(buf, "");
 	if (setting & XAV_FILL) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "fill");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "fill", 63);
 		paren = ",";
 	}
 	if (setting & XAV_ENTRY) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "entry");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "entry", 63);
 		paren = ",";
 	}
 	if (setting & XAV_TRIGGER) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "trigger");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "trigger", 63);
 		paren = ",";
 	}
 	if (strcmp(paren, "("))
-		(void) strcat(buf, ")");
+		(void) strncat(buf, ")", 63);
 	else
-		(void) strcpy(buf, "(none)");
+		(void) strncpy(buf, "(none)", 63);
 	return buf;
 }
@@ -320,29 +320,29 @@ static const char * see_outline(unsigned char setting) {
 	(void) strcpy(buf, "");
 	if (setting & XAO_UNDERLINE) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "underline");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "underline", 63);
 		paren = ",";
 	}
 	if (setting & XAO_RIGHT) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "right");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "right", 63);
 		paren = ",";
 	}
 	if (setting & XAO_OVERLINE) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "overline");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "overline", 63);
 		paren = ",";
 	}
 	if (setting & XAO_LEFT) {
-		(void) strcat(buf, paren);
-		(void) strcat(buf, "left");
+		(void) strncat(buf, paren, 63);
+		(void) strncat(buf, "left", 63);
 		paren = ",";
 	}
 	if (strcmp(paren, "("))
-		(void) strcat(buf, ")");
+		(void) strncat(buf, ")", 63);
 	else
-		(void) strcpy(buf, "(none)");
+		(void) strncpy(buf, "(none)", 63);
 	return buf;
 }
@@ -509,11 +509,18 @@ main(int argc, char *argv[]) {
 	/* Open the output file. */
 	if (argc == 3) {
-		o = fopen(argv[2], "w");
+		int fd = creat(argv[2], S_IWUSR | S_IRUSR);
+		if(fd < 0) {
+			perror(argv[2]);
+			exit(1);
+		}
+
+		o = fdopen(fd,"w");
 		if (o == NULL) {
 			perror(argv[2]);
 			exit(1);
 		}
+
 	} else
 		o = stdout;
	@@ -1729,7 +1729,7 @@ ansi_send_pf(H3270 *hSession, int nn) {		@@ -1729,7 +1729,7 @@ ansi_send_pf(H3270 *hSession, int nn) {
1729		1729
1730	if (nn < 1 \|\| ((size_t) nn) > sizeof(code)/sizeof(code[0]))	1730	if (nn < 1 \|\| ((size_t) nn) > sizeof(code)/sizeof(code[0]))
1731	return;	1731	return;
1732	- (void) sprintf(fn_buf, ", "\033[%d~", code[nn-1]);33[%d~", code[nn-1]);	1732	+ (void) snprintf(fn_buf, sizeof(fn_buf), ", "\033[%d~", code[nn-1]);33[%d~", code[nn-1]);
1733	net_sends(hSession,fn_buf);	1733	net_sends(hSession,fn_buf);
1734	}	1734	}
1735		1735
	@@ -474,7 +474,7 @@ LIB3270_EXPORT int lib3270_ft_start(H3270 *hSession) {		@@ -474,7 +474,7 @@ LIB3270_EXPORT int lib3270_ft_start(H3270 *hSession) {
474	// Erase the line and enter the command.	474	// Erase the line and enter the command.
475	flen = kybd_prime(ft->host);	475	flen = kybd_prime(ft->host);
476	if (!flen \|\| flen < strlen(buffer) - 1) {	476	if (!flen \|\| flen < strlen(buffer) - 1) {
477	- lib3270_write_log(ft->host, "Unable to send command \"%s\" (flen=%d szBuffer=%d)",buffer,flen,strlen(buffer));	477	+ lib3270_write_log(ft->host, "ft", "Unable to send command \"%s\" (flen=%d szBuffer=%ld)",buffer,flen,strlen(buffer));
478	ft_failed(ft,_( "Unable to send file-transfer request" ));	478	ft_failed(ft,_( "Unable to send file-transfer request" ));
479	return errno = EINVAL;	479	return errno = EINVAL;
480	}	480	}
	@@ -383,7 +383,7 @@ static void dft_get_request(H3270 *hSession) {		@@ -383,7 +383,7 @@ static void dft_get_request(H3270 *hSession) {
383	/* Binary read. */	383	/* Binary read. */
384	numread = fread(bufptr, 1, numbytes, ft->local_file);	384	numread = fread(bufptr, 1, numbytes, ft->local_file);
385	if (numread <= 0) {	385	if (numread <= 0) {
386	- lib3270_write_log(hSession,"Error %s reading source file (rc=%d)",strerror(errno),errno);	386	+ lib3270_write_log(hSession,"ft","Error %s reading source file (rc=%d)",strerror(errno),errno);
387	break;	387	break;
388	}	388	}
389		389