diff options
| author | Aaron Brashears <aaronb@lindenlab.com> | 2007-02-02 17:28:58 +0000 |
|---|---|---|
| committer | Aaron Brashears <aaronb@lindenlab.com> | 2007-02-02 17:28:58 +0000 |
| commit | 305c74d5163c5e344a675d39ca2394a9e45bd2c2 (patch) | |
| tree | 42836c4a6010b2b015156024d3cfb6bf64a48ad6 | |
| parent | 54d89549df38bb61881583a3eb8d3645c107d79f (diff) | |
Result of svn merge -r57264:57370 svn+ssh://svn/svn/linden/branches/adroit.r40-68 into release.
226 files changed, 2223 insertions, 1811 deletions
diff --git a/indra/llcharacter/llbvhloader.cpp b/indra/llcharacter/llbvhloader.cpp index a2e6ec12d2..4e9e99aca0 100644 --- a/indra/llcharacter/llbvhloader.cpp +++ b/indra/llcharacter/llbvhloader.cpp @@ -156,8 +156,8 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) //-------------------------------------------------------------------- char path[LL_MAX_PATH]; /* Flawfinder: ignore */ - snprintf( path, sizeof(path), "%s", - gDirUtilp->getExpandedFilename(LL_PATH_APP_SETTINGS,fileName).c_str()); /* Flawfinder: ignore */ + snprintf( path, sizeof(path), "%s",/* Flawfinder: ignore */ + gDirUtilp->getExpandedFilename(LL_PATH_APP_SETTINGS,fileName).c_str()); apr_file_t *fp = ll_apr_file_open(path, LL_APR_R); @@ -190,7 +190,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) // check the 1st token on the line to determine if it's empty or a comment //---------------------------------------------------------------- char token[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %127s", token) != 1 ) + if ( sscanf(mLine, " %127s", token) != 1 ) /* Flawfinder: ignore */ continue; if (token[0] == '#') @@ -225,7 +225,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if (loadingGlobals && LLString::compareInsensitive(token, "emote")==0) { char emote_str[1024]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %1023s", emote_str) != 1 ) + if ( sscanf(mLine, " %*s = %1023s", emote_str) != 1 ) /* Flawfinder: ignore */ return ST_NO_XLT_EMOTE; mEmoteName.assign( emote_str ); @@ -263,7 +263,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) { mLoop = TRUE; } - else if ( sscanf(mLine, " %*s = %127s", trueFalse) == 1 ) + else if ( sscanf(mLine, " %*s = %127s", trueFalse) == 1 ) /* Flawfinder: ignore */ { mLoop = (LLString::compareInsensitive(trueFalse, "true")==0); } @@ -285,7 +285,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) { F32 duration; char type[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %f %127s", &duration, type) != 2 ) + if ( sscanf(mLine, " %*s = %f %127s", &duration, type) != 2 ) /* Flawfinder: ignore */ return ST_NO_XLT_EASEIN; mEaseIn = duration; @@ -298,8 +298,8 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if (loadingGlobals && LLString::compareInsensitive(token, "easeout")==0) { F32 duration; - char type[128]; - if ( sscanf(mLine, " %*s = %f %127s", &duration, type) != 2 ) + char type[128]; /* Flawfinder: ignore */ + if ( sscanf(mLine, " %*s = %f %127s", &duration, type) != 2 ) /* Flawfinder: ignore */ return ST_NO_XLT_EASEOUT; mEaseOut = duration; @@ -324,7 +324,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) Constraint constraint; // try reading optional target direction - if(sscanf( + if(sscanf( /* Flawfinder: ignore */ mLine, " %*s = %d %f %f %f %f %15s %f %f %f %15s %f %f %f %f %f %f", &constraint.mChainLength, @@ -344,7 +344,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) &constraint.mTargetDir.mV[VY], &constraint.mTargetDir.mV[VZ]) != 16) { - if(sscanf( + if(sscanf( /* Flawfinder: ignore */ mLine, " %*s = %d %f %f %f %f %15s %f %f %f %15s %f %f %f", &constraint.mChainLength, @@ -384,7 +384,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) Constraint constraint; // try reading optional target direction - if(sscanf( + if(sscanf( /* Flawfinder: ignore */ mLine, " %*s = %d %f %f %f %f %15s %f %f %f %15s %f %f %f %f %f %f", &constraint.mChainLength, @@ -404,7 +404,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) &constraint.mTargetDir.mV[VY], &constraint.mTargetDir.mV[VZ]) != 16) { - if(sscanf( + if(sscanf( /* Flawfinder: ignore */ mLine, " %*s = %d %f %f %f %f %15s %f %f %f %15s %f %f %f", &constraint.mChainLength, @@ -452,7 +452,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if ( LLString::compareInsensitive(token, "ignore")==0 ) { char trueFalse[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %127s", trueFalse) != 1 ) + if ( sscanf(mLine, " %*s = %127s", trueFalse) != 1 ) /* Flawfinder: ignore */ return ST_NO_XLT_IGNORE; trans->mIgnore = (LLString::compareInsensitive(trueFalse, "true")==0); @@ -470,7 +470,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) { trans->mRelativePosition.setVec( x, y, z ); } - else if ( sscanf(mLine, " %*s = %127s", relpos) == 1 ) + else if ( sscanf(mLine, " %*s = %127s", relpos) == 1 ) /* Flawfinder: ignore */ { if ( LLString::compareInsensitive(relpos, "firstkey")==0 ) { @@ -496,7 +496,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) { //F32 x, y, z; char relpos[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %127s", relpos) == 1 ) + if ( sscanf(mLine, " %*s = %127s", relpos) == 1 ) /* Flawfinder: ignore */ { if ( LLString::compareInsensitive(relpos, "firstkey")==0 ) { @@ -521,7 +521,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if ( LLString::compareInsensitive(token, "outname")==0 ) { char outName[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %127s", outName) != 1 ) + if ( sscanf(mLine, " %*s = %127s", outName) != 1 ) /* Flawfinder: ignore */ return ST_NO_XLT_OUTNAME; trans->mOutName = outName; @@ -566,7 +566,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if ( LLString::compareInsensitive(token, "mergeparent")==0 ) { char mergeParentName[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %127s", mergeParentName) != 1 ) + if ( sscanf(mLine, " %*s = %127s", mergeParentName) != 1 ) /* Flawfinder: ignore */ return ST_NO_XLT_MERGEPARENT; trans->mMergeParentName = mergeParentName; @@ -579,7 +579,7 @@ LLBVHLoader::Status LLBVHLoader::loadTranslationTable(const char *fileName) if ( LLString::compareInsensitive(token, "mergechild")==0 ) { char mergeChildName[128]; /* Flawfinder: ignore */ - if ( sscanf(mLine, " %*s = %127s", mergeChildName) != 1 ) + if ( sscanf(mLine, " %*s = %127s", mergeChildName) != 1 ) /* Flawfinder: ignore */ return ST_NO_XLT_MERGECHILD; trans->mMergeChildName = mergeChildName; @@ -705,7 +705,7 @@ LLBVHLoader::Status LLBVHLoader::loadBVHFile(const char *buffer, char* error_tex // get the joint name //---------------------------------------------------------------- char jointName[80]; /* Flawfinder: ignore */ - if ( sscanf(line.c_str(), "%*s %79s", jointName) != 1 ) + if ( sscanf(line.c_str(), "%*s %79s", jointName) != 1 ) /* Flawfinder: ignore */ { strncpy(error_text, line.c_str(), 127); /* Flawfinder: ignore */ return ST_NO_NAME; diff --git a/indra/llcharacter/llkeyframemotion.cpp b/indra/llcharacter/llkeyframemotion.cpp index dae85d3154..bfa4b637e1 100644 --- a/indra/llcharacter/llkeyframemotion.cpp +++ b/indra/llcharacter/llkeyframemotion.cpp @@ -1701,9 +1701,9 @@ BOOL LLKeyframeMotion::serialize(LLDataPacker& dp) const { success &= dp.packU8(shared_constraintp->mChainLength, "chain_length"); success &= dp.packU8(shared_constraintp->mConstraintType, "constraint_type"); - char volume_name[16]; - snprintf(volume_name, sizeof(volume_name), "%s", - mCharacter->findCollisionVolume(shared_constraintp->mSourceConstraintVolume)->getName().c_str()); /* Flawfinder: ignore */ + char volume_name[16]; /* Flawfinder: ignore */ + snprintf(volume_name, sizeof(volume_name), "%s", /* Flawfinder: ignore */ + mCharacter->findCollisionVolume(shared_constraintp->mSourceConstraintVolume)->getName().c_str()); success &= dp.packBinaryDataFixed((U8*)volume_name, 16, "source_volume"); success &= dp.packVector3(shared_constraintp->mSourceConstraintOffset, "source_offset"); if (shared_constraintp->mConstraintTargetType == TYPE_GROUND) @@ -1712,8 +1712,8 @@ BOOL LLKeyframeMotion::serialize(LLDataPacker& dp) const } else { - snprintf(volume_name, sizeof(volume_name),"%s", - mCharacter->findCollisionVolume(shared_constraintp->mTargetConstraintVolume)->getName().c_str()); /* Flawfinder: ignore */ + snprintf(volume_name, sizeof(volume_name),"%s", /* Flawfinder: ignore */ + mCharacter->findCollisionVolume(shared_constraintp->mTargetConstraintVolume)->getName().c_str()); } success &= dp.packBinaryDataFixed((U8*)volume_name, 16, "target_volume"); success &= dp.packVector3(shared_constraintp->mTargetConstraintOffset, "target_offset"); diff --git a/indra/llcharacter/llkeyframemotionparam.cpp b/indra/llcharacter/llkeyframemotionparam.cpp index c57079fc2b..40ec4bde35 100644 --- a/indra/llcharacter/llkeyframemotionparam.cpp +++ b/indra/llcharacter/llkeyframemotionparam.cpp @@ -329,9 +329,9 @@ BOOL LLKeyframeMotionParam::loadMotions() // Load data into a buffer to be parsed. //------------------------------------------------------------------------- char path[LL_MAX_PATH]; /* Flawfinder: ignore */ - snprintf( path, sizeof(path), "%s_%s.llp", + snprintf( path,sizeof(path), "%s_%s.llp", /* Flawfinder: ignore */ gDirUtilp->getExpandedFilename(LL_PATH_MOTIONS,mCharacter->getAnimationPrefix()).c_str(), - getName().c_str() ); /* Flawfinder: ignore */ + getName().c_str() ); //------------------------------------------------------------------------- // open the file @@ -406,7 +406,7 @@ BOOL LLKeyframeMotionParam::loadMotions() // get priority //------------------------------------------------------------------------- BOOL isFirstMotion = TRUE; - num = sscanf(p, "%79s %79s %f", strA, strB, &floatA); + num = sscanf(p, "%79s %79s %f", strA, strB, &floatA); /* Flawfinder: ignore */ while(1) { @@ -432,7 +432,7 @@ BOOL LLKeyframeMotionParam::loadMotions() } p++; - num = sscanf(p, "%79s %79s %f", strA, strB, &floatA); + num = sscanf(p, "%79s %79s %f", strA, strB, &floatA); /* Flawfinder: ignore */ } delete [] text; diff --git a/indra/llcommon/llerror.h b/indra/llcommon/llerror.h index 796ec4a421..d3d680ed33 100644 --- a/indra/llcommon/llerror.h +++ b/indra/llcommon/llerror.h @@ -180,7 +180,7 @@ inline std::string llerror_file_line(const char* file, S32 line) #endif // handy compile-time assert - enforce those template parameters! -#define cassert(expn) typedef char __C_ASSERT__[(expn)?1:-1] +#define cassert(expn) typedef char __C_ASSERT__[(expn)?1:-1] /* Flawfinder: ignore */ // Makes the app go down in flames, but on purpose! void _llcrash_and_loop(); diff --git a/indra/llcommon/llfile.cpp b/indra/llcommon/llfile.cpp index a02383c69e..16e2f5c5a1 100644 --- a/indra/llcommon/llfile.cpp +++ b/indra/llcommon/llfile.cpp @@ -165,9 +165,9 @@ void llifstream::close() } } -void llifstream::open(const char *_Filename, +void llifstream::open(const char* _Filename, /* Flawfinder: ignore */ ios_base::openmode _Mode, - int _Prot) /* Flawfinder: ignore */ + int _Prot) { // open a C stream with specified mode FILE* filep = LLFile::_Fiopen(_Filename,_Mode | ios_base::in, _Prot); @@ -211,9 +211,9 @@ bool llofstream::is_open() const return false; } -void llofstream::open(const char *_Filename, +void llofstream::open(const char* _Filename, /* Flawfinder: ignore */ ios_base::openmode _Mode, - int _Prot) /* Flawfinder: ignore */ + int _Prot) { // open a C stream with specified mode FILE* filep = LLFile::_Fiopen(_Filename,_Mode | ios_base::out, _Prot); diff --git a/indra/llcommon/llfile.h b/indra/llcommon/llfile.h index c7c4d2718a..67de0f43fc 100644 --- a/indra/llcommon/llfile.h +++ b/indra/llcommon/llfile.h @@ -88,9 +88,9 @@ public: return _Filebuffer; } bool is_open() const; - void open(const char *_Filename, + void open(const char* _Filename, /* Flawfinder: ignore */ ios_base::openmode _Mode = ios_base::in, - int _Prot = (int)ios_base::_Openprot); /* Flawfinder: ignore */ + int _Prot = (int)ios_base::_Openprot); void close(); private: diff --git a/indra/llcommon/llpreprocessor.h b/indra/llcommon/llpreprocessor.h index 564c32cb0d..1b3bcf7919 100644 --- a/indra/llcommon/llpreprocessor.h +++ b/indra/llcommon/llpreprocessor.h @@ -61,7 +61,7 @@ // Deal with the differeneces on Windows #if defined(LL_WINDOWS) -#define snprintf _snprintf +#define snprintf _snprintf /*Flawfinder: ignore*/ #endif // LL_WINDOWS // Static linking with apr on windows needs to be declared. diff --git a/indra/llcommon/llprocessor.cpp b/indra/llcommon/llprocessor.cpp index 64f4875489..a044710195 100644 --- a/indra/llcommon/llprocessor.cpp +++ b/indra/llcommon/llprocessor.cpp @@ -585,7 +585,7 @@ bool CProcessor::AnalyzeIntelProcessor() mov sig3, edx } // Then we convert the data to a readable string - snprintf( + snprintf( /* Flawfinder: ignore */ CPUInfo.strProcessorSerial, sizeof(CPUInfo.strProcessorSerial), "%04lX-%04lX-%04lX-%04lX-%04lX-%04lX", @@ -593,15 +593,15 @@ bool CProcessor::AnalyzeIntelProcessor() sig1 & 0xFFFF, sig3 >> 16, sig3 & 0xFFFF, - sig2 >> 16, sig2 & 0xFFFF); /* Flawfinder: ignore */ + sig2 >> 16, sig2 & 0xFFFF); } else { // If there's no serial number support we just put "No serial number" - snprintf( + snprintf( /* Flawfinder: ignore */ CPUInfo.strProcessorSerial, sizeof(CPUInfo.strProcessorSerial), - "No Processor Serial Number"); /* Flawfinder: ignore */ + "No Processor Serial Number"); } // Now we get the standard processor extensions @@ -835,7 +835,7 @@ bool CProcessor::AnalyzeAMDProcessor() break; case 0xD: // Model = 0xD: K6-2+ / K6-III+ strcpy(CPUInfo.strModel, "AMD K6-2+ or K6-III+ (0.18 micron)"); /* Flawfinder: ignore */ - strncat(strCPUName, "AMD K6-2+ or K6-III+ (0.18 micron)", sizeof(strCPUName) - strlen(strCPUName) -1); + strncat(strCPUName, "AMD K6-2+ or K6-III+ (0.18 micron)", sizeof(strCPUName) - strlen(strCPUName) -1); /* Flawfinder: ignore */ break; default: // ... strcpy(CPUInfo.strModel, "Unknown AMD K5 or K6 model"); /* Flawfinder: ignore */ diff --git a/indra/llcommon/llsdserialize.cpp b/indra/llcommon/llsdserialize.cpp index fb8efc91ca..dfe7ec136c 100644 --- a/indra/llcommon/llsdserialize.cpp +++ b/indra/llcommon/llsdserialize.cpp @@ -785,7 +785,7 @@ S32 LLSDBinaryParser::parse(std::istream& istr, LLSD& data) const // the size, and read it. // *FIX: Should we set a maximum size? U32 size_nbo = 0; - istr.read((char*)&size_nbo, sizeof(U32)); + istr.read((char*)&size_nbo, sizeof(U32)); /*Flawfinder: ignore*/ S32 size = (S32)ntohl(size_nbo); std::vector<U8> value; if(size) @@ -925,7 +925,7 @@ void LLSDFormatter::realFormat(const std::string& format) void LLSDFormatter::formatReal(LLSD::Real real, std::ostream& ostr) const { char buffer[MAX_STRING]; /* Flawfinder: ignore */ - snprintf(buffer, MAX_STRING, mRealFormat.c_str(), real); + snprintf(buffer, MAX_STRING, mRealFormat.c_str(), real); /* Flawfinder: ignore */ ostr << buffer; } diff --git a/indra/llcommon/llstring.h b/indra/llcommon/llstring.h index dca8ce4f3e..0555231010 100644 --- a/indra/llcommon/llstring.h +++ b/indra/llcommon/llstring.h @@ -82,7 +82,7 @@ struct char_traits<U16> static char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) - { return static_cast<char_type*>(memcpy(__s1, __s2, __n * sizeof(char_type))); } + { return static_cast<char_type*>(memcpy(__s1, __s2, __n * sizeof(char_type))); } /* Flawfinder: ignore */ static char_type* assign(char_type* __s, size_t __n, char_type __a) diff --git a/indra/llcommon/llsys.cpp b/indra/llcommon/llsys.cpp index b50c0a13ce..ad6f85b068 100644 --- a/indra/llcommon/llsys.cpp +++ b/indra/llcommon/llsys.cpp @@ -113,23 +113,23 @@ LLOSInfo::LLOSInfo() : char tmp[MAX_STRING]; /* Flawfinder: ignore */ if(osvi.dwMajorVersion <= 4) { - snprintf( + snprintf( /* Flawfinder: ignore */ tmp, sizeof(tmp), "version %d.%d %s (Build %d)", osvi.dwMajorVersion, osvi.dwMinorVersion, csdversion.c_str(), - (osvi.dwBuildNumber & 0xffff)); /* Flawfinder: ignore */ + (osvi.dwBuildNumber & 0xffff)); } else { - snprintf( + snprintf( /* Flawfinder: ignore */ tmp, sizeof(tmp), "%s (Build %d)", csdversion.c_str(), - (osvi.dwBuildNumber & 0xffff)); /*Flawfinder: ignore*/ + (osvi.dwBuildNumber & 0xffff)); } mOSString += tmp; } @@ -231,7 +231,7 @@ U32 LLOSInfo::getProcessVirtualSizeKB() #if LL_WINDOWS #endif #if LL_LINUX - FILE *status_filep = LLFile::fopen("/proc/self/status", "r"); + FILE* status_filep = LLFile::fopen("/proc/self/status", "r"); /* Flawfinder: ignore */ S32 numRead = 0; char buff[STATUS_SIZE]; /* Flawfinder: ignore */ bzero(buff, STATUS_SIZE); @@ -257,7 +257,7 @@ U32 LLOSInfo::getProcessResidentSizeKB() #if LL_WINDOWS #endif #if LL_LINUX - FILE *status_filep = LLFile::fopen("/proc/self/status", "r"); + FILE* status_filep = LLFile::fopen("/proc/self/status", "r"); /* Flawfinder: ignore */ if (status_filep != NULL) { S32 numRead = 0; diff --git a/indra/llcommon/u64.cpp b/indra/llcommon/u64.cpp index c8b8bc4a28..7f0323aaad 100644 --- a/indra/llcommon/u64.cpp +++ b/indra/llcommon/u64.cpp @@ -47,27 +47,27 @@ char* U64_to_str(U64 value, char* result, S32 result_size) if (part1) { - snprintf( + snprintf( /* Flawfinder: ignore */ result, result_size, "%u%07u%07u", - part1,part2,part3); /* Flawfinder: ignore */ + part1,part2,part3); } else if (part2) { - snprintf( + snprintf( /* Flawfinder: ignore */ result, result_size, "%u%07u", - part2,part3); /* Flawfinder: ignore */ + part2,part3); } else { - snprintf( + snprintf( /* Flawfinder: ignore */ result, result_size, "%u", - part3); /* Flawfinder: ignore */ + part3); } return (result); } diff --git a/indra/llimage/llimage.cpp b/indra/llimage/llimage.cpp index 89b4a6d1cc..dc864aaf53 100644 --- a/indra/llimage/llimage.cpp +++ b/indra/llimage/llimage.cpp @@ -148,7 +148,7 @@ U8* LLImageBase::reallocateData(S32 size) if (mData) { S32 bytes = llmin(mDataSize, size); - memcpy(new_datap, mData, bytes); + memcpy(new_datap, mData, bytes); /* Flawfinder: ignore */ delete[] mData; } mData = new_datap; @@ -245,7 +245,11 @@ BOOL LLImageRaw::copyData(U8 *data, U16 width, U16 height, S8 components) { return FALSE; } - memcpy(getData(), data, width*height*components); + if (getData() == NULL || data == NULL) + { + return FALSE; + } + memcpy(getData(), data, width*height*components); /* Flawfinder: ignore */ return TRUE; } @@ -269,11 +273,16 @@ U8 * LLImageRaw::getSubImage(U32 x_pos, U32 y_pos, U32 width, U32 height) const U8 *data = new U8[width*height*getComponents()]; // Should do some simple bounds checking + if (!data) + { + llerrs << "Out of memory in LLImageRaw::getSubImage" << llendl; + return NULL; + } U32 i; for (i = y_pos; i < y_pos+height; i++) { - memcpy(data + i*width*getComponents(), + memcpy(data + i*width*getComponents(), /* Flawfinder: ignore */ getData() + ((y_pos + i)*getWidth() + x_pos)*getComponents(), getComponents()*width); } return data; @@ -309,7 +318,7 @@ BOOL LLImageRaw::setSubImage(U32 x_pos, U32 y_pos, U32 width, U32 height, { from_offset = i*width*getComponents(); } - memcpy(getData() + to_offset*getComponents(), + memcpy(getData() + to_offset*getComponents(), /* Flawfinder: ignore */ data + from_offset, getComponents()*width); } } @@ -326,7 +335,7 @@ BOOL LLImageRaw::setSubImage(U32 x_pos, U32 y_pos, U32 width, U32 height, { from_offset = (height - 1 - i)*width*getComponents(); } - memcpy(getData() + to_offset*getComponents(), + memcpy(getData() + to_offset*getComponents(), /* Flawfinder: ignore */ data + from_offset, getComponents()*width); } } @@ -373,14 +382,19 @@ void LLImageRaw::verticalFlip() LLMemType mt1((LLMemType::EMemType)mMemType); S32 row_bytes = getWidth() * getComponents(); U8* line_buffer = new U8[row_bytes]; + if (!line_buffer ) + { + llerrs << "Out of memory in LLImageRaw::verticalFlip()" << llendl; + return; + } S32 mid_row = getHeight() / 2; for( S32 row = 0; row < mid_row; row++ ) { U8* row_a_data = getData() + row * row_bytes; U8* row_b_data = getData() + (getHeight() - 1 - row) * row_bytes; - memcpy( line_buffer, row_a_data, row_bytes ); - memcpy( row_a_data, row_b_data, row_bytes ); - memcpy( row_b_data, line_buffer, row_bytes ); + memcpy( line_buffer, row_a_data, row_bytes ); /* Flawfinder: ignore */ + memcpy( row_a_data, row_b_data, row_bytes ); /* Flawfinder: ignore */ + memcpy( row_b_data, line_buffer, row_bytes ); /* Flawfinder: ignore */ } delete[] line_buffer; } @@ -672,7 +686,7 @@ void LLImageRaw::copyUnscaled(LLImageRaw* src) llassert( src->getComponents() == dst->getComponents() ); llassert( (src->getWidth() == dst->getWidth()) && (src->getHeight() == dst->getHeight()) ); - memcpy( dst->getData(), src->getData(), getWidth() * getHeight() * getComponents() ); + memcpy( dst->getData(), src->getData(), getWidth() * getHeight() * getComponents() ); /* Flawfinder: ignore */ } @@ -756,7 +770,7 @@ void LLImageRaw::copyScaled( LLImageRaw* src ) if( (src->getWidth() == dst->getWidth()) && (src->getHeight() == dst->getHeight()) ) { - memcpy( dst->getData(), src->getData(), getWidth() * getHeight() * getComponents() ); + memcpy( dst->getData(), src->getData(), getWidth() * getHeight() * getComponents() ); /* Flawfinder: ignore */ return; } @@ -822,7 +836,12 @@ void LLImageRaw::scale( S32 new_width, S32 new_height, BOOL scale_image_data ) // copy out existing image data S32 temp_data_size = old_width * old_height * getComponents(); U8* temp_buffer = new U8[ temp_data_size ]; - memcpy(temp_buffer, getData(), temp_data_size); + if (!temp_buffer) + { + llerrs << "Out of memory in LLImageRaw::scale( S32 new_width, S32 new_height, BOOL scale_image_data )" << llendl; + return; + } + memcpy(temp_buffer, getData(), temp_data_size); /* Flawfinder: ignore */ // allocate new image data, will delete old data U8* new_buffer = allocateDataSize(new_width, new_height, getComponents()); @@ -831,7 +850,7 @@ void LLImageRaw::scale( S32 new_width, S32 new_height, BOOL scale_image_data ) { if (row < old_height) { - memcpy(new_buffer + (new_width * row * getComponents()), temp_buffer + (old_width * row * getComponents()), getComponents() * llmin(old_width, new_width)); + memcpy(new_buffer + (new_width * row * getComponents()), temp_buffer + (old_width * row * getComponents()), getComponents() * llmin(old_width, new_width)); /* Flawfinder: ignore */ if (old_width < new_width) { // pad out rest of row with black @@ -1185,7 +1204,7 @@ bool LLImageRaw::createFromFile(const LLString &filename, bool j2c_lowest_mip_on llassert(image.notNull()); U8 *buffer = image->allocateData(length); - ifs.read ((char*)buffer, length); + ifs.read ((char*)buffer, length); /* Flawfinder: ignore */ ifs.close(); image->updateData(); @@ -1534,7 +1553,7 @@ BOOL LLImageFormatted::copyData(U8 *data, S32 size) { deleteData(); allocateData(size); - memcpy(getData(), data, size); + memcpy(getData(), data, size); /* Flawfinder: ignore */ } updateData(); // virtual @@ -1548,15 +1567,20 @@ BOOL LLImageFormatted::appendData(U8 *data, S32 size) U8* old_data = getData(); S32 new_size = old_size + size; U8* new_data = new U8[new_size]; + if (!new_data) + { + llerrs << "Out of memory in LLImageFormatted::appendData(U8 *data, S32 size)" << llendl; + return FALSE; + } // resize the image setDataAndSize(new_data, new_size); // copy the old data and delete it - memcpy(new_data, old_data, old_size); + memcpy(new_data, old_data, old_size); /* Flawfinder: ignore */ delete old_data; // if we have new data, copy it and call updateData() if (data) { - memcpy(new_data + old_size, data, size); + memcpy(new_data + old_size, data, size); /* Flawfinder: ignore */ updateData(); // virtual } return TRUE; diff --git a/indra/llimage/llimagebmp.cpp b/indra/llimage/llimagebmp.cpp index 94aaa5c19e..cca7443ba4 100644 --- a/indra/llimage/llimagebmp.cpp +++ b/indra/llimage/llimagebmp.cpp @@ -123,7 +123,10 @@ BOOL LLImageBMP::updateData() LLBMPHeader header; llassert( sizeof( header ) == BITMAP_HEADER_SIZE ); - memcpy((void *)&header, mdata + FILE_HEADER_SIZE, BITMAP_HEADER_SIZE); + memcpy( /* Flawfinder: ignore */ + (void*)&header, + mdata + FILE_HEADER_SIZE, + BITMAP_HEADER_SIZE); // convert BMP header from little endian (no-op on little endian builds) llendianswizzleone(header.mSize); @@ -257,7 +260,7 @@ BOOL LLImageBMP::updateData() extension_size = 4 * 3; - memcpy( mBitfieldMask, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, extension_size); + memcpy( mBitfieldMask, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, extension_size); /* Flawfinder: ignore */ } else if( windows_95_version ) @@ -266,11 +269,11 @@ BOOL LLImageBMP::updateData() extension_size = sizeof( win_95_extension ); llassert( sizeof( win_95_extension ) + BITMAP_HEADER_SIZE == 108 ); - memcpy( &win_95_extension, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, sizeof( win_95_extension ) ); + memcpy( &win_95_extension, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, sizeof( win_95_extension ) ); /* Flawfinder: ignore */ if( 3 == header.mCompression ) { - memcpy( mBitfieldMask, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, 4 * 4); + memcpy( mBitfieldMask, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE, 4 * 4); /* Flawfinder: ignore */ } // Color correction ignored for now @@ -298,7 +301,12 @@ BOOL LLImageBMP::updateData() if( 0 != mColorPaletteColors ) { mColorPalette = new U8[color_palette_size]; - memcpy( mColorPalette, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE + extension_size, color_palette_size ); + if (!mColorPalette) + { + llerrs << "Out of memory in LLImageBMP::updateData()" << llendl; + return FALSE; + } + memcpy( mColorPalette, mdata + FILE_HEADER_SIZE + BITMAP_HEADER_SIZE + extension_size, color_palette_size ); /* Flawfinder: ignore */ } return TRUE; @@ -568,7 +576,7 @@ BOOL LLImageBMP::encode(const LLImageRaw* raw_image, F32 encode_time) U32 cur_pos = 0; memcpy(mdata, magic, 14); cur_pos += 14; - memcpy(mdata+cur_pos, &header, 40); + memcpy(mdata+cur_pos, &header, 40); /* Flawfinder: ignore */ cur_pos += 40; if (getComponents() == 1) { diff --git a/indra/llimage/llimagedxt.cpp b/indra/llimage/llimagedxt.cpp index 9ddd044007..dfb5b957d3 100644 --- a/indra/llimage/llimagedxt.cpp +++ b/indra/llimage/llimagedxt.cpp @@ -260,7 +260,7 @@ BOOL LLImageDXT::decode(LLImageRaw* raw_image, F32 time) } raw_image->resize(width, height, ncomponents); - memcpy(raw_image->getData(), data, image_size); + memcpy(raw_image->getData(), data, image_size); /* Flawfinder: ignore */ return TRUE; } @@ -354,7 +354,7 @@ BOOL LLImageDXT::encode(const LLImageRaw* raw_image, F32 time, bool explicit_mip S32 bytes = formatBytes(format, w, h); if (mip==0) { - memcpy(mipdata, raw_image->getData(), bytes); + memcpy(mipdata, raw_image->getData(), bytes); /* Flawfinder: ignore */ } else if (explicit_mips) { @@ -406,15 +406,20 @@ bool LLImageDXT::convertToDXR() S32 total_bytes = getDataSize(); U8* olddata = getData(); U8* newdata = new U8[total_bytes]; + if (!newdata) + { + llerrs << "Out of memory in LLImageDXT::convertToDXR()" << llendl; + return false; + } llassert(total_bytes > 0); memset(newdata, 0, total_bytes); - memcpy(newdata, olddata, mHeaderSize); + memcpy(newdata, olddata, mHeaderSize); /* Flawfinder: ignore */ for (S32 mip=0; mip<nmips; mip++) { S32 bytes = formatBytes(mFileFormat, width, height); S32 newoffset = getMipOffset(mip); S32 oldoffset = mHeaderSize + (total_bytes - newoffset - bytes); - memcpy(newdata + newoffset, olddata + oldoffset, bytes); + memcpy(newdata + newoffset, olddata + oldoffset, bytes); /* Flawfinder: ignore */ width >>= 1; height >>= 1; } @@ -468,7 +473,7 @@ void LLImageDXT::extractMip(const U8 *indata, U8* mipdata, int width, int height for (int h=0;h<mip_height;++h) { int start_offset = initial_offset + line_width * h + line_offset; - memcpy(mipdata + mip_line_width*h, indata + start_offset, mip_line_width); + memcpy(mipdata + mip_line_width*h, indata + start_offset, mip_line_width); /* Flawfinder: ignore */ } } diff --git a/indra/llimage/llimagejpeg.cpp b/indra/llimage/llimagejpeg.cpp index c75e449db5..b1ab279de7 100644 --- a/indra/llimage/llimagejpeg.cpp +++ b/indra/llimage/llimagejpeg.cpp @@ -335,7 +335,12 @@ boolean LLImageJPEG::encodeEmptyOutputBuffer( j_compress_ptr cinfo ) // Double the buffer size; S32 new_buffer_size = self->mOutputBufferSize * 2; U8* new_buffer = new U8[ new_buffer_size ]; - memcpy( new_buffer, self->mOutputBuffer, self->mOutputBufferSize ); + if (!new_buffer) + { + llerrs << "Out of memory in LLImageJPEG::encodeEmptyOutputBuffer( j_compress_ptr cinfo )" << llendl; + return FALSE; + } + memcpy( new_buffer, self->mOutputBuffer, self->mOutputBufferSize ); /* Flawfinder: ignore */ delete[] self->mOutputBuffer; self->mOutputBuffer = new_buffer; @@ -359,7 +364,7 @@ void LLImageJPEG::encodeTermDestination( j_compress_ptr cinfo ) S32 file_bytes = (S32)(self->mOutputBufferSize - cinfo->dest->free_in_buffer); self->allocateData(file_bytes); - memcpy( self->getData(), self->mOutputBuffer, file_bytes ); + memcpy( self->getData(), self->mOutputBuffer, file_bytes ); /* Flawfinder: ignore */ } // static @@ -416,7 +421,7 @@ void LLImageJPEG::errorEmitMessage( j_common_ptr cinfo, int msg_level ) void LLImageJPEG::errorOutputMessage( j_common_ptr cinfo ) { // Create the message - char buffer[JMSG_LENGTH_MAX]; + char buffer[JMSG_LENGTH_MAX]; /* Flawfinder: ignore */ (*cinfo->err->format_message) (cinfo, buffer); ((LLImageJPEG*) cinfo->client_data)->setLastError( buffer ); diff --git a/indra/llimage/llimagetga.cpp b/indra/llimage/llimagetga.cpp index 1007f8e2bb..f19d85d754 100644 --- a/indra/llimage/llimagetga.cpp +++ b/indra/llimage/llimagetga.cpp @@ -183,7 +183,7 @@ BOOL LLImageTGA::updateData() // discard the ID field, if any if (mIDLength) { - memcpy(junk, getData()+mDataOffset, mIDLength); + memcpy(junk, getData()+mDataOffset, mIDLength); /* Flawfinder: ignore */ mDataOffset += mIDLength; } @@ -220,7 +220,12 @@ BOOL LLImageTGA::updateData() if ( (1 == mImageType) || (9 == mImageType) ) { mColorMap = new U8[ color_map_bytes ]; - memcpy( mColorMap, getData() + mDataOffset, color_map_bytes ); + if (!mColorMap) + { + llerrs << "Out of Memory in BOOL LLImageTGA::updateData()" << llendl; + return FALSE; + } + memcpy( mColorMap, getData() + mDataOffset, color_map_bytes ); /* Flawfinder: ignore */ } mDataOffset += color_map_bytes; @@ -432,7 +437,7 @@ BOOL LLImageTGA::decodeTruecolorNonRle( LLImageRaw* raw_image, BOOL &alpha_opaqu } else if (getComponents() == 1) { - memcpy(dst, src, pixels); + memcpy(dst, src, pixels); /* Flawfinder: ignore */ } return TRUE; @@ -673,7 +678,7 @@ BOOL LLImageTGA::encode(const LLImageRaw* raw_image, F32 encode_time) switch( getComponents() ) { case 1: - memcpy( dst, src, bytes_per_pixel * pixels ); + memcpy( dst, src, bytes_per_pixel * pixels ); /* Flawfinder: ignore */ break; case 2: @@ -1053,7 +1058,7 @@ bool LLImageTGA::loadFile( const LLString& path ) return false; } - FILE *file = LLFile::fopen(path.c_str(), "rb"); + FILE* file = LLFile::fopen(path.c_str(), "rb"); /* Flawfinder: ignore */ if( !file ) { llwarns << "Couldn't open file " << path << llendl; diff --git a/indra/llinventory/llinventory.cpp b/indra/llinventory/llinventory.cpp index cad1371247..124f22d5cf 100644 --- a/indra/llinventory/llinventory.cpp +++ b/indra/llinventory/llinventory.cpp @@ -303,16 +303,16 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf(buffer, " %254s %254s", keyword, valuestr); /* Flawfinder: ignore */ if(!keyword) { continue; @@ -341,7 +341,10 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -361,7 +364,7 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) // not sure whether exportLegacyStream(llofstream(fp)) would work, fp may need to get icramented... BOOL LLInventoryObject::exportFile(FILE* fp, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_object\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\tobj_id\t%s\n", uuid_str); @@ -375,7 +378,7 @@ BOOL LLInventoryObject::exportFile(FILE* fp, BOOL) const BOOL LLInventoryObject::exportLegacyStream(std::ostream& output_stream, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_object\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\tobj_id\t" << uuid_str << "\n"; @@ -628,12 +631,12 @@ BOOL LLInventoryItem::unpackMessage(LLMessageSystem* msg, const char* block, S32 mSaleInfo.unpackMultiMessage(msg, block, block_num); - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name, block_num); mName.assign(name); LLString::replaceNonstandardASCII(mName, ' '); - char desc[DB_INV_ITEM_DESC_BUF_SIZE]; + char desc[DB_INV_ITEM_DESC_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Description, DB_INV_ITEM_DESC_BUF_SIZE, desc, block_num); mDescription.assign(desc); LLString::replaceNonstandardASCII(mDescription, ' '); @@ -666,10 +669,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; - char junk[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ + char junk[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -680,7 +683,7 @@ BOOL LLInventoryItem::importFile(FILE* fp) while(success && (!feof(fp))) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf(buffer, " %254s %254s", keyword, valuestr); /* Flawfinder: ignore */ if(!keyword) { continue; @@ -754,7 +757,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); // IW: sscanf chokes and puts | in valuestr if there's no name if (valuestr[0] == '|') @@ -770,7 +776,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); if (valuestr[0] == '|') { @@ -812,7 +821,7 @@ BOOL LLInventoryItem::importFile(FILE* fp) BOOL LLInventoryItem::exportFile(FILE* fp, BOOL include_asset_key) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_item\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\titem_id\t%s\n", uuid_str); @@ -862,10 +871,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; - char junk[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ + char junk[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -876,7 +885,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) while(success && input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -950,7 +962,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); // IW: sscanf chokes and puts | in valuestr if there's no name if (valuestr[0] == '|') @@ -966,7 +981,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); if (valuestr[0] == '|') { @@ -1008,7 +1026,7 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) BOOL LLInventoryItem::exportLegacyStream(std::ostream& output_stream, BOOL include_asset_key) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_item\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\titem_id\t" << uuid_str << "\n"; @@ -1045,8 +1063,8 @@ BOOL LLInventoryItem::exportLegacyStream(std::ostream& output_stream, BOOL inclu const char* inv_type_str = LLInventoryType::lookup(mInventoryType); if(inv_type_str) output_stream << "\t\tinv_type\t" << inv_type_str << "\n"; - char buffer[32]; - sprintf(buffer, "\t\tflags\t%08x\n", mFlags); + char buffer[32]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), "\t\tflags\t%08x\n", mFlags); /* Flawfinder: ignore */ output_stream << buffer; mSaleInfo.exportLegacyStream(output_stream); output_stream << "\t\tname\t" << mName.c_str() << "|\n"; @@ -1316,18 +1334,18 @@ S32 LLInventoryItem::packBinaryBucket(U8* bin_bucket, LLPermissions* perm_overri // describe the inventory item char* buffer = (char*) bin_bucket; - char creator_id_str[UUID_STR_LENGTH]; + char creator_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getCreator().toString(creator_id_str); - char owner_id_str[UUID_STR_LENGTH]; + char owner_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getOwner().toString(owner_id_str); - char last_owner_id_str[UUID_STR_LENGTH]; + char last_owner_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getLastOwner().toString(last_owner_id_str); - char group_id_str[UUID_STR_LENGTH]; + char group_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getGroup().toString(group_id_str); - char asset_id_str[UUID_STR_LENGTH]; + char asset_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ getAssetUUID().toString(asset_id_str); - S32 size = sprintf(buffer, + S32 size = sprintf(buffer, /* Flawfinder: ignore */ "%d|%d|%s|%s|%s|%s|%s|%x|%x|%x|%x|%x|%s|%s|%d|%d|%x", getType(), getInventoryType(), @@ -1357,7 +1375,15 @@ void LLInventoryItem::unpackBinaryBucket(U8* bin_bucket, S32 bin_bucket_size) // Convert the bin_bucket into a string. char* item_buffer = new char[bin_bucket_size+1]; - memcpy(item_buffer, bin_bucket, bin_bucket_size); + if ((item_buffer != NULL) && (bin_bucket != NULL)) + { + memcpy(item_buffer, bin_bucket, bin_bucket_size); /* Flawfinder: ignore */ + } + else + { + llerrs << "unpackBinaryBucket failed. item_buffer or bin_bucket is Null." << llendl; + return; + } item_buffer[bin_bucket_size] = '\0'; std::string str(item_buffer); @@ -1500,7 +1526,7 @@ void LLInventoryCategory::unpackMessage(LLMessageSystem* msg, S8 type; msg->getS8Fast(block, _PREHASH_Type, type, block_num); mPreferredType = static_cast<LLAssetType::EType>(type); - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name, block_num); mName.assign(name); LLString::replaceNonstandardASCII(mName, ' '); @@ -1511,16 +1537,19 @@ BOOL LLInventoryCategory::importFile(FILE* fp) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(!feof(fp)) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -1553,7 +1582,10 @@ BOOL LLInventoryCategory::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -1569,7 +1601,7 @@ BOOL LLInventoryCategory::importFile(FILE* fp) BOOL LLInventoryCategory::exportFile(FILE* fp, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_category\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\tcat_id\t%s\n", uuid_str); @@ -1588,16 +1620,19 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -1630,7 +1665,10 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -1646,7 +1684,7 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) BOOL LLInventoryCategory::exportLegacyStream(std::ostream& output_stream, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_category\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\tcat_id\t" << uuid_str << "\n"; diff --git a/indra/llinventory/lllandmark.cpp b/indra/llinventory/lllandmark.cpp index 00d373cf02..7cb145d386 100644 --- a/indra/llinventory/lllandmark.cpp +++ b/indra/llinventory/lllandmark.cpp @@ -121,10 +121,13 @@ LLLandmark* LLLandmark::constructFromString(const char *buffer) { // *NOTE: Changing the buffer size will require changing the // scanf call below. - char region_id_str[MAX_STRING]; + char region_id_str[MAX_STRING]; /* Flawfinder: ignore */ LLVector3 pos; cur += chars_read; - count = sscanf(cur, "region_id %254s\n%n", region_id_str, &chars_read); + count = sscanf( /* Flawfinder: ignore */ + cur, + "region_id %254s\n%n", + region_id_str, &chars_read); if(count != 1) goto error; cur += chars_read; count = sscanf(cur, "local_pos %f %f %f\n%n", pos.mV+VX, pos.mV+VY, pos.mV+VZ, &chars_read); diff --git a/indra/llinventory/llnotecard.cpp b/indra/llinventory/llnotecard.cpp index 3e994a61aa..79545874b4 100644 --- a/indra/llinventory/llnotecard.cpp +++ b/indra/llinventory/llnotecard.cpp @@ -170,7 +170,7 @@ bool LLNotecard::importStream(std::istream& str) return FALSE; } - char line_buf[STD_STRING_BUF_SIZE]; + char line_buf[STD_STRING_BUF_SIZE]; /* Flawfinder: ignore */ str.getline(line_buf, STD_STRING_BUF_SIZE); if(str.fail()) { diff --git a/indra/llinventory/llparcel.cpp b/indra/llinventory/llparcel.cpp index a19c2216df..42a9d64254 100644 --- a/indra/llinventory/llparcel.cpp +++ b/indra/llinventory/llparcel.cpp @@ -998,7 +998,7 @@ BOOL LLParcel::importAccessEntry(std::istream& input_stream, LLAccessEntry* entr BOOL LLParcel::exportStream(std::ostream& output_stream) { S32 setting; - char id_string[MAX_STRING]; + char id_string[MAX_STRING]; /* Flawfinder: ignore */ std::ios::fmtflags old_flags = output_stream.flags(); output_stream.setf(std::ios::showpoint); @@ -1229,7 +1229,7 @@ void LLParcel::packMessage(LLMessageSystem* msg) void LLParcel::unpackMessage(LLMessageSystem* msg) { - char buffer[256]; + char buffer[256]; /* Flawfinder: ignore */ msg->getU32Fast( _PREHASH_ParcelData,_PREHASH_ParcelFlags, mParcelFlags ); msg->getS32Fast( _PREHASH_ParcelData,_PREHASH_SalePrice, mSalePrice ); diff --git a/indra/llinventory/llpermissions.cpp b/indra/llinventory/llpermissions.cpp index 124ba4d634..ac106eb09c 100644 --- a/indra/llinventory/llpermissions.cpp +++ b/indra/llinventory/llpermissions.cpp @@ -487,18 +487,18 @@ void LLPermissions::unpackMessage(LLMessageSystem* msg, const char* block, S32 b // File support // -BOOL LLPermissions::importFile(FILE *fp) +BOOL LLPermissions::importFile(FILE* fp) { init(LLUUID::null, LLUUID::null, LLUUID::null, LLUUID::null); const S32 BUFSIZE = 16384; // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[BUFSIZE]; - char keyword[256]; - char valuestr[256]; - char uuid_str[256]; - U32 mask; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ + char uuid_str[256]; /* Flawfinder: ignore */ + U32 mask; keyword[0] = '\0'; valuestr[0] = '\0'; @@ -506,7 +506,10 @@ BOOL LLPermissions::importFile(FILE *fp) while (!feof(fp)) { fgets(buffer, BUFSIZE, fp); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -554,22 +557,22 @@ BOOL LLPermissions::importFile(FILE *fp) } else if (!strcmp("creator_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mCreator.set(uuid_str); } else if (!strcmp("owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mOwner.set(uuid_str); } else if (!strcmp("last_owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mLastOwner.set(uuid_str); } else if (!strcmp("group_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mGroup.set(uuid_str); } else if (!strcmp("group_owned", keyword)) @@ -588,9 +591,9 @@ BOOL LLPermissions::importFile(FILE *fp) } -BOOL LLPermissions::exportFile(FILE *fp) const +BOOL LLPermissions::exportFile(FILE* fp) const { - char uuid_str[256]; + char uuid_str[256]; /* Flawfinder: ignore */ fprintf(fp, "\tpermissions 0\n"); fprintf(fp, "\t{\n"); @@ -629,11 +632,11 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[BUFSIZE]; - char keyword[256]; - char valuestr[256]; - char uuid_str[256]; - U32 mask; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ + char uuid_str[256]; /* Flawfinder: ignore */ + U32 mask; keyword[0] = '\0'; valuestr[0] = '\0'; @@ -641,7 +644,10 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) while (input_stream.good()) { input_stream.getline(buffer, BUFSIZE); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -689,22 +695,22 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) } else if (!strcmp("creator_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mCreator.set(uuid_str); } else if (!strcmp("owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mOwner.set(uuid_str); } else if (!strcmp("last_owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mLastOwner.set(uuid_str); } else if (!strcmp("group_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mGroup.set(uuid_str); } else if (!strcmp("group_owned", keyword)) @@ -725,21 +731,21 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) BOOL LLPermissions::exportLegacyStream(std::ostream& output_stream) const { - char uuid_str[256]; + char uuid_str[256]; /* Flawfinder: ignore */ output_stream << "\tpermissions 0\n"; output_stream << "\t{\n"; - char buffer[256]; - sprintf(buffer, "\t\tbase_mask\t%08x\n", mMaskBase); + char buffer[256]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), "\t\tbase_mask\t%08x\n", mMaskBase); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\towner_mask\t%08x\n", mMaskOwner); + snprintf(buffer, sizeof(buffer), "\t\towner_mask\t%08x\n", mMaskOwner); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\tgroup_mask\t%08x\n", mMaskGroup); + snprintf(buffer, sizeof(buffer), "\t\tgroup_mask\t%08x\n", mMaskGroup); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\teveryone_mask\t%08x\n", mMaskEveryone); + snprintf(buffer, sizeof(buffer), "\t\teveryone_mask\t%08x\n", mMaskEveryone); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\tnext_owner_mask\t%08x\n", mMaskNextOwner); + snprintf(buffer, sizeof(buffer), "\t\tnext_owner_mask\t%08x\n", mMaskNextOwner); /* Flawfinder: ignore */ output_stream << buffer; mCreator.toString(uuid_str); diff --git a/indra/llinventory/llsaleinfo.cpp b/indra/llinventory/llsaleinfo.cpp index 2bfac4d3e7..c469eae33c 100644 --- a/indra/llinventory/llsaleinfo.cpp +++ b/indra/llinventory/llsaleinfo.cpp @@ -141,9 +141,9 @@ BOOL LLSaleInfo::importFile(FILE* fp, BOOL& has_perm_mask, U32& perm_mask) // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -151,7 +151,10 @@ BOOL LLSaleInfo::importFile(FILE* fp, BOOL& has_perm_mask, U32& perm_mask) while(success && (!feof(fp))) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -194,9 +197,9 @@ BOOL LLSaleInfo::importLegacyStream(std::istream& input_stream, BOOL& has_perm_m // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -204,7 +207,10 @@ BOOL LLSaleInfo::importLegacyStream(std::istream& input_stream, BOOL& has_perm_m while(success && input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; diff --git a/indra/llmath/llcamera.cpp b/indra/llmath/llcamera.cpp index 675659c68a..eaeb83f625 100644 --- a/indra/llmath/llcamera.cpp +++ b/indra/llmath/llcamera.cpp @@ -102,25 +102,25 @@ void LLCamera::setFar(F32 far_plane) size_t LLCamera::writeFrustumToBuffer(char *buffer) const { - memcpy(buffer, &mView, sizeof(F32)); + memcpy(buffer, &mView, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(buffer, &mAspect, sizeof(F32)); + memcpy(buffer, &mAspect, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(buffer, &mNearPlane, sizeof(F32)); + memcpy(buffer, &mNearPlane, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(buffer, &mFarPlane, sizeof(F32)); + memcpy(buffer, &mFarPlane, sizeof(F32)); /* Flawfinder: ignore */ return 4*sizeof(F32); } size_t LLCamera::readFrustumFromBuffer(const char *buffer) { - memcpy(&mView, buffer, sizeof(F32)); + memcpy(&mView, buffer, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(&mAspect, buffer, sizeof(F32)); + memcpy(&mAspect, buffer, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(&mNearPlane, buffer, sizeof(F32)); + memcpy(&mNearPlane, buffer, sizeof(F32)); /* Flawfinder: ignore */ buffer += sizeof(F32); - memcpy(&mFarPlane, buffer, sizeof(F32)); + memcpy(&mFarPlane, buffer, sizeof(F32)); /* Flawfinder: ignore */ return 4*sizeof(F32); } diff --git a/indra/llmath/llcoordframe.cpp b/indra/llmath/llcoordframe.cpp index c8b69e57cd..ae20c9e6d7 100644 --- a/indra/llmath/llcoordframe.cpp +++ b/indra/llmath/llcoordframe.cpp @@ -441,26 +441,26 @@ void LLCoordFrame::getRotMatrixToParent(LLMatrix4& mat) const size_t LLCoordFrame::writeOrientation(char *buffer) const { - memcpy(buffer, mOrigin.mV, 3*sizeof(F32)); + memcpy(buffer, mOrigin.mV, 3*sizeof(F32)); /*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(buffer, mXAxis.mV, 3*sizeof(F32)); + memcpy(buffer, mXAxis.mV, 3*sizeof(F32)); /*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(buffer, mYAxis.mV, 3*sizeof(F32)); + memcpy(buffer, mYAxis.mV, 3*sizeof(F32));/*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(buffer, mZAxis.mV, 3*sizeof(F32)); + memcpy(buffer, mZAxis.mV, 3*sizeof(F32)); /*Flawfinder: ignore */ return 12*sizeof(F32); } size_t LLCoordFrame::readOrientation(const char *buffer) { - memcpy(mOrigin.mV, buffer, 3*sizeof(F32)); + memcpy(mOrigin.mV, buffer, 3*sizeof(F32)); /*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(mXAxis.mV, buffer, 3*sizeof(F32)); + memcpy(mXAxis.mV, buffer, 3*sizeof(F32)); /*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(mYAxis.mV, buffer, 3*sizeof(F32)); + memcpy(mYAxis.mV, buffer, 3*sizeof(F32)); /*Flawfinder: ignore */ buffer += 3*sizeof(F32); - memcpy(mZAxis.mV, buffer, 3*sizeof(F32)); + memcpy(mZAxis.mV, buffer, 3*sizeof(F32)); /*Flawfinder: ignore */ if( !isFinite() ) { diff --git a/indra/llmath/llvolume.cpp b/indra/llmath/llvolume.cpp index 0f8adb2f5c..75e4042f07 100644 --- a/indra/llmath/llvolume.cpp +++ b/indra/llmath/llvolume.cpp @@ -705,11 +705,11 @@ BOOL LLProfile::generate(BOOL path_open,F32 detail, S32 split) BOOL LLProfileParams::importFile(FILE *fp) { const S32 BUFSIZE = 16384; - char buffer[BUFSIZE]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ // *NOTE: changing the size or type of these buffers will require // changing the sscanf below. - char keyword[256]; - char valuestr[256]; + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ keyword[0] = 0; valuestr[0] = 0; F32 tempF32; @@ -718,7 +718,10 @@ BOOL LLProfileParams::importFile(FILE *fp) while (!feof(fp)) { fgets(buffer, BUFSIZE, fp); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -777,11 +780,11 @@ BOOL LLProfileParams::exportFile(FILE *fp) const BOOL LLProfileParams::importLegacyStream(std::istream& input_stream) { const S32 BUFSIZE = 16384; - char buffer[BUFSIZE]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ // *NOTE: changing the size or type of these buffers will require // changing the sscanf below. - char keyword[256]; - char valuestr[256]; + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ keyword[0] = 0; valuestr[0] = 0; F32 tempF32; @@ -790,7 +793,11 @@ BOOL LLProfileParams::importLegacyStream(std::istream& input_stream) while (input_stream.good()) { input_stream.getline(buffer, BUFSIZE); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, + valuestr); if (!keyword) { continue; @@ -1199,11 +1206,11 @@ BOOL LLDynamicPath::generate(F32 detail, S32 split) BOOL LLPathParams::importFile(FILE *fp) { const S32 BUFSIZE = 16384; - char buffer[BUFSIZE]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ // *NOTE: changing the size or type of these buffers will require // changing the sscanf below. - char keyword[256]; - char valuestr[256]; + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ keyword[0] = 0; valuestr[0] = 0; @@ -1214,7 +1221,10 @@ BOOL LLPathParams::importFile(FILE *fp) while (!feof(fp)) { fgets(buffer, BUFSIZE, fp); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -1340,11 +1350,11 @@ BOOL LLPathParams::exportFile(FILE *fp) const BOOL LLPathParams::importLegacyStream(std::istream& input_stream) { const S32 BUFSIZE = 16384; - char buffer[BUFSIZE]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ // *NOTE: changing the size or type of these buffers will require // changing the sscanf below. - char keyword[256]; - char valuestr[256]; + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ keyword[0] = 0; valuestr[0] = 0; @@ -1355,7 +1365,10 @@ BOOL LLPathParams::importLegacyStream(std::istream& input_stream) while (input_stream.good()) { input_stream.getline(buffer, BUFSIZE); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -2166,7 +2179,7 @@ S32 *LLVolume::getTriangleIndices(U32 &num_indices) const size_s_out = getProfile().getTotalOut(); size_t = getPath().mPath.size(); - if (open) + if (open) /* Flawfinder: ignore */ { if (hollow) { @@ -2788,7 +2801,7 @@ noindices: return NULL; } num_indices = count; - memcpy(indices, index, count * sizeof(S32)); + memcpy(indices, index, count * sizeof(S32)); /* Flawfinder: ignore */ return indices; } @@ -3291,7 +3304,7 @@ BOOL LLVolume::cleanupTriangleData( const S32 num_input_vertices, *output_triangles = new S32[cur_tri*3]; num_output_triangles = cur_tri; - memcpy(*output_triangles, sorted_tris, 3*cur_tri*sizeof(S32)); + memcpy(*output_triangles, sorted_tris, 3*cur_tri*sizeof(S32)); /* Flawfinder: ignore */ /* llinfos << "Out vertices: " << num_output_vertices << llendl; @@ -3328,16 +3341,16 @@ BOOL LLVolumeParams::importFile(FILE *fp) { //llinfos << "importing volume" << llendl; const S32 BUFSIZE = 16384; - char buffer[BUFSIZE]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ // *NOTE: changing the size or type of this buffer will require // changing the sscanf below. - char keyword[256]; + char keyword[256]; /* Flawfinder: ignore */ keyword[0] = 0; while (!feof(fp)) { fgets(buffer, BUFSIZE, fp); - sscanf(buffer, " %255s", keyword); + sscanf(buffer, " %255s", keyword); /* Flawfinder: ignore */ if (!keyword) { continue; @@ -3384,8 +3397,8 @@ BOOL LLVolumeParams::importLegacyStream(std::istream& input_stream) const S32 BUFSIZE = 16384; // *NOTE: changing the size or type of this buffer will require // changing the sscanf below. - char buffer[BUFSIZE]; - char keyword[256]; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ + char keyword[256]; /* Flawfinder: ignore */ keyword[0] = 0; while (input_stream.good()) diff --git a/indra/llmath/llvolumemgr.cpp b/indra/llmath/llvolumemgr.cpp index 54be916c12..0e41d110fc 100644 --- a/indra/llmath/llvolumemgr.cpp +++ b/indra/llmath/llvolumemgr.cpp @@ -267,7 +267,7 @@ F32 LLVolumeLODGroup::getVolumeScaleFromDetail(const S32 detail) F32 LLVolumeLODGroup::dump() { - char dump_str[255]; + char dump_str[255]; /* Flawfinder: ignore */ F32 usage = 0.f; for (S32 i = 0; i < NUM_LODS; i++) { @@ -278,7 +278,7 @@ F32 LLVolumeLODGroup::dump() } usage = usage / (F32)NUM_LODS; - sprintf(dump_str, "%.3f %d %d %d %d", usage, mAccessCount[0], mAccessCount[1], mAccessCount[2], mAccessCount[3]); + snprintf(dump_str, sizeof(dump_str), "%.3f %d %d %d %d", usage, mAccessCount[0], mAccessCount[1], mAccessCount[2], mAccessCount[3]); /* Flawfinder: ignore */ llinfos << dump_str << llendl; return usage; diff --git a/indra/llmath/v3color.h b/indra/llmath/v3color.h index 3777c00054..956cca614d 100644 --- a/indra/llmath/v3color.h +++ b/indra/llmath/v3color.h @@ -147,7 +147,7 @@ inline LLColor3::LLColor3(const F32 *vec) inline LLColor3::LLColor3(char* color_string) // takes a string of format "RRGGBB" where RR is hex 00..FF { - if (strlen(color_string) < 6) + if (strlen(color_string) < 6) /* Flawfinder: ignore */ { mV[0] = 0.f; mV[1] = 0.f; @@ -155,8 +155,8 @@ inline LLColor3::LLColor3(char* color_string) // takes a string of format "RRGGB return; } - static char tempstr[7]; - strncpy(tempstr,color_string,6); + static char tempstr[7]; /* Flawfinder: ignore */ + strncpy(tempstr,color_string,6); /* Flawfinder: ignore */ tempstr[6] = '\0'; mV[VZ] = (F32)strtol(&tempstr[4],NULL,16)/255.f; tempstr[4] = '\0'; diff --git a/indra/llmessage/llassetstorage.cpp b/indra/llmessage/llassetstorage.cpp index e2bfd0496b..4ec5ec34ec 100644 --- a/indra/llmessage/llassetstorage.cpp +++ b/indra/llmessage/llassetstorage.cpp @@ -1037,12 +1037,12 @@ void LLAssetStorage::legacyGetDataCallback(LLVFS *vfs, const LLUUID &uuid, LLAss uuid.toString(uuid_str); snprintf(filename,sizeof(filename),"%s.%s",gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_str).c_str(),LLAssetType::lookup(type)); /* Flawfinder: ignore */ - FILE *fp = LLFile::fopen(filename, "wb"); /* Flawfinder: ignore */ + FILE* fp = LLFile::fopen(filename, "wb"); /* Flawfinder: ignore */ if (fp) { const S32 buf_size = 65536; U8 copy_buf[buf_size]; - while (file.read(copy_buf, buf_size)) + while (file.read(copy_buf, buf_size)) /* Flawfinder: ignore */ { if (fwrite(copy_buf, file.getLastBytesRead(), 1, fp) < 1) { diff --git a/indra/llmessage/llbuffer.cpp b/indra/llmessage/llbuffer.cpp index 009387598b..e4200b914b 100644 --- a/indra/llmessage/llbuffer.cpp +++ b/indra/llmessage/llbuffer.cpp @@ -90,7 +90,7 @@ LLHeapBuffer::LLHeapBuffer(const U8* src, S32 len) allocate(len); if(mBuffer) { - memcpy(mBuffer, src, len); + memcpy(mBuffer, src, len); /*Flawfinder: ignore*/ } } else @@ -716,7 +716,7 @@ bool LLBufferArray::copyIntoBuffers( } segments.push_back(segment); S32 bytes = llmin(segment.size(), len); - memcpy(segment.data(), src + copied, bytes); /* Flawfinder Ignore */ + memcpy(segment.data(), src + copied, bytes); /* Flawfinder: Ignore */ copied += bytes; len -= bytes; if(0 == len) @@ -738,7 +738,7 @@ bool LLBufferArray::copyIntoBuffers( return false; } segments.push_back(segment); - memcpy(segment.data(), src + copied, segment.size()); + memcpy(segment.data(), src + copied, segment.size()); /*Flawfinder: ignore*/ copied += segment.size(); len -= segment.size(); } diff --git a/indra/llmessage/llcachename.cpp b/indra/llmessage/llcachename.cpp index 2232e8642b..6841dda9a4 100644 --- a/indra/llmessage/llcachename.cpp +++ b/indra/llmessage/llcachename.cpp @@ -278,7 +278,10 @@ void LLCacheName::importFile(FILE* fp) // *NOTE: This buffer size is hardcoded into sscanf() below char version_string[BUFFER_SIZE]; /*Flawfinder: ignore*/ S32 version = 0; - S32 match = sscanf(buffer, "%1023s %d", version_string, &version); + S32 match = sscanf( /* Flawfinder: ignore */ + buffer, + "%1023s %d", + version_string, &version); if ( match != 2 || strcmp(version_string, "version") || version != CN_FILE_VERSION) @@ -297,7 +300,7 @@ void LLCacheName::importFile(FILE* fp) valid = fgets(buffer, BUFFER_SIZE, fp); if (!valid) break; - match = sscanf( + match = sscanf( /* Flawfinder: ignore */ buffer, "%254s %u %254s %254s", id_string, @@ -376,7 +379,7 @@ BOOL LLCacheName::getName(const LLUUID& id, char* first, char* last) { // The function signature needs to change to pass in the // length of first and last. - strcpy(first, CN_NOBODY); + strcpy(first, CN_NOBODY); /*Flawfinder: ignore*/ last[0] = '\0'; return FALSE; } @@ -386,8 +389,8 @@ BOOL LLCacheName::getName(const LLUUID& id, char* first, char* last) { // The function signature needs to change to pass in the // length of first and last. - strcpy(first, entry->mFirstName); - strcpy(last, entry->mLastName); + strcpy(first, entry->mFirstName); /*Flawfinder: ignore*/ + strcpy(last, entry->mLastName); /*Flawfinder: ignore*/ return TRUE; } else @@ -397,7 +400,7 @@ BOOL LLCacheName::getName(const LLUUID& id, char* first, char* last) strcpy(first,(ll_frand() < HIPPO_PROBABILITY) ? CN_HIPPOS : CN_WAITING); - strcpy(last, ""); + strcpy(last, ""); /*Flawfinder: ignore*/ impl.mAskNameQueue.push_back(id); return FALSE; @@ -413,7 +416,7 @@ BOOL LLCacheName::getGroupName(const LLUUID& id, char* group) { // The function signature needs to change to pass in the // length of first and last. - strcpy(group, CN_NONE); + strcpy(group, CN_NONE); /*Flawfinder: ignore*/ return FALSE; } @@ -431,14 +434,14 @@ BOOL LLCacheName::getGroupName(const LLUUID& id, char* group) { // The function signature needs to change to pass in the length // of group. - strcpy(group, entry->mGroupName); + strcpy(group, entry->mGroupName); /*Flawfinder: ignore*/ return TRUE; } else { // The function signature needs to change to pass in the length // of first and last. - strcpy(group, CN_WAITING); + strcpy(group, CN_WAITING); /*Flawfinder: ignore*/ impl.mAskGroupQueue.push_back(id); return FALSE; diff --git a/indra/llmessage/lldatapacker.cpp b/indra/llmessage/lldatapacker.cpp index 627f77d4d8..10929dfbb2 100644 --- a/indra/llmessage/lldatapacker.cpp +++ b/indra/llmessage/lldatapacker.cpp @@ -524,7 +524,7 @@ const LLDataPackerBinaryBuffer& LLDataPackerBinaryBuffer::operator=(const LLData // We've got problems, ack! llerrs << "Trying to do an assignment with not enough room in the target." << llendl; } - memcpy(mBufferp, a.mBufferp, a.getBufferSize()); + memcpy(mBufferp, a.mBufferp, a.getBufferSize()); /*Flawfinder: ignore*/ return *this; } @@ -1217,7 +1217,7 @@ BOOL LLDataPackerAsciiBuffer::unpackUUID(LLUUID &value, const char *name) } char tmp_str[64]; /* Flawfinder: ignore */ - sscanf(valuestr, "%63s", tmp_str); + sscanf(valuestr, "%63s", tmp_str); /* Flawfinder: ignore */ value.set(tmp_str); return success; @@ -1239,7 +1239,7 @@ void LLDataPackerAsciiBuffer::writeIndentedName(const char *name) } else { - numCopied = (S32)strlen(name) + 1; //name + tab /* Flawfinder: ignore */ + numCopied = (S32)strlen(name) + 1; /* Flawfinder: ignore */ //name + tab } // snprintf returns number of bytes that would have been written had the @@ -1269,9 +1269,9 @@ BOOL LLDataPackerAsciiBuffer::getValueStr(const char *name, char *out_value, S32 // Read both the name and the value, and validate the name. sscanf(mCurBufferp, "%511[^\n]", buffer); // Skip the \n - mCurBufferp += (S32)strlen(buffer) + 1; + mCurBufferp += (S32)strlen(buffer) + 1; /* Flawfinder: ignore */ - sscanf(buffer, "%511s %511[^\n]", keyword, value); + sscanf(buffer, "%511s %511[^\n]", keyword, value); /* Flawfinder: ignore */ if (strcmp(keyword, name)) { @@ -1775,7 +1775,7 @@ BOOL LLDataPackerAsciiFile::unpackUUID(LLUUID &value, const char *name) } char tmp_str[64]; /*Flawfinder: ignore */ - sscanf(valuestr,"%63s",tmp_str); + sscanf(valuestr,"%63s",tmp_str); /* Flawfinder: ignore */ value.set(tmp_str); return success; @@ -1819,7 +1819,7 @@ BOOL LLDataPackerAsciiFile::getValueStr(const char *name, char *out_value, S32 v fgetpos(mFP, &last_pos); fgets(buffer, DP_BUFSIZE, mFP); - sscanf(buffer, "%511s %511[^\n]", keyword, value); + sscanf(buffer, "%511s %511[^\n]", keyword, value); /* Flawfinder: ignore */ if (!keyword[0]) { @@ -1844,7 +1844,7 @@ BOOL LLDataPackerAsciiFile::getValueStr(const char *name, char *out_value, S32 v { mInputStream->getline(buffer, DP_BUFSIZE); - sscanf(buffer, "%511s %511[^\n]", keyword, value); + sscanf(buffer, "%511s %511[^\n]", keyword, value); /* Flawfinder: ignore */ if (!keyword[0]) { llwarns << "Data packer could not get the keyword!" << llendl; diff --git a/indra/llmessage/llhost.cpp b/indra/llmessage/llhost.cpp index 501d9465c2..66203321ef 100644 --- a/indra/llmessage/llhost.cpp +++ b/indra/llmessage/llhost.cpp @@ -68,7 +68,7 @@ void LLHost::getIPString(char* buffer, S32 length) const std::string LLHost::getIPandPort() const { - char buffer[MAXADDRSTR + 1 + 5]; + char buffer[MAXADDRSTR + 1 + 5]; /*Flawfinder: ignore*/ getString(buffer, sizeof(buffer)); return buffer; } diff --git a/indra/llmessage/llhttpassetstorage.cpp b/indra/llmessage/llhttpassetstorage.cpp index 23beeafb13..d429dd5b63 100644 --- a/indra/llmessage/llhttpassetstorage.cpp +++ b/indra/llmessage/llhttpassetstorage.cpp @@ -99,7 +99,7 @@ LLHTTPAssetRequest::LLHTTPAssetRequest(LLHTTPAssetStorage *asp, const LLUUID &uu mURLBuffer = new char[strlen(url) + 1]; /*Flawfinder: ignore*/ if (mURLBuffer) { - strcpy(mURLBuffer, url); + strcpy(mURLBuffer, url); /*Flawfinder: ignore*/ } } diff --git a/indra/llmessage/llinstantmessage.cpp b/indra/llmessage/llinstantmessage.cpp index 10ff8eb88d..ecdc9e6dc3 100644 --- a/indra/llmessage/llinstantmessage.cpp +++ b/indra/llmessage/llinstantmessage.cpp @@ -207,8 +207,8 @@ void pack_instant_message_block( S32 bytes_left = MTUBYTES; if(message) { - char buffer[MTUBYTES]; - bytes_left -= snprintf(buffer, MTUBYTES, "%s", message); + char buffer[MTUBYTES]; /*Flawfinder: ignore*/ + bytes_left -= snprintf(buffer, MTUBYTES, "%s", message); /*Flawfinder: ignore*/ bytes_left = llmax(0, bytes_left); msg->addStringFast(_PREHASH_Message, buffer); } @@ -244,11 +244,11 @@ void LLIMInfo::unpackMessageBlock(LLMessageSystem* msg) mIMType = (EInstantMessage) dialog; msg->getUUIDFast(_PREHASH_MessageBlock, _PREHASH_ID, mID); msg->getU32Fast(_PREHASH_MessageBlock, _PREHASH_Timestamp, mTimeStamp); - char name[DB_FULL_NAME_BUF_SIZE]; + char name[DB_FULL_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_MessageBlock, _PREHASH_FromAgentName, DB_FULL_NAME_BUF_SIZE, name); mName.assign(name); - char message[DB_IM_MSG_BUF_SIZE]; + char message[DB_IM_MSG_BUF_SIZE]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_MessageBlock, _PREHASH_Message, DB_IM_MSG_BUF_SIZE, message); mMessage.assign(message); diff --git a/indra/llmessage/llnamevalue.cpp b/indra/llmessage/llnamevalue.cpp index 02ddec1bf5..46e28ed29e 100644 --- a/indra/llmessage/llnamevalue.cpp +++ b/indra/llmessage/llnamevalue.cpp @@ -40,7 +40,7 @@ user_callback_map_t gUserCallbackMap; LLStringTable gNVNameTable(16384); -char NameValueTypeStrings[NVT_EOF][NAME_VALUE_TYPE_STRING_LENGTH] = +char NameValueTypeStrings[NVT_EOF][NAME_VALUE_TYPE_STRING_LENGTH] = /*Flawfinder: Ignore*/ { "NULL", "STRING", @@ -51,17 +51,17 @@ char NameValueTypeStrings[NVT_EOF][NAME_VALUE_TYPE_STRING_LENGTH] = "CAMERA", // Deprecated, but leaving in case removing completely would cause problems "ASSET", "U64" -}; /*Flawfinder: Ignore*/ +}; -char NameValueClassStrings[NVC_EOF][NAME_VALUE_CLASS_STRING_LENGTH] = +char NameValueClassStrings[NVC_EOF][NAME_VALUE_CLASS_STRING_LENGTH] = /*Flawfinder: Ignore*/ { "NULL", "R", // read only "RW", // read write "CB" // callback -}; /*Flawfinder: Ignore*/ +}; -char NameValueSendtoStrings[NVS_EOF][NAME_VALUE_SENDTO_STRING_LENGTH] = +char NameValueSendtoStrings[NVS_EOF][NAME_VALUE_SENDTO_STRING_LENGTH] = /*Flawfinder: Ignore*/ { "NULL", "S", // "Sim", formerly SIM @@ -393,11 +393,11 @@ LLNameValue::LLNameValue(const char *name, const char *type, const char *nvclass LLNameValue::LLNameValue(const char *data) { baseInit(); - static char name[NV_BUFFER_LEN]; - static char type[NV_BUFFER_LEN]; - static char nvclass[NV_BUFFER_LEN]; - static char nvsendto[NV_BUFFER_LEN]; - static char nvdata[NV_BUFFER_LEN]; + static char name[NV_BUFFER_LEN]; /*Flawfinder: ignore*/ + static char type[NV_BUFFER_LEN]; /*Flawfinder: ignore*/ + static char nvclass[NV_BUFFER_LEN]; /*Flawfinder: ignore*/ + static char nvsendto[NV_BUFFER_LEN]; /*Flawfinder: ignore*/ + static char nvdata[NV_BUFFER_LEN]; /*Flawfinder: ignore*/ S32 i; @@ -421,7 +421,7 @@ LLNameValue::LLNameValue(const char *data) } // read in the name - sscanf((data + character_count), "%2047s", name); + sscanf((data + character_count), "%2047s", name); /*Flawfinder: ignore*/ // bump past it and add null terminator length = (S32)strlen(name); /* Flawfinder: ignore */ @@ -445,7 +445,7 @@ LLNameValue::LLNameValue(const char *data) } // read in the type - sscanf((data + character_count), "%2047s", type); + sscanf((data + character_count), "%2047s", type); /*Flawfinder: ignore*/ // bump past it and add null terminator length = (S32)strlen(type); /* Flawfinder: ignore */ @@ -481,7 +481,7 @@ LLNameValue::LLNameValue(const char *data) { // yes we do! // read in the class - sscanf((data + character_count), "%2047s", nvclass); + sscanf((data + character_count), "%2047s", nvclass); /*Flawfinder: ignore*/ // bump past it and add null terminator length = (S32)strlen(nvclass); /* Flawfinder: ignore */ @@ -523,7 +523,7 @@ LLNameValue::LLNameValue(const char *data) if (i != NVS_EOF) { // found a sendto argument - sscanf((data + character_count), "%2047s", nvsendto); + sscanf((data + character_count), "%2047s", nvsendto); /*Flawfinder: ignore*/ // add null terminator length = (S32)strlen(nvsendto); /* Flawfinder: ignore */ diff --git a/indra/llmessage/llpacketack.h b/indra/llmessage/llpacketack.h index 1b62dc9415..0874da6236 100644 --- a/indra/llmessage/llpacketack.h +++ b/indra/llmessage/llpacketack.h @@ -111,7 +111,7 @@ public: mBuffer = new U8[buf_len]; if (mBuffer != NULL) { - memcpy(mBuffer,buf_ptr,buf_len); + memcpy(mBuffer,buf_ptr,buf_len); /*Flawfinder: ignore*/ mBufferLength = buf_len; } diff --git a/indra/llmessage/llpacketbuffer.cpp b/indra/llmessage/llpacketbuffer.cpp index 95c2217a69..d5796c131b 100644 --- a/indra/llmessage/llpacketbuffer.cpp +++ b/indra/llmessage/llpacketbuffer.cpp @@ -25,7 +25,7 @@ LLPacketBuffer::LLPacketBuffer(const LLHost &host, const char *datap, const S32 if (datap != NULL) { - memcpy(mData, datap, size); + memcpy(mData, datap, size); /*Flawfinder: ignore*/ mSize = size; } diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 1bf72edfc1..e3612120d1 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -113,7 +113,7 @@ S32 LLPacketRing::receiveFromRing (S32 socket, char *datap) packet_size = packetp->getSize(); if (packetp->getData() != NULL) { - memcpy(datap, packetp->getData(), packet_size); + memcpy(datap, packetp->getData(), packet_size); /*Flawfinder: ignore*/ } // need to set sender IP/port!! mLastSender = packetp->getHost(); diff --git a/indra/llmessage/lltransfermanager.cpp b/indra/llmessage/lltransfermanager.cpp index 34344040b8..51c3aafbbb 100644 --- a/indra/llmessage/lltransfermanager.cpp +++ b/indra/llmessage/lltransfermanager.cpp @@ -346,7 +346,7 @@ void LLTransferManager::processTransferInfo(LLMessageSystem *msgp, void **) { if ((packetp->mDatap != NULL) && (size<(S32)sizeof(tmp_data))) { - memcpy(tmp_data, packetp->mDatap, size); + memcpy(tmp_data, packetp->mDatap, size); /*Flawfinder: ignore*/ } } status = packetp->mStatus; @@ -519,7 +519,7 @@ void LLTransferManager::processTransferPacket(LLMessageSystem *msgp, void **) { if ((packetp->mDatap != NULL) && (size<(S32)sizeof(tmp_data))) { - memcpy(tmp_data, packetp->mDatap, size); + memcpy(tmp_data, packetp->mDatap, size); /*Flawfinder: ignore*/ } } status = packetp->mStatus; @@ -1157,7 +1157,7 @@ LLTransferPacket::LLTransferPacket(const S32 packet_id, const LLTSCode status, c mDatap = new U8[size]; if (mDatap != NULL) { - memcpy(mDatap, datap, size); + memcpy(mDatap, datap, size); /*Flawfinder: ignore*/ } } diff --git a/indra/llmessage/llxfer.cpp b/indra/llmessage/llxfer.cpp index f43a8a56ff..1a1492c20a 100644 --- a/indra/llmessage/llxfer.cpp +++ b/indra/llmessage/llxfer.cpp @@ -116,7 +116,7 @@ S32 LLXfer::receiveData (char *datap, S32 data_size) { if (datap != NULL) { - memcpy(&mBuffer[mBufferLength],datap,data_size); + memcpy(&mBuffer[mBufferLength],datap,data_size); /*Flawfinder: ignore*/ mBufferLength += data_size; } else @@ -193,7 +193,7 @@ void LLXfer::sendPacket(S32 packet_num) num_copy = llmin(num_copy, (S32)(mBufferLength - desired_read_position)); if (num_copy > 0) { - memcpy(fdata_buf,&mBuffer[desired_read_position],num_copy); + memcpy(fdata_buf,&mBuffer[desired_read_position],num_copy); /*Flawfinder: ignore*/ } } else @@ -206,7 +206,7 @@ void LLXfer::sendPacket(S32 packet_num) (S32)(mBufferLength - desired_read_position)); if (num_copy > 0) { - memcpy( + memcpy( /*Flawfinder: ignore*/ fdata_buf + sizeof(S32), &mBuffer[desired_read_position], num_copy); diff --git a/indra/llmessage/llxfer_file.cpp b/indra/llmessage/llxfer_file.cpp index da72467c76..46d31685e3 100644 --- a/indra/llmessage/llxfer_file.cpp +++ b/indra/llmessage/llxfer_file.cpp @@ -394,8 +394,8 @@ U32 LLXfer_File::getXferTypeTag() S32 copy_file(const char* from, const char* to) { S32 rv = 0; - FILE* in = LLFile::fopen(from, "rb"); - FILE* out = LLFile::fopen(to, "wb"); + FILE* in = LLFile::fopen(from, "rb"); /*Flawfinder: ignore*/ + FILE* out = LLFile::fopen(to, "wb"); /*Flawfinder: ignore*/ if(in && out) { S32 read = 0; diff --git a/indra/llmessage/message.cpp b/indra/llmessage/message.cpp index f849e989b4..dc05e9c8ed 100644 --- a/indra/llmessage/message.cpp +++ b/indra/llmessage/message.cpp @@ -968,7 +968,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) LLMessageVariable var; char var_name[MAX_MESSAGE_INTERNAL_NAME_SIZE]; /* Flawfinder: ignore */ - char formatString[MAX_MESSAGE_INTERNAL_NAME_SIZE]; + char formatString[MAX_MESSAGE_INTERNAL_NAME_SIZE]; /* Flawfinder: ignore */ FILE* messagefilep = NULL; mMessageFileChecksum = 0; @@ -976,14 +976,19 @@ void LLMessageSystem::loadTemplateFile(const char* filename) S32 checksum_offset = 0; char* checkp = NULL; - snprintf(formatString, sizeof(formatString), "%%%ds", MAX_MESSAGE_INTERNAL_NAME_SIZE); - messagefilep = LLFile::fopen(filename, "r"); + // scanf needs 1 byte more than width, thus the MAX_... -1. + snprintf( /* Flawfinder: ignore */ + formatString, + sizeof(formatString), + "%%%ds", + MAX_MESSAGE_INTERNAL_NAME_SIZE - 1); + messagefilep = LLFile::fopen(filename, "r"); /* Flawfinder: ignore */ if (messagefilep) { // mName = gMessageStringTable.getString(filename); fseek(messagefilep, 0L, SEEK_SET ); - while(fscanf(messagefilep, formatString, token) != EOF) + while(fscanf(messagefilep, formatString, token) != EOF) /* Flawfinder: ignore */ { // skip comments if (token[0] == '/') @@ -1113,7 +1118,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) b_template = FALSE; // name first - if (fscanf(messagefilep, formatString, template_name) == EOF) + if (fscanf(messagefilep, formatString, template_name) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected message template name, but file ended" @@ -1145,7 +1150,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) } // ok, now get Frequency ("High", "Medium", or "Low") - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected message template frequency, found EOF." @@ -1226,7 +1231,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) else if (!strcmp(token, "Fixed")) { U32 message_num = 0; - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected message template number (fixed)," @@ -1260,7 +1265,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) } // Now get trust ("Trusted", "NotTrusted") - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // File ended llerrs << "Expected message template " @@ -1297,7 +1302,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) } // get encoding - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // File ended llerrs << "Expected message encoding, but file ended." @@ -1343,7 +1348,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) // ok, need to pull header info // name first - if (fscanf(messagefilep, formatString, block_name) == EOF) + if (fscanf(messagefilep, formatString, block_name) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected block name, but file ended" << llendl; @@ -1371,7 +1376,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) } // now, block type ("Single", "Multiple", or "Variable") - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected block type, but file ended." << llendl; @@ -1396,7 +1401,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) else if (!strcmp(token, "Multiple")) { // need to get the number of repeats - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected block multiple count," @@ -1452,7 +1457,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) // ok, need to pull header info // name first - if (fscanf(messagefilep, formatString, var_name) == EOF) + if (fscanf(messagefilep, formatString, var_name) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected variable name, but file ended." @@ -1481,7 +1486,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) } // now, variable type ("Fixed" or "Variable") - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected variable type, but file ended" @@ -1575,7 +1580,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) else if (!strcmp(token, "Fixed")) { // need to get the variable size - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected variable size, but file ended" @@ -1608,7 +1613,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) else if (!strcmp(token, "Variable")) { // need to get the variable size - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected variable size, but file ended" @@ -1657,7 +1662,7 @@ void LLMessageSystem::loadTemplateFile(const char* filename) if (!strcmp(token, "version")) { // version number - if (fscanf(messagefilep, formatString, token) == EOF) + if (fscanf(messagefilep, formatString, token) == EOF) /* Flawfinder: ignore */ { // oops, file ended llerrs << "Expected version number, but file ended" @@ -2715,7 +2720,7 @@ void LLMessageSystem::buildMessage() temp_block_number = (U8)mbci->mBlockNumber; if ((S32)(mSendSize + sizeof(U8)) < MAX_BUFFER_SIZE) { - memcpy(&mSendBuffer[mSendSize], &temp_block_number, sizeof(U8)); + memcpy(&mSendBuffer[mSendSize], &temp_block_number, sizeof(U8)); /* Flawfinder: ignore */ mSendSize += sizeof(U8); } else @@ -2792,7 +2797,7 @@ void LLMessageSystem::buildMessage() { if(mSendSize + mvci.getSize() < (S32)sizeof(mSendBuffer)) { - memcpy( + memcpy( /* Flawfinder: ignore */ &mSendBuffer[mSendSize], mvci.getData(), mvci.getSize()); @@ -3058,7 +3063,7 @@ S32 LLMessageSystem::sendMessage(const LLHost &host) if((S32)(buffer_length + sizeof(TPACKETID)) < MAX_BUFFER_SIZE) { - memcpy(&buf_ptr[buffer_length], &packet_id, sizeof(TPACKETID)); + memcpy(&buf_ptr[buffer_length], &packet_id, sizeof(TPACKETID)); /* Flawfinder: ignore */ // Do the accounting buffer_length += sizeof(TPACKETID); } @@ -3166,7 +3171,7 @@ BOOL LLMessageSystem::decodeTemplate( // it appears that if there is a NULL in the message #, it won't copy it.... // what was the goal? //if(header[2]) - memcpy(&message_id_U16, &header[2], 2); + memcpy(&message_id_U16, &header[2], 2); /* Flawfinder: ignore */ // dependant on endian-ness: // U32 temp = (255 << 24) | (255 << 16) | header[2]; @@ -3577,7 +3582,7 @@ void LLMessageSystem::getDataFast(const char *blockname, const char *varname, vo ((U32*)datap)[1] = ((U32*)vardata.getData())[1]; break; default: - memcpy(datap, vardata.getData(), vardata_size); + memcpy(datap, vardata.getData(), vardata_size); /* Flawfinder: ignore */ break; } } @@ -3589,7 +3594,7 @@ void LLMessageSystem::getDataFast(const char *blockname, const char *varname, vo << " but truncated to max size of " << max_size << llendl; - memcpy(datap, vardata.getData(), max_size); + memcpy(datap, vardata.getData(), max_size); /* Flawfinder: ignore */ } } @@ -4456,7 +4461,7 @@ void process_create_trusted_circuit(LLMessageSystem *msg, void **) return; } - char their_digest[MD5HEX_STR_SIZE]; + char their_digest[MD5HEX_STR_SIZE]; /* Flawfinder: ignore */ S32 size = msg->getSizeFast(_PREHASH_DataBlock, _PREHASH_Digest); if(size != MD5HEX_STR_BYTES) { @@ -4536,7 +4541,7 @@ void encrypt_template(const char *src_name, const char *dest_name) BOOL decrypt_template(const char *src_name, const char *dest_name) { S32 buf_length = LL_ENCRYPT_BUF_LENGTH; - char buf[LL_ENCRYPT_BUF_LENGTH]; + char buf[LL_ENCRYPT_BUF_LENGTH]; /* Flawfinder: ignore */ FILE* infp = NULL; FILE* outfp = NULL; @@ -4551,7 +4556,7 @@ BOOL decrypt_template(const char *src_name, const char *dest_name) goto exit; } - infp = LLFile::fopen(src_name,"rb"); + infp = LLFile::fopen(src_name,"rb"); /* Flawfinder: ignore */ if (!infp) { llwarns << "could not open " << src_name << " for reading" << llendl; @@ -4564,7 +4569,7 @@ BOOL decrypt_template(const char *src_name, const char *dest_name) goto exit; } - outfp = LLFile::fopen(dest_name,"w+b"); + outfp = LLFile::fopen(dest_name,"w+b"); /* Flawfinder: ignore */ if (!outfp) { llwarns << "could not open " << src_name << " for writing" << llendl; @@ -4599,7 +4604,7 @@ BOOL decrypt_template(const char *src_name, const char *dest_name) void dump_prehash_files() { U32 i; - FILE *fp = LLFile::fopen("../../indra/llmessage/message_prehash.h", "w"); + FILE* fp = LLFile::fopen("../../indra/llmessage/message_prehash.h", "w"); /* Flawfinder: ignore */ if (fp) { fprintf( @@ -4631,7 +4636,7 @@ void dump_prehash_files() fprintf(fp, "\n\n#endif\n"); fclose(fp); } - fp = LLFile::fopen("../../indra/llmessage/message_prehash.cpp", "w"); + fp = LLFile::fopen("../../indra/llmessage/message_prehash.cpp", "w"); /* Flawfinder: ignore */ if (fp) { fprintf( @@ -5562,7 +5567,7 @@ bool LLMessageSystem::generateDigestForNumberAndUUIDs(char* digest, const U32 nu if( secret != NULL) { - d.update(secret, (U32)strlen((char *) secret)); + d.update(secret, (U32)strlen((char *) secret)); /* Flawfinder: ignore */ } d.update((const unsigned char *) colon, (U32)strlen(colon)); /* Flawfinder: ignore */ @@ -5573,13 +5578,13 @@ bool LLMessageSystem::generateDigestForNumberAndUUIDs(char* digest, const U32 nu d.update((const unsigned char *) colon, (U32)strlen(colon)); /* Flawfinder: ignore */ if( (char*) id1str != NULL) { - d.update(id1str, (U32)strlen((char *) id1str)); + d.update(id1str, (U32)strlen((char *) id1str)); /* Flawfinder: ignore */ } d.update((const unsigned char *) colon, (U32)strlen(colon)); /* Flawfinder: ignore */ if( (char*) id2str != NULL) { - d.update(id2str, (U32)strlen((char *) id2str)); + d.update(id2str, (U32)strlen((char *) id2str)); /* Flawfinder: ignore */ } d.finalize(); diff --git a/indra/llmessage/message_string_table.cpp b/indra/llmessage/message_string_table.cpp index 687b47a112..f36160d4ec 100644 --- a/indra/llmessage/message_string_table.cpp +++ b/indra/llmessage/message_string_table.cpp @@ -57,7 +57,7 @@ char* LLMessageStringTable::getString(const char *str) } } // not found, so add! - strncpy(mString[hash_value], str, MESSAGE_MAX_STRINGS_LENGTH); + strncpy(mString[hash_value], str, MESSAGE_MAX_STRINGS_LENGTH); /* Flawfinder: ignore */ mString[hash_value][MESSAGE_MAX_STRINGS_LENGTH - 1] = 0; mEmpty[hash_value] = FALSE; mUsed++; diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index bf8927c7b9..a78b216ccb 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -124,7 +124,7 @@ char *u32_to_ip_string(U32 ip, char *ip_string) if (result != NULL) { //the function signature needs to change to pass in the lengfth of first and last. - strcpy(ip_string, result); + strcpy(ip_string, result); /*Flawfinder: ignore*/ return ip_string; } else diff --git a/indra/llmessage/partsyspacket.cpp b/indra/llmessage/partsyspacket.cpp index 4030cd815b..6666e064ae 100644 --- a/indra/llmessage/partsyspacket.cpp +++ b/indra/llmessage/partsyspacket.cpp @@ -1246,7 +1246,7 @@ BOOL LLPartSysCompressedPacket::fromUnsignedBytes(U8 *in, U32 bytesUsed) { if ((in != NULL) && (bytesUsed <= sizeof(mData))) { - memcpy(mData, in, bytesUsed); + memcpy(mData, in, bytesUsed); /* Flawfinder: ignore */ mNumBytes = bytesUsed; return TRUE; } diff --git a/indra/llprimitive/llmaterialtable.h b/indra/llprimitive/llmaterialtable.h index 7146be54cf..0fb3bc5ef5 100644 --- a/indra/llprimitive/llmaterialtable.h +++ b/indra/llprimitive/llmaterialtable.h @@ -19,7 +19,7 @@ class LLMaterialInfo { public: U8 mMCode; - char mName[LLMATERIAL_INFO_NAME_LENGTH]; + char mName[LLMATERIAL_INFO_NAME_LENGTH]; /* Flawfinder: ignore */ LLUUID mDefaultTextureID; LLUUID mShatterSoundID; F32 mDensity; // kg/m^3 diff --git a/indra/llprimitive/llprimitive.cpp b/indra/llprimitive/llprimitive.cpp index fa8010eb6b..105f7c8c9e 100644 --- a/indra/llprimitive/llprimitive.cpp +++ b/indra/llprimitive/llprimitive.cpp @@ -688,13 +688,13 @@ U8 LLPrimitive::pCodeToLegacy(const LLPCode pcode) // Don't crash or llerrs here! This function is used for debug strings. const char * LLPrimitive::pCodeToString(const LLPCode pcode) { - static char pcode_string[255]; + static char pcode_string[255]; /* Flawfinder: ignore */ U8 base_code = pcode & LL_PCODE_BASE_MASK; pcode_string[0] = 0; if (!pcode) { - sprintf(pcode_string, "null"); + snprintf(pcode_string, sizeof(pcode_string), "null"); /* Flawfinder: ignore */ } else if ((base_code) == LL_PCODE_LEGACY) { @@ -702,66 +702,66 @@ const char * LLPrimitive::pCodeToString(const LLPCode pcode) switch (pcode) { case LL_PCODE_LEGACY_GRASS: - sprintf(pcode_string, "grass"); + snprintf(pcode_string, sizeof(pcode_string), "grass"); /* Flawfinder: ignore */ break; case LL_PCODE_LEGACY_PART_SYS: - sprintf(pcode_string, "particle system"); + snprintf(pcode_string, sizeof(pcode_string), "particle system"); /* Flawfinder: ignore */ break; case LL_PCODE_LEGACY_AVATAR: - sprintf(pcode_string, "avatar"); + snprintf(pcode_string, sizeof(pcode_string), "avatar"); /* Flawfinder: ignore */ break; case LL_PCODE_LEGACY_TEXT_BUBBLE: - sprintf(pcode_string, "text bubble"); + snprintf(pcode_string, sizeof(pcode_string), "text bubble"); /* Flawfinder: ignore */ break; case LL_PCODE_LEGACY_TREE: - sprintf(pcode_string, "tree"); + snprintf(pcode_string, sizeof(pcode_string), "tree"); /* Flawfinder: ignore */ break; case LL_PCODE_TREE_NEW: - sprintf(pcode_string, "tree_new"); + snprintf(pcode_string, sizeof(pcode_string), "tree_new"); /* Flawfinder: ignore */ break; default: - sprintf(pcode_string, "unknown legacy pcode %i",(U32)pcode); + snprintf(pcode_string, sizeof(pcode_string), "unknown legacy pcode %i",(U32)pcode); /* Flawfinder: ignore */ } } else { - char shape[32]; - char mask[32]; + char shape[32]; /* Flawfinder: ignore */ + char mask[32]; /* Flawfinder: ignore */ if (base_code == LL_PCODE_CUBE) { - sprintf(shape, "cube"); + snprintf(shape, sizeof(shape), "cube"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_CYLINDER) { - sprintf(shape, "cylinder"); + snprintf(shape, sizeof(shape), "cylinder"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_CONE) { - sprintf(shape, "cone"); + snprintf(shape, sizeof(shape), "cone"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_PRISM) { - sprintf(shape, "prism"); + snprintf(shape, sizeof(shape), "prism"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_PYRAMID) { - sprintf(shape, "pyramid"); + snprintf(shape, sizeof(shape), "pyramid"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_SPHERE) { - sprintf(shape, "sphere"); + snprintf(shape, sizeof(shape), "sphere"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_TETRAHEDRON) { - sprintf(shape, "tetrahedron"); + snprintf(shape, sizeof(shape), "tetrahedron"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_VOLUME) { - sprintf(shape, "volume"); + snprintf(shape, sizeof(shape), "volume"); /* Flawfinder: ignore */ } else if (base_code == LL_PCODE_APP) { - sprintf(shape, "app"); + snprintf(shape, sizeof(shape), "app"); /* Flawfinder: ignore */ } else { @@ -771,15 +771,15 @@ const char * LLPrimitive::pCodeToString(const LLPCode pcode) U8 mask_code = pcode & (~LL_PCODE_BASE_MASK); if (base_code == LL_PCODE_APP) { - sprintf(mask, "%x", mask_code); + snprintf(mask, sizeof(mask), "%x", mask_code); /* Flawfinder: ignore */ } else if (mask_code & LL_PCODE_HEMI_MASK) { - sprintf(mask, "hemi"); + snprintf(mask, sizeof(mask), "hemi"); /* Flawfinder: ignore */ } else if (mask != 0) { - sprintf(mask, "%x", mask_code); + snprintf(mask, sizeof(mask), "%x", mask_code); /* Flawfinder: ignore */ } else { @@ -788,11 +788,11 @@ const char * LLPrimitive::pCodeToString(const LLPCode pcode) if (mask[0]) { - sprintf(pcode_string, "%s-%s", shape, mask); + snprintf(pcode_string, sizeof(pcode_string), "%s-%s", shape, mask); /* Flawfinder: ignore */ } else { - sprintf(pcode_string, "%s", shape); + snprintf(pcode_string, sizeof(pcode_string), "%s", shape); /* Flawfinder: ignore */ } } return pcode_string; @@ -1219,7 +1219,7 @@ S32 LLPrimitive::unpackTEField(U8 *cur_ptr, U8 *buffer_end, U8 *data_ptr, U8 dat for (i = 1; i < face_count; i++) { // Already unswizzled, don't need to unswizzle it again! - memcpy(data_ptr+(i*data_size),data_ptr,data_size); + memcpy(data_ptr+(i*data_size),data_ptr,data_size); /* Flawfinder: ignore */ } while ((cur_ptr < buffer_end) && (*cur_ptr != 0)) @@ -1282,7 +1282,7 @@ BOOL LLPrimitive::packTEMessage(LLMessageSystem *mesgsys) const for (face_index = 0; face_index <= last_face_index; face_index++) { // Directly sending image_ids is not safe! - memcpy(&image_ids[face_index*16],getTE(face_index)->getID().mData,16); + memcpy(&image_ids[face_index*16],getTE(face_index)->getID().mData,16); /* Flawfinder: ignore */ // Cast LLColor4 to LLColor4U coloru.setVec( getTE(face_index)->getColor() ); @@ -1358,7 +1358,7 @@ BOOL LLPrimitive::packTEMessage(LLDataPacker &dp) const for (face_index = 0; face_index <= last_face_index; face_index++) { // Directly sending image_ids is not safe! - memcpy(&image_ids[face_index*16],getTE(face_index)->getID().mData,16); + memcpy(&image_ids[face_index*16],getTE(face_index)->getID().mData,16); /* Flawfinder: ignore */ // Cast LLColor4 to LLColor4U coloru.setVec( getTE(face_index)->getColor() ); @@ -1569,7 +1569,7 @@ S32 LLPrimitive::unpackTEMessage(LLDataPacker &dp) for (i = 0; i < face_count; i++) { // llinfos << "BUMP unpack (Datapacker) [" << i << "]=" << S32(bump[i]) <<llendl; - memcpy(image_ids[i].mData,&image_data[i*16],16); + memcpy(image_ids[i].mData,&image_data[i*16],16); /* Flawfinder: ignore */ } LLColor4 color; diff --git a/indra/llrender/llfontgl.cpp b/indra/llrender/llfontgl.cpp index a52582a3aa..05163c0782 100644 --- a/indra/llrender/llfontgl.cpp +++ b/indra/llrender/llfontgl.cpp @@ -136,7 +136,7 @@ LLString LLFontGL::getFontPathSystem() // Try to figure out where the system's font files are stored. char *system_root = NULL; #if LL_WINDOWS - system_root = getenv("SystemRoot"); + system_root = getenv("SystemRoot"); /* Flawfinder: ignore */ if (!system_root) { llwarns << "SystemRoot not found, attempting to load fonts from default path." << llendl; diff --git a/indra/llrender/llgldbg.cpp b/indra/llrender/llgldbg.cpp index 146560f43d..d19ca2c309 100644 --- a/indra/llrender/llgldbg.cpp +++ b/indra/llrender/llgldbg.cpp @@ -70,8 +70,8 @@ char *fv4(F32 *f) //------------------------------------------------------------------------ char *fv3(F32 *f) { - static char str[128]; - sprintf(str, "%8.3f, %8.3f, %8.3f", f[0], f[1], f[2]); + static char str[128]; /* Flawfinder: ignore */ + snprintf(str, sizeof(str), "%8.3f, %8.3f, %8.3f", f[0], f[1], f[2]); /* Flawfinder: ignore */ return str; } @@ -80,8 +80,8 @@ char *fv3(F32 *f) //------------------------------------------------------------------------ char *fv1(F32 *f) { - static char str[128]; - sprintf(str, "%8.3f", f[0]); + static char str[128]; /* Flawfinder: ignore */ + snprintf(str, sizeof(str), "%8.3f", f[0]); /* Flawfinder: ignore */ return str; } diff --git a/indra/llui/llfloater.cpp b/indra/llui/llfloater.cpp index 0e5d37d93e..b37602093f 100644 --- a/indra/llui/llfloater.cpp +++ b/indra/llui/llfloater.cpp @@ -498,7 +498,7 @@ LLView* LLFloater::getRootMostFastFrameView() return LLView::getRootMostFastFrameView(); } -void LLFloater::open() +void LLFloater::open() /* Flawfinder: ignore */ { //RN: for now, we don't allow rehosting from one multifloater to another // just need to fix the bugs @@ -1188,7 +1188,7 @@ void LLFloater::onClickTearOff(void *userdata) new_rect.setLeftTopAndSize(host_floater->getRect().mLeft + 5, host_floater->getRect().mTop - LLFLOATER_HEADER_SIZE - 5, self->mRect.getWidth(), self->mRect.getHeight()); - self->open(); + self->open(); /* Flawfinder: ignore */ self->setRect(new_rect); gFloaterView->adjustToFitScreen(self, FALSE); self->setCanDrag(TRUE); @@ -2424,11 +2424,11 @@ void LLMultiFloater::init(const LLString& title, BOOL resizable, addChild(mTabContainer);*/ } -void LLMultiFloater::open() +void LLMultiFloater::open() /* Flawfinder: ignore */ { if (mTabContainer->getTabCount() > 0) { - LLFloater::open(); + LLFloater::open(); /* Flawfinder: ignore */ } else { @@ -2853,7 +2853,7 @@ LLView* LLFloater::fromXML(LLXMLNodePtr node, LLView *parent, LLUICtrlFactory *f return floaterp; } -void LLFloater::initFloaterXML(LLXMLNodePtr node, LLView *parent, LLUICtrlFactory *factory, BOOL open) +void LLFloater::initFloaterXML(LLXMLNodePtr node, LLView *parent, LLUICtrlFactory *factory, BOOL open) /* Flawfinder: ignore */ { LLString name(getName()); LLString title(getTitle()); @@ -2927,8 +2927,8 @@ void LLFloater::initFloaterXML(LLXMLNodePtr node, LLView *parent, LLUICtrlFactor } applyRectControl(); - if (open) + if (open) /* Flawfinder: ignore */ { - this->open(); + this->open(); /* Flawfinder: ignore */ } } diff --git a/indra/llui/llfloater.h b/indra/llui/llfloater.h index c9ebd64c28..c1ef54ed42 100644 --- a/indra/llui/llfloater.h +++ b/indra/llui/llfloater.h @@ -103,7 +103,7 @@ public: virtual EWidgetType getWidgetType() const; virtual LLString getWidgetTag() const; - virtual void open(); + virtual void open(); /* Flawfinder: ignore */ // If allowed, close the floater cleanly, releasing focus. // app_quitting is passed to onClose() below. @@ -342,7 +342,7 @@ public: BOOL minimizable, BOOL close_btn); virtual BOOL postBuild(); - /*virtual*/ void open(); + /*virtual*/ void open(); /* Flawfinder: ignore */ /*virtual*/ void onClose(bool app_quitting); /*virtual*/ void draw(); /*virtual*/ void setVisible(BOOL visible); diff --git a/indra/llui/llkeywords.cpp b/indra/llui/llkeywords.cpp index e8628c9374..e40e401da5 100644 --- a/indra/llui/llkeywords.cpp +++ b/indra/llui/llkeywords.cpp @@ -54,10 +54,10 @@ BOOL LLKeywords::loadFromFile( const LLString& filename ) // File header const S32 BUFFER_SIZE = 1024; - char buffer[BUFFER_SIZE]; + char buffer[BUFFER_SIZE]; /* Flawfinder: ignore */ llifstream file; - file.open(filename.c_str()); + file.open(filename.c_str()); /* Flawfinder: ignore */ if( file.fail() ) { llinfos << "LLKeywords::loadFromFile() Unable to open file: " << filename << llendl; @@ -95,34 +95,34 @@ BOOL LLKeywords::loadFromFile( const LLString& filename ) while (!file.eof()) { file.getline( buffer, BUFFER_SIZE ); - if( !strncmp( buffer, SOL_COMMENT, strlen(SOL_COMMENT) ) ) + if( !strncmp( buffer, SOL_COMMENT, strlen(SOL_COMMENT) ) ) /* Flawfinder: ignore */ { continue; } else - if( !strncmp( buffer, SOL_WORD, strlen(SOL_WORD) ) ) + if( !strncmp( buffer, SOL_WORD, strlen(SOL_WORD) ) ) /* Flawfinder: ignore */ { - cur_color = readColor( buffer + strlen(SOL_WORD) ); + cur_color = readColor( buffer + strlen(SOL_WORD) ); /* Flawfinder: ignore */ cur_type = LLKeywordToken::WORD; continue; } else - if( !strncmp( buffer, SOL_LINE, strlen(SOL_LINE) ) ) + if( !strncmp( buffer, SOL_LINE, strlen(SOL_LINE) ) ) /* Flawfinder: ignore */ { - cur_color = readColor( buffer + strlen(SOL_LINE) ); + cur_color = readColor( buffer + strlen(SOL_LINE) ); /* Flawfinder: ignore */ cur_type = LLKeywordToken::LINE; continue; } else - if( !strncmp( buffer, SOL_TWO_SIDED_DELIMITER, strlen(SOL_TWO_SIDED_DELIMITER) ) ) + if( !strncmp( buffer, SOL_TWO_SIDED_DELIMITER, strlen(SOL_TWO_SIDED_DELIMITER) ) ) /* Flawfinder: ignore */ { - cur_color = readColor( buffer + strlen(SOL_TWO_SIDED_DELIMITER) ); + cur_color = readColor( buffer + strlen(SOL_TWO_SIDED_DELIMITER) ); /* Flawfinder: ignore */ cur_type = LLKeywordToken::TWO_SIDED_DELIMITER; continue; } - if( !strncmp( buffer, SOL_ONE_SIDED_DELIMITER, strlen(SOL_ONE_SIDED_DELIMITER) ) ) + if( !strncmp( buffer, SOL_ONE_SIDED_DELIMITER, strlen(SOL_ONE_SIDED_DELIMITER) ) ) /* Flawfinder: ignore */ { - cur_color = readColor( buffer + strlen(SOL_ONE_SIDED_DELIMITER) ); + cur_color = readColor( buffer + strlen(SOL_ONE_SIDED_DELIMITER) ); /* Flawfinder: ignore */ cur_type = LLKeywordToken::ONE_SIDED_DELIMITER; continue; } @@ -201,7 +201,7 @@ LLColor3 LLKeywords::readColor( const LLString& s ) F32 r, g, b; r = g = b = 0.0f; S32 read = sscanf(s.c_str(), "%f, %f, %f]", &r, &g, &b ); - if( read != 3 ) + if( read != 3 ) /* Flawfinder: ignore */ { llinfos << " poorly formed color in keyword file" << llendl; } diff --git a/indra/llui/llmenugl.cpp b/indra/llui/llmenugl.cpp index f574d981ef..b2225aa1a0 100644 --- a/indra/llui/llmenugl.cpp +++ b/indra/llui/llmenugl.cpp @@ -4579,7 +4579,7 @@ LLTearOffMenu* LLTearOffMenu::create(LLMenuGL* menup) LLTearOffMenu* tearoffp = new LLTearOffMenu(menup); // keep onscreen gFloaterView->adjustToFitScreen(tearoffp, FALSE); - tearoffp->open(); + tearoffp->open(); /* Flawfinder: ignore */ return tearoffp; } diff --git a/indra/llui/llresmgr.cpp b/indra/llui/llresmgr.cpp index 67137d8bbb..96ca5637e6 100644 --- a/indra/llui/llresmgr.cpp +++ b/indra/llui/llresmgr.cpp @@ -302,8 +302,8 @@ void LLResMgr::getMonetaryString( LLString& output, S32 input ) const } S32 group_count = cur_group; - char reversed_output[20] = ""; - char forward_output[20] = ""; + char reversed_output[20] = ""; /* Flawfinder: ignore */ + char forward_output[20] = ""; /* Flawfinder: ignore */ S32 output_pos = 0; cur_group = 0; diff --git a/indra/llui/lltexteditor.cpp b/indra/llui/lltexteditor.cpp index a4747aef67..710e333796 100644 --- a/indra/llui/lltexteditor.cpp +++ b/indra/llui/lltexteditor.cpp @@ -3763,7 +3763,7 @@ BOOL LLTextEditor::importBuffer(const LLString& buffer ) // <text without \0> (text may contain ext_char_values) // }\n - char tbuf[MAX_STRING]; + char tbuf[MAX_STRING]; /* Flawfinder: ignore */ S32 version = 0; instream.getline(tbuf, MAX_STRING); @@ -3803,11 +3803,16 @@ BOOL LLTextEditor::importBuffer(const LLString& buffer ) BOOL success = TRUE; char* text = new char[ text_len + 1]; + if (text == NULL) + { + llerrs << "Memory allocation failure." << llendl; + return FALSE; + } instream.get(text, text_len + 1, '\0'); text[text_len] = '\0'; - if( text_len != (S32)strlen(text) ) + if( text_len != (S32)strlen(text) )/* Flawfinder: ignore */ { - llwarns << llformat("Invalid text length: %d != %d ",strlen(text),text_len) << llendl; + llwarns << llformat("Invalid text length: %d != %d ",strlen(text),text_len) << llendl;/* Flawfinder: ignore */ success = FALSE; } diff --git a/indra/llui/llui.cpp b/indra/llui/llui.cpp index d951cb70f6..e8e3f271a0 100644 --- a/indra/llui/llui.cpp +++ b/indra/llui/llui.cpp @@ -1478,7 +1478,7 @@ void load_tr(const LLString& lang) LLString filename = gDirUtilp->getExpandedFilename(LL_PATH_SKINS, inname.c_str()); llifstream file; - file.open(filename.c_str(), std::ios_base::binary); + file.open(filename.c_str(), std::ios_base::binary); /* Flawfinder: ignore */ if (!file) { llinfos << "No translation dictionary for: " << filename << llendl; @@ -1491,7 +1491,7 @@ void load_tr(const LLString& lang) gUntranslated.clear(); const S32 MAX_LINE_LEN = 1024; - char buffer[MAX_LINE_LEN]; + char buffer[MAX_LINE_LEN]; /* Flawfinder: ignore */ while (!file.eof()) { file.getline(buffer, MAX_LINE_LEN); @@ -1531,7 +1531,7 @@ void cleanup_tr() LLString outname = "untranslated_" + gLanguage + ".txt"; LLString outfilename = gDirUtilp->getExpandedFilename(LL_PATH_SKINS, outname.c_str()); llofstream outfile; - outfile.open(outfilename.c_str()); + outfile.open(outfilename.c_str()); /* Flawfinder: ignore */ if (!outfile) { return; diff --git a/indra/llui/lluictrlfactory.cpp b/indra/llui/lluictrlfactory.cpp index 7f62194e58..8ae9fd0284 100644 --- a/indra/llui/lluictrlfactory.cpp +++ b/indra/llui/lluictrlfactory.cpp @@ -278,7 +278,7 @@ bool LLUICtrlFactory::getLayeredXMLNode(const LLString &filename, LLXMLNodePtr& // buildFloater() //----------------------------------------------------------------------------- void LLUICtrlFactory::buildFloater(LLFloater* floaterp, const LLString &filename, - const LLCallbackMap::map_t* factory_map, BOOL open) + const LLCallbackMap::map_t* factory_map, BOOL open) /* Flawfinder: ignore */ { LLXMLNodePtr root; @@ -299,7 +299,7 @@ void LLUICtrlFactory::buildFloater(LLFloater* floaterp, const LLString &filename mFactoryStack.push_front(factory_map); } - floaterp->initFloaterXML(root, NULL, this, open); + floaterp->initFloaterXML(root, NULL, this, open); /* Flawfinder: ignore */ if (LLUI::sShowXUINames) { diff --git a/indra/llvfs/lldir.cpp b/indra/llvfs/lldir.cpp index 3c82b28c74..9f8d6c08d5 100644 --- a/indra/llvfs/lldir.cpp +++ b/indra/llvfs/lldir.cpp @@ -323,7 +323,7 @@ std::string LLDir::getExpandedFilename(ELLPath location, const std::string &file std::string LLDir::getTempFilename() const { LLUUID random_uuid; - char uuid_str[64]; + char uuid_str[64]; /* Flawfinder: ignore */ random_uuid.generate(); random_uuid.toString(uuid_str); diff --git a/indra/llvfs/lldir_linux.cpp b/indra/llvfs/lldir_linux.cpp index f5573797c9..bfa663d64b 100644 --- a/indra/llvfs/lldir_linux.cpp +++ b/indra/llvfs/lldir_linux.cpp @@ -32,7 +32,7 @@ static std::string getCurrentUserHome(char* fallback) else { llinfos << "Couldn't detect home directory from passwd - trying $HOME" << llendl; - const char *const home_env = getenv("HOME"); + const char *const home_env = getenv("HOME"); /* Flawfinder: ignore */ if (home_env) { result_cstr = (char*) home_env; @@ -54,7 +54,7 @@ LLDir_Linux::LLDir_Linux() mCurrentDirCount = -1; mDirp = NULL; - char tmp_str[LL_MAX_PATH]; + char tmp_str[LL_MAX_PATH]; /* Flawfinder: ignore */ getcwd(tmp_str, LL_MAX_PATH); mExecutableFilename = ""; @@ -66,13 +66,13 @@ LLDir_Linux::LLDir_Linux() mOSUserAppDir = ""; mLindenUserDir = tmp_str; - char path [32]; + char path [32]; /* Flawfinder: ignore */ // *NOTE: /proc/%d/exe doesn't work on FreeBSD. But that's ok, // because this is the linux implementation. - sprintf (path, "/proc/%d/exe", (int) getpid ()); - int rc = readlink (path, tmp_str, sizeof (tmp_str)-1); + snprintf (path, sizeof(path), "/proc/%d/exe", (int) getpid ()); /* Flawfinder: ignore */ + int rc = readlink (path, tmp_str, sizeof (tmp_str)-1); /* Flawfinder: ignore */ if ( (rc != -1) && (rc <= ((int) sizeof (tmp_str)-1)) ) { tmp_str[rc] = '\0'; //readlink() doesn't 0-terminate the buffer @@ -109,7 +109,7 @@ void LLDir_Linux::initAppDirs(const std::string &app_name) LLString upper_app_name(app_name); LLString::toUpper(upper_app_name); - char* app_home_env = getenv((upper_app_name + "_USER_DIR").c_str()); + char* app_home_env = getenv((upper_app_name + "_USER_DIR").c_str()); /* Flawfinder: ignore */ if (app_home_env) { // user has specified own userappdir i.e. $SECONDLIFE_USER_DIR @@ -307,7 +307,7 @@ void LLDir_Linux::getRandomFileInDir(const std::string &dirname, const std::stri std::string LLDir_Linux::getCurPath() { - char tmp_str[LL_MAX_PATH]; + char tmp_str[LL_MAX_PATH]; /* Flawfinder: ignore */ getcwd(tmp_str, LL_MAX_PATH); return tmp_str; } diff --git a/indra/llvfs/lldir_mac.cpp b/indra/llvfs/lldir_mac.cpp index c056f982c4..82d27a11e7 100644 --- a/indra/llvfs/lldir_mac.cpp +++ b/indra/llvfs/lldir_mac.cpp @@ -335,7 +335,7 @@ S32 LLDir_Mac::deleteFilesInDir(const std::string &dirname, const std::string &m std::string LLDir_Mac::getCurPath() { - char tmp_str[LL_MAX_PATH]; + char tmp_str[LL_MAX_PATH]; /* Flawfinder: ignore */ getcwd(tmp_str, LL_MAX_PATH); return tmp_str; } diff --git a/indra/llvfs/lldir_win32.cpp b/indra/llvfs/lldir_win32.cpp index 8c2ed48813..08ef3d83b8 100644 --- a/indra/llvfs/lldir_win32.cpp +++ b/indra/llvfs/lldir_win32.cpp @@ -45,9 +45,9 @@ LLDir_Win32::LLDir_Win32() if (GetTempPath(MAX_PATH, w_str)) { - if (wcslen(w_str)) + if (wcslen(w_str)) /* Flawfinder: ignore */ { - w_str[wcslen(w_str)-1] = '\0'; // remove trailing slash + w_str[wcslen(w_str)-1] = '\0'; /* Flawfinder: ignore */ // remove trailing slash } mTempDir = utf16str_to_utf8str(llutf16string(w_str)); } @@ -342,7 +342,7 @@ DWORD GetDllVersion(LPCTSTR lpszDllName) HINSTANCE hinstDll; DWORD dwVersion = 0; - hinstDll = LoadLibrary(lpszDllName); + hinstDll = LoadLibrary(lpszDllName); /* Flawfinder: ignore */ if(hinstDll) { diff --git a/indra/llvfs/lllfsthread.cpp b/indra/llvfs/lllfsthread.cpp index 57b4bc6d47..6af638fd12 100644 --- a/indra/llvfs/lllfsthread.cpp +++ b/indra/llvfs/lllfsthread.cpp @@ -58,7 +58,7 @@ LLLFSThread::~LLLFSThread() //---------------------------------------------------------------------------- -LLLFSThread::handle_t LLLFSThread::read(const LLString& filename, +LLLFSThread::handle_t LLLFSThread::read(const LLString& filename, /* Flawfinder: ignore */ U8* buffer, S32 offset, S32 numbytes, U32 priority, U32 flags) { handle_t handle = generateHandle(); diff --git a/indra/llvfs/lllfsthread.h b/indra/llvfs/lllfsthread.h index a55a2668b3..37a6e8bae5 100644 --- a/indra/llvfs/lllfsthread.h +++ b/indra/llvfs/lllfsthread.h @@ -89,7 +89,7 @@ public: ~LLLFSThread(); // Return a Request handle - handle_t read(const LLString& filename, + handle_t read(const LLString& filename, /* Flawfinder: ignore */ U8* buffer, S32 offset, S32 numbytes, U32 pri=PRIORITY_NORMAL, U32 flags = 0); handle_t write(const LLString& filename, U8* buffer, S32 offset, S32 numbytes, U32 flags = 0); diff --git a/indra/llvfs/llvfile.cpp b/indra/llvfs/llvfile.cpp index ad26b44916..a4612233d3 100644 --- a/indra/llvfs/llvfile.cpp +++ b/indra/llvfs/llvfile.cpp @@ -116,7 +116,7 @@ U8* LLVFile::readFile(LLVFS *vfs, const LLUUID &uuid, LLAssetType::EType type, S else { data = new U8[file_size]; - file.read(data, file_size); + file.read(data, file_size); /* Flawfinder: ignore */ if (file.getLastBytesRead() != (S32)file_size) { diff --git a/indra/llvfs/llvfile.h b/indra/llvfs/llvfile.h index c00e843cad..7c04bea2ec 100644 --- a/indra/llvfs/llvfile.h +++ b/indra/llvfs/llvfile.h @@ -20,7 +20,7 @@ public: LLVFile(LLVFS *vfs, const LLUUID &file_id, const LLAssetType::EType file_type, S32 mode = LLVFile::READ); ~LLVFile(); - BOOL read(U8 *buffer, S32 bytes, BOOL async = FALSE, F32 priority = 128.f); + BOOL read(U8 *buffer, S32 bytes, BOOL async = FALSE, F32 priority = 128.f); /* Flawfinder: ignore */ static U8* readFile(LLVFS *vfs, const LLUUID &uuid, LLAssetType::EType type, S32* bytes_read = 0); void setReadPriority(const F32 priority); BOOL isReadComplete(); diff --git a/indra/llvfs/llvfs.cpp b/indra/llvfs/llvfs.cpp index 95d851cfcf..e57e56aaf0 100644 --- a/indra/llvfs/llvfs.cpp +++ b/indra/llvfs/llvfs.cpp @@ -110,7 +110,7 @@ public: } #ifdef LL_LITTLE_ENDIAN - inline void swizzleCopy(void *dst, void *src, int size) { memcpy(dst, src, size); } + inline void swizzleCopy(void *dst, void *src, int size) { memcpy(dst, src, size); /* Flawfinder: ignore */} #else @@ -137,7 +137,7 @@ public: else { // Perhaps this should assert... - memcpy(dst, src, size); + memcpy(dst, src, size); /* Flawfinder: ignore */ } } @@ -151,7 +151,7 @@ public: buffer +=4; swizzleCopy(buffer, &mAccessTime, 4); buffer +=4; - memcpy(buffer, &mFileID.mData, 16); + memcpy(buffer, &mFileID.mData, 16); /* Flawfinder: ignore */ buffer += 16; S16 temp_type = mFileType; swizzleCopy(buffer, &temp_type, 2); @@ -220,10 +220,15 @@ LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL r } mValid = VFSVALID_OK; mReadOnly = read_only; - mIndexFilename = new char[strlen(index_filename) + 1]; - mDataFilename = new char[strlen(data_filename) + 1]; - strcpy(mIndexFilename, index_filename); - strcpy(mDataFilename, data_filename); + mIndexFilename = new char[strlen(index_filename) + 1]; /* Flawfinder: ignore */ + mDataFilename = new char[strlen(data_filename) + 1]; /* Flawfinder: ignore */ + if (mIndexFilename == NULL || mDataFilename == NULL) + { + llerrs << "Memory Allocation Failure" << llendl; + return; + } + strcpy(mIndexFilename, index_filename); /* Flawfinder: ignore */ + strcpy(mDataFilename, data_filename); /* Flawfinder: ignore */ const char *file_mode = mReadOnly ? "rb" : "r+b"; @@ -247,13 +252,23 @@ LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL r { llwarns << "Can't open VFS data file " << mDataFilename << " attempting to use alternate" << llendl; - char *temp_index = new char[strlen(mIndexFilename) + 10]; - char *temp_data = new char[strlen(mDataFilename) + 10]; + char *temp_index = new char[strlen(mIndexFilename) + 10]; /* Flawfinder: ignore */ + if (!temp_index) + { + llerrs << "Out of the memory in LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL read_only, const U32 presize, const BOOL remove_after_crash)" << llendl; + return; + } + char *temp_data = new char[strlen(mDataFilename) + 10]; /* Flawfinder: ignore */ + if (!temp_data) + { + llerrs << "Out of the memory in LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL read_only, const U32 presize, const BOOL remove_after_crash)" << llendl; + return; + } for (U32 count = 0; count < 256; count++) { - sprintf(temp_index, "%s.%u", mIndexFilename, count); - sprintf(temp_data, "%s.%u", mDataFilename, count); + sprintf(temp_index, "%s.%u", mIndexFilename, count); /* Flawfinder: ignore */ + sprintf(temp_data, "%s.%u", mDataFilename, count); /* Flawfinder: ignore */ // try just opening, then creating, each alternate if ((mDataFP = openAndLock(temp_data, "r+b", FALSE))) @@ -294,8 +309,13 @@ LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL r if (!mReadOnly && mRemoveAfterCrash) { llstat marker_info; - char* marker = new char[strlen(mDataFilename) + strlen(".open") + 1]; - sprintf(marker, "%s.open", mDataFilename); + char* marker = new char[strlen(mDataFilename) + strlen(".open") + 1]; /* Flawfinder: ignore */ + if (!marker ) + { + llerrs << "Out of memory in LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL read_only, const U32 presize, const BOOL remove_after_crash)" << llendl; + return; + } + sprintf(marker, "%s.open", mDataFilename); /* Flawfinder: ignore */ if (!LLFile::stat(marker, &marker_info)) { // marker exists, kill the lock and the VFS files @@ -523,8 +543,13 @@ LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL r if (!mReadOnly && mRemoveAfterCrash) { char* marker = new char[strlen(mDataFilename) + strlen(".open") + 1]; - sprintf(marker, "%s.open", mDataFilename); - FILE* marker_fp = LLFile::fopen(marker, "w"); + if (!marker) + { + llerrs << "Out of memory in LLVFS::LLVFS(const char *index_filename, const char *data_filename, const BOOL read_only, const U32 presize, const BOOL remove_after_crash)" << llendl; + return; + } + sprintf(marker, "%s.open", mDataFilename); /* Flawfinder: ignore */ + FILE* marker_fp = LLFile::fopen(marker, "w"); /* Flawfinder: ignore */ if (marker_fp) { fclose(marker_fp); @@ -567,7 +592,12 @@ LLVFS::~LLVFS() if (!mReadOnly && mRemoveAfterCrash) { char* marker_file = new char[strlen(mDataFilename) + strlen(".open") + 1]; - sprintf(marker_file, "%s.open", mDataFilename); + if (marker_file == NULL) + { + llerrs << "Memory Allocation Failure" << llendl; + return; + } + sprintf(marker_file, "%s.open", mDataFilename); /* Flawfinder: ignore */ LLFile::remove(marker_file); delete [] marker_file; marker_file = NULL; @@ -2045,7 +2075,7 @@ FILE *LLVFS::openAndLock(const char *filename, const char *mode, BOOL read_lock) // first test the lock in a non-destructive way if (strstr(mode, "w")) { - fp = LLFile::fopen(filename, "rb"); + fp = LLFile::fopen(filename, "rb"); /* Flawfinder: ignore */ if (fp) { fd = fileno(fp); @@ -2060,7 +2090,7 @@ FILE *LLVFS::openAndLock(const char *filename, const char *mode, BOOL read_lock) } // now actually open the file for use - fp = LLFile::fopen(filename, mode); + fp = LLFile::fopen(filename, mode); /* Flawfinder: ignore */ if (fp) { fd = fileno(fp); diff --git a/indra/llvfs/llvfsthread.h b/indra/llvfs/llvfsthread.h index 14a2fe0ba7..6839338813 100644 --- a/indra/llvfs/llvfsthread.h +++ b/indra/llvfs/llvfsthread.h @@ -64,7 +64,7 @@ public: } std::string getFilename() { - char tbuf[40]; + char tbuf[40]; /* Flawfinder: ignore */ mFileID.toString(tbuf); return std::string(tbuf); } @@ -97,7 +97,7 @@ public: ~LLVFSThread(); // Return a Request handle - handle_t read(LLVFS* vfs, const LLUUID &file_id, const LLAssetType::EType file_type, + handle_t read(LLVFS* vfs, const LLUUID &file_id, const LLAssetType::EType file_type, /* Flawfinder: ignore */ U8* buffer, S32 offset, S32 numbytes, U32 pri=PRIORITY_NORMAL, U32 flags = 0); handle_t write(LLVFS* vfs, const LLUUID &file_id, const LLAssetType::EType file_type, U8* buffer, S32 offset, S32 numbytes, U32 flags); diff --git a/indra/llwindow/lldxhardware.cpp b/indra/llwindow/lldxhardware.cpp index a972a29aa4..dc3edadb9c 100644 --- a/indra/llwindow/lldxhardware.cpp +++ b/indra/llwindow/lldxhardware.cpp @@ -47,16 +47,16 @@ std::string get_string(IDxDiagContainer *containerp, WCHAR *wszPropName) switch( var.vt ) { case VT_UI4: - swprintf( wszPropValue, L"%d", var.ulVal ); + swprintf( wszPropValue, L"%d", var.ulVal ); /* Flawfinder: ignore */ break; case VT_I4: - swprintf( wszPropValue, L"%d", var.lVal ); + swprintf( wszPropValue, L"%d", var.lVal ); /* Flawfinder: ignore */ break; case VT_BOOL: - wcscpy( wszPropValue, (var.boolVal) ? L"true" : L"false" ); + wcscpy( wszPropValue, (var.boolVal) ? L"true" : L"false" ); /* Flawfinder: ignore */ break; case VT_BSTR: - wcsncpy( wszPropValue, var.bstrVal, 255 ); + wcsncpy( wszPropValue, var.bstrVal, 255 ); /* Flawfinder: ignore */ wszPropValue[255] = 0; break; } diff --git a/indra/llwindow/llkeyboard.cpp b/indra/llwindow/llkeyboard.cpp index 31db4cabf2..91c5fe30e7 100644 --- a/indra/llwindow/llkeyboard.cpp +++ b/indra/llwindow/llkeyboard.cpp @@ -311,7 +311,7 @@ LLString LLKeyboard::stringFromKey(KEY key) LLString res = get_if_there(sKeysToNames, key, LLString::null); if (res.empty()) { - char buffer[2]; + char buffer[2]; /* Flawfinder: ignore */ buffer[0] = key; buffer[1] = '\0'; res = LLString(buffer); diff --git a/indra/llwindow/llwindowmacosx.cpp b/indra/llwindow/llwindowmacosx.cpp index 4d75a30a8e..a32013a5ee 100644 --- a/indra/llwindow/llwindowmacosx.cpp +++ b/indra/llwindow/llwindowmacosx.cpp @@ -70,8 +70,8 @@ BOOL check_for_card(const char* RENDERER, const char* bad_card) { if (!strnicmp(RENDERER, bad_card, strlen(bad_card))) { - char buffer[1024]; - sprintf(buffer, + char buffer[1024];/* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), /* Flawfinder: ignore */ "Your video card appears to be a %s, which Second Life does not support.\n" "\n" "Second Life requires a video card with 32 Mb of memory or more, as well as\n" @@ -227,8 +227,8 @@ LLWindowMacOSX::LLWindowMacOSX(char *title, char *name, S32 x, S32 y, S32 width, mOriginalAspectRatio = (double)CGDisplayPixelsWide(mDisplay) / (double)CGDisplayPixelsHigh(mDisplay); // Stash the window title - strcpy((char*)mWindowTitle + 1, title); - mWindowTitle[0] = strlen(title); + strcpy((char*)mWindowTitle + 1, title); /* Flawfinder: ignore */ + mWindowTitle[0] = strlen(title); /* Flawfinder: ignore */ mEventHandlerUPP = NewEventHandlerUPP(staticEventHandler); mGlobalHandlerRef = NULL; @@ -405,8 +405,8 @@ BOOL LLWindowMacOSX::createContext(int x, int y, int width, int height, int bits mFullscreenBits = -1; mFullscreenRefresh = -1; - char error[256]; - sprintf(error, "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); + char error[256]; /* Flawfinder: ignore */ + snprintf(error, sizeof(error), "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); /* Flawfinder: ignore */ OSMessageBox(error, "Error", OSMB_OK); } } @@ -2719,7 +2719,7 @@ void spawn_web_browser(const char* escaped_url) S32 i; for (i = 0; i < gURLProtocolWhitelistCount; i++) { - S32 len = strlen(gURLProtocolWhitelist[i]); + S32 len = strlen(gURLProtocolWhitelist[i]); /* Flawfinder: ignore */ if (!strncmp(escaped_url, gURLProtocolWhitelist[i], len) && escaped_url[len] == ':') { diff --git a/indra/llwindow/llwindowsdl.cpp b/indra/llwindow/llwindowsdl.cpp index a2a4becf7f..9f9f762663 100644 --- a/indra/llwindow/llwindowsdl.cpp +++ b/indra/llwindow/llwindowsdl.cpp @@ -134,8 +134,8 @@ BOOL check_for_card(const char* RENDERER, const char* bad_card) { if (!strncasecmp(RENDERER, bad_card, strlen(bad_card))) { - char buffer[1024]; - sprintf(buffer, + char buffer[1024]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), /* Flawfinder: ignore */ "Your video card appears to be a %s, which Second Life does not support.\n" "\n" "Second Life requires a video card with 32 Mb of memory or more, as well as\n" @@ -197,9 +197,14 @@ LLWindowSDL::LLWindowSDL(char *title, S32 x, S32 y, S32 width, title = "SDL Window"; // *FIX: (???) // Stash the window title - mWindowTitle = new char[strlen(title) + 1]; - strcpy(mWindowTitle, title); + mWindowTitle = new char[strlen(title) + 1]; /* Flawfinder: ignore */ + if(mWindowTitle == NULL) + { + llerrs << "Memory allocation failure" << llendl; + return; + } + strcpy(mWindowTitle, title); /* Flawfinder: ignore */ // Create the GL context and set it up for windowed or fullscreen, as appropriate. if(createContext(x, y, width, height, 32, fullscreen, disable_vsync)) { @@ -223,10 +228,10 @@ LLWindowSDL::LLWindowSDL(char *title, S32 x, S32 y, S32 width, static SDL_Surface *Load_BMP_Resource(const char *basename) { const int PATH_BUFFER_SIZE=1000; - char path_buffer[PATH_BUFFER_SIZE]; + char path_buffer[PATH_BUFFER_SIZE]; /* Flawfinder: ignore */ // Figure out where our BMP is living on the disk - snprintf(path_buffer, PATH_BUFFER_SIZE-1, "%s%sres-sdl%s%s", + snprintf(path_buffer, PATH_BUFFER_SIZE-1, "%s%sres-sdl%s%s", /* Flawfinder: ignore */ gDirUtilp->getAppRODataDir().c_str(), gDirUtilp->getDirDelimiter().c_str(), gDirUtilp->getDirDelimiter().c_str(), @@ -396,8 +401,8 @@ BOOL LLWindowSDL::createContext(int x, int y, int width, int height, int bits, B mFullscreenBits = -1; mFullscreenRefresh = -1; - char error[256]; - sprintf(error, "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); + char error[256]; /* Flawfinder: ignore */ + snprintf(error, sizeof(error), "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); /* Flawfinder: ignore */ OSMessageBox(error, "Error", OSMB_OK); } } @@ -1060,9 +1065,9 @@ x11clipboard_type convert_format(int type) { /* completely arbitrary clipboard types... we don't actually use these right now, and support is skeletal. */ - char format[sizeof(FORMAT_PREFIX)+8+1]; + char format[sizeof(FORMAT_PREFIX)+8+1]; /* Flawfinder: ignore */ - sprintf(format, "%s%08lx", FORMAT_PREFIX, (unsigned long)type); + snprintf(format, sizeof(format), "%s%08lx", FORMAT_PREFIX, (unsigned long)type); /* Flawfinder: ignore */ return XInternAtom(SDL_Display, format, False); } } @@ -1080,14 +1085,18 @@ convert_data(int type, char *dst, const char *src, int srclen) { case SDLCLIPTYPE('T', 'E', 'X', 'T'): case SDLCLIPTYPE('U', 'T', 'F', '8'): + if (src == NULL) + { + break; + } if ( srclen == 0 ) - srclen = strlen(src); + srclen = strlen(src); /* Flawfinder: ignore */ dstlen = srclen + 1; if ( dst ) // assume caller made it big enough by asking us { - memcpy(dst, src, srclen); + memcpy(dst, src, srclen); /* Flawfinder: ignore */ dst[srclen] = '\0'; } break; @@ -1112,14 +1121,18 @@ convert_x11clipboard(int type, char *dst, const char *src, int srclen) { case SDLCLIPTYPE('U', 'T', 'F', '8'): case SDLCLIPTYPE('T', 'E', 'X', 'T'): + if (src == NULL) + { + break; + } if ( srclen == 0 ) - srclen = strlen(src); + srclen = strlen(src); /* Flawfinder: ignore */ dstlen = srclen + 1; if ( dst ) // assume caller made it big enough by asking us { - memcpy(dst, src, srclen); + memcpy(dst, src, srclen); /* Flawfinder: ignore */ dst[srclen] = '\0'; } break; @@ -1451,7 +1464,11 @@ BOOL LLWindowSDL::copyTextToClipboard(const LLWString &s) { std::string utf8text = wstring_to_utf8str(s); const char* cstr = utf8text.c_str(); - int cstrlen = strlen(cstr); + if (cstr == NULL) + { + return FALSE; + } + int cstrlen = strlen(cstr); /* Flawfinder: ignore */ int i; for (i=0; i<cstrlen; ++i) { @@ -2442,7 +2459,7 @@ void spawn_web_browser(const char* escaped_url) close(1); close(2); // end ourself by running the command - execv(cmd.c_str(), argv); + execv(cmd.c_str(), argv); /* Flawfinder: ignore */ // if execv returns at all, there was a problem. llwarns << "execv failure when trying to start " << cmd << llendl; _exit(1); // _exit because we don't want atexit() clean-up! diff --git a/indra/llwindow/llwindowwin32.cpp b/indra/llwindow/llwindowwin32.cpp index 42a88b6cc3..535f94d855 100644 --- a/indra/llwindow/llwindowwin32.cpp +++ b/indra/llwindow/llwindowwin32.cpp @@ -77,10 +77,14 @@ void show_window_creation_error(const char* title) BOOL check_for_card(const char* RENDERER, const char* bad_card) { - if (!strnicmp(RENDERER, bad_card, strlen(bad_card))) + if(bad_card == NULL) { - char buffer[1024]; - sprintf(buffer, + return FALSE; + } + if (!strnicmp(RENDERER, bad_card, strlen(bad_card))) /* Flawfinder: ignore */ + { + char buffer[1024]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), /* Flawfinder: ignore */ "Your video card appears to be a %s, which Second Life does not support.\n" "\n" "Second Life requires a video card with 32 Mb of memory or more, as well as\n" @@ -329,8 +333,8 @@ LLWindowWin32::LLWindowWin32(char *title, char *name, S32 x, S32 y, S32 width, mFullscreenBits = -1; mFullscreenRefresh = -1; - char error[256]; - sprintf(error, "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); + char error[256]; /* Flawfinder: ignore */ + snprintf(error, sizeof(error), "Unable to run fullscreen at %d x %d.\nRunning in window.", width, height); /* Flawfinder: ignore */ OSMessageBox(error, "Error", OSMB_OK); } } @@ -2450,7 +2454,7 @@ BOOL LLWindowWin32::copyTextToClipboard(const LLWString& wstr) WCHAR* copy_utf16 = (WCHAR*) GlobalLock(hglobal_copy_utf16); if (copy_utf16) { - memcpy(copy_utf16, out_utf16.c_str(), size_utf16); + memcpy(copy_utf16, out_utf16.c_str(), size_utf16); /* Flawfinder: ignore */ GlobalUnlock(hglobal_copy_utf16); if (SetClipboardData(CF_UNICODETEXT, hglobal_copy_utf16)) @@ -2474,7 +2478,7 @@ BOOL LLWindowWin32::copyTextToClipboard(const LLWString& wstr) char* copy = (char*) GlobalLock(hglobal_copy); if( copy ) { - memcpy(copy, out_s.c_str(), size); + memcpy(copy, out_s.c_str(), size); /* Flawfinder: ignore */ GlobalUnlock(hglobal_copy); if (SetClipboardData(CF_TEXT, hglobal_copy)) @@ -2575,7 +2579,7 @@ BOOL LLWindowWin32::sendEmail(const char* address, const char* subject, const ch } else { - HINSTANCE hMAPIInst = LoadLibrary(L"MAPI32.DLL"); + HINSTANCE hMAPIInst = LoadLibrary(L"MAPI32.DLL"); /* Flawfinder: ignore */ if(!hMAPIInst) { result = LL_EMAIL_MAPILOAD_FAILED; @@ -3093,7 +3097,7 @@ void spawn_web_browser(const char* escaped_url ) S32 i; for (i = 0; i < gURLProtocolWhitelistCount; i++) { - S32 len = strlen(gURLProtocolWhitelist[i]); + S32 len = strlen(gURLProtocolWhitelist[i]); /* Flawfinder: ignore */ if (!strncmp(escaped_url, gURLProtocolWhitelist[i], len) && escaped_url[len] == ':') { @@ -3112,8 +3116,8 @@ void spawn_web_browser(const char* escaped_url ) // Figure out the user's default web browser // HKEY_CLASSES_ROOT\http\shell\open\command - char reg_path_str[256]; - sprintf(reg_path_str, "%s\\shell\\open\\command", gURLProtocolWhitelistHandler[i]); + char reg_path_str[256]; /* Flawfinder: ignore */ + snprintf(reg_path_str, sizeof(reg_path_str), "%s\\shell\\open\\command", gURLProtocolWhitelistHandler[i]); /* Flawfinder: ignore */ WCHAR reg_path_wstr[256]; mbstowcs(reg_path_wstr, reg_path_str, 1024); @@ -3164,7 +3168,7 @@ void spawn_web_browser(const char* escaped_url ) // MS docs say to cast to int and compare to 32. HWND our_window = NULL; LPCWSTR directory_wstr = NULL; - int retval = (int) ShellExecute(our_window, + int retval = (int) ShellExecute(our_window, /* Flawfinder: ignore */ L"open", browser_exec_utf16.c_str(), url_utf16.c_str(), @@ -3188,7 +3192,7 @@ void shell_open( const char* file_path ) mbstowcs(wstr, file_path, 1024); HWND our_window = NULL; - int retval = (int) ShellExecute(our_window, L"open", wstr, NULL, NULL, SW_SHOWNORMAL); + int retval = (int) ShellExecute(our_window, L"open", wstr, NULL, NULL, SW_SHOWNORMAL); /* Flawfinder: ignore */ if (retval > 32) { llinfos << "ShellExecute success with " << retval << llendl; diff --git a/indra/llxml/llcontrol.cpp b/indra/llxml/llcontrol.cpp index a9651fafc7..da6302b27c 100644 --- a/indra/llxml/llcontrol.cpp +++ b/indra/llxml/llcontrol.cpp @@ -580,7 +580,7 @@ U32 LLControlGroup::loadFromFileLegacy(const LLString& filename, BOOL require_de llifstream file; S32 version; - file.open(filename.c_str()); + file.open(filename.c_str()); /*Flawfinder: ignore*/ if (!file) { @@ -610,7 +610,7 @@ U32 LLControlGroup::loadFromFileLegacy(const LLString& filename, BOOL require_de if (name.substr(0,2) == "//") { // This is a comment. - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ file.getline(buffer, MAX_STRING); continue; } @@ -624,7 +624,7 @@ U32 LLControlGroup::loadFromFileLegacy(const LLString& filename, BOOL require_de if (!name.empty()) { //read in to end of line - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ file.getline(buffer, MAX_STRING); llwarns << "LLControlGroup::loadFromFile() : Trying to set \"" << name << "\", setting doesn't exist." << llendl; } @@ -690,7 +690,7 @@ U32 LLControlGroup::loadFromFileLegacy(const LLString& filename, BOOL require_de break; case TYPE_BOOLEAN: { - char boolstring[256]; + char boolstring[256]; /*Flawfinder: ignore*/ BOOL valid = FALSE; BOOL initial = FALSE; @@ -1048,7 +1048,7 @@ U32 LLControlGroup::saveToFile(const LLString& filename, BOOL nondefault_only) } llofstream file; - file.open(filename.c_str()); + file.open(filename.c_str()); /*Flawfinder: ignore*/ if (!file.is_open()) { diff --git a/indra/llxml/llxmlnode.cpp b/indra/llxml/llxmlnode.cpp index 7d77fa8be7..0789ec6842 100644 --- a/indra/llxml/llxmlnode.cpp +++ b/indra/llxml/llxmlnode.cpp @@ -542,7 +542,7 @@ bool LLXMLNode::parseFile( LLXMLNode* defaults_tree) { // Read file - FILE* fp = LLFile::fopen(filename.c_str(), "rb"); + FILE* fp = LLFile::fopen(filename.c_str(), "rb"); /* Flawfinder: ignore */ if (fp == NULL) { node = new LLXMLNode(); @@ -1846,12 +1846,12 @@ U32 LLXMLNode::getUUIDValue(U32 expected_length, LLUUID *array) LLUUID uuid_value; value_string = skipWhitespace(value_string); - if (strlen(value_string) < (UUID_STR_LENGTH-1)) + if (strlen(value_string) < (UUID_STR_LENGTH-1)) /* Flawfinder: ignore */ { break; } - char uuid_string[UUID_STR_LENGTH]; - memcpy(uuid_string, value_string, (UUID_STR_LENGTH-1)); + char uuid_string[UUID_STR_LENGTH]; /* Flawfinder: ignore */ + memcpy(uuid_string, value_string, (UUID_STR_LENGTH-1)); /* Flawfinder: ignore */ uuid_string[(UUID_STR_LENGTH-1)] = 0; if (!LLUUID::parseUUID(uuid_string, &uuid_value)) @@ -2136,18 +2136,18 @@ void LLXMLNode::setFloatValue(U32 length, const F32 *array, Encoding encoding, U LLString new_value; if (encoding == ENCODING_DEFAULT || encoding == ENCODING_DECIMAL) { - char format_string[10]; + char format_string[10]; /* Flawfinder: ignore */ if (precision > 0) { if (precision > 25) { precision = 25; } - sprintf(format_string, "%%.%dg", precision); + snprintf(format_string, sizeof(format_string), "%%.%dg", precision); /* Flawfinder: ignore */ } else { - sprintf(format_string, "%%g"); + snprintf(format_string, sizeof(format_string), "%%g"); /* Flawfinder: ignore */ } for (U32 pos=0; pos<length; ++pos) @@ -2187,18 +2187,18 @@ void LLXMLNode::setDoubleValue(U32 length, const F64 *array, Encoding encoding, LLString new_value; if (encoding == ENCODING_DEFAULT || encoding == ENCODING_DECIMAL) { - char format_string[10]; + char format_string[10]; /* Flawfinder: ignore */ if (precision > 0) { if (precision > 25) { precision = 25; } - sprintf(format_string, "%%.%dg", precision); + snprintf(format_string, sizeof(format_string), "%%.%dg", precision); /* Flawfinder: ignore */ } else { - sprintf(format_string, "%%g"); + snprintf(format_string, sizeof(format_string), "%%g"); /* Flawfinder: ignore */ } for (U32 pos=0; pos<length; ++pos) { @@ -2472,7 +2472,7 @@ LLXMLNode *get_rand_node(LLXMLNode *node) void LLXMLNode::createUnitTest(S32 max_num_children) { // Random ID - char rand_id[20]; + char rand_id[20]; /* Flawfinder: ignore */ U32 rand_id_len = get_rand(10)+5; U32 pos = 0; for (; pos<rand_id_len; ++pos) @@ -2501,7 +2501,7 @@ void LLXMLNode::createUnitTest(S32 max_num_children) for (U32 child_num=0; child_num<num_children; ++child_num) { // Random Name - char child_name[20]; + char child_name[20]; /* Flawfinder: ignore */ U32 child_name_len = get_rand(10)+5; pos = 0; for (; pos<child_name_len; ++pos) @@ -2513,7 +2513,7 @@ void LLXMLNode::createUnitTest(S32 max_num_children) LLXMLNode *new_child = createChild(child_name, FALSE); // Random ID - char child_id[20]; + char child_id[20]; /* Flawfinder: ignore */ U32 child_id_len = get_rand(10)+5; pos = 0; for (; pos<child_id_len; ++pos) @@ -2634,7 +2634,7 @@ void LLXMLNode::createUnitTest(S32 max_num_children) { random_node_array[value] = get_rand_node(root); const char *node_name = random_node_array[value]->mName->mString; - for (U32 pos=0; pos<strlen(node_name); ++pos) + for (U32 pos=0; pos<strlen(node_name); ++pos) /* Flawfinder: ignore */ { U32 hash_contrib = U32(node_name[pos]) << ((pos % 4) * 8); noderef_checksum ^= hash_contrib; @@ -2806,7 +2806,7 @@ BOOL LLXMLNode::performUnitTest(LLString &error_buffer) for (U32 pos=0; pos<node->mLength; ++pos) { const char *node_name = node_array[pos]->mName->mString; - for (U32 pos2=0; pos2<strlen(node_name); ++pos2) + for (U32 pos2=0; pos2<strlen(node_name); ++pos2) /* Flawfinder: ignore */ { U32 hash_contrib = U32(node_name[pos2]) << ((pos2 % 4) * 8); noderef_checksum ^= hash_contrib; diff --git a/indra/llxml/llxmlparser.cpp b/indra/llxml/llxmlparser.cpp index baaeedf586..c3d791179a 100644 --- a/indra/llxml/llxmlparser.cpp +++ b/indra/llxml/llxmlparser.cpp @@ -22,7 +22,7 @@ LLXmlParser::LLXmlParser() mParser( NULL ), mDepth( 0 ) { - strcpy( mAuxErrorString, "no error" ); + strcpy( mAuxErrorString, "no error" ); /* Flawfinder: ignore */ // Override the document's declared encoding. mParser = XML_ParserCreate(NULL); @@ -54,10 +54,10 @@ BOOL LLXmlParser::parseFile(const std::string &path) BOOL success = TRUE; - FILE *file = LLFile::fopen(path.c_str(), "rb"); + FILE* file = LLFile::fopen(path.c_str(), "rb"); /* Flawfinder: ignore */ if( !file ) { - sprintf( mAuxErrorString, "Couldn't open file %s", path.c_str()); + snprintf( mAuxErrorString, sizeof(mAuxErrorString), "Couldn't open file %s", path.c_str()); /* Flawfinder: ignore */ success = FALSE; } else @@ -71,7 +71,7 @@ BOOL LLXmlParser::parseFile(const std::string &path) void* buffer = XML_GetBuffer(mParser, buffer_size); if( !buffer ) { - sprintf( mAuxErrorString, "Unable to allocate XML buffer while reading file %s", path.c_str() ); + snprintf( mAuxErrorString, sizeof(mAuxErrorString), "Unable to allocate XML buffer while reading file %s", path.c_str() ); /* Flawfinder: ignore */ success = FALSE; goto exit_label; } @@ -79,14 +79,14 @@ BOOL LLXmlParser::parseFile(const std::string &path) bytes_read = (S32)fread(buffer, 1, buffer_size, file); if( bytes_read <= 0 ) { - sprintf( mAuxErrorString, "Error while reading file %s", path.c_str() ); + snprintf( mAuxErrorString, sizeof(mAuxErrorString), "Error while reading file %s", path.c_str() ); /* Flawfinder: ignore */ success = FALSE; goto exit_label; } if( !XML_ParseBuffer(mParser, bytes_read, TRUE ) ) { - sprintf( mAuxErrorString, "Error while parsing file %s", path.c_str() ); + snprintf( mAuxErrorString, sizeof(mAuxErrorString), "Error while parsing file %s", path.c_str() ); /* Flawfinder: ignore */ success = FALSE; } diff --git a/indra/llxml/llxmlparser.h b/indra/llxml/llxmlparser.h index 2cb75591fb..2ef790094e 100644 --- a/indra/llxml/llxmlparser.h +++ b/indra/llxml/llxmlparser.h @@ -103,7 +103,7 @@ public: protected: XML_Parser mParser; int mDepth; - char mAuxErrorString[1024]; + char mAuxErrorString[1024]; /*Flawfinder: ignore*/ }; #endif // LL_LLXMLPARSER_H diff --git a/indra/lscript/lscript_byteformat.h b/indra/lscript/lscript_byteformat.h index a79f2effae..5e076846ab 100644 --- a/indra/lscript/lscript_byteformat.h +++ b/indra/lscript/lscript_byteformat.h @@ -51,7 +51,7 @@ typedef enum e_lscript_registers LREG_EOF } LSCRIPTRegisters; -const S32 gLSCRIPTRegisterAddresses[LREG_EOF] = +const S32 gLSCRIPTRegisterAddresses[LREG_EOF] = /* Flawfinder: ignore */ { 0, // LREG_INVALID 4, // LREG_IP @@ -449,7 +449,7 @@ const U8 LSCRIPTTypeHi4Bits[LST_EOF] = LST_LIST << 4, }; -const char * const LSCRIPTTypeNames[LST_EOF] = +const char * const LSCRIPTTypeNames[LST_EOF] = /*Flawfinder: ignore*/ { "VOID", "integer", @@ -492,7 +492,7 @@ typedef enum e_lscript_runtime_faults LSRF_EOF } LSCRIPTRunTimeFaults; -extern char *LSCRIPTRunTimeFaultStrings[LSRF_EOF]; +extern char* LSCRIPTRunTimeFaultStrings[LSRF_EOF]; /*Flawfinder: ignore*/ const S32 LSCRIPTRunTimeFaultBits[LSRF_EOF] = { diff --git a/indra/lscript/lscript_compile/lscript_bytecode.cpp b/indra/lscript/lscript_compile/lscript_bytecode.cpp index 1cf8cd7f28..d6b0fe4926 100644 --- a/indra/lscript/lscript_compile/lscript_bytecode.cpp +++ b/indra/lscript/lscript_compile/lscript_bytecode.cpp @@ -59,7 +59,7 @@ void LLScriptByteCodeChunk::addByte(U8 byte) if (mCodeChunk) { U8 *temp = new U8[mCurrentOffset + 1]; - memcpy(temp, mCodeChunk, mCurrentOffset); + memcpy(temp, mCodeChunk, mCurrentOffset); /* Flawfinder: ignore */ delete [] mCodeChunk; mCodeChunk = temp; } @@ -83,7 +83,7 @@ void LLScriptByteCodeChunk::addBytes(U8 *bytes, S32 size) if (mCodeChunk) { U8 *temp = new U8[mCurrentOffset + size]; - memcpy(temp, mCodeChunk, mCurrentOffset); + memcpy(temp, mCodeChunk, mCurrentOffset); /* Flawfinder: ignore */ delete [] mCodeChunk; mCodeChunk = temp; } @@ -91,7 +91,7 @@ void LLScriptByteCodeChunk::addBytes(U8 *bytes, S32 size) { mCodeChunk = new U8[size]; } - memcpy(mCodeChunk + mCurrentOffset, bytes, size); + memcpy(mCodeChunk + mCurrentOffset, bytes, size);/* Flawfinder: ignore */ mCurrentOffset += size; } @@ -100,7 +100,7 @@ void LLScriptByteCodeChunk::addBytes(char *bytes, S32 size) if (mCodeChunk) { U8 *temp = new U8[mCurrentOffset + size]; - memcpy(temp, mCodeChunk, mCurrentOffset); + memcpy(temp, mCodeChunk, mCurrentOffset); /*Flawfinder: ignore*/ delete [] mCodeChunk; mCodeChunk = temp; } @@ -108,7 +108,7 @@ void LLScriptByteCodeChunk::addBytes(char *bytes, S32 size) { mCodeChunk = new U8[size]; } - memcpy(mCodeChunk + mCurrentOffset, bytes, size); + memcpy(mCodeChunk + mCurrentOffset, bytes, size); /*Flawfinder: ignore*/ mCurrentOffset += size; } @@ -117,7 +117,7 @@ void LLScriptByteCodeChunk::addBytes(S32 size) if (mCodeChunk) { U8 *temp = new U8[mCurrentOffset + size]; - memcpy(temp, mCodeChunk, mCurrentOffset); + memcpy(temp, mCodeChunk, mCurrentOffset); /*Flawfinder: ignore*/ delete [] mCodeChunk; mCodeChunk = temp; } @@ -134,7 +134,7 @@ void LLScriptByteCodeChunk::addBytesDontInc(S32 size) if (mCodeChunk) { U8 *temp = new U8[mCurrentOffset + size]; - memcpy(temp, mCodeChunk, mCurrentOffset); + memcpy(temp, mCodeChunk, mCurrentOffset); /*Flawfinder: ignore*/ delete [] mCodeChunk; mCodeChunk = temp; } @@ -237,7 +237,7 @@ void LLScriptScriptCodeChunk::build(FILE *efp, FILE *bcfp) mCompleteCode = new U8[mTotalSize]; memset(mCompleteCode, 0, mTotalSize); - memcpy(mCompleteCode, mRegisters->mCodeChunk, mRegisters->mCurrentOffset); + memcpy(mCompleteCode, mRegisters->mCodeChunk, mRegisters->mCurrentOffset); offset += mRegisters->mCurrentOffset; set_register(mCompleteCode, LREG_IP, 0); @@ -248,12 +248,12 @@ void LLScriptScriptCodeChunk::build(FILE *efp, FILE *bcfp) set_register(mCompleteCode, LREG_GVR, offset); - memcpy(mCompleteCode + offset, mGlobalVariables->mCodeChunk, mGlobalVariables->mCurrentOffset); + memcpy(mCompleteCode + offset, mGlobalVariables->mCodeChunk, mGlobalVariables->mCurrentOffset); /*Flawfinder: ignore*/ offset += mGlobalVariables->mCurrentOffset; set_register(mCompleteCode, LREG_GFR, offset); - memcpy(mCompleteCode + offset, mGlobalFunctions->mCodeChunk, mGlobalFunctions->mCurrentOffset); + memcpy(mCompleteCode + offset, mGlobalFunctions->mCodeChunk, mGlobalFunctions->mCurrentOffset); /*Flawfinder: ignore*/ offset += mGlobalFunctions->mCurrentOffset; set_register(mCompleteCode, LREG_SR, offset); @@ -272,12 +272,12 @@ void LLScriptScriptCodeChunk::build(FILE *efp, FILE *bcfp) } set_event_register(mCompleteCode, LREG_ER, bytestream2u64(mStates->mCodeChunk, default_state_offset), LSL2_CURRENT_MAJOR_VERSION); - memcpy(mCompleteCode + offset, mStates->mCodeChunk, mStates->mCurrentOffset); + memcpy(mCompleteCode + offset, mStates->mCodeChunk, mStates->mCurrentOffset); /*Flawfinder: ignore*/ offset += mStates->mCurrentOffset; set_register(mCompleteCode, LREG_HR, offset); - memcpy(mCompleteCode + offset, mHeap->mCodeChunk, mHeap->mCurrentOffset); + memcpy(mCompleteCode + offset, mHeap->mCodeChunk, mHeap->mCurrentOffset); /*Flawfinder: ignore*/ offset += mHeap->mCurrentOffset; set_register(mCompleteCode, LREG_HP, offset); diff --git a/indra/lscript/lscript_compile/lscript_error.cpp b/indra/lscript/lscript_compile/lscript_error.cpp index 0bc51a65ed..bb080924fd 100644 --- a/indra/lscript/lscript_compile/lscript_error.cpp +++ b/indra/lscript/lscript_compile/lscript_error.cpp @@ -26,13 +26,13 @@ void LLScriptFilePosition::fdotabs(FILE *fp, S32 tabs, S32 tabsize) } } -char *gWarningText[LSWARN_EOF] = +char* gWarningText[LSWARN_EOF] = /*Flawfinder: ignore*/ { "INVALID", "Dead code found beyond return statement" }; -char *gErrorText[LSERROR_EOF] = +char* gErrorText[LSERROR_EOF] = /*Flawfinder: ignore*/ { "INVALID", "Syntax error", diff --git a/indra/lscript/lscript_compile/lscript_heap.cpp b/indra/lscript/lscript_compile/lscript_heap.cpp index 98c5fe37be..855b6bdba4 100644 --- a/indra/lscript/lscript_compile/lscript_heap.cpp +++ b/indra/lscript/lscript_compile/lscript_heap.cpp @@ -34,9 +34,9 @@ LLScriptHeapEntry::~LLScriptHeapEntry() void LLScriptHeapEntry::addString(char *string) { - S32 size = strlen(string) + 1; + S32 size = strlen(string) + 1; /*Flawfinder: ignore*/ S32 offset = 0; - memcpy(mData, string, size); + memcpy(mData, string, size); /*Flawfinder: ignore*/ mNext += size; integer2bytestream(mEntry, offset, mNext); mRefCount++; diff --git a/indra/lscript/lscript_compile/lscript_scope.h b/indra/lscript/lscript_compile/lscript_scope.h index 18640441af..e1a46d4c00 100644 --- a/indra/lscript/lscript_compile/lscript_scope.h +++ b/indra/lscript/lscript_compile/lscript_scope.h @@ -26,7 +26,7 @@ typedef enum e_lscript_identifier_type LIT_EOF } LSCRIPTIdentifierType; -const char LSCRIPTFunctionTypeStrings[LST_EOF] = +const char LSCRIPTFunctionTypeStrings[LST_EOF] = /*Flawfinder: ignore*/ { '0', 'i', @@ -39,7 +39,7 @@ const char LSCRIPTFunctionTypeStrings[LST_EOF] = '0' }; -const char * const LSCRIPTListDescription[LST_EOF] = +const char * const LSCRIPTListDescription[LST_EOF] = /*Flawfinder: ignore*/ { "PUSHARGB 0", "PUSHARGB 1", @@ -52,7 +52,7 @@ const char * const LSCRIPTListDescription[LST_EOF] = "PUSHARGB 0" }; -const char * const LSCRIPTTypePush[LST_EOF] = +const char * const LSCRIPTTypePush[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "PUSHE", @@ -65,7 +65,7 @@ const char * const LSCRIPTTypePush[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeReturn[LST_EOF] = +const char * const LSCRIPTTypeReturn[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "LOADP -12", @@ -78,7 +78,7 @@ const char * const LSCRIPTTypeReturn[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypePop[LST_EOF] = +const char * const LSCRIPTTypePop[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "POP", @@ -91,7 +91,7 @@ const char * const LSCRIPTTypePop[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeDuplicate[LST_EOF] = +const char * const LSCRIPTTypeDuplicate[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "DUP", @@ -104,7 +104,7 @@ const char * const LSCRIPTTypeDuplicate[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeLocalStore[LST_EOF] = +const char * const LSCRIPTTypeLocalStore[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "STORE ", @@ -117,7 +117,7 @@ const char * const LSCRIPTTypeLocalStore[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeLocalDeclaration[LST_EOF] = +const char * const LSCRIPTTypeLocalDeclaration[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "STOREP ", @@ -130,7 +130,7 @@ const char * const LSCRIPTTypeLocalDeclaration[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeGlobalStore[LST_EOF] = +const char * const LSCRIPTTypeGlobalStore[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "STOREG ", @@ -143,7 +143,7 @@ const char * const LSCRIPTTypeGlobalStore[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeLocalPush[LST_EOF] = +const char * const LSCRIPTTypeLocalPush[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "PUSH ", @@ -156,7 +156,7 @@ const char * const LSCRIPTTypeLocalPush[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeLocalPush1[LST_EOF] = +const char * const LSCRIPTTypeLocalPush1[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "PUSHARGI 1", @@ -169,7 +169,7 @@ const char * const LSCRIPTTypeLocalPush1[LST_EOF] = "undefined" }; -const char * const LSCRIPTTypeGlobalPush[LST_EOF] = +const char * const LSCRIPTTypeGlobalPush[LST_EOF] = /*Flawfinder: ignore*/ { "INVALID", "PUSHG ", @@ -194,7 +194,7 @@ public: { if (!mString) return LST_NULL; - S32 length = (S32)strlen(mString); + S32 length = (S32)strlen(mString); /*Flawfinder: ignore*/ if (count >= length) { return LST_NULL; @@ -225,9 +225,9 @@ public: S32 count = 0; if (mString) { - count = (S32)strlen(mString); + count = (S32)strlen(mString); /*Flawfinder: ignore*/ char *temp = new char[count + 2]; - memcpy(temp, mString, count); + memcpy(temp, mString, count); /*Flawfinder: ignore*/ delete [] mString; mString = temp; mString[count + 1] = 0; @@ -243,7 +243,7 @@ public: S32 getNumber() { if (mString) - return (S32)strlen(mString); + return (S32)strlen(mString); /*Flawfinder: ignore*/ else return 0; } diff --git a/indra/lscript/lscript_compile/lscript_tree.cpp b/indra/lscript/lscript_compile/lscript_tree.cpp index 4b4a7f13f4..0b02c3ebb4 100644 --- a/indra/lscript/lscript_compile/lscript_tree.cpp +++ b/indra/lscript/lscript_compile/lscript_tree.cpp @@ -251,7 +251,7 @@ void LLScriptConstantString::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom break; case LSCP_EMIT_ASSEMBLY: fprintf(fp, "PUSHARGS \"%s\"\n", mValue); - fprintf(fp, "STACKTOS %lu\n", strlen(mValue) + 1); + fprintf(fp, "STACKTOS %lu\n", strlen(mValue) + 1); /*Flawfinder: ignore*/ break; case LSCP_TYPE: type = mType; @@ -271,7 +271,7 @@ void LLScriptConstantString::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom case LSCP_TO_STACK: { chunk->addByte(LSCRIPTOpCodes[LOPC_PUSHARGS]); - chunk->addBytes(mValue, (S32)strlen(mValue) + 1); + chunk->addBytes(mValue, (S32)strlen(mValue) + 1); /*Flawfinder: ignore*/ type = mType; } break; @@ -291,7 +291,7 @@ void LLScriptConstantString::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom S32 LLScriptConstantString::getSize() { - return (S32)strlen(mValue) + 1; + return (S32)strlen(mValue) + 1; /*Flawfinder: ignore*/ } @@ -1142,7 +1142,7 @@ void LLScriptGlobalVariable::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom // it also includes the name of the variable as well as the type // plus 4 bytes of offset from it's apparent address to the actual data #ifdef LSL_INCLUDE_DEBUG_INFO - count += strlen(mIdentifier->mName) + 1 + 1 + 4; + count += strlen(mIdentifier->mName) + 1 + 1 + 4; /*Flawfinder: ignore*/ #else count += 1 + 1 + 4; #endif @@ -1165,7 +1165,7 @@ void LLScriptGlobalVariable::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom chunk->addBytes(&vtype, 1); // null terminated name #ifdef LSL_INCLUDE_DEBUG_INFO - chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); + chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); /*Flawfinder: ignore*/ #else chunk->addBytes(1); #endif @@ -1296,7 +1296,7 @@ void LLScriptStateEntryEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCo { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "state_entry"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1332,7 +1332,7 @@ void LLScriptStateExitEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "state_exit"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1390,8 +1390,8 @@ void LLScriptTouchStartEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCo { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "touch_start"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1448,8 +1448,8 @@ void LLScriptTouchEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompile { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "touch"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1506,8 +1506,8 @@ void LLScriptTouchEndEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTComp { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "touch_end"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1564,8 +1564,8 @@ void LLScriptCollisionStartEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRI { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "collision_start"; - chunk->addBytes(name, (S32)strlen(name) + 1); - chunk->addBytes(mCount->mName, (S32)strlen(mCount->mName) + 1); + chunk->addBytes(name, (S32)strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, (S32)strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1622,8 +1622,8 @@ void LLScriptCollisionEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "collision"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1680,8 +1680,8 @@ void LLScriptCollisionEndEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPT { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "collision_end"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mCount->mName, strlen(mCount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1737,8 +1737,8 @@ void LLScriptLandCollisionStartEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, L { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "land_collision_start"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1796,8 +1796,8 @@ void LLScriptLandCollisionEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIP { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "land_collision"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1853,9 +1853,9 @@ void LLScriptLandCollisionEndEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSC case LSCP_EMIT_BYTE_CODE: { #ifdef LSL_INCLUDE_DEBUG_INFO - char name[] = "land_collision_end"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); + char name[] = "land_collision_end"; /*Flawfinder: ignore*/ + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mPosition->mName, strlen(mPosition->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1912,8 +1912,8 @@ void LLScriptInventoryEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "changed"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mChange->mName, strlen(mChange->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mChange->mName, strlen(mChange->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -1969,8 +1969,8 @@ void LLScriptAttachEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "attach"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mAttach->mName, strlen(mAttach->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mAttach->mName, strlen(mAttach->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2039,9 +2039,9 @@ void LLScriptDataserverEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCo { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "dataserver"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mID->mName, strlen(mID->mName) + 1); - chunk->addBytes(mData->mName, strlen(mData->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mID->mName, strlen(mID->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mData->mName, strlen(mData->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2077,7 +2077,7 @@ void LLScriptTimerEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompile { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "timer"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2108,7 +2108,7 @@ void LLScriptMovingStartEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTC { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "moving_start"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2139,7 +2139,7 @@ void LLScriptMovingEndEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "moving_end"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2193,8 +2193,8 @@ void LLScriptRTPEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePa { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "chat"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mRTPermissions->mName, strlen(mRTPermissions->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mRTPermissions->mName, strlen(mRTPermissions->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2289,11 +2289,11 @@ void LLScriptChatEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompileP { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "chat"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mChannel->mName, strlen(mChannel->mName) + 1); - chunk->addBytes(mName->mName, strlen(mName->mName) + 1); - chunk->addBytes(mID->mName, strlen(mID->mName) + 1); - chunk->addBytes(mMessage->mName, strlen(mMessage->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mChannel->mName, strlen(mChannel->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mName->mName, strlen(mName->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mID->mName, strlen(mID->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mMessage->mName, strlen(mMessage->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2352,8 +2352,8 @@ void LLScriptSensorEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "sensor"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mNumber->mName, strlen(mNumber->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mNumber->mName, strlen(mNumber->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2409,8 +2409,8 @@ void LLScriptObjectRezEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "sensor"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mID->mName, strlen(mID->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mID->mName, strlen(mID->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2492,10 +2492,10 @@ void LLScriptControlEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompi { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "control"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mName->mName, strlen(mName->mName) + 1); - chunk->addBytes(mLevels->mName, strlen(mLevels->mName) + 1); - chunk->addBytes(mEdges->mName, strlen(mEdges->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mName->mName, strlen(mName->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mLevels->mName, strlen(mLevels->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mEdges->mName, strlen(mEdges->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2592,11 +2592,11 @@ void LLScriptLinkMessageEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTC { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "link_message"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mSender->mName, strlen(mSender->mName) + 1); - chunk->addBytes(mNum->mName, strlen(mNum->mName) + 1); - chunk->addBytes(mStr->mName, strlen(mStr->mName) + 1); - chunk->addBytes(mID->mName, strlen(mID->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mSender->mName, strlen(mSender->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mNum->mName, strlen(mNum->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mStr->mName, strlen(mStr->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mID->mName, strlen(mID->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2720,13 +2720,13 @@ void LLScriptRemoteEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "remote_event"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mType->mName, strlen(mType->mName) + 1); - chunk->addBytes(mChannel->mName, strlen(mChannel->mName) + 1); - chunk->addBytes(mMessageID->mName, strlen(mMessageID->mName) + 1); - chunk->addBytes(mSender->mName, strlen(mSender->mName) + 1); - chunk->addBytes(mIntVal->mName, strlen(mIntVal->mName) + 1); - chunk->addBytes(mStrVal->mName, strlen(mStrVal->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mType->mName, strlen(mType->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mChannel->mName, strlen(mChannel->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mMessageID->mName, strlen(mMessageID->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mSender->mName, strlen(mSender->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mIntVal->mName, strlen(mIntVal->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mStrVal->mName, strlen(mStrVal->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2835,11 +2835,11 @@ void LLScriptHTTPResponseEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPT { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "http_response"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mRequestId->mName, strlen(mRequestId->mName) + 1); - chunk->addBytes(mStatus->mName, strlen(mStatus->mName) + 1); - chunk->addBytes(mMetadata->mName, strlen(mMetadata->mName) + 1); - chunk->addBytes(mBody->mName, strlen(mBody->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mRequestId->mName, strlen(mRequestId->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mStatus->mName, strlen(mStatus->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mMetadata->mName, strlen(mMetadata->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mBody->mName, strlen(mBody->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -2913,9 +2913,9 @@ void LLScriptMoneyEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompile { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "money"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mName->mName, strlen(mName->mName) + 1); - chunk->addBytes(mAmount->mName, strlen(mAmount->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mName->mName, strlen(mName->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mAmount->mName, strlen(mAmount->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3024,12 +3024,12 @@ void LLScriptEmailEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompile { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "email"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mTime->mName, strlen(mTime->mName) + 1); - chunk->addBytes(mAddress->mName, strlen(mAddress->mName) + 1); - chunk->addBytes(mSubject->mName, strlen(mSubject->mName) + 1); - chunk->addBytes(mBody->mName, strlen(mBody->mName) + 1); - chunk->addBytes(mNumber->mName, strlen(mNumber->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mTime->mName, strlen(mTime->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mAddress->mName, strlen(mAddress->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mSubject->mName, strlen(mSubject->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mBody->mName, strlen(mBody->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mNumber->mName, strlen(mNumber->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3089,8 +3089,8 @@ void LLScriptRezEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePa { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "rez"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mStartParam->mName, strlen(mStartParam->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mStartParam->mName, strlen(mStartParam->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3125,7 +3125,7 @@ void LLScriptNoSensorEvent::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTComp { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "no_sensor"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3204,11 +3204,11 @@ void LLScriptAtTarget::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePa case LSCP_EMIT_BYTE_CODE: { #ifdef LSL_INCLUDE_DEBUG_INFO - char name[] = "at_target"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mTargetNumber->mName, strlen(mTargetNumber->mName) + 1); - chunk->addBytes(mTargetPosition->mName, strlen(mTargetPosition->mName) + 1); - chunk->addBytes(mOurPosition->mName, strlen(mOurPosition->mName) + 1); + char name[] = "at_target"; /*Flawfinder: ignore*/ + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mTargetNumber->mName, strlen(mTargetNumber->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mTargetPosition->mName, strlen(mTargetPosition->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mOurPosition->mName, strlen(mOurPosition->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3246,8 +3246,8 @@ void LLScriptNotAtTarget::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil case LSCP_EMIT_BYTE_CODE: { #ifdef LSL_INCLUDE_DEBUG_INFO - char name[] = "not_at_target"; - chunk->addBytes(name, strlen(name) + 1); + char name[] = "not_at_target"; /*Flawfinder: ignore*/ + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3327,10 +3327,10 @@ void LLScriptAtRotTarget::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "at_rot_target"; - chunk->addBytes(name, strlen(name) + 1); - chunk->addBytes(mTargetNumber->mName, strlen(mTargetNumber->mName) + 1); - chunk->addBytes(mTargetRotation->mName, strlen(mTargetRotation->mName) + 1); - chunk->addBytes(mOurRotation->mName, strlen(mOurRotation->mName) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mTargetNumber->mName, strlen(mTargetNumber->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mTargetRotation->mName, strlen(mTargetRotation->mName) + 1); /*Flawfinder: ignore*/ + chunk->addBytes(mOurRotation->mName, strlen(mOurRotation->mName) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -3369,7 +3369,7 @@ void LLScriptNotAtRotTarget::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCom { #ifdef LSL_INCLUDE_DEBUG_INFO char name[] = "not_at_rot_target"; - chunk->addBytes(name, strlen(name) + 1); + chunk->addBytes(name, strlen(name) + 1); /*Flawfinder: ignore*/ #endif } break; @@ -7124,7 +7124,7 @@ void LLScriptFunctionCall::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompi gErrorToText.writeError(fp, this, LSERROR_FUNCTION_TYPE_ERROR); } } - else if (argcount != strlen(mIdentifier->mScopeEntry->mFunctionArgs.mString)) + else if (argcount != strlen(mIdentifier->mScopeEntry->mFunctionArgs.mString)) /*Flawfinder: ignore*/ { gErrorToText.writeError(fp, this, LSERROR_FUNCTION_TYPE_ERROR); } @@ -7440,7 +7440,7 @@ void add_exit_pops(LLScriptByteCodeChunk *chunk, LLScriptScopeEntry *entry) if (entry->mLocals.mString) { - number = (S32)strlen(entry->mLocals.mString); + number = (S32)strlen(entry->mLocals.mString); /*Flawfinder: ignore*/ for (i = number - 1; i >= 0; i--) { switch(entry->mLocals.getType(i)) @@ -7473,7 +7473,7 @@ void add_exit_pops(LLScriptByteCodeChunk *chunk, LLScriptScopeEntry *entry) if (entry->mFunctionArgs.mString) { - number = (S32)strlen(entry->mFunctionArgs.mString); + number = (S32)strlen(entry->mFunctionArgs.mString); /*Flawfinder: ignore*/ for (i = number - 1; i >= 0; i--) { switch(entry->mFunctionArgs.getType(i)) @@ -7512,7 +7512,7 @@ void print_exit_pops(FILE *fp, LLScriptScopeEntry *entry) if (entry->mLocals.mString) { - number = (S32)strlen(entry->mLocals.mString); + number = (S32)strlen(entry->mLocals.mString); /*Flawfinder: ignore*/ for (i = number - 1; i >= 0; i--) { fprintf(fp, "%s", LSCRIPTTypePop[entry->mLocals.getType(i)]); @@ -7521,7 +7521,7 @@ void print_exit_pops(FILE *fp, LLScriptScopeEntry *entry) if (entry->mFunctionArgs.mString) { - number = (S32)strlen(entry->mFunctionArgs.mString); + number = (S32)strlen(entry->mFunctionArgs.mString); /*Flawfinder: ignore*/ for (i = number - 1; i >= 0; i--) { fprintf(fp, "%s", LSCRIPTTypePop[entry->mFunctionArgs.getType(i)]); @@ -7966,8 +7966,8 @@ void LLScriptIf::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass pas break; case LSCP_EMIT_BYTE_CODE: { - char jumpname[32]; - sprintf(jumpname, "##Temp Jump %d##", gTempJumpCount++); + char jumpname[32]; /*Flawfinder: ignore*/ + snprintf(jumpname, sizeof(jumpname),"##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ mExpression->recurse(fp, tabs, tabsize, LSCP_TO_STACK, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); chunk->addByte(LSCRIPTOpCodes[LOPC_JUMPNIF]); @@ -8047,10 +8047,10 @@ void LLScriptIfElse::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass break; case LSCP_EMIT_BYTE_CODE: { - char jumpname1[32]; - sprintf(jumpname1, "##Temp Jump %d##", gTempJumpCount++); - char jumpname2[32]; - sprintf(jumpname2, "##Temp Jump %d##", gTempJumpCount++); + char jumpname1[32]; /*Flawfinder: ignore*/ + snprintf(jumpname1, sizeof(jumpname1), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ + char jumpname2[32]; /*Flawfinder: ignore*/ + snprintf(jumpname2, sizeof(jumpname2), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ mExpression->recurse(fp, tabs, tabsize, LSCP_TO_STACK, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); chunk->addByte(LSCRIPTOpCodes[LOPC_JUMPNIF]); @@ -8150,10 +8150,10 @@ void LLScriptFor::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass pa break; case LSCP_EMIT_BYTE_CODE: { - char jumpname1[32]; - sprintf(jumpname1, "##Temp Jump %d##", gTempJumpCount++); - char jumpname2[32]; - sprintf(jumpname2, "##Temp Jump %d##", gTempJumpCount++); + char jumpname1[32]; /*Flawfinder: ignore*/ + snprintf(jumpname1, sizeof(jumpname1), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ + char jumpname2[32]; /*Flawfinder: ignore*/ + snprintf(jumpname2, sizeof(jumpname2), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ if(mSequence) mSequence->recurse(fp, tabs, tabsize, LSCP_TO_STACK, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); @@ -8247,8 +8247,8 @@ void LLScriptDoWhile::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePas break; case LSCP_EMIT_BYTE_CODE: { - char jumpname1[32]; - sprintf(jumpname1, "##Temp Jump %d##", gTempJumpCount++); + char jumpname1[32]; /*Flawfinder: ignore*/ + snprintf(jumpname1, sizeof(jumpname1), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ chunk->addLabel(jumpname1); mStatement->recurse(fp, tabs, tabsize, pass, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); @@ -8321,10 +8321,10 @@ void LLScriptWhile::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass break; case LSCP_EMIT_BYTE_CODE: { - char jumpname1[32]; - sprintf(jumpname1, "##Temp Jump %d##", gTempJumpCount++); - char jumpname2[32]; - sprintf(jumpname2, "##Temp Jump %d##", gTempJumpCount++); + char jumpname1[32]; /*Flawfinder: ignore*/ + snprintf(jumpname1, sizeof(jumpname1), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ + char jumpname2[32]; /*Flawfinder: ignore*/ + snprintf(jumpname2, sizeof(jumpname2), "##Temp Jump %d##", gTempJumpCount++); /*Flawfinder: ignore*/ chunk->addLabel(jumpname1); mExpression->recurse(fp, tabs, tabsize, LSCP_TO_STACK, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); @@ -8999,7 +8999,7 @@ void LLScriptEventHandler::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompi fprintf(fp, ".method public hidebysig instance default void "); // Mangle event handler name by prefixing it with state name. Allows state changing by finding handlers prefixed with new state name. - fprintf(fp, entry->mIdentifier); + fprintf(fp, entry->mIdentifier); /*Flawfinder: ignore*/ // Handler name and arguments. mEventp->recurse(fp, tabs, tabsize, pass, ptype, prunearg, scope, type, basetype, count, chunk, heap, stacksize, entry, entrycount, NULL); @@ -9135,7 +9135,7 @@ void LLScriptFunctionDec::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompil chunk->addBytes(&typereturn, 1); // name #ifdef LSL_INCLUDE_DEBUG_INFO - chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); + chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); /*Flawfinder: ignore*/ #else chunk->addBytes(1); #endif @@ -9372,7 +9372,7 @@ void LLScriptGlobalFunctions::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCo // null terminated function name #ifdef LSL_INCLUDE_DEBUG_INFO - chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); + chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); /*Flawfinder: ignore*/ #else chunk->addBytes(1); #endif @@ -9623,7 +9623,7 @@ void LLScriptState::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass // null terminated state name #ifdef LSL_INCLUDE_DEBUG_INFO - chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); + chunk->addBytes(mIdentifier->mName, strlen(mIdentifier->mName) + 1); /*Flawfinder: ignore*/ #else chunk->addBytes(1); #endif @@ -9678,8 +9678,8 @@ LLScriptScript::LLScriptScript(LLScritpGlobalStorage *globals, mStates(states), mGlobalScope(NULL), mGlobals(NULL), mGlobalFunctions(NULL), mGodLike(FALSE) { const char DEFAULT_BYTECODE_FILENAME[] = "lscript.lso"; - strcpy(mBytecodeDest, DEFAULT_BYTECODE_FILENAME); - + strncpy(mBytecodeDest, DEFAULT_BYTECODE_FILENAME, sizeof(mBytecodeDest) -1); /*Flawfinder: ignore*/ + mBytecodeDest[MAX_STRING-1] = '\0'; LLScriptGlobalVariable *tvar; LLScriptGlobalFunctions *tfunc; LLScritpGlobalStorage *temp; @@ -9725,7 +9725,7 @@ LLScriptScript::LLScriptScript(LLScritpGlobalStorage *globals, void LLScriptScript::setBytecodeDest(const char* dst_filename) { - strncpy(mBytecodeDest, dst_filename, MAX_STRING); + strncpy(mBytecodeDest, dst_filename, MAX_STRING); /*Flawfinder: ignore*/ mBytecodeDest[MAX_STRING-1] = '\0'; } @@ -9734,7 +9734,7 @@ void print_cil_globals(FILE* fp, LLScriptGlobalVariable* global) fprintf(fp, ".field private "); print_cil_type(fp, global->mType->mType); fprintf(fp, " "); - fprintf(fp, global->mIdentifier->mName); + fprintf(fp, global->mIdentifier->mName); /*Flawfinder: ignore*/ fprintf(fp, "\n"); if(NULL != global->mNextp) { @@ -9913,7 +9913,7 @@ void LLScriptScript::recurse(FILE *fp, S32 tabs, S32 tabsize, LSCRIPTCompilePass // now, put it all together and spit it out // we need - FILE *bcfp = LLFile::fopen(mBytecodeDest, "wb"); + FILE* bcfp = LLFile::fopen(mBytecodeDest, "wb"); /*Flawfinder: ignore*/ code->build(fp, bcfp); fclose(bcfp); diff --git a/indra/lscript/lscript_compile/lscript_tree.h b/indra/lscript/lscript_compile/lscript_tree.h index c36bae06b9..d0e8bcf389 100644 --- a/indra/lscript/lscript_compile/lscript_tree.h +++ b/indra/lscript/lscript_compile/lscript_tree.h @@ -2248,7 +2248,7 @@ public: BOOL mGodLike; private: - char mBytecodeDest[MAX_STRING]; + char mBytecodeDest[MAX_STRING]; /*Flawfinder: ignore*/ }; class LLScriptAllocationManager diff --git a/indra/lscript/lscript_execute/lscript_execute.cpp b/indra/lscript/lscript_execute/lscript_execute.cpp index 3e52334d14..1cbcdc2c58 100644 --- a/indra/lscript/lscript_execute/lscript_execute.cpp +++ b/indra/lscript/lscript_execute/lscript_execute.cpp @@ -20,7 +20,7 @@ void (*binary_operations[LST_EOF][LST_EOF])(U8 *buffer, LSCRIPTOpCodesEnum opcode); void (*unary_operations[LST_EOF])(U8 *buffer, LSCRIPTOpCodesEnum opcode); -char *LSCRIPTRunTimeFaultStrings[LSRF_EOF] = +char* LSCRIPTRunTimeFaultStrings[LSRF_EOF] = /*Flawfinder: ignore*/ { "invalid", // LSRF_INVALID, "Math Error", // LSRF_MATH, @@ -2643,7 +2643,7 @@ BOOL run_jumpif(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 size = toffset - string; char *sdata = new char[size]; bytestream2char(sdata, buffer, string); - if (strlen(sdata)) + if (strlen(sdata)) /*Flawfinder: ignore*/ { offset += arg; } @@ -2669,7 +2669,7 @@ BOOL run_jumpif(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 size = toffset - string; char *sdata = new char[size]; bytestream2char(sdata, buffer, string); - if (strlen(sdata)) + if (strlen(sdata)) /*Flawfinder: ignore*/ { LLUUID id; id.set(sdata); @@ -2758,7 +2758,7 @@ BOOL run_jumpnif(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 size = toffset - string; char *sdata = new char[size]; bytestream2char(sdata, buffer, string); - if (!strlen(sdata)) + if (!strlen(sdata)) /*Flawfinder: ignore*/ { offset += arg; } @@ -2784,7 +2784,7 @@ BOOL run_jumpnif(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 size = toffset - string; char *sdata = new char[size]; bytestream2char(sdata, buffer, string); - if (strlen(sdata)) + if (strlen(sdata)) /*Flawfinder: ignore*/ { LLUUID id; id.set(sdata); @@ -2935,7 +2935,7 @@ S32 axtoi(char *hexStg) BOOL run_cast(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) { - char caststr[1024]; + char caststr[1024]; /*Flawfinder: ignore*/ if (b_print) printf("[0x%X]\tCAST ", offset); offset++; @@ -2968,7 +2968,7 @@ BOOL run_cast(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) case LST_STRING: { S32 address, source = lscript_pop_int(buffer); - sprintf(caststr, "%d", source); + snprintf(caststr, sizeof(caststr), "%d", source); /*Flawfinder: ignore*/ address = lsa_heap_add_data(buffer, new LLScriptLibData(caststr), get_max_heap_size(buffer), TRUE); lscript_push(buffer, address); } @@ -3005,7 +3005,7 @@ BOOL run_cast(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) { S32 address; F32 source = lscript_pop_float(buffer); - sprintf(caststr, "%f", source); + snprintf(caststr, sizeof(caststr), "%f", source); /*Flawfinder: ignore*/ address = lsa_heap_add_data(buffer, new LLScriptLibData(caststr), get_max_heap_size(buffer), TRUE); lscript_push(buffer, address); } @@ -3214,7 +3214,7 @@ BOOL run_cast(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 address; LLVector3 source; lscript_pop_vector(buffer, source); - sprintf(caststr, "<%5.5f, %5.5f, %5.5f>", source.mV[VX], source.mV[VY], source.mV[VZ]); + snprintf(caststr, sizeof(caststr), "<%5.5f, %5.5f, %5.5f>", source.mV[VX], source.mV[VY], source.mV[VZ]); /*Flawfinder: ignore*/ address = lsa_heap_add_data(buffer, new LLScriptLibData(caststr), get_max_heap_size(buffer), TRUE); lscript_push(buffer, address); } @@ -3247,7 +3247,7 @@ BOOL run_cast(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) S32 address; LLQuaternion source; lscript_pop_quaternion(buffer, source); - sprintf(caststr, "<%5.5f, %5.5f, %5.5f, %5.5f>", source.mQ[VX], source.mQ[VY], source.mQ[VZ], source.mQ[VS]); + snprintf(caststr, sizeof(caststr), "<%5.5f, %5.5f, %5.5f, %5.5f>", source.mQ[VX], source.mQ[VY], source.mQ[VZ], source.mQ[VS]); /*Flawfinder: ignore*/ address = lsa_heap_add_data(buffer, new LLScriptLibData(caststr), get_max_heap_size(buffer), TRUE); lscript_push(buffer, address); } @@ -3571,22 +3571,29 @@ void lscript_run(char *filename, BOOL b_debug) char *error; BOOL b_state; LLScriptExecute *execute = NULL; - FILE *file = LLFile::fopen(filename, "r"); + if (filename == NULL) + { + llerrs << "filename is empty" << llendl; + // Just reporting error is likely not enough. Need + // to check how to abort or error out gracefully + // from this function. XXXTBD + } + FILE* file = LLFile::fopen(filename, "r"); /* Flawfinder: ignore */ if (file) { execute = new LLScriptExecute(file); fclose(file); } - file = LLFile::fopen(filename, "r"); + file = LLFile::fopen(filename, "r"); /* Flawfinder: ignore */ if (file) { - FILE *fp = LLFile::fopen("lscript.parse", "w"); + FILE* fp = LLFile::fopen("lscript.parse", "w"); /*Flawfinder: ignore*/ LLScriptLSOParse *parse = new LLScriptLSOParse(file); parse->printData(fp); fclose(file); fclose(fp); } - file = LLFile::fopen(filename, "r"); + file = LLFile::fopen(filename, "r"); /*Flawfinder: ignore*/ if (file && execute) { timer.reset(); @@ -3795,7 +3802,7 @@ BOOL run_calllib(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &id) if (gScriptLibrary.mFunctions[arg]->mArgs) { - number = (S32)strlen(gScriptLibrary.mFunctions[arg]->mArgs); + number = (S32)strlen(gScriptLibrary.mFunctions[arg]->mArgs); /*Flawfinder: ignore*/ arguments = new LLScriptLibData[number]; } else @@ -3866,7 +3873,7 @@ BOOL run_calllib_two_byte(U8 *buffer, S32 &offset, BOOL b_print, const LLUUID &i if (gScriptLibrary.mFunctions[arg]->mArgs) { - number = (S32)strlen(gScriptLibrary.mFunctions[arg]->mArgs); + number = (S32)strlen(gScriptLibrary.mFunctions[arg]->mArgs); /*Flawfinder: ignore*/ arguments = new LLScriptLibData[number]; } else diff --git a/indra/lscript/lscript_execute/lscript_readlso.cpp b/indra/lscript/lscript_execute/lscript_readlso.cpp index 2219232a3e..e92c1d2312 100644 --- a/indra/lscript/lscript_execute/lscript_readlso.cpp +++ b/indra/lscript/lscript_execute/lscript_readlso.cpp @@ -103,7 +103,7 @@ void LLScriptLSOParse::printGlobals(FILE *fp) F32 fpvalue; LLVector3 vvalue; LLQuaternion qvalue; - char name[256]; + char name[256]; /*Flawfinder: ignore*/ U8 type; S32 global_v_offset = get_register(mRawData, LREG_GVR); @@ -171,7 +171,7 @@ void LLScriptLSOParse::printGlobalFunctions(FILE *fp) S32 i, offset; // LLVector3 vvalue; unused // LLQuaternion qvalue; unused - char name[256]; + char name[256]; /*Flawfinder: ignore*/ U8 type; offset = get_register(mRawData, LREG_GFR); @@ -261,7 +261,7 @@ void LLScriptLSOParse::printStates(FILE *fp) U32 j, k; // LLVector3 vvalue; unused // LLQuaternion qvalue; unused - char name[256]; + char name[256]; /*Flawfinder: ignore*/ S32 state_offset = get_register(mRawData, LREG_SR); @@ -1177,7 +1177,7 @@ void print_pushargf(FILE *fp, U8 *buffer, S32 &offset, S32 tabs) void print_pushargs(FILE *fp, U8 *buffer, S32 &offset, S32 tabs) { - char arg[1024]; + char arg[1024]; /*Flawfinder: ignore*/ lso_print_tabs(fp, tabs); fprintf(fp, "[0x%X]\tPUSHARGS ", offset++); bytestream2char(arg, buffer, offset); diff --git a/indra/lscript/lscript_library.h b/indra/lscript/lscript_library.h index 3cb1419296..007d36fbcd 100644 --- a/indra/lscript/lscript_library.h +++ b/indra/lscript/lscript_library.h @@ -163,10 +163,10 @@ public: size += 4; break; case LST_KEY: - size += (S32)strlen(mKey) + 1; + size += (S32)strlen(mKey) + 1; /*Flawfinder: ignore*/ break; case LST_STRING: - size += (S32)strlen(mString) + 1; + size += (S32)strlen(mString) + 1; /*Flawfinder: ignore*/ break; case LST_LIST: break; @@ -222,19 +222,29 @@ public: { if (data.mKey) { - mKey = new char[strlen(data.mKey) + 1]; - strcpy(mKey, data.mKey); + mKey = new char[strlen(data.mKey) + 1]; /* Flawfinder: ignore */ + if (mKey == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mKey, data.mKey); /* Flawfinder: ignore */ } if (data.mString) { - mString = new char[strlen(data.mString) + 1]; - strcpy(mString, data.mString); + mString = new char[strlen(data.mString) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, data.mString); /* Flawfinder: ignore */ } } LLScriptLibData(U8 *src, S32 &offset) : mListp(NULL) { - static char temp[TOP_OF_MEMORY]; + static char temp[TOP_OF_MEMORY]; /* Flawfinder: ignore */ mType = (LSCRIPTType)bytestream2integer(src, offset); switch(mType) { @@ -247,15 +257,25 @@ public: case LST_KEY: { bytestream2char(temp, src, offset); - mKey = new char[strlen(temp) + 1]; - strcpy(mKey, temp); + mKey = new char[strlen(temp) + 1]; /* Flawfinder: ignore */ + if (mKey == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mKey, temp); /* Flawfinder: ignore */ } break; case LST_STRING: { bytestream2char(temp, src, offset); - mString = new char[strlen(temp) + 1]; - strcpy(mString, temp); + mString = new char[strlen(temp) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, temp); /* Flawfinder: ignore */ } break; case LST_LIST: @@ -273,7 +293,7 @@ public: void set(U8 *src, S32 &offset) { - static char temp[TOP_OF_MEMORY]; + static char temp[TOP_OF_MEMORY]; /* Flawfinder: ignore */ mType = (LSCRIPTType)bytestream2integer(src, offset); switch(mType) { @@ -286,15 +306,25 @@ public: case LST_KEY: { bytestream2char(temp, src, offset); - mKey = new char[strlen(temp) + 1]; - strcpy(mKey, temp); + mKey = new char[strlen(temp) + 1]; /* Flawfinder: ignore */ + if (mKey == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mKey, temp); /* Flawfinder: ignore */ } break; case LST_STRING: { bytestream2char(temp, src, offset); - mString = new char[strlen(temp) + 1]; - strcpy(mString, temp); + mString = new char[strlen(temp) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, temp); /* Flawfinder: ignore */ } break; case LST_LIST: @@ -316,8 +346,13 @@ public: void setFromCSV(char *src) { mType = LST_STRING; - mString = new char[strlen(src) + 1]; - strcpy(mString, src); + mString = new char[strlen(src) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, src); /* Flawfinder: ignore */ } LLScriptLibData(S32 integer) : mType(LST_INTEGER), mInteger(integer), mFP(0.f), mKey(NULL), mString(NULL), mVec(), mQuat(), mListp(NULL) @@ -343,8 +378,13 @@ public: } else { - mString = new char[strlen(string) + 1]; - strcpy(mString, string); + mString = new char[strlen(string) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, string); /* Flawfinder: ignore */ } } @@ -357,8 +397,13 @@ public: } else { - mString = new char[strlen(string) + 1]; - strcpy(mString, string); + mString = new char[strlen(string) + 1]; /* Flawfinder: ignore */ + if (mString == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy(mString, string); /* Flawfinder: ignore */ } } diff --git a/indra/lscript/lscript_library/lscript_alloc.cpp b/indra/lscript/lscript_library/lscript_alloc.cpp index 86c8729e9c..f26fef6d77 100644 --- a/indra/lscript/lscript_library/lscript_alloc.cpp +++ b/indra/lscript/lscript_library/lscript_alloc.cpp @@ -108,10 +108,10 @@ S32 lsa_heap_add_data(U8 *buffer, LLScriptLibData *data, S32 heapsize, BOOL b_de size = 4; break; case LST_KEY: - size = (S32)strlen(data->mKey) + 1; + size = (S32)strlen(data->mKey) + 1; /*Flawfinder: ignore*/ break; case LST_STRING: - size = (S32)strlen(data->mString) + 1; + size = (S32)strlen(data->mString) + 1; /*Flawfinder: ignore*/ break; case LST_LIST: // list data 4 bytes of number of entries followed by number of pointer @@ -335,7 +335,7 @@ S32 lsa_create_data_block(U8 **buffer, LLScriptLibData *data, S32 base_offset) { if (data->mString) { - size = (S32)strlen(data->mString) + 1; + size = (S32)strlen(data->mString) + 1; /*Flawfinder: ignore*/ } else { @@ -346,7 +346,7 @@ S32 lsa_create_data_block(U8 **buffer, LLScriptLibData *data, S32 base_offset) { if (data->mKey) { - size = (S32)strlen(data->mKey) + 1; + size = (S32)strlen(data->mKey) + 1; /*Flawfinder: ignore*/ } else { @@ -413,8 +413,12 @@ S32 lsa_create_data_block(U8 **buffer, LLScriptLibData *data, S32 base_offset) if (listsize) { U8 *tbuff = new U8[size + listsize]; - memcpy(tbuff, *buffer, size); - memcpy(tbuff + size, listbuf, listsize); + if (tbuff == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + } + memcpy(tbuff, *buffer, size); /*Flawfinder: ignore*/ + memcpy(tbuff + size, listbuf, listsize); /*Flawfinder: ignore*/ size += listsize; delete [] *buffer; delete [] listbuf; @@ -497,7 +501,7 @@ void lsa_decrease_ref_count(U8 *buffer, S32 offset) alloc_entry2bytestream(buffer, orig_offset, entry); } -char gLSAStringRead[16384]; +char gLSAStringRead[16384]; /*Flawfinder: ignore*/ LLScriptLibData *lsa_get_data(U8 *buffer, S32 &offset, BOOL b_dec_ref) @@ -538,13 +542,13 @@ LLScriptLibData *lsa_get_data(U8 *buffer, S32 &offset, BOOL b_dec_ref) break; case LST_KEY: bytestream2char(gLSAStringRead, buffer, offset); - retval->mKey = new char[strlen(gLSAStringRead) + 1]; - strcpy(retval->mKey, gLSAStringRead); + retval->mKey = new char[strlen(gLSAStringRead) + 1]; /*Flawfinder: ignore*/ + strcpy(retval->mKey, gLSAStringRead); /*Flawfinder: ignore*/ break; case LST_STRING: bytestream2char(gLSAStringRead, buffer, offset); - retval->mString = new char[strlen(gLSAStringRead) + 1]; - strcpy(retval->mString, gLSAStringRead); + retval->mString = new char[strlen(gLSAStringRead) + 1]; /*Flawfinder: ignore*/ + strcpy(retval->mString, gLSAStringRead); /*Flawfinder: ignore*/ break; case LST_VECTOR: bytestream2vector(retval->mVec, buffer, offset); @@ -684,13 +688,13 @@ S32 lsa_cat_strings(U8 *buffer, S32 offset1, S32 offset2, S32 heapsize) return 0; } - S32 size = (S32)strlen(test1) + (S32)strlen(test2) + 1; + S32 size = (S32)strlen(test1) + (S32)strlen(test2) + 1; /*Flawfinder: ignore*/ LLScriptLibData *string3 = new LLScriptLibData; string3->mType = LST_STRING; string3->mString = new char[size]; - strcpy(string3->mString, test1); - strcat(string3->mString, test2); + strcpy(string3->mString, test1); /*Flawfinder: ignore*/ + strcat(string3->mString, test2); /*Flawfinder: ignore*/ delete string1; delete string2; @@ -760,7 +764,7 @@ void lsa_print_heap(U8 *buffer) F32 fpvalue; LLVector3 vvalue; LLQuaternion qvalue; - char string[4096]; + char string[4096]; /*Flawfinder: ignore*/ LLScriptAllocEntry entry; @@ -830,7 +834,7 @@ void lsa_fprint_heap(U8 *buffer, FILE *fp) F32 fpvalue; LLVector3 vvalue; LLQuaternion qvalue; - char string[4096]; + char string[4096]; /*Flawfinder: ignore*/ LLScriptAllocEntry entry; diff --git a/indra/lscript/lscript_library/lscript_library.cpp b/indra/lscript/lscript_library/lscript_library.cpp index 1af10ae9c4..eef3621d47 100644 --- a/indra/lscript/lscript_library/lscript_library.cpp +++ b/indra/lscript/lscript_library/lscript_library.cpp @@ -433,11 +433,17 @@ LLScriptLibraryFunction::LLScriptLibraryFunction(F32 eu, F32 st, void (*exec_fun mDesc = new char[512]; if (mSleepTime) { - sprintf(mDesc,"%s\nSleeps script for %.1f seconds.",desc,mSleepTime); + snprintf( /* Flawfinder: ignore */ + mDesc, + 512, + "%s\nSleeps script for %.1f seconds.", + desc, + mSleepTime); } else { - strcpy(mDesc,desc); + strncpy(mDesc, desc, 512); /* Flawfinder: ignore */ + mDesc[511] = '\0'; // just in case. } } @@ -451,7 +457,10 @@ void LLScriptLibrary::addFunction(LLScriptLibraryFunction *func) LLScriptLibraryFunction **temp = new LLScriptLibraryFunction*[mNextNumber + 1]; if (mNextNumber) { - memcpy(temp, mFunctions, sizeof(LLScriptLibraryFunction *)*mNextNumber); + memcpy( /* Flawfinder: ignore */ + temp, + mFunctions, + sizeof(LLScriptLibraryFunction*)*mNextNumber); delete [] mFunctions; } mFunctions = temp; @@ -473,7 +482,7 @@ void LLScriptLibrary::assignExec(char *name, void (*exec_func)(LLScriptLibData * void LLScriptLibData::print(std::ostream &s, BOOL b_prepend_comma) { - char tmp[1024]; + char tmp[1024]; /*Flawfinder: ignore*/ if (b_prepend_comma) { s << ", "; @@ -484,7 +493,7 @@ void LLScriptLibData::print(std::ostream &s, BOOL b_prepend_comma) s << mInteger; break; case LST_FLOATINGPOINT: - snprintf(tmp, 1024, "%f", mFP); + snprintf(tmp, 1024, "%f", mFP); /*Flawfinder: ignore*/ s << tmp; break; case LST_KEY: @@ -494,12 +503,12 @@ void LLScriptLibData::print(std::ostream &s, BOOL b_prepend_comma) s << mString; break; case LST_VECTOR: - snprintf(tmp, 1024, "<%f, %f, %f>", mVec.mV[VX], + snprintf(tmp, 1024, "<%f, %f, %f>", mVec.mV[VX], /* Flawfinder: ignore */ mVec.mV[VY], mVec.mV[VZ]); s << tmp; break; case LST_QUATERNION: - snprintf(tmp, 1024, "<%f, %f, %f, %f>", mQuat.mQ[VX], mQuat.mQ[VY], + snprintf(tmp, 1024, "<%f, %f, %f, %f>", mQuat.mQ[VX], mQuat.mQ[VY], /* Flawfinder: ignore */ mQuat.mQ[VZ], mQuat.mQ[VS]); s << tmp; break; @@ -517,7 +526,7 @@ void LLScriptLibData::print_separator(std::ostream& ostr, BOOL b_prepend_sep, ch //print(ostr, FALSE); { BOOL b_prepend_comma = FALSE; - char tmp[1024]; + char tmp[1024]; /* Flawfinder: ignore */ if (b_prepend_comma) { ostr << ", "; @@ -528,7 +537,7 @@ void LLScriptLibData::print_separator(std::ostream& ostr, BOOL b_prepend_sep, ch ostr << mInteger; break; case LST_FLOATINGPOINT: - snprintf(tmp, 1024, "%f", mFP); + snprintf(tmp, 1024, "%f", mFP); /* Flawfinder: ignore */ ostr << tmp; break; case LST_KEY: @@ -538,12 +547,12 @@ void LLScriptLibData::print_separator(std::ostream& ostr, BOOL b_prepend_sep, ch ostr << mString; break; case LST_VECTOR: - snprintf(tmp, 1024, "<%f, %f, %f>", mVec.mV[VX], + snprintf(tmp, 1024, "<%f, %f, %f>", mVec.mV[VX], /* Flawfinder: ignore */ mVec.mV[VY], mVec.mV[VZ]); ostr << tmp; break; case LST_QUATERNION: - snprintf(tmp, 1024, "<%f, %f, %f, %f>", mQuat.mQ[VX], mQuat.mQ[VY], + snprintf(tmp, 1024, "<%f, %f, %f, %f>", mQuat.mQ[VX], mQuat.mQ[VY], /* Flawfinder: ignore */ mQuat.mQ[VZ], mQuat.mQ[VS]); ostr << tmp; break; diff --git a/indra/mac_crash_logger/mac_crash_logger.cpp b/indra/mac_crash_logger/mac_crash_logger.cpp index abf8c4f038..4d6e8314b3 100644 --- a/indra/mac_crash_logger/mac_crash_logger.cpp +++ b/indra/mac_crash_logger/mac_crash_logger.cpp @@ -81,7 +81,7 @@ OSStatus dialogHandler(EventHandlerCallRef handler, EventRef event, void *userda { case kHICommandOK: { - char buffer[65535]; + char buffer[65535]; /* Flawfinder: ignore */ Size size = sizeof(buffer) - 1; ControlRef textField = NULL; ControlID id; @@ -315,9 +315,9 @@ int main(int argc, char **argv) // *NOTE: changing the size of either of these buffers will // require changing the sscanf() format string to correctly // account for it. - char tmp_sl_name[LL_MAX_PATH]; + char tmp_sl_name[LL_MAX_PATH]; /* Flawfinder: ignore */ tmp_sl_name[0] = '\0'; - char tmp_space[MAX_STRING]; + char tmp_space[MAX_STRING]; /* Flawfinder: ignore */ tmp_space[0] = '\0'; // Look for it in the debug_info.log file @@ -376,7 +376,7 @@ int main(int argc, char **argv) // MBW -- This needs to go find "~/Library/Logs/CrashReporter/Second Life.crash.log" on 10.3 // or "~/Library/Logs/Second Life.crash.log" on 10.2. { - char path[MAX_PATH]; + char path[MAX_PATH]; /* Flawfinder: ignore */ FSRef folder; if(FSFindFolder(kUserDomain, kLogsFolderType, false, &folder) == noErr) @@ -577,7 +577,7 @@ LLFileEncoder::LLFileEncoder(const char *form_name, const char *filename, bool i } S32 buf_size = stat_data.st_size; - FILE *fp = fopen(mFilename.c_str(), "rb"); + FILE* fp = fopen(mFilename.c_str(), "rb"); /* Flawfinder: ignore */ U8 *buf = new U8[buf_size + 1]; fread(buf, 1, buf_size, fp); fclose(fp); @@ -598,7 +598,7 @@ LLFileEncoder::LLFileEncoder(const char *form_name, const char *filename, bool i while(temp != NULL) { // Skip past the marker we just found - cur = temp + strlen(sep); + cur = temp + strlen(sep); /* Flawfinder: ignore */ // and try to find another temp = strstr(cur, sep); @@ -638,11 +638,15 @@ LLString LLFileEncoder::encodeURL(const S32 max_length) S32 buf_size = mBuf.size(); S32 url_buf_size = 3*mBuf.size() + 1; char *url_buf = new char[url_buf_size]; - + if (url_buf == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return result; + } S32 cur_pos = 0; for (; i < buf_size; i++) { - sprintf(url_buf + cur_pos, "%%%02x", mBuf[i]); + sprintf(url_buf + cur_pos, "%%%02x", mBuf[i]); /* Flawfinder: ignore */ cur_pos += 3; } url_buf[i*3] = 0; @@ -661,12 +665,17 @@ LLString encode_string(const char *formname, const LLString &str) S32 buf_size = str.size(); S32 url_buf_size = 3*str.size() + 1; char *url_buf = new char[url_buf_size]; + if (url_buf == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return result; + } S32 cur_pos = 0; S32 i; for (i = 0; i < buf_size; i++) { - sprintf(url_buf + cur_pos, "%%%02x", str[i]); + sprintf(url_buf + cur_pos, "%%%02x", str[i]); /* Flawfinder: ignore */ cur_pos += 3; } url_buf[i*3] = 0; diff --git a/indra/mac_updater/mac_updater.cpp b/indra/mac_updater/mac_updater.cpp index 76c88bec5c..6a799ba45f 100644 --- a/indra/mac_updater/mac_updater.cpp +++ b/indra/mac_updater/mac_updater.cpp @@ -48,7 +48,7 @@ Boolean gCancelled = false; char *gUserServer; char *gProductName; -char gUpdateURL[2048]; +char gUpdateURL[2048]; /* Flawfinder: ignore */ void *updatethreadproc(void*); @@ -362,7 +362,7 @@ int main(int argc, char **argv) llinfos << "Starting " << gProductName << " Updater" << llendl; // Build the URL to download the update - snprintf(gUpdateURL, sizeof(gUpdateURL), "http://secondlife.com/update-macos.php?userserver=%s", gUserServer); + snprintf(gUpdateURL, sizeof(gUpdateURL), "http://secondlife.com/update-macos.php?userserver=%s", gUserServer); /* Flawfinder: ignore */ // Real UI... OSStatus err; @@ -370,8 +370,8 @@ int main(int argc, char **argv) err = CreateNibReference(CFSTR("AutoUpdater"), &nib); - char windowTitle[MAX_PATH]; - snprintf(windowTitle, sizeof(windowTitle), "%s Updater", gProductName); + char windowTitle[MAX_PATH]; /* Flawfinder: ignore */ + snprintf(windowTitle, sizeof(windowTitle), "%s Updater", gProductName); /* Flawfinder: ignore */ CFStringRef windowTitleRef = NULL; windowTitleRef = CFStringCreateWithCString(NULL, windowTitle, kCFStringEncodingUTF8); @@ -488,7 +488,7 @@ bool isDirWritable(FSRef &dir) // This is kinda lame, but will pretty much always give the right answer. OSStatus err = noErr; - char temp[PATH_MAX]; + char temp[PATH_MAX]; /* Flawfinder: ignore */ err = FSRefMakePath(&dir, (UInt8*)temp, sizeof(temp)); @@ -538,15 +538,15 @@ static void utf8str_to_HFSUniStr255(HFSUniStr255 *dest, const char* src) // Truncate to avoid stack smaching or other badness. dest->length = 255; } - memcpy(dest->unicode, utf16str.data(), sizeof(UniChar)* dest->length); + memcpy(dest->unicode, utf16str.data(), sizeof(UniChar)* dest->length); /* Flawfinder: ignore */ } int restoreObject(const char* aside, const char* target, const char* path, const char* object) { - char source[PATH_MAX]; - char dest[PATH_MAX]; - snprintf(source, sizeof(source), "%s/%s/%s", aside, path, object); - snprintf(dest, sizeof(dest), "%s/%s", target, path); + char source[PATH_MAX]; /* Flawfinder: ignore */ + char dest[PATH_MAX]; /* Flawfinder: ignore */ + snprintf(source, sizeof(source), "%s/%s/%s", aside, path, object); /* Flawfinder: ignore */ + snprintf(dest, sizeof(dest), "%s/%s", target, path); /* Flawfinder: ignore */ FSRef sourceRef; FSRef destRef; OSStatus err; @@ -578,28 +578,28 @@ int restoreObject(const char* aside, const char* target, const char* path, const // Replace any mention of "Second Life" with the product name. void filterFile(const char* filename) { - char temp[PATH_MAX]; + char temp[PATH_MAX]; /* Flawfinder: ignore */ // First copy the target's version, so we can run it through sed. - snprintf(temp, sizeof(temp), "cp '%s' '%s.tmp'", filename, filename); - system(temp); + snprintf(temp, sizeof(temp), "cp '%s' '%s.tmp'", filename, filename); /* Flawfinder: ignore */ + system(temp); /* Flawfinder: ignore */ // Now run it through sed. - snprintf(temp, sizeof(temp), + snprintf(temp, sizeof(temp), /* Flawfinder: ignore */ "sed 's/Second Life/%s/g' '%s.tmp' > '%s'", gProductName, filename, filename); - system(temp); + system(temp); /* Flawfinder: ignore */ } void *updatethreadproc(void*) { - char tempDir[PATH_MAX] = ""; + char tempDir[PATH_MAX] = ""; /* Flawfinder: ignore */ FSRef tempDirRef; - char temp[PATH_MAX]; + char temp[PATH_MAX]; /* Flawfinder: ignore */ // *NOTE: This buffer length is used in a scanf() below. - char deviceNode[1024] = ""; + char deviceNode[1024] = ""; /* Flawfinder: ignore */ FILE *downloadFile = NULL; OSStatus err; ProcessSerialNumber psn; - char target[PATH_MAX]; + char target[PATH_MAX]; /* Flawfinder: ignore */ FSRef targetRef; FSRef targetParentRef; FSVolumeRefNum targetVol; @@ -740,7 +740,7 @@ void *updatethreadproc(void*) throw 0; } - snprintf(target, sizeof(target), "/Applications/%s.app", gProductName); + snprintf(target, sizeof(target), "/Applications/%s.app", gProductName); /* Flawfinder: ignore */ memset(&targetRef, 0, sizeof(targetRef)); err = FSPathMakeRef((UInt8*)target, &targetRef, NULL); @@ -825,7 +825,7 @@ void *updatethreadproc(void*) throw 0; } - strcpy(tempDir, temp); + strcpy(tempDir, temp); /* Flawfinder: ignore */ llinfos << "tempDir is " << tempDir << llendl; @@ -836,9 +836,9 @@ void *updatethreadproc(void*) chdir(tempDir); - snprintf(temp, sizeof(temp), "SecondLife.dmg"); + snprintf(temp, sizeof(temp), "SecondLife.dmg"); /* Flawfinder: ignore */ - downloadFile = fopen(temp, "wb"); + downloadFile = fopen(temp, "wb"); /* Flawfinder: ignore */ if(downloadFile == NULL) { throw 0; @@ -883,7 +883,7 @@ void *updatethreadproc(void*) // NOTE: we could add -private at the end of this command line to keep the image from showing up in the Finder, // but if our cleanup fails, this makes it much harder for the user to unmount the image. LLString mountOutput; - FILE *mounter = popen("hdiutil attach SecondLife.dmg -mountpoint mnt", "r"); + FILE* mounter = popen("hdiutil attach SecondLife.dmg -mountpoint mnt", "r"); /* Flawfinder: ignore */ if(mounter == NULL) { @@ -918,8 +918,8 @@ void *updatethreadproc(void*) if(sub != NULL) { - sub += strlen(prefix); - sscanf(sub, "%1023s", deviceNode); + sub += strlen(prefix); /* Flawfinder: ignore */ + sscanf(sub, "%1023s", deviceNode); /* Flawfinder: ignore */ } } @@ -934,7 +934,7 @@ void *updatethreadproc(void*) // Get an FSRef to the new application on the disk image FSRef sourceRef; - snprintf(temp, sizeof(temp), "%s/mnt/Second Life.app", tempDir); + snprintf(temp, sizeof(temp), "%s/mnt/Second Life.app", tempDir); /* Flawfinder: ignore */ llinfos << "Source application is: " << temp << llendl; @@ -943,7 +943,7 @@ void *updatethreadproc(void*) throw 0; FSRef asideRef; - char aside[MAX_PATH]; + char aside[MAX_PATH]; /* Flawfinder: ignore */ // this will hold the name of the destination target HFSUniStr255 appNameUniStr; @@ -966,8 +966,8 @@ void *updatethreadproc(void*) else { // Construct the name of the target based on the product name - char appName[MAX_PATH]; - snprintf(appName, sizeof(appName), "%s.app", gProductName); + char appName[MAX_PATH]; /* Flawfinder: ignore */ + snprintf(appName, sizeof(appName), "%s.app", gProductName); /* Flawfinder: ignore */ utf8str_to_HFSUniStr255( &appNameUniStr, appName ); } @@ -1015,8 +1015,8 @@ void *updatethreadproc(void*) llinfos << "Clearing cache..." << llendl; - char mask[LL_MAX_PATH]; - sprintf(mask, "%s*.*", gDirUtilp->getDirDelimiter().c_str()); + char mask[LL_MAX_PATH]; /* Flawfinder: ignore */ + snprintf(mask, LL_MAX_PATH, "%s*.*", gDirUtilp->getDirDelimiter().c_str()); /* Flawfinder: ignore */ gDirUtilp->deleteFilesInDir(gDirUtilp->getExpandedFilename(LL_PATH_CACHE,""),mask); llinfos << "Clear complete." << llendl; @@ -1048,8 +1048,8 @@ void *updatethreadproc(void*) { llinfos << "Detaching disk image." << llendl; - snprintf(temp, sizeof(temp), "hdiutil detach '%s'", deviceNode); - system(temp); + snprintf(temp, sizeof(temp), "hdiutil detach '%s'", deviceNode); /* Flawfinder: ignore */ + system(temp); /* Flawfinder: ignore */ } sendProgress(2, 3); @@ -1073,13 +1073,13 @@ void *updatethreadproc(void*) { llinfos << "Touching application bundle." << llendl; - snprintf(temp, sizeof(temp), "touch '%s'", target); - system(temp); + snprintf(temp, sizeof(temp), "touch '%s'", target); /* Flawfinder: ignore */ + system(temp); /* Flawfinder: ignore */ llinfos << "Launching updated application." << llendl; - snprintf(temp, sizeof(temp), "open '%s'", target); - system(temp); + snprintf(temp, sizeof(temp), "open '%s'", target); /* Flawfinder: ignore */ + system(temp); /* Flawfinder: ignore */ } sendDone(); diff --git a/indra/newview/llagent.cpp b/indra/newview/llagent.cpp index ef4daf7fad..ca8f2e0f6a 100644 --- a/indra/newview/llagent.cpp +++ b/indra/newview/llagent.cpp @@ -768,7 +768,7 @@ void LLAgent::setRegion(LLViewerRegion *regionp) // char host_name[MAX_STRING]; // regionp->getHost().getHostName(host_name, MAX_STRING); - char ip[MAX_STRING]; + char ip[MAX_STRING]; /*Flawfinder: ignore*/ regionp->getHost().getString(ip, MAX_STRING); llinfos << "Moving agent into region: " << regionp->getName() << " located at " << ip << llendl; @@ -5165,7 +5165,7 @@ void LLAgent::processAgentGroupDataUpdate(LLMessageSystem *msg, void **) LLGroupData group; S32 index = -1; bool need_floater_update = false; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ for(S32 i = 0; i < count; ++i) { msg->getUUIDFast(_PREHASH_GroupData, _PREHASH_GroupID, group.mID, i); diff --git a/indra/newview/llagent.h b/indra/newview/llagent.h index 5fe6cd3ab4..a8e4d2f0b4 100644 --- a/indra/newview/llagent.h +++ b/indra/newview/llagent.h @@ -648,8 +648,8 @@ public: U8 mAccess; // SIM_ACCESS_MATURE or SIM_ACCESS_PG U64 mGroupPowers; BOOL mHideGroupTitle; - char mGroupTitle[DB_GROUP_TITLE_BUF_SIZE]; // honorific, like "Sir" - char mGroupName[DB_GROUP_NAME_BUF_SIZE]; + char mGroupTitle[DB_GROUP_TITLE_BUF_SIZE]; /*Flawfinder: ignore*/ // honorific, like "Sir" + char mGroupName[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLUUID mGroupID; //LLUUID mGroupInsigniaID; LLUUID mInventoryRootID; diff --git a/indra/newview/llagentpilot.cpp b/indra/newview/llagentpilot.cpp index 2a6353fe2e..605718d40b 100644 --- a/indra/newview/llagentpilot.cpp +++ b/indra/newview/llagentpilot.cpp @@ -36,13 +36,14 @@ LLAgentPilot::~LLAgentPilot() void LLAgentPilot::load(const char *filename) { - llifstream file; + if(!filename) return; - file.open(filename); + llifstream file(filename); if (!file) { - llinfos << "Couldn't open " << filename << ", aborting agentpilot load!" << llendl; + lldebugs << "Couldn't open " << filename + << ", aborting agentpilot load!" << llendl; return; } else @@ -71,7 +72,7 @@ void LLAgentPilot::load(const char *filename) void LLAgentPilot::save(const char *filename) { llofstream file; - file.open(filename); + file.open(filename); /*Flawfinder: ignore*/ if (!file) { diff --git a/indra/newview/llassetuploadresponders.cpp b/indra/newview/llassetuploadresponders.cpp index 196d95cc29..b37538f023 100644 --- a/indra/newview/llassetuploadresponders.cpp +++ b/indra/newview/llassetuploadresponders.cpp @@ -183,7 +183,7 @@ void LLNewAgentInventoryResponder::result(const LLSD& result) char* end_p = strrchr(asset_name_str, '.'); // strip extension if exists if( !end_p ) { - end_p = asset_name_str + strlen( asset_name_str ); + end_p = asset_name_str + strlen( asset_name_str ); /*Flawfinder: ignore*/ } S32 len = llmin( (S32) (DB_INV_ITEM_NAME_STR_LEN), (S32) (end_p - asset_name_str) ); diff --git a/indra/newview/llcallingcard.cpp b/indra/newview/llcallingcard.cpp index da39bf0751..62b49f405d 100644 --- a/indra/newview/llcallingcard.cpp +++ b/indra/newview/llcallingcard.cpp @@ -243,8 +243,8 @@ S32 LLAvatarTracker::addBuddyList(const LLAvatarTracker::buddy_map_t& buds) using namespace std; U32 new_buddy_count = 0; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLUUID agent_id; for(buddy_map_t::const_iterator itr = buds.begin(); itr != buds.end(); ++itr) { @@ -541,8 +541,8 @@ void LLAvatarTracker::processChange(LLMessageSystem* msg) { if((mBuddyInfo[agent_id]->getRightsGrantedFrom() ^ new_rights) & LLRelationship::GRANT_MODIFY_OBJECTS) { - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLStringBase<char>::format_map_t args; if(gCacheName->getName(agent_id, first, last)) { @@ -598,8 +598,8 @@ void LLAvatarTracker::processNotify(LLMessageSystem* msg, bool online) setBuddyOnline(agent_id,online); if(chat_notify) { - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ if(gCacheName->getName(agent_id, first, last)) { notify = TRUE; diff --git a/indra/newview/llcallingcard.h b/indra/newview/llcallingcard.h index b557de1c77..da5beb7d5a 100644 --- a/indra/newview/llcallingcard.h +++ b/indra/newview/llcallingcard.h @@ -189,8 +189,8 @@ public: virtual bool operator()(const LLUUID& buddy_id, LLRelationship* buddy); typedef std::map<std::string, LLUUID, LLDictionaryLess> buddy_map_t; buddy_map_t mMappable; - char mFirst[DB_FIRST_NAME_BUF_SIZE]; - char mLast[DB_LAST_NAME_BUF_SIZE]; + char mFirst[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char mLast[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ }; // collect dictionary sorted map of name -> agent_id for every online buddy @@ -202,8 +202,8 @@ public: virtual bool operator()(const LLUUID& buddy_id, LLRelationship* buddy); typedef std::map<std::string, LLUUID, LLDictionaryLess> buddy_map_t; buddy_map_t mOnline; - char mFirst[DB_FIRST_NAME_BUF_SIZE]; - char mLast[DB_LAST_NAME_BUF_SIZE]; + char mFirst[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char mLast[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ }; // collect dictionary sorted map of name -> agent_id for every buddy, @@ -217,8 +217,8 @@ public: typedef std::map<std::string, LLUUID, LLDictionaryLess> buddy_map_t; buddy_map_t mOnline; buddy_map_t mOffline; - char mFirst[DB_FIRST_NAME_BUF_SIZE]; - char mLast[DB_LAST_NAME_BUF_SIZE]; + char mFirst[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char mLast[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ }; #endif // LL_LLCALLINGCARD_H diff --git a/indra/newview/llcompilequeue.cpp b/indra/newview/llcompilequeue.cpp index 3d9ecd7c51..ac337e12cc 100644 --- a/indra/newview/llcompilequeue.cpp +++ b/indra/newview/llcompilequeue.cpp @@ -178,8 +178,8 @@ void LLFloaterScriptQueue::addObject(const LLUUID& id) BOOL LLFloaterScriptQueue::start() { //llinfos << "LLFloaterCompileQueue::start()" << llendl; - char buffer[MAX_STRING]; - sprintf(buffer, "Starting %s of %d items.", mStartString, mObjectIDs.count()); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Starting %s of %d items.", mStartString, mObjectIDs.count()); /*Flawfinder: ignore*/ LLScrollListCtrl* list = LLUICtrlFactory::getScrollListByName(this, "queue output"); list->addSimpleItem(buffer); @@ -218,8 +218,8 @@ BOOL LLFloaterScriptQueue::nextObject() LLScrollListCtrl* list = LLUICtrlFactory::getScrollListByName(this, "queue output"); mDone = TRUE; - char buffer[MAX_STRING]; - sprintf(buffer, "Done."); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Done."); /*Flawfinder: ignore*/ list->addSimpleItem(buffer); childSetEnabled("close",TRUE); } @@ -268,7 +268,7 @@ LLFloaterCompileQueue* LLFloaterCompileQueue::create() rect.translate(left - rect.mLeft, top - rect.mTop); LLFloaterCompileQueue* new_queue = new LLFloaterCompileQueue("queue", rect); - new_queue->open(); + new_queue->open(); /*Flawfinder: ignore*/ return new_queue; } @@ -353,25 +353,25 @@ void LLFloaterCompileQueue::scriptArrived(LLVFS *vfs, const LLUUID& asset_id, if(!data) return; LLFloaterCompileQueue* queue = static_cast<LLFloaterCompileQueue*> (LLFloaterScriptQueue::findInstance(data->mQueueID)); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ buffer[0] = '\0'; if(queue && (0 == status)) { //llinfos << "ITEM NAME 3: " << data->mScriptName << llendl; // Dump this into a file on the local disk so we can compile it. - char filename[LL_MAX_PATH] = ""; + char filename[LL_MAX_PATH] = ""; /*Flawfinder: ignore*/ LLVFile file(vfs, asset_id, type); - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ asset_id.toString(uuid_str); - sprintf(filename,"%s.%s",gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_str).c_str(),LLAssetType::lookup(type)); + snprintf(filename, sizeof(filename), "%s.%s",gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_str).c_str(),LLAssetType::lookup(type)); /*Flawfinder: ignore*/ - FILE *fp = LLFile::fopen(filename, "wb"); + FILE *fp = LLFile::fopen(filename, "wb"); /*Flawfinder: ignore*/ if (fp) { const S32 buf_size = 65536; U8 copy_buf[buf_size]; - while (file.read(copy_buf, buf_size)) + while (file.read(copy_buf, buf_size)) /*Flawfinder: ignore*/ { if (fwrite(copy_buf, file.getLastBytesRead(), 1, fp) < 1) { @@ -384,7 +384,7 @@ void LLFloaterCompileQueue::scriptArrived(LLVFS *vfs, const LLUUID& asset_id, } // It's now in the file, now compile it. - sprintf(buffer, "Downloaded, now compiling '%s'.", data->mScriptName.c_str()); + snprintf(buffer, sizeof(buffer), "Downloaded, now compiling '%s'.", data->mScriptName.c_str()); /*Flawfinder: ignore*/ queue->compile(filename, asset_id); // Delete it after we're done compiling? @@ -401,19 +401,19 @@ void LLFloaterCompileQueue::scriptArrived(LLVFS *vfs, const LLUUID& asset_id, { LLChat chat("Script not found on server."); LLFloaterChat::addChat(chat); - sprintf(buffer, "Problem downloading %s.", + snprintf(buffer, sizeof(buffer), "Problem downloading %s.", /*Flawfinder: ignore*/ data->mScriptName.c_str()); } else if (LL_ERR_INSUFFICIENT_PERMISSIONS == status) { LLChat chat("Insufficient permissions to download a script."); LLFloaterChat::addChat(chat); - sprintf(buffer, "Insufficient permissions for '%s'.", + snprintf(buffer, sizeof(buffer), "Insufficient permissions for '%s'.", /*Flawfinder: ignore*/ data->mScriptName.c_str()); } else { - sprintf(buffer, "Unknown failure to download %s.", + snprintf(buffer, sizeof(buffer), "Unknown failure to download %s.", /*Flawfinder: ignore*/ data->mScriptName.c_str()); } @@ -474,12 +474,12 @@ void LLFloaterCompileQueue::compile(const char* filename, tid.generate(); new_asset_id = tid.makeAssetID(gAgent.getSecureSessionID()); - char uuid_string[UUID_STR_LENGTH]; + char uuid_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ new_asset_id.toString(uuid_string); - char dst_filename[LL_MAX_PATH]; - sprintf(dst_filename, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); - char err_filename[LL_MAX_PATH]; - sprintf(err_filename, "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + char dst_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(dst_filename, sizeof(dst_filename), "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ + char err_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(err_filename, sizeof(err_filename), "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ gAssetStorage->storeAssetData(filename, tid, LLAssetType::AT_LSL_TEXT, @@ -571,7 +571,7 @@ LLFloaterResetQueue* LLFloaterResetQueue::create() rect.translate(left - rect.mLeft, top - rect.mTop); LLFloaterResetQueue* new_queue = new LLFloaterResetQueue("queue", rect); - new_queue->open(); + new_queue->open(); /*Flawfinder: ignore*/ return new_queue; } @@ -602,8 +602,8 @@ void LLFloaterResetQueue::handleInventory(LLViewerObject* viewer_obj, { LLInventoryItem* item = (LLInventoryItem*)((LLInventoryObject*)(*it)); LLScrollListCtrl* list = LLUICtrlFactory::getScrollListByName(this, "queue output"); - char buffer[MAX_STRING]; - sprintf(buffer, "Resetting '%s'.", item->getName().c_str()); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Resetting '%s'.", item->getName().c_str()); /*Flawfinder: ignore*/ list->addSimpleItem(buffer); LLMessageSystem* msg = gMessageSystem; msg->newMessageFast(_PREHASH_ScriptReset); @@ -634,7 +634,7 @@ LLFloaterRunQueue* LLFloaterRunQueue::create() rect.translate(left - rect.mLeft, top - rect.mTop); LLFloaterRunQueue* new_queue = new LLFloaterRunQueue("queue", rect); - new_queue->open(); + new_queue->open(); /*Flawfinder: ignore*/ return new_queue; } @@ -665,8 +665,8 @@ void LLFloaterRunQueue::handleInventory(LLViewerObject* viewer_obj, { LLInventoryItem* item = (LLInventoryItem*)((LLInventoryObject*)(*it)); LLScrollListCtrl* list = LLUICtrlFactory::getScrollListByName(this, "queue output"); - char buffer[MAX_STRING]; - sprintf(buffer, "Running '%s'.", item->getName().c_str()); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Running '%s'.", item->getName().c_str()); /*Flawfinder: ignore*/ list->addSimpleItem(buffer); LLMessageSystem* msg = gMessageSystem; @@ -699,7 +699,7 @@ LLFloaterNotRunQueue* LLFloaterNotRunQueue::create() rect.translate(left - rect.mLeft, top - rect.mTop); LLFloaterNotRunQueue* new_queue = new LLFloaterNotRunQueue("queue", rect); - new_queue->open(); + new_queue->open(); /*Flawfinder: ignore*/ return new_queue; } @@ -730,8 +730,8 @@ void LLFloaterNotRunQueue::handleInventory(LLViewerObject* viewer_obj, { LLInventoryItem* item = (LLInventoryItem*)((LLInventoryObject*)(*it)); LLScrollListCtrl* list = LLUICtrlFactory::getScrollListByName(this, "queue output"); - char buffer[MAX_STRING]; - sprintf(buffer, "Not running '%s'.", item->getName().c_str()); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Not running '%s'.", item->getName().c_str()); /*Flawfinder: ignore*/ list->addSimpleItem(buffer); LLMessageSystem* msg = gMessageSystem; diff --git a/indra/newview/lldebugmessagebox.cpp b/indra/newview/lldebugmessagebox.cpp index fbfe9e3864..d230cbc190 100644 --- a/indra/newview/lldebugmessagebox.cpp +++ b/indra/newview/lldebugmessagebox.cpp @@ -144,7 +144,7 @@ LLDebugVarMessageBox* LLDebugVarMessageBox::show(const std::string& title, EDebu sInstances[title_string] = box; gFloaterView->addChild(box); box->reshape(200,150); - box->open(); + box->open(); /*Flawfinder: ignore*/ box->mTitle = title_string; } @@ -187,18 +187,18 @@ void LLDebugVarMessageBox::onClose(bool app_quitting) void LLDebugVarMessageBox::draw() { - char text[128]; + char text[128]; /*Flawfinder: ignore*/ switch(mVarType) { case VAR_TYPE_F32: - sprintf(text, "%.3f", *((F32*)mVarData)); + snprintf(text, sizeof(text), "%.3f", *((F32*)mVarData)); /*Flawfinder: ignore*/ break; case VAR_TYPE_S32: - sprintf(text, "%d", *((S32*)mVarData)); + snprintf(text, sizeof(text), "%d", *((S32*)mVarData)); /*Flawfinder: ignore*/ break; case VAR_TYPE_VEC3: LLVector3* vec_p = (LLVector3*)mVarData; - sprintf(text, "%.3f %.3f %.3f", vec_p->mV[VX], vec_p->mV[VY], vec_p->mV[VZ]); + snprintf(text, sizeof(text), "%.3f %.3f %.3f", vec_p->mV[VX], vec_p->mV[VY], vec_p->mV[VZ]); /*Flawfinder: ignore*/ break; } mText->setText(text); diff --git a/indra/newview/lldirpicker.cpp b/indra/newview/lldirpicker.cpp index 0628d54449..178cfb4e61 100644 --- a/indra/newview/lldirpicker.cpp +++ b/indra/newview/lldirpicker.cpp @@ -184,7 +184,7 @@ OSStatus LLDirPicker::doNavChooseDialog() AEKeyword theAEKeyword; DescType typeCode; Size actualSize = 0; - char path[LL_MAX_PATH]; + char path[LL_MAX_PATH]; /*Flawfinder: ignore*/ memset(&fsRef, 0, sizeof(fsRef)); error = AEGetNthPtr(&navReply.selection, 1, typeFSRef, &theAEKeyword, &typeCode, &fsRef, sizeof(fsRef), &actualSize); diff --git a/indra/newview/lldirpicker.h b/indra/newview/lldirpicker.h index e2fab454f1..7a80d047e1 100644 --- a/indra/newview/lldirpicker.h +++ b/indra/newview/lldirpicker.h @@ -64,7 +64,7 @@ private: #endif - char mDirs[DIRNAME_BUFFER_SIZE]; + char mDirs[DIRNAME_BUFFER_SIZE]; /*Flawfinder: ignore*/ LLString* mFileName; LLString mDir; BOOL mLocked; diff --git a/indra/newview/lldrawpoolbump.cpp b/indra/newview/lldrawpoolbump.cpp index c1be103b68..68fa88c456 100644 --- a/indra/newview/lldrawpoolbump.cpp +++ b/indra/newview/lldrawpoolbump.cpp @@ -70,7 +70,7 @@ void LLStandardBumpmap::restoreGL() gStandardBumpmapList[LLStandardBumpmap::sStandardBumpmapCount++] = LLStandardBumpmap("Darkness"); // BE_DARKNESS std::string file_name = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "std_bump.ini" ); - FILE* file = LLFile::fopen( file_name.c_str(), "rt" ); + FILE* file = LLFile::fopen( file_name.c_str(), "rt" ); /*Flawfinder: ignore*/ if( !file ) { llwarns << "Could not open std_bump <" << file_name << ">" << llendl; @@ -95,9 +95,10 @@ void LLStandardBumpmap::restoreGL() while( !feof(file) && (LLStandardBumpmap::sStandardBumpmapCount < (U32)TEM_BUMPMAP_COUNT) ) { // *NOTE: This buffer size is hard coded into scanf() below. - char label[2048] = ""; - char bump_file[2048] = ""; - fields_read = fscanf( file, "\n%2047s %2047s", label, bump_file); + char label[2048] = ""; /* Flawfinder: ignore */ + char bump_file[2048] = ""; /* Flawfinder: ignore */ + fields_read = fscanf( /* Flawfinder: ignore */ + file, "\n%2047s %2047s", label, bump_file); if( EOF == fields_read ) { break; diff --git a/indra/newview/lleventinfo.cpp b/indra/newview/lleventinfo.cpp index 8f63b61fa1..6bfc04a323 100644 --- a/indra/newview/lleventinfo.cpp +++ b/indra/newview/lleventinfo.cpp @@ -52,7 +52,7 @@ void LLEventInfo::unpack(LLMessageSystem *msg) msg->getU32("EventData", "EventID", event_id); mID = event_id; - char buffer[MAX_DESC_LENGTH]; + char buffer[MAX_DESC_LENGTH]; /*Flawfinder: ignore*/ msg->getString("EventData", "Name", MAX_DESC_LENGTH, buffer); mName = buffer; @@ -87,7 +87,7 @@ void LLEventInfo::unpack(LLMessageSystem *msg) mCover = cover; } - char sim_name[256]; + char sim_name[256]; /*Flawfinder: ignore*/ msg->getString("EventData", "SimName", 256, sim_name); mSimName.assign(sim_name); diff --git a/indra/newview/llface.cpp b/indra/newview/llface.cpp index 701c8087dd..cd24454caf 100644 --- a/indra/newview/llface.cpp +++ b/indra/newview/llface.cpp @@ -1097,18 +1097,18 @@ S32 LLFace::backup() // Don't change the order of these unles you change the corresponding getGeometry calls that read out of // backup memory, and also the other of the backup/restore pair! // - memcpy(backup, (mDrawPoolp->mMemory.getMem() + mGeomIndex * stride), mGeomCount * stride); + memcpy(backup, (mDrawPoolp->mMemory.getMem() + mGeomIndex * stride), mGeomCount * stride); /*Flawfinder: ignore*/ backup += mGeomCount * stride / 4; if (mDrawPoolp->mDataMaskNIL & LLDrawPool::DATA_CLOTHING_WEIGHTS_MASK) { - memcpy(backup, &mDrawPoolp->getClothingWeight(mGeomIndex), mGeomCount * sizeof(LLVector4)); + memcpy(backup, &mDrawPoolp->getClothingWeight(mGeomIndex), mGeomCount * sizeof(LLVector4)); /*Flawfinder: ignore*/ backup += mGeomCount*4; } if (mDrawPoolp->mDataMaskNIL & LLDrawPool::DATA_VERTEX_WEIGHTS_MASK) { - memcpy(backup, &mDrawPoolp->getVertexWeight(mGeomIndex), mGeomCount * sizeof(F32)); + memcpy(backup, &mDrawPoolp->getVertexWeight(mGeomIndex), mGeomCount * sizeof(F32)); /*Flawfinder: ignore*/ backup += mGeomCount; } diff --git a/indra/newview/llfeaturemanager.cpp b/indra/newview/llfeaturemanager.cpp index a31fd7d5b2..bee2f879ac 100644 --- a/indra/newview/llfeaturemanager.cpp +++ b/indra/newview/llfeaturemanager.cpp @@ -189,12 +189,12 @@ BOOL LLFeatureManager::loadFeatureTables() data_path += FEATURE_TABLE_FILENAME; - char name[MAX_STRING+1]; + char name[MAX_STRING+1]; /*Flawfinder: ignore*/ llifstream file; U32 version; - file.open(data_path.c_str()); + file.open(data_path.c_str()); /*Flawfinder: ignore*/ if (!file) { @@ -216,12 +216,12 @@ BOOL LLFeatureManager::loadFeatureTables() LLFeatureList *flp = NULL; while (!file.eof()) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ name[0] = 0; file >> name; - if (strlen(name) >= 2 && + if (strlen(name) >= 2 && /*Flawfinder: ignore*/ name[0] == '/' && name[1] == '/') { @@ -230,7 +230,7 @@ BOOL LLFeatureManager::loadFeatureTables() continue; } - if (strlen(name) == 0) + if (strlen(name) == 0) /*Flawfinder: ignore*/ { // This is a blank line file.getline(buffer, MAX_STRING); @@ -295,7 +295,7 @@ void LLFeatureManager::loadGPUClass() llifstream file; - file.open(data_path.c_str()); + file.open(data_path.c_str()); /*Flawfinder: ignore*/ if (!file) { @@ -311,12 +311,12 @@ void LLFeatureManager::loadGPUClass() while (!file.eof()) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ buffer[0] = 0; file.getline(buffer, MAX_STRING); - if (strlen(buffer) >= 2 && + if (strlen(buffer) >= 2 && /*Flawfinder: ignore*/ buffer[0] == '/' && buffer[1] == '/') { @@ -324,7 +324,7 @@ void LLFeatureManager::loadGPUClass() continue; } - if (strlen(buffer) == 0) + if (strlen(buffer) == 0) /*Flawfinder: ignore*/ { // This is a blank line continue; @@ -341,7 +341,7 @@ void LLFeatureManager::loadGPUClass() continue; } - for (U32 i = 0; i < strlen(expr); i++) + for (U32 i = 0; i < strlen(expr); i++) /*Flawfinder: ignore*/ { expr[i] = tolower(expr[i]); } diff --git a/indra/newview/llfilepicker.cpp b/indra/newview/llfilepicker.cpp index 587f1eb253..9d698931b0 100644 --- a/indra/newview/llfilepicker.cpp +++ b/indra/newview/llfilepicker.cpp @@ -145,7 +145,7 @@ BOOL LLFilePicker::getOpenFile(ELoadFilter filter) if (success) { LLString tstr = utf16str_to_utf8str(llutf16string(mFilesW)); - memcpy(mFiles, tstr.c_str(), tstr.size()+1); + memcpy(mFiles, tstr.c_str(), tstr.size()+1); /*Flawfinder: ignore*/ mCurrentFile = mFiles; } send_agent_resume(); @@ -185,12 +185,12 @@ BOOL LLFilePicker::getMultipleOpenFiles(ELoadFilter filter) // The getopenfilename api doesn't tell us if we got more than // one file, so we have to test manually by checking string // lengths. - if( wcslen(mOFN.lpstrFile) > mOFN.nFileOffset ) + if( wcslen(mOFN.lpstrFile) > mOFN.nFileOffset ) /*Flawfinder: ignore*/ { mMultiFile = FALSE; mCurrentFile = mFiles; LLString tstr = utf16str_to_utf8str(llutf16string(mFilesW)); - memcpy(mFiles, tstr.c_str(), tstr.size()+1); + memcpy(mFiles, tstr.c_str(), tstr.size()+1); /*Flawfinder: ignore*/ } else { @@ -233,7 +233,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) if (filename) { llutf16string tstring = utf8str_to_utf16str(filename); - wcsncpy(mFilesW, tstring.c_str(), FILENAME_BUFFER_SIZE); } + wcsncpy(mFilesW, tstring.c_str(), FILENAME_BUFFER_SIZE); } /*Flawfinder: ignore*/ else { mFilesW[0] = '\0'; @@ -253,7 +253,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_WAV: if (!filename) { - wcsncpy( mFilesW,L"untitled.wav", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.wav", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"wav"; L"WAV Sounds (*.wav)\0*.wav\0" \ @@ -262,7 +262,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_TGA: if (!filename) { - wcsncpy( mFilesW,L"untitled.tga", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.tga", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"tga"; mOFN.lpstrFilter = @@ -272,7 +272,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_BMP: if (!filename) { - wcsncpy( mFilesW,L"untitled.bmp", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.bmp", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"bmp"; mOFN.lpstrFilter = @@ -282,7 +282,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_AVI: if (!filename) { - wcsncpy( mFilesW,L"untitled.avi", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.avi", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"avi"; mOFN.lpstrFilter = @@ -292,7 +292,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_ANIM: if (!filename) { - wcsncpy( mFilesW,L"untitled.xaf", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.xaf", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"xaf"; mOFN.lpstrFilter = @@ -303,7 +303,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_GEOMETRY: if (!filename) { - wcsncpy( mFilesW,L"untitled.slg", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.slg", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"slg"; mOFN.lpstrFilter = @@ -314,7 +314,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_XML: if (!filename) { - wcsncpy( mFilesW,L"untitled.xml", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.xml", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"xml"; @@ -325,7 +325,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_COLLADA: if (!filename) { - wcsncpy( mFilesW,L"untitled.collada", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.collada", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"collada"; mOFN.lpstrFilter = @@ -335,7 +335,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) case FFSAVE_RAW: if (!filename) { - wcsncpy( mFilesW,L"untitled.raw", FILENAME_BUFFER_SIZE); + wcsncpy( mFilesW,L"untitled.raw", FILENAME_BUFFER_SIZE); /*Flawfinder: ignore*/ } mOFN.lpstrDefExt = L"raw"; mOFN.lpstrFilter = RAW_FILTER \ @@ -357,7 +357,7 @@ BOOL LLFilePicker::getSaveFile(ESaveFilter filter, const char* filename) if (success) { LLString tstr = utf16str_to_utf8str(llutf16string(mFilesW)); - memcpy(mFiles, tstr.c_str(), tstr.size()+1); + memcpy(mFiles, tstr.c_str(), tstr.size()+1); /*Flawfinder: ignore*/ mCurrentFile = mFiles; } gKeyboard->resetKeys(); @@ -383,7 +383,7 @@ const char* LLFilePicker::getNextFile() { if(mMultiFile) { - mCurrentFile += strlen(mCurrentFile) + 1; + mCurrentFile += strlen(mCurrentFile) + 1; /*Flawfinder: ignore*/ if( '\0' != mCurrentFile[0] ) { buildFilename(); @@ -416,11 +416,11 @@ void LLFilePicker::reset() void LLFilePicker::buildFilename( void ) { - strncpy( mFilename, mFiles, LL_MAX_PATH ); - S32 len = strlen( mFilename ); + strncpy( mFilename, mFiles, LL_MAX_PATH ); /*Flawfinder: ignore*/ + S32 len = strlen( mFilename ); /*Flawfinder: ignore*/ - strcat(mFilename,gDirUtilp->getDirDelimiter().c_str()); - len += strlen(gDirUtilp->getDirDelimiter().c_str()); + strncat(mFilename,gDirUtilp->getDirDelimiter().c_str(), sizeof(mFilename)-len+1); /*Flawfinder: ignore*/ + len += strlen(gDirUtilp->getDirDelimiter().c_str()); /*Flawfinder: ignore*/ // mFilename[len++] = '\\'; LLString::copy( mFilename + len, mCurrentFile, LL_MAX_PATH - len ); @@ -582,7 +582,7 @@ OSStatus LLFilePicker::doNavChooseDialog(ELoadFilter filter) AEKeyword theAEKeyword; DescType typeCode; Size actualSize = 0; - char path[MAX_PATH]; + char path[MAX_PATH]; /*Flawfinder: ignore*/ memset(&fsRef, 0, sizeof(fsRef)); error = AEGetNthPtr(&navReply.selection, index, typeFSRef, &theAEKeyword, &typeCode, &fsRef, sizeof(fsRef), &actualSize); @@ -731,8 +731,8 @@ OSStatus LLFilePicker::doNavSaveDialog(ESaveFilter filter, const char* filename) if (error == noErr) { - char path[PATH_MAX]; - char newFileName[SINGLE_FILENAME_BUFFER_SIZE]; + char path[PATH_MAX]; /*Flawfinder: ignore*/ + char newFileName[SINGLE_FILENAME_BUFFER_SIZE]; /*Flawfinder: ignore*/ error = FSRefMakePath(&fsRef, (UInt8*)path, PATH_MAX); if (error == noErr) @@ -817,7 +817,7 @@ void LLFilePicker::getFilePath(SInt32 index) { mFiles[0] = 0; if (mFileVector.size()) - strcpy(mFiles, mFileVector[index].c_str()); + strncpy(mFiles, mFileVector[index].c_str(), sizeof(mFiles)); /*Flawfinder: ignore*/ } void LLFilePicker::getFileName(SInt32 index) @@ -827,7 +827,7 @@ void LLFilePicker::getFileName(SInt32 index) { char *start = strrchr(mFileVector[index].c_str(), '/'); if (start && ((start + 1 - mFileVector[index].c_str()) < (mFileVector[index].size()))) - strcpy(mFilename, start + 1); + strncpy(mFilename, start + 1, sizeof(mFilename)); /*Flawfinder: ignore*/ } } diff --git a/indra/newview/llfilepicker.h b/indra/newview/llfilepicker.h index 718af39c5d..9b0eddbe2d 100644 --- a/indra/newview/llfilepicker.h +++ b/indra/newview/llfilepicker.h @@ -150,8 +150,8 @@ private: U32 mNextFileIndex; #endif - char mFiles[FILENAME_BUFFER_SIZE]; - char mFilename[LL_MAX_PATH]; + char mFiles[FILENAME_BUFFER_SIZE]; /*Flawfinder: ignore*/ + char mFilename[LL_MAX_PATH]; /*Flawfinder: ignore*/ char* mCurrentFile; BOOL mLocked; BOOL mMultiFile; diff --git a/indra/newview/llfloaterabout.cpp b/indra/newview/llfloaterabout.cpp index d3c927a11c..9c8c0162c6 100644 --- a/indra/newview/llfloaterabout.cpp +++ b/indra/newview/llfloaterabout.cpp @@ -79,7 +79,7 @@ LLFloaterAbout::LLFloaterAbout() gAgent.getRegion()->getName().c_str()); support.append(region_text); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ gAgent.getRegion()->getHost().getHostName(buffer, MAX_STRING); support.append(buffer); support.append(" ("); @@ -135,7 +135,7 @@ LLFloaterAbout::LLFloaterAbout() // MD5 digest of executable support.append("Viewer Digest: "); - char viewer_digest_string[UUID_STR_LENGTH]; + char viewer_digest_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ gViewerDigest.toString( viewer_digest_string ); support.append(viewer_digest_string); @@ -163,5 +163,5 @@ void LLFloaterAbout::show(void*) sInstance = new LLFloaterAbout(); } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } diff --git a/indra/newview/llfloateranimpreview.cpp b/indra/newview/llfloateranimpreview.cpp index 5df1acac53..21248c7406 100644 --- a/indra/newview/llfloateranimpreview.cpp +++ b/indra/newview/llfloateranimpreview.cpp @@ -261,8 +261,8 @@ BOOL LLFloaterAnimPreview::postBuild() childSetValue("ease_in_time", LLSD(motionp->getEaseInDuration())); childSetValue("ease_out_time", LLSD(motionp->getEaseOutDuration())); mEnabled = TRUE; - char seconds_string[128]; - sprintf(seconds_string, " - %.2f seconds", motionp->getDuration()); + char seconds_string[128]; /*Flawfinder: ignore*/ + snprintf(seconds_string, sizeof(seconds_string), " - %.2f seconds", motionp->getDuration()); /*Flawfinder: ignore*/ setTitle(mFilename + LLString(seconds_string)); } @@ -282,9 +282,9 @@ BOOL LLFloaterAnimPreview::postBuild() { if (loaderp->getDuration() > MAX_ANIM_DURATION) { - char output_str[256]; + char output_str[256]; /*Flawfinder: ignore*/ - sprintf(output_str, "Animation file is %.1f seconds in length.\n\nMaximum animation length is %.1f seconds.\n", + snprintf(output_str, sizeof(output_str), "Animation file is %.1f seconds in length.\n\nMaximum animation length is %.1f seconds.\n", /*Flawfinder: ignore*/ loaderp->getDuration(), MAX_ANIM_DURATION); childSetValue("bad_animation_text", LLSD(output_str)); } diff --git a/indra/newview/llfloaterauction.cpp b/indra/newview/llfloaterauction.cpp index c86b9abfda..0a10fa3db3 100644 --- a/indra/newview/llfloaterauction.cpp +++ b/indra/newview/llfloaterauction.cpp @@ -83,7 +83,7 @@ void LLFloaterAuction::show() sInstance->setFocus(TRUE); } sInstance->initialize(); - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } void LLFloaterAuction::initialize() diff --git a/indra/newview/llfloateravatarpicker.cpp b/indra/newview/llfloateravatarpicker.cpp index adcc3c49ab..de9432ee73 100644 --- a/indra/newview/llfloateravatarpicker.cpp +++ b/indra/newview/llfloateravatarpicker.cpp @@ -42,13 +42,13 @@ LLFloaterAvatarPicker* LLFloaterAvatarPicker::show(callback_t callback, sInstance->mCallbackUserdata = userdata; sInstance->mCloseOnSelect = FALSE; - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ sInstance->center(); sInstance->setAllowMultiple(allow_multiple); } else { - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ sInstance->mCallback = callback; sInstance->mCallbackUserdata = userdata; sInstance->setAllowMultiple(allow_multiple); @@ -266,8 +266,8 @@ void LLFloaterAvatarPicker::processAvatarPickerReply(LLMessageSystem* msg, void* LLUUID agent_id; LLUUID query_id; LLUUID avatar_id; - char first_name[DB_FIRST_NAME_BUF_SIZE]; - char last_name[DB_LAST_NAME_BUF_SIZE]; + char first_name[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last_name[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ msg->getUUID("AgentData", "AgentID", agent_id); msg->getUUID("AgentData", "QueryID", query_id); diff --git a/indra/newview/llfloateravatartextures.cpp b/indra/newview/llfloateravatartextures.cpp index cb4d8dd8e0..76e096f0a3 100644 --- a/indra/newview/llfloateravatartextures.cpp +++ b/indra/newview/llfloateravatartextures.cpp @@ -35,7 +35,7 @@ LLFloaterAvatarTextures* LLFloaterAvatarTextures::show(const LLUUID &id) gUICtrlFactory->buildFloater(floaterp, "floater_avatar_textures.xml"); gFloaterView->addChild(floaterp); - floaterp->open(); + floaterp->open(); /*Flawfinder: ignore*/ gFloaterView->adjustToFitScreen(floaterp, FALSE); @@ -119,8 +119,8 @@ void LLFloaterAvatarTextures::refresh() LLVOAvatar *avatarp = find_avatar(mID); if (avatarp) { - char firstname[DB_FIRST_NAME_BUF_SIZE]; - char lastname[DB_LAST_NAME_BUF_SIZE]; + char firstname[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char lastname[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ if (gCacheName->getName(avatarp->getID(), firstname, lastname)) { LLString name; diff --git a/indra/newview/llfloaterbuildoptions.cpp b/indra/newview/llfloaterbuildoptions.cpp index de58497430..5ca8a1fb00 100644 --- a/indra/newview/llfloaterbuildoptions.cpp +++ b/indra/newview/llfloaterbuildoptions.cpp @@ -50,14 +50,14 @@ void LLFloaterBuildOptions::show(void*) { if (sInstance) { - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } else { LLFloaterBuildOptions* floater = new LLFloaterBuildOptions(); gUICtrlFactory->buildFloater(floater, "floater_build_options.xml"); - floater->open(); + floater->open(); /*Flawfinder: ignore*/ } } diff --git a/indra/newview/llfloaterbump.cpp b/indra/newview/llfloaterbump.cpp index 8b81c661d8..969124a81c 100644 --- a/indra/newview/llfloaterbump.cpp +++ b/indra/newview/llfloaterbump.cpp @@ -77,7 +77,7 @@ void LLFloaterBump::show(void *contents) } } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } void LLFloaterBump::add(LLScrollListCtrl* list, LLMeanCollisionData* mcd) diff --git a/indra/newview/llfloaterbuy.cpp b/indra/newview/llfloaterbuy.cpp index 3f79161f92..c4d0d6e208 100644 --- a/indra/newview/llfloaterbuy.cpp +++ b/indra/newview/llfloaterbuy.cpp @@ -78,7 +78,7 @@ void LLFloaterBuy::show(const LLSaleInfo& sale_info) sInstance = new LLFloaterBuy(); } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ sInstance->setFocus(TRUE); sInstance->mSaleInfo = sale_info; diff --git a/indra/newview/llfloaterbuycontents.cpp b/indra/newview/llfloaterbuycontents.cpp index 0b3df52e07..a09ebbfab4 100644 --- a/indra/newview/llfloaterbuycontents.cpp +++ b/indra/newview/llfloaterbuycontents.cpp @@ -75,7 +75,7 @@ void LLFloaterBuyContents::show(const LLSaleInfo& sale_info) sInstance = new LLFloaterBuyContents(); } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ sInstance->setFocus(TRUE); // Always center the dialog. User can change the size, @@ -100,7 +100,7 @@ void LLFloaterBuyContents::show(const LLSaleInfo& sale_info) if (!node) return; if(node->mPermissions->isGroupOwned()) { - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getGroupName(owner_id, group_name); owner_name.assign(group_name); } diff --git a/indra/newview/llfloaterbuyland.cpp b/indra/newview/llfloaterbuyland.cpp index 52ac981909..189c60132e 100644 --- a/indra/newview/llfloaterbuyland.cpp +++ b/indra/newview/llfloaterbuyland.cpp @@ -197,7 +197,7 @@ void LLFloaterBuyLand::buyLand( LLFloaterBuyLandUI* ui = LLFloaterBuyLandUI::soleInstance(true); ui->setForGroup(is_for_group); ui->setParcel(region, parcel); - ui->open(); + ui->open(); /*Flawfinder: ignore*/ } // static @@ -813,15 +813,15 @@ void LLFloaterBuyLandUI::updateNames() } else if (mParcel->getIsGroupOwned()) { - char groupName[DB_LAST_NAME_BUF_SIZE]; + char groupName[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getGroupName(mParcel->getGroupID(), &groupName[0]); mParcelSellerName = groupName; } else { - char firstName[DB_LAST_NAME_BUF_SIZE]; - char lastName[DB_LAST_NAME_BUF_SIZE]; + char firstName[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char lastName[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getName(mParcel->getOwnerID(), firstName, lastName); mParcelSellerName = llformat("%s %s", firstName, lastName); diff --git a/indra/newview/llfloaterchat.cpp b/indra/newview/llfloaterchat.cpp index 3d8912d001..93eb24f36d 100644 --- a/indra/newview/llfloaterchat.cpp +++ b/indra/newview/llfloaterchat.cpp @@ -116,7 +116,7 @@ void LLFloaterChat::onClose(bool app_quitting) // public void LLFloaterChat::show() { - open(); + open(); /*Flawfinder: ignore*/ } void add_timestamped_line(LLViewerTextEditor* edit, const LLString& line, const LLColor4& color) diff --git a/indra/newview/llfloatercolorpicker.cpp b/indra/newview/llfloatercolorpicker.cpp index 59147c54f8..17a5cbec96 100644 --- a/indra/newview/llfloatercolorpicker.cpp +++ b/indra/newview/llfloatercolorpicker.cpp @@ -162,7 +162,7 @@ showUI () { setVisible ( TRUE ); setFocus ( TRUE ); - open(); + open(); /*Flawfinder: ignore*/ // HACK: if system color picker is required - close the SL one we made and use default system dialog if ( gSavedSettings.getBOOL ( "UseDefaultColorPicker" ) ) diff --git a/indra/newview/llfloaterfriends.cpp b/indra/newview/llfloaterfriends.cpp index 8efc833004..a910e1a12a 100644 --- a/indra/newview/llfloaterfriends.cpp +++ b/indra/newview/llfloaterfriends.cpp @@ -94,12 +94,12 @@ void LLFloaterFriends::show(void*) { if(sInstance) { - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } else { LLFloaterFriends* self = new LLFloaterFriends; - self->open(); + self->open(); /*Flawfinder: ignore*/ } } @@ -486,12 +486,12 @@ void LLFloaterFriends::onClickIM(void* user_data) { LLUUID agent_id = ids[0]; const LLRelationship* info = LLAvatarTracker::instance().getBuddyInfo(agent_id); - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char last[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ if(info && gCacheName->getName(agent_id, first, last)) { - char buffer[MAX_STRING]; - snprintf(buffer, MAX_STRING, "%s %s", first, last); + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, MAX_STRING, "%s %s", first, last); /* Flawfinder: ignore */ gIMView->setFloaterOpen(TRUE); gIMView->addSession( buffer, @@ -579,8 +579,8 @@ void LLFloaterFriends::onClickRemove(void* user_data) if(ids.size() == 1) { LLUUID agent_id = ids[0]; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ if(gCacheName->getName(agent_id, first, last)) { args["[FIRST_NAME]"] = first; @@ -652,8 +652,8 @@ void LLFloaterFriends::onClickModifyStatus(LLUICtrl* ctrl, void* user_data) if(ids.size() == 1) { LLUUID agent_id = ids[0]; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ if(gCacheName->getName(agent_id, first, last)) { args["[FIRST_NAME]"] = first; diff --git a/indra/newview/llfloatergesture.cpp b/indra/newview/llfloatergesture.cpp index a14c9f11cd..1296c96c5e 100644 --- a/indra/newview/llfloatergesture.cpp +++ b/indra/newview/llfloatergesture.cpp @@ -114,7 +114,7 @@ void LLFloaterGesture::show() { if (sInstance) { - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ return; } @@ -139,7 +139,7 @@ void LLFloaterGesture::show() // Update button labels onCommitList(NULL, self); - self->open(); + self->open(); /*Flawfinder: ignore*/ } // static diff --git a/indra/newview/llfloatergodtools.cpp b/indra/newview/llfloatergodtools.cpp index 685cf94430..45cf356a52 100644 --- a/indra/newview/llfloatergodtools.cpp +++ b/indra/newview/llfloatergodtools.cpp @@ -67,7 +67,7 @@ LLFloaterGodTools* LLFloaterGodTools::instance() if (!sGodTools) { sGodTools = new LLFloaterGodTools(); - sGodTools->open(); + sGodTools->open(); /*Flawfinder: ignore*/ sGodTools->center(); sGodTools->setFocus(TRUE); } @@ -204,7 +204,7 @@ void LLFloaterGodTools::show(void *) void LLFloaterGodTools::showPanel(const LLString& panel_name) { childShowTab("GodTools Tabs", panel_name); - open(); + open(); /*Flawfinder: ignore*/ LLPanel *panel = childGetVisibleTab("GodTools Tabs"); if (panel) panel->setFocus(TRUE); } @@ -235,7 +235,7 @@ void LLFloaterGodTools::processRegionInfo(LLMessageSystem* msg) U32 region_flags; U8 sim_access; U8 agent_limit; - char sim_name[MAX_STRING]; + char sim_name[MAX_STRING]; /*Flawfinder: ignore*/ U32 estate_id; U32 parent_estate_id; F32 water_height; diff --git a/indra/newview/llfloatergroupinvite.cpp b/indra/newview/llfloatergroupinvite.cpp index b21711a96f..13ab90cdd3 100644 --- a/indra/newview/llfloatergroupinvite.cpp +++ b/indra/newview/llfloatergroupinvite.cpp @@ -113,6 +113,6 @@ void LLFloaterGroupInvite::showForGroup(const LLUUID& group_id) } fgi->center(); - fgi->open(); + fgi->open(); /*Flawfinder: ignore*/ fgi->mImpl->mInvitePanelp->update(); } diff --git a/indra/newview/llfloatergroups.cpp b/indra/newview/llfloatergroups.cpp index f03d0735a4..4535a11ec3 100644 --- a/indra/newview/llfloatergroups.cpp +++ b/indra/newview/llfloatergroups.cpp @@ -74,7 +74,7 @@ LLFloaterGroups* LLFloaterGroups::show(const LLUUID& id, EGroupDialog type) else { // Move the existing view to the front - instance->open(); + instance->open(); /* Flawfinder: ignore */ } } @@ -100,7 +100,7 @@ LLFloaterGroups* LLFloaterGroups::show(const LLUUID& id, EGroupDialog type) break; } instance->center(); - instance->open(); + instance->open(); /*Flawfinder: ignore*/ } } return instance; diff --git a/indra/newview/llfloaterinspect.cpp b/indra/newview/llfloaterinspect.cpp index 40132ce375..f45d22ba01 100644 --- a/indra/newview/llfloaterinspect.cpp +++ b/indra/newview/llfloaterinspect.cpp @@ -218,4 +218,4 @@ void LLFloaterInspect::draw() }
LLFloater::draw();
-}
\ No newline at end of file +}
diff --git a/indra/newview/llfloaterinspect.h b/indra/newview/llfloaterinspect.h index 68c4f729bb..d43988a797 100644 --- a/indra/newview/llfloaterinspect.h +++ b/indra/newview/llfloaterinspect.h @@ -44,4 +44,4 @@ private: static LLFloaterInspect* sInstance;
};
-#endif //LL_LLFLOATERINSPECT_H
\ No newline at end of file +#endif //LL_LLFLOATERINSPECT_H
diff --git a/indra/newview/llfloaterland.cpp b/indra/newview/llfloaterland.cpp index be06154c29..3997051782 100644 --- a/indra/newview/llfloaterland.cpp +++ b/indra/newview/llfloaterland.cpp @@ -166,7 +166,7 @@ void LLFloaterLand::show() gParcelMgr->addObserver( sObserver ); } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ // Done automatically when the selected parcel's properties arrive // (and hence we have the local id). @@ -588,8 +588,8 @@ void LLPanelLandGeneral::refresh() } else if(parcel->getAuctionID()) { - char auction_str[MAX_STRING]; - sprintf(auction_str, "Auction ID: %u", parcel->getAuctionID()); + char auction_str[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(auction_str, sizeof(auction_str), "Auction ID: %u", parcel->getAuctionID()); /*Flawfinder: ignore*/ mTextSalePending->setText(auction_str); mTextSalePending->setEnabled(TRUE); } @@ -626,7 +626,7 @@ void LLPanelLandGeneral::refresh() // Display claim date time_t claim_date = parcel->getClaimDate(); - char time_buf[TIME_STR_LENGTH]; + char time_buf[TIME_STR_LENGTH]; /*Flawfinder: ignore*/ mTextClaimDate->setText(formatted_time(claim_date, time_buf)); mTextClaimDate->setEnabled(is_leased); @@ -716,7 +716,7 @@ void LLPanelLandGeneral::refresh() gParcelMgr->canAgentBuyParcel(parcel, true)); // show pricing information - char price[64]; + char price[64]; /*Flawfinder: ignore*/ const char* label = NULL; S32 area; S32 claim_price; @@ -729,13 +729,13 @@ void LLPanelLandGeneral::refresh() &dwell); // Area - sprintf(price, "%d sq. m.", area); + snprintf(price, sizeof(price), "%d sq. m.", area); /*Flawfinder: ignore*/ label = AREA; mTextPriceLabel->setText(label); mTextPrice->setText(price); - sprintf(price, "%.0f", dwell); + snprintf(price, sizeof(price), "%.0f", dwell); /*Flawfinder: ignore*/ mTextDwell->setText(price); if(region_owner) @@ -768,24 +768,24 @@ void LLPanelLandGeneral::refreshNames() return; } - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ if (parcel->getIsGroupOwned()) { buffer[0] = '\0'; - strcat(buffer, "(Group Owned)"); + strcat(buffer, "(Group Owned)"); /*Flawfinder: ignore*/ } else { // Figure out the owner's name - char owner_first[MAX_STRING]; - char owner_last[MAX_STRING]; + char owner_first[MAX_STRING]; /*Flawfinder: ignore*/ + char owner_last[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getName(parcel->getOwnerID(), owner_first, owner_last); - sprintf(buffer, "%s %s", owner_first, owner_last); + snprintf(buffer, sizeof(buffer), "%s %s", owner_first, owner_last); /*Flawfinder: ignore*/ } if(LLParcel::OS_LEASE_PENDING == parcel->getOwnershipStatus()) { - strcat(buffer, " (Sale Pending)"); + strcat(buffer, " (Sale Pending)"); /*Flawfinder: ignore*/ } mTextOwner->setText(buffer); @@ -803,8 +803,8 @@ void LLPanelLandGeneral::refreshNames() if(auth_buyer_id.notNull()) { LLString name; - char firstname[MAX_STRING]; - char lastname[MAX_STRING]; + char firstname[MAX_STRING]; /*Flawfinder: ignore*/ + char lastname[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getName(auth_buyer_id, firstname, lastname); name.assign(firstname); name.append(" "); @@ -935,9 +935,9 @@ void LLPanelLandGeneral::onClickBuyPass(void* deselect_when_done) const char* parcel_name = parcel->getName(); F32 pass_hours = parcel->getPassHours(); - char cost[256], time[256]; - sprintf(cost, "%d", pass_price); - sprintf(time, "%.2f", pass_hours); + char cost[256], time[256]; /*Flawfinder: ignore*/ + snprintf(cost, sizeof(cost), "%d", pass_price); /*Flawfinder: ignore*/ + snprintf(time, sizeof(time), "%.2f", pass_hours); /*Flawfinder: ignore*/ LLStringBase<char>::format_map_t args; args["[COST]"] = cost; @@ -1239,7 +1239,7 @@ void LLPanelLandObjects::refresh() } else { - char count[MAX_STRING]; + char count[MAX_STRING]; /*Flawfinder: ignore*/ S32 sw_max; S32 sw_total; S32 max; @@ -1266,7 +1266,7 @@ void LLPanelLandObjects::refresh() if (parcel_object_bonus != 1.0f) { - sprintf(count, "Region Object Bonus Factor: %.2f", + snprintf(count, sizeof(count), "Region Object Bonus Factor: %.2f", /*Flawfinder: ignore*/ parcel_object_bonus); mParcelObjectBonus->setText(count); } @@ -1277,35 +1277,35 @@ void LLPanelLandObjects::refresh() if (sw_total > sw_max) { - sprintf(count, "%d out of %d (%d will be deleted)", + snprintf(count, sizeof(count), "%d out of %d (%d will be deleted)", /*Flawfinder: ignore*/ sw_total, sw_max, sw_total - sw_max); } else { - sprintf(count, "%d out of %d (%d available)", + snprintf(count, sizeof(count), "%d out of %d (%d available)", /*Flawfinder: ignore*/ sw_total, sw_max, sw_max - sw_total); } mSWTotalObjects->setText(count); - sprintf(count, "%d", max); + snprintf(count, sizeof(count), "%d", max); /*Flawfinder: ignore*/ mObjectContribution->setText(count); - sprintf(count, "%d", total); + snprintf(count, sizeof(count), "%d", total); /*Flawfinder: ignore*/ mTotalObjects->setText(count); - sprintf(count, "%d", owned); + snprintf(count, sizeof(count), "%d", owned); /*Flawfinder: ignore*/ mOwnerObjects->setText(count); - sprintf(count, "%d", group); + snprintf(count, sizeof(count), "%d", group); /*Flawfinder: ignore*/ mGroupObjects->setText(count); - sprintf(count, "%d", other); + snprintf(count, sizeof(count), "%d", other); /*Flawfinder: ignore*/ mOtherObjects->setText(count); - sprintf(count, "%d", selected); + snprintf(count, sizeof(count), "%d", selected); /*Flawfinder: ignore*/ mSelectedObjects->setText(count); - sprintf(count, "%d", mOtherTime); + snprintf(count, sizeof(count), "%d", mOtherTime); /*Flawfinder: ignore*/ mCleanOtherObjectsTime->setText(count); BOOL can_return_owned = LLViewerParcelMgr::isParcelModifiableByAgent(parcel, GP_LAND_RETURN_GROUP_OWNED); @@ -1419,8 +1419,8 @@ void LLPanelLandObjects::callbackReturnOwnerObjects(S32 option, void* userdata) } else { - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getName(owner_id, first, last); args["[FIRST]"] = first; args["[LAST]"] = last; @@ -1444,7 +1444,7 @@ void LLPanelLandObjects::callbackReturnGroupObjects(S32 option, void* userdata) { if (parcel) { - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getGroupName(parcel->getGroupID(), group_name); LLString::format_map_t args; args["[GROUPNAME]"] = group_name; @@ -1595,7 +1595,7 @@ void LLPanelLandObjects::processParcelObjectOwnersReply(LLMessageSystem *msg, vo BOOL is_group_owned; S32 object_count; BOOL is_online; - char object_count_str[MAX_STRING]; + char object_count_str[MAX_STRING]; /*Flawfinder: ignore*/ //BOOL b_need_refresh = FALSE; // If we were waiting for the first reply, clear the "Searching..." text. @@ -1636,7 +1636,7 @@ void LLPanelLandObjects::processParcelObjectOwnersReply(LLMessageSystem *msg, vo // Placeholder for name. row->addColumn("", FONT, self->mColWidth[2]); - sprintf(object_count_str, "%d", object_count); + snprintf(object_count_str, sizeof(object_count_str), "%d", object_count); /*Flawfinder: ignore*/ row->addColumn(object_count_str, FONT, self->mColWidth[3]); if (is_group_owned) @@ -1791,8 +1791,8 @@ void LLPanelLandObjects::onClickReturnOwnerObjects(void* userdata) } else { - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getName(owner_id, first, last); std::string name = first; name += " "; @@ -1818,7 +1818,7 @@ void LLPanelLandObjects::onClickReturnGroupObjects(void* userdata) send_parcel_select_objects(parcel->getLocalID(), RT_GROUP); - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getGroupName(parcel->getGroupID(), group_name); LLStringBase<char>::format_map_t args; @@ -1850,7 +1850,7 @@ void LLPanelLandObjects::onClickReturnOtherObjects(void* userdata) if (parcel->getIsGroupOwned()) { - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getGroupName(parcel->getGroupID(), group_name); args["[NAME]"] = group_name; @@ -1866,8 +1866,8 @@ void LLPanelLandObjects::onClickReturnOtherObjects(void* userdata) } else { - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getName(owner_id, first, last); std::string name; name += first; @@ -2189,8 +2189,8 @@ void LLPanelLandOptions::refresh() } else { - char buffer[256]; - sprintf(buffer, "Landing Point: %d, %d, %d", + char buffer[256]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "Landing Point: %d, %d, %d", /*Flawfinder: ignore*/ llround(pos.mV[VX]), llround(pos.mV[VY]), llround(pos.mV[VZ])); @@ -2565,22 +2565,22 @@ void LLPanelLandAccess::refresh() if (parcel) { - char label[256]; + char label[256]; /*Flawfinder: ignore*/ // Display options BOOL use_group = parcel->getParcelFlag(PF_USE_ACCESS_GROUP); mCheckGroup->set( use_group ); - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /*Flawfinder: ignore*/ gCacheName->getGroupName(parcel->getGroupID(), group_name); - sprintf(label, "Group: %s", group_name); + snprintf(label, sizeof(label), "Group: %s", group_name); /*Flawfinder: ignore*/ mCheckGroup->setLabel( label ); S32 count = parcel->mAccessList.size(); BOOL use_list = parcel->getParcelFlag(PF_USE_ACCESS_LIST); mCheckAccess->set( use_list ); - sprintf(label, "Avatars: (%d listed, %d max)", + snprintf(label, sizeof(label), "Avatars: (%d listed, %d max)", /*Flawfinder: ignore*/ count, PARCEL_MAX_ACCESS_LIST); mCheckAccess->setLabel( label ); @@ -2599,8 +2599,8 @@ void LLPanelLandAccess::refresh() suffix.assign(" ("); if (seconds >= 120) { - char buf[30]; - sprintf(buf, "%d minutes", (seconds/60)); + char buf[30]; /*Flawfinder: ignore*/ + snprintf(buf, sizeof(buf), "%d minutes", (seconds/60)); /*Flawfinder: ignore*/ suffix.append(buf); } else if (seconds >= 60) @@ -2609,8 +2609,8 @@ void LLPanelLandAccess::refresh() } else { - char buf[30]; - sprintf(buf, "%d seconds", seconds); + char buf[30]; /*Flawfinder: ignore*/ + snprintf(buf, sizeof(buf), "%d seconds", seconds); /*Flawfinder: ignore*/ suffix.append(buf); } suffix.append(" remaining)"); @@ -2668,14 +2668,14 @@ void LLPanelLandAccess::refresh() void LLPanelLandAccess::refreshNames() { LLParcel* parcel = gParcelMgr->getSelectedParcel(); - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ group_name[0] = '\0'; if(parcel) { gCacheName->getGroupName(parcel->getGroupID(), group_name); } - char label[MAX_STRING]; - snprintf(label, MAX_STRING, "Group: %s", group_name); + char label[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(label, sizeof(label), "Group: %s", group_name); /*Flawfinder: ignore*/ mCheckGroup->setLabel(label); } @@ -2841,7 +2841,7 @@ void LLPanelLandBan::refresh() if (parcel) { - char label[256]; + char label[256]; /*Flawfinder: ignore*/ // Display options @@ -2850,7 +2850,7 @@ void LLPanelLandBan::refresh() BOOL use_ban = parcel->getParcelFlag(PF_USE_BAN_LIST); mCheck->set( use_ban ); - sprintf(label, "Ban these avatars: (%d listed, %d max)", + snprintf(label, sizeof(label), "Ban these avatars: (%d listed, %d max)", /*Flawfinder: ignore*/ count, PARCEL_MAX_ACCESS_LIST); mCheck->setLabel( label ); @@ -2868,8 +2868,8 @@ void LLPanelLandBan::refresh() suffix.assign(" ("); if (seconds >= 120) { - char buf[30]; - sprintf(buf, "%d minutes", (seconds/60)); + char buf[30]; /*Flawfinder: ignore*/ + snprintf(buf, sizeof(buf), "%d minutes", (seconds/60)); /*Flawfinder: ignore*/ suffix.append(buf); } else if (seconds >= 60) @@ -2878,8 +2878,8 @@ void LLPanelLandBan::refresh() } else { - char buf[30]; - sprintf(buf, "%d seconds", seconds); + char buf[30]; /*Flawfinder: ignore*/ + snprintf(buf, sizeof(buf), "%d seconds", seconds); /*Flawfinder: ignore*/ suffix.append(buf); } suffix.append(" remaining)"); diff --git a/indra/newview/llfloaterlandholdings.cpp b/indra/newview/llfloaterlandholdings.cpp index 496c31d219..c722773f93 100644 --- a/indra/newview/llfloaterlandholdings.cpp +++ b/indra/newview/llfloaterlandholdings.cpp @@ -53,7 +53,7 @@ void LLFloaterLandHoldings::show(void*) ""); // TODO: request updated money balance? - floater->open(); + floater->open(); /* Flawfinder: ignore */ } @@ -158,14 +158,14 @@ void LLFloaterLandHoldings::processPlacesReply(LLMessageSystem* msg, void**) } LLUUID owner_id; - char name[MAX_STRING]; - char desc[MAX_STRING]; + char name[MAX_STRING]; /* Flawfinder: ignore */ + char desc[MAX_STRING]; /* Flawfinder: ignore */ S32 actual_area; S32 billable_area; U8 flags; F32 global_x; F32 global_y; - char sim_name[MAX_STRING]; + char sim_name[MAX_STRING]; /* Flawfinder: ignore */ S32 i; S32 count = msg->getNumberOfBlocks("QueryData"); @@ -187,21 +187,21 @@ void LLFloaterLandHoldings::processPlacesReply(LLMessageSystem* msg, void**) S32 region_x = llround(global_x) % REGION_WIDTH_UNITS; S32 region_y = llround(global_y) % REGION_WIDTH_UNITS; - char location[MAX_STRING]; - sprintf(location, "%s (%d, %d)", sim_name, region_x, region_y); + char location[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(location, MAX_STRING, "%s (%d, %d)", sim_name, region_x, region_y); /* Flawfinder: ignore */ - char area[MAX_STRING]; + char area[MAX_STRING]; /* Flawfinder: ignore */ if(billable_area == actual_area) { - sprintf(area, "%d", billable_area); + snprintf(area, MAX_STRING, "%d", billable_area); /* Flawfinder: ignore */ } else { - sprintf(area, "%d / %d", billable_area, actual_area); + snprintf(area, MAX_STRING, "%d / %d", billable_area, actual_area); /* Flawfinder: ignore */ } - char hidden[MAX_STRING]; - sprintf(hidden, "%f %f", global_x, global_y); + char hidden[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(hidden, MAX_STRING, "%f %f", global_x, global_y); /* Flawfinder: ignore */ LLSD element; element["columns"][0]["column"] = "name"; @@ -292,14 +292,14 @@ void LLFloaterLandHoldings::refreshAggregates() S32 current_area = gStatusBar->getSquareMetersCommitted(); S32 available_area = gStatusBar->getSquareMetersLeft(); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ - sprintf(buffer, "%d sq. meters", allowed_area); + snprintf(buffer, MAX_STRING, "%d sq. meters", allowed_area); /* Flawfinder: ignore */ childSetValue("allowed_text", LLSD(buffer)); - sprintf(buffer, "%d sq. meters", current_area); + snprintf(buffer, MAX_STRING, "%d sq. meters", current_area); /* Flawfinder: ignore */ childSetValue("current_text", LLSD(buffer)); - sprintf(buffer, "%d sq. meters", available_area); + snprintf(buffer, MAX_STRING, "%d sq. meters", available_area); /* Flawfinder: ignore */ childSetValue("available_text", LLSD(buffer)); } diff --git a/indra/newview/llfloatermap.cpp b/indra/newview/llfloatermap.cpp index bbac916331..d53929272c 100644 --- a/indra/newview/llfloatermap.cpp +++ b/indra/newview/llfloatermap.cpp @@ -193,7 +193,7 @@ void LLFloaterMap::toggle(void*) } else { - gFloaterMap->open(); + gFloaterMap->open(); /* Flawfinder: ignore */ } } } diff --git a/indra/newview/llfloaternamedesc.cpp b/indra/newview/llfloaternamedesc.cpp index a8d90b082e..6b2562e73c 100644 --- a/indra/newview/llfloaternamedesc.cpp +++ b/indra/newview/llfloaternamedesc.cpp @@ -64,7 +64,7 @@ BOOL LLFloaterNameDesc::postBuild() char* end_p = strrchr(asset_name_str, '.'); // strip extension if exists if( !end_p ) { - end_p = asset_name_str + strlen( asset_name_str ); + end_p = asset_name_str + strlen( asset_name_str ); /* Flawfinder: ignore */ } else if( !stricmp( end_p, ".wav") ) diff --git a/indra/newview/llfloateropenobject.cpp b/indra/newview/llfloateropenobject.cpp index fb5c795ac3..7e15c373d4 100644 --- a/indra/newview/llfloateropenobject.cpp +++ b/indra/newview/llfloateropenobject.cpp @@ -97,7 +97,7 @@ void LLFloaterOpenObject::show() sInstance->center(); } - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ sInstance->setFocus(TRUE); } diff --git a/indra/newview/llfloaterpostcard.cpp b/indra/newview/llfloaterpostcard.cpp index 18473c8d98..f6fcda29a3 100644 --- a/indra/newview/llfloaterpostcard.cpp +++ b/indra/newview/llfloaterpostcard.cpp @@ -138,7 +138,7 @@ LLFloaterPostcard* LLFloaterPostcard::showFromSnapshot(LLImageJPEG *jpeg, LLImag gFloaterView->getNewFloaterPosition(&left, &top); instance->setOrigin(left, top - instance->getRect().getHeight()); - instance->open(); + instance->open(); /*Flawfinder: ignore*/ return instance; } diff --git a/indra/newview/llfloaterpreference.cpp b/indra/newview/llfloaterpreference.cpp index ded8f1df4a..c96fd4ac0a 100644 --- a/indra/newview/llfloaterpreference.cpp +++ b/indra/newview/llfloaterpreference.cpp @@ -264,7 +264,7 @@ void LLFloaterPreference::show(void*) sInstance->center(); } - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ if(!gAgent.getID().isNull()) { diff --git a/indra/newview/llfloaterproperties.cpp b/indra/newview/llfloaterproperties.cpp index 76a387556e..793884e008 100644 --- a/indra/newview/llfloaterproperties.cpp +++ b/indra/newview/llfloaterproperties.cpp @@ -107,7 +107,7 @@ LLFloaterProperties* LLFloaterProperties::show(const LLUUID& item_id, } instance->refresh(); - instance->open(); + instance->open(); /* Flawfinder: ignore */ } return instance; } @@ -279,7 +279,7 @@ void LLFloaterProperties::refreshFromItem(LLInventoryItem* item) childSetEnabled("LabelItemNameTitle",TRUE); childSetEnabled("LabelItemName",is_modifiable); - const char EMPTY_STRING[1] = ""; + const char EMPTY_STRING[1] = ""; /* Flawfinder: ignore */ const char* txt = EMPTY_STRING; if(!item->getName().empty()) { @@ -299,8 +299,8 @@ void LLFloaterProperties::refreshFromItem(LLInventoryItem* item) ////////////////// // CREATOR NAME // ////////////////// - char first_name[DB_FIRST_NAME_BUF_SIZE]; - char last_name[DB_LAST_NAME_BUF_SIZE]; + char first_name[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char last_name[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ if(!gCacheName) return; if(!gAgent.getRegion()) return; @@ -332,7 +332,7 @@ void LLFloaterProperties::refreshFromItem(LLInventoryItem* item) LLString name; if (perm.isGroupOwned()) { - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /* Flawfinder: ignore */ gCacheName->getGroupName(perm.getGroup(), group_name); name.assign(group_name); } @@ -413,29 +413,29 @@ void LLFloaterProperties::refreshFromItem(LLInventoryItem* item) overwrite_group = flags & LLInventoryItem::II_FLAGS_OBJECT_PERM_OVERWRITE_GROUP; } - char perm_string[11]; + char perm_string[11]; /* Flawfinder: ignore */ - sprintf(perm_string, "B: "); + snprintf(perm_string, sizeof(perm_string), "B: "); /* Flawfinder: ignore */ mask_to_string(base_mask, perm_string+3); childSetText("BaseMaskDebug",perm_string); childSetVisible("BaseMaskDebug",TRUE); - sprintf(perm_string, "O: "); + snprintf(perm_string, sizeof(perm_string), "O: "); /* Flawfinder: ignore */ mask_to_string(owner_mask, perm_string+3); childSetText("OwnerMaskDebug",perm_string); childSetVisible("OwnerMaskDebug",TRUE); - sprintf(perm_string, "G%s: ", overwrite_group ? "*" : ""); + snprintf(perm_string, sizeof(perm_string), "G%s: ", overwrite_group ? "*" : ""); /* Flawfinder: ignore */ mask_to_string(group_mask, perm_string + (overwrite_group ? 4 : 3)); childSetText("GroupMaskDebug",perm_string); childSetVisible("GroupMaskDebug",TRUE); - sprintf(perm_string, "E%s: ", overwrite_everyone ? "*" : ""); + snprintf(perm_string, sizeof(perm_string), "E%s: ", overwrite_everyone ? "*" : ""); /* Flawfinder: ignore */ mask_to_string(everyone_mask, perm_string + (overwrite_everyone ? 4 : 3)); childSetText("EveryoneMaskDebug",perm_string); childSetVisible("EveryoneMaskDebug",TRUE); - sprintf(perm_string, "N%s: ", slam_perm ? "*" : ""); + snprintf(perm_string, sizeof(perm_string), "N%s: ", slam_perm ? "*" : ""); /* Flawfinder: ignore */ mask_to_string(next_owner_mask, perm_string + (slam_perm ? 4 : 3)); childSetText("NextMaskDebug",perm_string); childSetVisible("NextMaskDebug",TRUE); @@ -548,8 +548,8 @@ void LLFloaterProperties::refreshFromItem(LLInventoryItem* item) if (is_for_sale) { radioSaleType->setSelectedIndex((S32)sale_info.getSaleType() - 1); - char numerical_price[MAX_STRING]; - sprintf(numerical_price, "%d", sale_info.getSalePrice()); + char numerical_price[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(numerical_price, MAX_STRING, "%d", sale_info.getSalePrice()); /* Flawfinder: ignore */ childSetText("EditPrice",numerical_price); } else diff --git a/indra/newview/llfloaterregioninfo.cpp b/indra/newview/llfloaterregioninfo.cpp index 297d5941f2..1ad724024b 100644 --- a/indra/newview/llfloaterregioninfo.cpp +++ b/indra/newview/llfloaterregioninfo.cpp @@ -202,7 +202,7 @@ void LLFloaterRegionInfo::show(LLViewerRegion* region) "EstateOwnerMessage", &processEstateOwnerRequest); } - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore*/ sInstance->refreshFromRegion(region); // Must allow anyone to request the RegionInfo data @@ -272,7 +272,7 @@ void LLFloaterRegionInfo::processRegionInfo(LLMessageSystem* msg) if(!tab) return; // extract message - char sim_name[MAX_STRING]; + char sim_name[MAX_STRING]; /* Flawfinder: ignore*/ U32 region_flags; U8 agent_limit; F32 object_bonus_factor; @@ -572,7 +572,7 @@ void LLPanelRegionGeneralInfo::onKickCommit(const std::vector<std::string>& name strings_t strings; // [0] = our agent id // [1] = target agent id - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ gAgent.getID().toString(buffer); strings.push_back(buffer); @@ -600,7 +600,7 @@ void LLPanelRegionGeneralInfo::onKickAllCommit(S32 option, void* userdata) if(!self) return; strings_t strings; // [0] = our agent id - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ gAgent.getID().toString(buffer); strings.push_back(buffer); @@ -635,7 +635,7 @@ void LLPanelRegionGeneralInfo::onMessageCommit(S32 option, const LLString& text, // [4] message strings.push_back("-1"); strings.push_back("-1"); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ gAgent.getID().toString(buffer); strings.push_back(buffer); std::string name; @@ -669,35 +669,35 @@ BOOL LLPanelRegionGeneralInfo::sendUpdate() llinfos << "LLPanelRegionGeneralInfo::sendUpdate()" << llendl; strings_t strings; //integers_t integers; - char buffer[MAX_STRING]; - sprintf(buffer, "%s", (childGetValue("block_terraform_check").asBoolean() ? "Y" : "N")); + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ + snprintf(buffer, MAX_STRING, "%s", (childGetValue("block_terraform_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); - sprintf(buffer, "%s", (childGetValue("block_fly_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("block_fly_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); - sprintf(buffer, "%s", (childGetValue("allow_damage_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("allow_damage_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); - sprintf(buffer, "%s", (childGetValue("allow_land_resell_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("allow_land_resell_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); F32 value = (F32)childGetValue("agent_limit_spin").asReal(); - sprintf(buffer, "%f", value); + snprintf(buffer, MAX_STRING, "%f", value); /* Flawfinder: ignore*/ strings.push_back(strings_t::value_type(buffer)); value = (F32)childGetValue("object_bonus_spin").asReal(); - sprintf(buffer, "%f", value); + snprintf(buffer, MAX_STRING, "%f", value); /* Flawfinder: ignore*/ strings.push_back(strings_t::value_type(buffer)); U8 access = LLViewerRegion::stringToAccess(childGetValue("access_combo").asString().c_str()); - sprintf(buffer, "%d", (S32)access); + snprintf(buffer, MAX_STRING, "%d", (S32)access); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); - sprintf(buffer, "%s", (childGetValue("restrict_pushobject").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("restrict_pushobject").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); - sprintf(buffer, "%s", (childGetValue("allow_parcel_changes_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("allow_parcel_changes_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); LLUUID invoice(LLFloaterRegionInfo::getLastInvoice()); @@ -705,7 +705,7 @@ BOOL LLPanelRegionGeneralInfo::sendUpdate() LLViewerRegion* region = gAgent.getRegion(); if (region - && access != region->getSimAccess() ) + && access != region->getSimAccess() ) /* Flawfinder: ignore */ { gViewerWindow->alertXml("RegionMaturityChange"); } @@ -764,15 +764,15 @@ BOOL LLPanelRegionDebugInfo::sendUpdate() { llinfos << "LLPanelRegionDebugInfo::sendUpdate" << llendl; strings_t strings; - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ - sprintf(buffer, "%s", (childGetValue("disable_scripts_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("disable_scripts_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(buffer); - sprintf(buffer, "%s", (childGetValue("disable_collisions_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("disable_collisions_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(buffer); - sprintf(buffer, "%s", (childGetValue("disable_physics_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("disable_physics_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore */ strings.push_back(buffer); LLUUID invoice(LLFloaterRegionInfo::getLastInvoice()); @@ -927,10 +927,10 @@ bool LLPanelRegionTextureInfo::refreshFromRegion(LLViewerRegion* region) LLVLComposition* compp = region->getComposition(); LLTextureCtrl* texture_ctrl; - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ for(S32 i = 0; i < TERRAIN_TEXTURE_COUNT; ++i) { - sprintf(buffer, "texture_detail_%d", i); + snprintf(buffer, MAX_STRING, "texture_detail_%d", i); /* Flawfinder: ignore */ texture_ctrl = LLViewerUICtrlFactory::getTexturePickerByName(this, buffer); if(texture_ctrl) { @@ -943,9 +943,9 @@ bool LLPanelRegionTextureInfo::refreshFromRegion(LLViewerRegion* region) for(S32 i = 0; i < CORNER_COUNT; ++i) { - sprintf(buffer, "height_start_spin_%d", i); + snprintf(buffer, MAX_STRING, "height_start_spin_%d", i); /* Flawfinder: ignore */ childSetValue(buffer, LLSD(compp->getStartHeight(i))); - sprintf(buffer, "height_range_spin_%d", i); + snprintf(buffer, MAX_STRING, "height_range_spin_%d", i); /* Flawfinder: ignore */ childSetValue(buffer, LLSD(compp->getHeightRange(i))); } @@ -957,18 +957,18 @@ bool LLPanelRegionTextureInfo::refreshFromRegion(LLViewerRegion* region) BOOL LLPanelRegionTextureInfo::postBuild() { LLPanelRegionInfo::postBuild(); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ for(S32 i = 0; i < TERRAIN_TEXTURE_COUNT; ++i) { - sprintf(buffer, "texture_detail_%d", i); + snprintf(buffer, MAX_STRING, "texture_detail_%d", i); /* Flawfinder: ignore */ initCtrl(buffer); } for(S32 i = 0; i < CORNER_COUNT; ++i) { - sprintf(buffer, "height_start_spin_%d", i); + snprintf(buffer, MAX_STRING, "height_start_spin_%d", i); /* Flawfinder: ignore */ initCtrl(buffer); - sprintf(buffer, "height_range_spin_%d", i); + snprintf(buffer, MAX_STRING, "height_range_spin_%d", i); /* Flawfinder: ignore */ initCtrl(buffer); } @@ -998,9 +998,9 @@ BOOL LLPanelRegionTextureInfo::sendUpdate() } LLTextureCtrl* texture_ctrl; - char buffer[MAX_STRING]; - char buffer2[MAX_STRING]; - char id_str[UUID_STR_LENGTH]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char buffer2[MAX_STRING]; /* Flawfinder: ignore */ + char id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ LLMessageSystem* msg = gMessageSystem; strings_t strings; @@ -1008,13 +1008,13 @@ BOOL LLPanelRegionTextureInfo::sendUpdate() for(S32 i = 0; i < TERRAIN_TEXTURE_COUNT; ++i) { - sprintf(buffer, "texture_detail_%d", i); + snprintf(buffer, MAX_STRING, "texture_detail_%d", i); /* Flawfinder: ignore */ texture_ctrl = LLViewerUICtrlFactory::getTexturePickerByName(this, buffer); if(texture_ctrl) { LLUUID tmp_id(texture_ctrl->getImageAssetID()); tmp_id.toString(id_str); - sprintf(buffer, "%d %s", i, id_str); + snprintf(buffer, MAX_STRING, "%d %s", i, id_str); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); } } @@ -1022,9 +1022,9 @@ BOOL LLPanelRegionTextureInfo::sendUpdate() strings.clear(); for(S32 i = 0; i < CORNER_COUNT; ++i) { - sprintf(buffer, "height_start_spin_%d", i); - sprintf(buffer2, "height_range_spin_%d", i); - sprintf(buffer, "%d %f %f", i, (F32)childGetValue(buffer).asReal(), (F32)childGetValue(buffer2).asReal()); + snprintf(buffer, MAX_STRING, "height_start_spin_%d", i); /* Flawfinder: ignore */ + snprintf(buffer2, MAX_STRING, "height_range_spin_%d", i); /* Flawfinder: ignore */ + snprintf(buffer, MAX_STRING, "%d %f %f", i, (F32)childGetValue(buffer).asReal(), (F32)childGetValue(buffer2).asReal()); /* Flawfinder: ignore */ strings.push_back(strings_t::value_type(buffer)); } sendEstateOwnerMessage(msg, "textureheights", invoice, strings); @@ -1037,8 +1037,8 @@ BOOL LLPanelRegionTextureInfo::validateTextureSizes() { for(S32 i = 0; i < TERRAIN_TEXTURE_COUNT; ++i) { - char buffer[MAX_STRING]; - sprintf(buffer, "texture_detail_%d", i); + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, MAX_STRING, "texture_detail_%d", i); /* Flawfinder: ignore */ LLTextureCtrl* texture_ctrl = LLViewerUICtrlFactory::getTexturePickerByName(this, buffer); if (!texture_ctrl) continue; @@ -1139,21 +1139,21 @@ bool LLPanelRegionTerrainInfo::refreshFromRegion(LLViewerRegion* region) BOOL LLPanelRegionTerrainInfo::sendUpdate() { llinfos << "LLPanelRegionTerrainInfo::sendUpdate" << llendl; - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ strings_t strings; LLUUID invoice(LLFloaterRegionInfo::getLastInvoice()); - sprintf(buffer, "%f", (F32)childGetValue("water_height_spin").asReal()); + snprintf(buffer, MAX_STRING, "%f", (F32)childGetValue("water_height_spin").asReal()); /* Flawfinder: ignore */ strings.push_back(buffer); - sprintf(buffer, "%f", (F32)childGetValue("terrain_raise_spin").asReal()); + snprintf(buffer, MAX_STRING, "%f", (F32)childGetValue("terrain_raise_spin").asReal()); /* Flawfinder: ignore */ strings.push_back(buffer); - sprintf(buffer, "%f", (F32)childGetValue("terrain_lower_spin").asReal()); + snprintf(buffer, MAX_STRING, "%f", (F32)childGetValue("terrain_lower_spin").asReal()); /* Flawfinder: ignore */ strings.push_back(buffer); - sprintf(buffer, "%s", (childGetValue("use_estate_sun_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("use_estate_sun_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore*/ strings.push_back(buffer); - sprintf(buffer, "%s", (childGetValue("fixed_sun_check").asBoolean() ? "Y" : "N")); + snprintf(buffer, MAX_STRING, "%s", (childGetValue("fixed_sun_check").asBoolean() ? "Y" : "N")); /* Flawfinder: ignore*/ strings.push_back(buffer); - sprintf(buffer, "%f", (F32)childGetValue("sun_hour_slider").asReal() ); + snprintf(buffer, MAX_STRING, "%f", (F32)childGetValue("sun_hour_slider").asReal() ); /* Flawfinder: ignore*/ strings.push_back(buffer); // Grab estate information in case the user decided to set the @@ -1179,11 +1179,11 @@ BOOL LLPanelRegionTerrainInfo::sendUpdate() estate_sun_hour = panel->getSunHour(); } - sprintf(buffer, "%s", (estate_global_time ? "Y" : "N") ); + snprintf(buffer, MAX_STRING, "%s", (estate_global_time ? "Y" : "N") ); /* Flawfinder: ignore*/ strings.push_back(buffer); - sprintf(buffer, "%s", (estate_fixed_sun ? "Y" : "N") ); + snprintf(buffer, MAX_STRING, "%s", (estate_fixed_sun ? "Y" : "N") ); /* Flawfinder: ignore*/ strings.push_back(buffer); - sprintf(buffer, "%f", estate_sun_hour); + snprintf(buffer, MAX_STRING, "%f", estate_sun_hour); /* Flawfinder: ignore*/ strings.push_back(buffer); sendEstateOwnerMessage(gMessageSystem, "setregionterrain", invoice, strings); @@ -1512,7 +1512,7 @@ void LLPanelEstateInfo::kickUserConfirm(S32 option, void* userdata) LLUUID invoice(LLFloaterRegionInfo::getLastInvoice()); strings_t strings; - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ switch(option) { @@ -1795,12 +1795,12 @@ void LLPanelEstateInfo::sendEstateAccessDelta(U32 flags, const LLUUID& agent_or_ msg->addString("Method", "estateaccessdelta"); msg->addUUID("Invoice", LLFloaterRegionInfo::getLastInvoice()); - char buf[MAX_STRING]; + char buf[MAX_STRING]; /* Flawfinder: ignore*/ gAgent.getID().toString(buf); msg->nextBlock("ParamList"); msg->addString("Parameter", buf); - sprintf(buf, "%u", flags); + snprintf(buf, MAX_STRING, "%u", flags); /* Flawfinder: ignore*/ msg->nextBlock("ParamList"); msg->addString("Parameter", buf); @@ -2056,8 +2056,8 @@ void LLPanelEstateInfo::commitEstateInfo() msg->nextBlock("ParamList"); msg->addString("Parameter", getEstateName()); - char buf[MAX_STRING]; - sprintf(buf, "%u", computeEstateFlags()); + char buf[MAX_STRING]; /* Flawfinder: ignore*/ + snprintf(buf, MAX_STRING, "%u", computeEstateFlags()); /* Flawfinder: ignore*/ msg->nextBlock("ParamList"); msg->addString("Parameter", buf); @@ -2067,7 +2067,7 @@ void LLPanelEstateInfo::commitEstateInfo() sun_hour = 0.f; // 0 = global time } - sprintf(buf, "%d", (S32)(sun_hour*1024.0f)); + snprintf(buf, MAX_STRING, "%d", (S32)(sun_hour*1024.0f)); /* Flawfinder: ignore*/ msg->nextBlock("ParamList"); msg->addString("Parameter", buf); @@ -2541,8 +2541,13 @@ void LLPanelEstateCovenant::onLoadComplete(LLVFS *vfs, S32 file_length = file.getSize(); char* buffer = new char[file_length+1]; - file.read((U8*)buffer, file_length); + if (buffer == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + file.read((U8*)buffer, file_length); /* Flawfinder: ignore */ // put a EOS at the end buffer[file_length] = 0; @@ -2860,7 +2865,7 @@ bool LLDispatchSetEstateAccess::operator()( for (S32 i = 0; i < num_allowed_agents && i < ESTATE_MAX_ACCESS_IDS; i++) { LLUUID id; - memcpy(id.mData, strings[index++].data(), UUID_BYTES); + memcpy(id.mData, strings[index++].data(), UUID_BYTES); /* Flawfinder: ignore */ allowed_agent_name_list->addNameItem(id); } panel->childSetEnabled("remove_allowed_avatar_btn", allowed_agent_name_list->getFirstSelected() ? TRUE : FALSE); @@ -2884,7 +2889,7 @@ bool LLDispatchSetEstateAccess::operator()( for (S32 i = 0; i < num_allowed_groups && i < ESTATE_MAX_GROUP_IDS; i++) { LLUUID id; - memcpy(id.mData, strings[index++].data(), UUID_BYTES); + memcpy(id.mData, strings[index++].data(), UUID_BYTES); /* Flawfinder: ignore */ allowed_group_name_list->addGroupNameItem(id); } panel->childSetEnabled("remove_allowed_group_btn", allowed_group_name_list->getFirstSelected() ? TRUE : FALSE); @@ -2916,7 +2921,7 @@ bool LLDispatchSetEstateAccess::operator()( for (S32 i = 0; i < num_banned_agents && i < ESTATE_MAX_ACCESS_IDS; i++) { LLUUID id; - memcpy(id.mData, strings[index++].data(), UUID_BYTES); + memcpy(id.mData, strings[index++].data(), UUID_BYTES); /* Flawfinder: ignore */ banned_agent_name_list->addNameItem(id); } panel->childSetEnabled("remove_banned_avatar_btn", banned_agent_name_list->getFirstSelected() ? TRUE : FALSE); @@ -2939,7 +2944,7 @@ bool LLDispatchSetEstateAccess::operator()( for (S32 i = 0; i < num_estate_managers && i < ESTATE_MAX_MANAGERS; i++) { LLUUID id; - memcpy(id.mData, strings[index++].data(), UUID_BYTES); + memcpy(id.mData, strings[index++].data(), UUID_BYTES); /* Flawfinder: ignore */ estate_manager_name_list->addNameItem(id); } panel->childSetEnabled("remove_estate_manager_btn", estate_manager_name_list->getFirstSelected() ? TRUE : FALSE); diff --git a/indra/newview/llfloaterreporter.cpp b/indra/newview/llfloaterreporter.cpp index 5dadac22be..89ff4bc66d 100644 --- a/indra/newview/llfloaterreporter.cpp +++ b/indra/newview/llfloaterreporter.cpp @@ -440,7 +440,7 @@ void LLFloaterReporter::showFromMenu(EReportType report_type) { // ...bring that window to front LLFloaterReporter *f = gReporterInstances.getData(report_type); - f->open(); + f->open(); /* Flawfinder: ignore */ } else { @@ -496,7 +496,7 @@ void LLFloaterReporter::showFromObject(const LLUUID& object_id) // Need to deselect on close f->mDeselectOnClose = TRUE; - f->open(); + f->open(); /* Flawfinder: ignore */ } @@ -716,8 +716,9 @@ void LLFloaterReporter::sendReport() details << childGetValue("details_edit").asString(); msg->addStringFast(_PREHASH_Details, details.str() ); - char version_string[MAX_STRING]; - sprintf(version_string, + char version_string[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(version_string, /* Flawfinder: ignore */ + MAX_STRING, "%d.%d.%d %s %s %s %s", LL_VERSION_MAJOR, LL_VERSION_MINOR, diff --git a/indra/newview/llfloaterscriptdebug.cpp b/indra/newview/llfloaterscriptdebug.cpp index cc522bf75b..1cf10ae881 100644 --- a/indra/newview/llfloaterscriptdebug.cpp +++ b/indra/newview/llfloaterscriptdebug.cpp @@ -47,7 +47,7 @@ void LLFloaterScriptDebug::show(const LLUUID& object_id) LLFloater* floaterp = addOutputWindow(object_id); if (sInstance) { - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ sInstance->showFloater(floaterp); } } @@ -206,7 +206,7 @@ LLFloaterScriptDebugOutput* LLFloaterScriptDebugOutput::show(const LLUUID& objec { floaterp = new LLFloaterScriptDebugOutput(object_id); sInstanceMap[object_id] = floaterp; - floaterp->open(); + floaterp->open(); /* Flawfinder: ignore*/ } else { diff --git a/indra/newview/llfloatersellland.cpp b/indra/newview/llfloatersellland.cpp index 3c63ad69cb..65c5f5607e 100755 --- a/indra/newview/llfloatersellland.cpp +++ b/indra/newview/llfloatersellland.cpp @@ -78,7 +78,7 @@ void LLFloaterSellLand::sellLand( LLFloaterSellLandUI* ui = LLFloaterSellLandUI::soleInstance(true); if (ui->setParcel(region, parcel)) { - ui->open(); + ui->open(); /* Flawfinder: ignore */ } } @@ -186,8 +186,8 @@ void LLFloaterSellLandUI::updateParcelInfo() if(mSellToBuyer) { LLString name; - char firstname[MAX_STRING]; - char lastname[MAX_STRING]; + char firstname[MAX_STRING]; /* Flawfinder: ignore */ + char lastname[MAX_STRING]; /* Flawfinder: ignore */ gCacheName->getName(mAuthorizedBuyer, firstname, lastname); name.assign(firstname); name.append(" "); diff --git a/indra/newview/llfloatersnapshot.cpp b/indra/newview/llfloatersnapshot.cpp index bc6bc297c4..1b82b6b43d 100644 --- a/indra/newview/llfloatersnapshot.cpp +++ b/indra/newview/llfloatersnapshot.cpp @@ -1413,7 +1413,7 @@ void LLFloaterSnapshot::show(void*) sInstance->impl.updateLayout(sInstance); } - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ sInstance->focusFirstItem(FALSE); gSnapshotFloaterView->setEnabled(TRUE); gSnapshotFloaterView->adjustToFitScreen(sInstance, FALSE); diff --git a/indra/newview/llfloatertelehub.cpp b/indra/newview/llfloatertelehub.cpp index 371154f8a3..25cfc12c3e 100644 --- a/indra/newview/llfloatertelehub.cpp +++ b/indra/newview/llfloatertelehub.cpp @@ -222,8 +222,8 @@ void LLFloaterTelehub::onClickRemoveSpawnPoint(void* data) msg->nextBlock("ParamList"); msg->addString("Parameter", "spawnpoint remove"); - char buffer[MAX_STRING]; - sprintf(buffer, "%d", spawn_index); + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, MAX_STRING, "%d", spawn_index); /* Flawfinder: ignore */ msg->nextBlock("ParamList"); msg->addString("Parameter", buffer); @@ -241,7 +241,7 @@ void LLFloaterTelehub::processTelehubInfo(LLMessageSystem* msg, void**) void LLFloaterTelehub::unpackTelehubInfo(LLMessageSystem* msg) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ msg->getUUID("TelehubBlock", "ObjectID", mTelehubObjectID); msg->getString("TelehubBlock", "ObjectName", MAX_STRING, buffer); diff --git a/indra/newview/llfloatertools.cpp b/indra/newview/llfloatertools.cpp index c9a28ab361..e21c7a45a8 100644 --- a/indra/newview/llfloatertools.cpp +++ b/indra/newview/llfloatertools.cpp @@ -938,4 +938,4 @@ void LLFloaterTools::onFocusReceived() { gCurrentToolset = gBasicToolset; gCurrentToolset->selectTool(gCurrentToolset->getSelectedTool()); -}
\ No newline at end of file +} diff --git a/indra/newview/llfloatertopobjects.cpp b/indra/newview/llfloatertopobjects.cpp index f7850f38db..8e24864880 100644 --- a/indra/newview/llfloatertopobjects.cpp +++ b/indra/newview/llfloatertopobjects.cpp @@ -141,8 +141,8 @@ void LLFloaterTopObjects::handleReply(LLMessageSystem *msg, void** data) LLUUID task_id; F32 location_x, location_y, location_z; F32 score; - char name_buf[MAX_STRING]; - char owner_buf[MAX_STRING]; + char name_buf[MAX_STRING]; /* Flawfinder: ignore */ + char owner_buf[MAX_STRING]; /* Flawfinder: ignore */ msg->getU32Fast(_PREHASH_ReportData, _PREHASH_TaskLocalID, task_local_id, block); msg->getUUIDFast(_PREHASH_ReportData, _PREHASH_TaskID, task_id, block); diff --git a/indra/newview/llfloaterworldmap.cpp b/indra/newview/llfloaterworldmap.cpp index 739f2cf3c7..a39c2be6bf 100644 --- a/indra/newview/llfloaterworldmap.cpp +++ b/indra/newview/llfloaterworldmap.cpp @@ -293,7 +293,7 @@ void LLFloaterWorldMap::show(void*, BOOL center_on_target) BOOL was_visible = gFloaterWorldMap->getVisible(); gFloaterWorldMap->mIsClosing = FALSE; - gFloaterWorldMap->open(); + gFloaterWorldMap->open(); /* Flawfinder: ignore */ LLWorldMapView* map_panel; map_panel = (LLWorldMapView*)gFloaterWorldMap->mTabs->getCurrentPanel(); diff --git a/indra/newview/llfolderview.cpp b/indra/newview/llfolderview.cpp index cf041c4bfb..b3585fdfaf 100644 --- a/indra/newview/llfolderview.cpp +++ b/indra/newview/llfolderview.cpp @@ -308,10 +308,10 @@ void LLFolderViewItem::arrangeFromRoot() // UI. If open is TRUE, then folders are opened up along the way to // the selection. void LLFolderViewItem::setSelectionFromRoot(LLFolderViewItem* selection, - BOOL open, + BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus) { - getRoot()->setSelection(selection, open, take_keyboard_focus); + getRoot()->setSelection(selection, open, take_keyboard_focus); /* Flawfinder: ignore */ } // helper function to change the selection from the root. @@ -515,7 +515,7 @@ void LLFolderViewItem::buildContextMenu(LLMenuGL& menu, U32 flags) } } -void LLFolderViewItem::open( void ) +void LLFolderViewItem::open( void ) /* Flawfinder: ignore */ { if( mListener ) { @@ -1346,7 +1346,7 @@ BOOL LLFolderViewFolder::hasFilteredDescendants() // Passes selection information on to children and record selection // information if necessary. -BOOL LLFolderViewFolder::setSelection(LLFolderViewItem* selection, BOOL open, +BOOL LLFolderViewFolder::setSelection(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus) { BOOL rv = FALSE; @@ -1370,7 +1370,7 @@ BOOL LLFolderViewFolder::setSelection(LLFolderViewItem* selection, BOOL open, iter != mFolders.end();) { folders_t::iterator fit = iter++; - if((*fit)->setSelection(selection, open, take_keyboard_focus)) + if((*fit)->setSelection(selection, open, take_keyboard_focus)) /* Flawfinder: ignore */ { rv = TRUE; child_selected = TRUE; @@ -1381,14 +1381,14 @@ BOOL LLFolderViewFolder::setSelection(LLFolderViewItem* selection, BOOL open, iter != mItems.end();) { items_t::iterator iit = iter++; - if((*iit)->setSelection(selection, open, take_keyboard_focus)) + if((*iit)->setSelection(selection, open, take_keyboard_focus)) /* Flawfinder: ignore */ { rv = TRUE; child_selected = TRUE; mNumDescendantsSelected++; } } - if(open && child_selected) + if(open && child_selected) /* Flawfinder: ignore */ { setOpenArrangeRecursively(TRUE); } @@ -1945,16 +1945,16 @@ void LLFolderViewFolder::toggleOpen() } // Force a folder open or closed -void LLFolderViewFolder::setOpen(BOOL open) +void LLFolderViewFolder::setOpen(BOOL open) /* Flawfinder: ignore */ { - setOpenArrangeRecursively(open); + setOpenArrangeRecursively(open); /* Flawfinder: ignore */ } -void LLFolderViewFolder::setOpenArrangeRecursively(BOOL open, ERecurseType recurse) +void LLFolderViewFolder::setOpenArrangeRecursively(BOOL open, ERecurseType recurse) /* Flawfinder: ignore */ { BOOL was_open = mIsOpen; - mIsOpen = open; - if(!was_open && open) + mIsOpen = open; /* Flawfinder: ignore */ + if(!was_open && open) /* Flawfinder: ignore */ { if(mListener) { @@ -1967,12 +1967,12 @@ void LLFolderViewFolder::setOpenArrangeRecursively(BOOL open, ERecurseType recur iter != mFolders.end();) { folders_t::iterator fit = iter++; - (*fit)->setOpenArrangeRecursively(open, RECURSE_DOWN); + (*fit)->setOpenArrangeRecursively(open, RECURSE_DOWN); /* Flawfinder: ignore */ } } if (mParentFolder && (recurse == RECURSE_UP || recurse == RECURSE_UP_DOWN)) { - mParentFolder->setOpenArrangeRecursively(open, RECURSE_UP); + mParentFolder->setOpenArrangeRecursively(open, RECURSE_UP); /* Flawfinder: ignore */ } if (was_open != mIsOpen) @@ -2005,7 +2005,7 @@ BOOL LLFolderViewFolder::handleDragAndDropFromChild(MASK mask, return TRUE; } -void LLFolderViewFolder::open( void ) +void LLFolderViewFolder::open( void ) /* Flawfinder: ignore */ { toggleOpen(); } @@ -2694,10 +2694,10 @@ void LLFolderView::openFolder(const LLString& foldername) } } -void LLFolderView::setOpenArrangeRecursively(BOOL open, ERecurseType recurse) +void LLFolderView::setOpenArrangeRecursively(BOOL open, ERecurseType recurse) /* Flawfinder: ignore */ { // call base class to do proper recursion - LLFolderViewFolder::setOpenArrangeRecursively(open, recurse); + LLFolderViewFolder::setOpenArrangeRecursively(open, recurse); /* Flawfinder: ignore */ // make sure root folder is always open mIsOpen = TRUE; } @@ -2873,7 +2873,7 @@ LLFolderViewItem* LLFolderView::getCurSelectedItem( void ) // Record the selected item and pass it down the hierachy. -BOOL LLFolderView::setSelection(LLFolderViewItem* selection, BOOL open, +BOOL LLFolderView::setSelection(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus) { if( selection == this ) @@ -2895,8 +2895,8 @@ BOOL LLFolderView::setSelection(LLFolderViewItem* selection, BOOL open, addToSelectionList(selection); } - BOOL rv = LLFolderViewFolder::setSelection(selection, open, take_keyboard_focus); - if(open) + BOOL rv = LLFolderViewFolder::setSelection(selection, open, take_keyboard_focus); /* Flawfinder: ignore */ + if(open) /* Flawfinder: ignore */ { selection->getParentFolder()->requestArrange(); } @@ -3312,7 +3312,7 @@ void LLFolderView::openSelectedItems( void ) { if (mSelectedItems.size() == 1) { - mSelectedItems.front()->open(); + mSelectedItems.front()->open(); /* Flawfinder: ignore */ } else { @@ -3326,11 +3326,11 @@ void LLFolderView::openSelectedItems( void ) selected_items_t::iterator item_it; for (item_it = mSelectedItems.begin(); item_it != mSelectedItems.end(); ++item_it) { - (*item_it)->open(); + (*item_it)->open(); /* Flawfinder: ignore */ } LLFloater::setFloaterHost(NULL); - multi_previewp->open(); + multi_previewp->open(); /* Flawfinder: ignore */ } } } @@ -3361,7 +3361,7 @@ void LLFolderView::propertiesSelectedItems( void ) } LLFloater::setFloaterHost(NULL); - multi_propertiesp->open(); + multi_propertiesp->open(); /* Flawfinder: ignore */ } } } diff --git a/indra/newview/llfolderview.h b/indra/newview/llfolderview.h index 08185e24fb..575d05cd0a 100644 --- a/indra/newview/llfolderview.h +++ b/indra/newview/llfolderview.h @@ -298,7 +298,7 @@ protected: // the specified selected item appropriately for display and use // in the UI. If open is TRUE, then folders are opened up along // the way to the selection. - void setSelectionFromRoot(LLFolderViewItem* selection, BOOL open, + void setSelectionFromRoot(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus = TRUE); // helper function to change the selection from the root. @@ -347,7 +347,7 @@ public: // ignore. Returns TRUE if this object was affected. If open is // TRUE, then folders are opened up along the way to the // selection. - virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, + virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus); // This method is used to toggle the selection of an item. If @@ -414,7 +414,7 @@ public: void rename(const LLString& new_name); // open - virtual void open( void ); + virtual void open( void ); /* Flawfinder: ignore */ virtual void preview(void); // Show children (unfortunate that this is called "open") @@ -539,7 +539,7 @@ public: // Passes selection information on to children and record // selection information if necessary. Returns TRUE if this object // (or a child) was affected. - virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, + virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus); // This method is used to change the selection of an item. If @@ -593,7 +593,7 @@ public: virtual void toggleOpen(); // Force a folder open or closed - virtual void setOpen(BOOL open = TRUE); + virtual void setOpen(BOOL open = TRUE); /* Flawfinder: ignore */ // Called when a child is refreshed. virtual void requestArrange(); @@ -602,7 +602,7 @@ public: // method was written because the list iterators destroy the state // of other iterations, thus, we can't arrange while iterating // through the children (such as when setting which is selected. - virtual void setOpenArrangeRecursively(BOOL open, ERecurseType recurse = RECURSE_NO); + virtual void setOpenArrangeRecursively(BOOL open, ERecurseType recurse = RECURSE_NO); /* Flawfinder: ignore */ // Get the current state of the folder. virtual BOOL isOpen() { return mIsOpen; } @@ -618,7 +618,7 @@ public: void applyFunctorRecursively(LLFolderViewFunctor& functor); virtual void applyListenerFunctorRecursively(LLFolderViewListenerFunctor& functor); - virtual void open( void ); + virtual void open( void ); /* Flawfinder: ignore */ virtual BOOL addItem(LLFolderViewItem* item); virtual BOOL addFolder( LLFolderViewFolder* folder); @@ -686,7 +686,7 @@ public: void openFolder(const LLString& foldername); virtual void toggleOpen() {}; - virtual void setOpenArrangeRecursively(BOOL open, ERecurseType recurse); + virtual void setOpenArrangeRecursively(BOOL open, ERecurseType recurse); /* Flawfinder: ignore */ virtual BOOL addFolder( LLFolderViewFolder* folder); // Finds width and height of this object and it's children. Also @@ -703,7 +703,7 @@ public: virtual LLFolderViewItem* getCurSelectedItem( void ); // Record the selected item and pass it down the hierachy. - virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, + virtual BOOL setSelection(LLFolderViewItem* selection, BOOL open, /* Flawfinder: ignore */ BOOL take_keyboard_focus); // This method is used to toggle the selection of an item. Walks diff --git a/indra/newview/llgesturemgr.cpp b/indra/newview/llgesturemgr.cpp index b9ae06963f..d66916e8f1 100644 --- a/indra/newview/llgesturemgr.cpp +++ b/indra/newview/llgesturemgr.cpp @@ -856,7 +856,13 @@ void LLGestureManager::onLoadComplete(LLVFS *vfs, S32 size = file.getSize(); char* buffer = new char[size+1]; - file.read((U8*)buffer, size); + if (buffer == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + + file.read((U8*)buffer, size); /* Flawfinder: ignore */ // ensure there's a trailing NULL so strlen will work. buffer[size] = '\0'; diff --git a/indra/newview/llgroupmgr.cpp b/indra/newview/llgroupmgr.cpp index 1d09d88486..33a675b59e 100644 --- a/indra/newview/llgroupmgr.cpp +++ b/indra/newview/llgroupmgr.cpp @@ -801,8 +801,8 @@ void LLGroupMgr::processGroupMembersReply(LLMessageSystem* msg, void** data) if (group_datap->mMemberCount > 0) { S32 contribution = 0; - char online_status[DB_DATETIME_BUF_SIZE]; - char title[DB_GROUP_TITLE_BUF_SIZE]; + char online_status[DB_DATETIME_BUF_SIZE]; /* Flawfinder: ignore */ + char title[DB_GROUP_TITLE_BUF_SIZE]; /* Flawfinder: ignore */ U64 agent_powers = 0; BOOL is_owner = FALSE; @@ -873,13 +873,13 @@ void LLGroupMgr::processGroupPropertiesReply(LLMessageSystem* msg, void** data) } LLUUID group_id; - char name[DB_GROUP_NAME_BUF_SIZE]; - char charter[DB_GROUP_CHARTER_BUF_SIZE]; + char name[DB_GROUP_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char charter[DB_GROUP_CHARTER_BUF_SIZE]; /* Flawfinder: ignore */ BOOL show_in_list = FALSE; LLUUID founder_id; U64 powers_mask = GP_NO_POWERS; S32 money = 0; - char member_title[DB_GROUP_TITLE_BUF_SIZE]; + char member_title[DB_GROUP_TITLE_BUF_SIZE]; /* Flawfinder: ignore */ LLUUID insignia_id; LLUUID owner_role; U32 membership_fee = 0; @@ -955,9 +955,9 @@ void LLGroupMgr::processGroupRoleDataReply(LLMessageSystem* msg, void** data) msg->getS32(_PREHASH_GroupData, "RoleCount", group_data->mRoleCount ); - char name[DB_GROUP_NAME_BUF_SIZE]; - char title[DB_GROUP_TITLE_BUF_SIZE]; - char desc[DB_GROUP_CHARTER_BUF_SIZE]; + char name[DB_GROUP_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char title[DB_GROUP_TITLE_BUF_SIZE]; /* Flawfinder: ignore */ + char desc[DB_GROUP_CHARTER_BUF_SIZE]; /* Flawfinder: ignore */ U64 powers = 0; U32 member_count = 0; LLUUID role_id; @@ -1133,7 +1133,7 @@ void LLGroupMgr::processGroupTitlesReply(LLMessageSystem* msg, void** data) return; } - char title_buf[DB_GROUP_TITLE_BUF_SIZE]; + char title_buf[DB_GROUP_TITLE_BUF_SIZE]; /* Flawfinder: ignore */ LLGroupTitle title; @@ -1222,7 +1222,7 @@ void LLGroupMgr::processCreateGroupReply(LLMessageSystem* msg, void ** data) { LLUUID group_id; BOOL success; - char message[MAX_STRING]; + char message[MAX_STRING]; /* Flawfinder: ignore */ msg->getUUIDFast(_PREHASH_ReplyData, _PREHASH_GroupID, group_id ); diff --git a/indra/newview/llimpanel.cpp b/indra/newview/llimpanel.cpp index 865de53512..b7a29b63b9 100644 --- a/indra/newview/llimpanel.cpp +++ b/indra/newview/llimpanel.cpp @@ -244,7 +244,7 @@ BOOL LLFloaterIMPanel::addParticipants(const LLDynamicArray<LLUUID>& ids) U8* pos = bucket; for(S32 i = 0; i < count; ++i) { - memcpy(pos, &(ids.get(i)), UUID_BYTES); + memcpy(pos, &(ids.get(i)), UUID_BYTES); /* Flawfinder: ignore */ pos += UUID_BYTES; } msg->addBinaryDataFast(_PREHASH_BinaryBucket, bucket, bucket_size); @@ -666,8 +666,9 @@ void LLFloaterIMPanel::sendMsg() gAgent.buildFullname(history_echo); // Look for IRC-style emotes here. - char tmpstr[5]; - strcpy(tmpstr,utf8_text.substr(0,4).c_str()); + char tmpstr[5]; /* Flawfinder: ignore */ + strncpy(tmpstr,utf8_text.substr(0,4).c_str(), sizeof(tmpstr) -1); /* Flawfinder: ignore */ + tmpstr[sizeof(tmpstr) -1] = '\0'; if (!strncmp(tmpstr, "/me ", 4) || !strncmp(tmpstr, "/me'", 4)) { utf8_text.replace(0,3,""); diff --git a/indra/newview/llimview.cpp b/indra/newview/llimview.cpp index f333f7bb6c..c093faa1ca 100644 --- a/indra/newview/llimview.cpp +++ b/indra/newview/llimview.cpp @@ -539,7 +539,7 @@ void LLIMView::setFloaterOpen(BOOL set_open) //RN "visible" and "open" are considered synonomous for now if (set_open) { - mTalkFloater->open(); + mTalkFloater->open(); /*Flawfinder: ignore*/ } else { @@ -682,8 +682,8 @@ void LLIMView::noteOfflineUsers(LLFloaterIMPanel* floater, for(S32 i = 0; i < count; ++i) { info = at.getBuddyInfo(ids.get(i)); - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ if(info && !info->isOnline() && gCacheName->getName(ids.get(i), first, last)) { diff --git a/indra/newview/llimview.h b/indra/newview/llimview.h index 3be1dace1a..8732484e0e 100644 --- a/indra/newview/llimview.h +++ b/indra/newview/llimview.h @@ -78,7 +78,7 @@ public: // IM received that you haven't seen yet BOOL getIMReceived() const; - void setFloaterOpen(BOOL open); + void setFloaterOpen(BOOL open); /*Flawfinder: ignore*/ BOOL getFloaterOpen(); LLFloaterIM * getFloater() { return mTalkFloater; } diff --git a/indra/newview/llinventorybridge.cpp b/indra/newview/llinventorybridge.cpp index a0f098790f..b2022eb658 100644 --- a/indra/newview/llinventorybridge.cpp +++ b/indra/newview/llinventorybridge.cpp @@ -690,7 +690,7 @@ void LLItemBridge::performAction(LLFolderView* folder, LLInventoryModel* model, LLInventoryItem* item = model->getItem(mUUID); if(!item) return; LLUUID asset_id = item->getAssetUUID(); - char buffer[UUID_STR_LENGTH]; + char buffer[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ asset_id.toString(buffer); gViewerWindow->mWindow->copyTextToClipboard(utf8str_to_wstring(buffer)); @@ -809,8 +809,8 @@ LLString LLItemBridge::getLabelSuffix() const const char* sxfer; if(xfer) sxfer = EMPTY; else sxfer = NO_XFER; - char buffer[MAX_STRING]; - snprintf( + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf( /*Flawfinder: ignore*/ buffer, MAX_STRING, "%s%s%s", diff --git a/indra/newview/llinventorymodel.cpp b/indra/newview/llinventorymodel.cpp index 0392b38aec..bdc57c798d 100644 --- a/indra/newview/llinventorymodel.cpp +++ b/indra/newview/llinventorymodel.cpp @@ -1131,11 +1131,11 @@ void LLInventoryModel::cache( items, INCLUDE_TRASH, can_cache); - char agent_id_str[UUID_STR_LENGTH]; - char inventory_filename[LL_MAX_PATH]; + char agent_id_str[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ + char inventory_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ agent_id.toString(agent_id_str); std::string path(gDirUtilp->getExpandedFilename(LL_PATH_CACHE, agent_id_str)); - snprintf( + snprintf( /*Flawfinder: ignore*/ inventory_filename, LL_MAX_PATH, CACHE_FORMAT_STRING, @@ -1420,11 +1420,11 @@ bool LLInventoryModel::loadSkeleton( { cat_array_t categories; item_array_t items; - char owner_id_str[UUID_STR_LENGTH]; + char owner_id_str[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ owner_id.toString(owner_id_str); std::string path(gDirUtilp->getExpandedFilename(LL_PATH_CACHE, owner_id_str)); - char inventory_filename[LL_MAX_PATH]; - snprintf( + char inventory_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf( /*Flawfinder: ignore*/ inventory_filename, LL_MAX_PATH, CACHE_FORMAT_STRING, @@ -1432,7 +1432,7 @@ bool LLInventoryModel::loadSkeleton( const S32 NO_VERSION = LLViewerInventoryCategory::VERSION_UNKNOWN; std::string gzip_filename(inventory_filename); gzip_filename.append(".gz"); - FILE* fp = LLFile::fopen(gzip_filename.c_str(), "rb"); + FILE* fp = LLFile::fopen(gzip_filename.c_str(), "rb"); /*Flawfinder: ignore*/ bool remove_inventory_file = false; if(fp) { @@ -1940,19 +1940,24 @@ bool LLInventoryModel::loadFromFile( LLInventoryModel::cat_array_t& categories, LLInventoryModel::item_array_t& items) { + if(!filename) + { + llerrs << "Filename is Null!" << llendl; + return false; + } llinfos << "LLInventoryModel::loadFromFile(" << filename << ")" << llendl; - FILE* file = LLFile::fopen(filename, "rb"); + FILE* file = LLFile::fopen(filename, "rb"); /*Flawfinder: ignore*/ if(!file) { llinfos << "unable to load inventory from: " << filename << llendl; return false; } // *NOTE: This buffer size is hard coded into scanf() below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + char keyword[MAX_STRING]; /*Flawfinder: ignore*/ while(!feof(file) && fgets(buffer, MAX_STRING, file)) { - sscanf(buffer, " %254s", keyword); + sscanf(buffer, " %254s", keyword); /* Flawfinder: ignore */ if(0 == strcmp("inv_category", keyword)) { LLPointer<LLViewerInventoryCategory> inv_cat = new LLViewerInventoryCategory(LLUUID::null); @@ -2008,8 +2013,13 @@ bool LLInventoryModel::saveToFile( const cat_array_t& categories, const item_array_t& items) { + if(!filename) + { + llerrs << "Filename is Null!" << llendl; + return false; + } llinfos << "LLInventoryModel::saveToFile(" << filename << ")" << llendl; - FILE* file = LLFile::fopen(filename, "wb"); + FILE* file = LLFile::fopen(filename, "wb"); /*Flawfinder: ignore*/ if(!file) { llwarns << "unable to save inventory to: " << filename << llendl; @@ -2795,7 +2805,7 @@ void LLInventoryModel::processMoveInventoryItem(LLMessageSystem* msg, void**) LLUUID item_id; LLUUID folder_id; - char new_name[MAX_STRING]; + char new_name[MAX_STRING]; /*Flawfinder: ignore*/ bool anything_changed = false; S32 count = msg->getNumberOfBlocksFast(_PREHASH_InventoryData); for(S32 i = 0; i < count; ++i) @@ -2818,7 +2828,7 @@ void LLInventoryModel::processMoveInventoryItem(LLMessageSystem* msg, void**) gInventory.accountForUpdate(update); new_item->setParent(folder_id); - if(strlen(new_name) > 0) + if(strlen(new_name) > 0) /*Flawfinder: ignore*/ { new_item->rename(new_name); } diff --git a/indra/newview/lllandmarklist.cpp b/indra/newview/lllandmarklist.cpp index 0fb32c2dc3..57684fbc18 100644 --- a/indra/newview/lllandmarklist.cpp +++ b/indra/newview/lllandmarklist.cpp @@ -65,7 +65,7 @@ void LLLandmarkList::processGetAssetReply( S32 file_length = file.getSize(); char* buffer = new char[ file_length + 1 ]; - file.read( (U8*)buffer, file_length); + file.read( (U8*)buffer, file_length); /*Flawfinder: ignore*/ buffer[ file_length ] = 0; LLLandmark* landmark = LLLandmark::constructFromString(buffer); diff --git a/indra/newview/lllogchat.cpp b/indra/newview/lllogchat.cpp index 32f0032b0b..2c26fede2d 100644 --- a/indra/newview/lllogchat.cpp +++ b/indra/newview/lllogchat.cpp @@ -24,7 +24,13 @@ LLString LLLogChat::makeLogFileName(LLString filename) //static void LLLogChat::saveHistory(LLString filename, LLString line) { - FILE *fp = LLFile::fopen(LLLogChat::makeLogFileName(filename).c_str(), "a"); + if(!filename.size()) + { + llinfos << "Filename is Empty!" << llendl; + return; + } + + FILE* fp = LLFile::fopen(LLLogChat::makeLogFileName(filename).c_str(), "a"); /*Flawfinder: ignore*/ if (!fp) { llinfos << "Couldn't open chat history log!" << llendl; @@ -39,14 +45,19 @@ void LLLogChat::saveHistory(LLString filename, LLString line) void LLLogChat::loadHistory(LLString filename , void (*callback)(LLString,void*), void* userdata) { - FILE *fptr = LLFile::fopen(makeLogFileName(filename).c_str(), "r"); + if(!filename.size()) + { + llerrs << "Filename is Empty!" << llendl; + } + + FILE* fptr = LLFile::fopen(makeLogFileName(filename).c_str(), "r"); /*Flawfinder: ignore*/ if (!fptr) { return; //No previous conversation with this name. } else { - char buffer[LOG_RECALL_SIZE]; + char buffer[LOG_RECALL_SIZE]; /*Flawfinder: ignore*/ char *bptr; S32 len; bool firstline=TRUE; @@ -63,7 +74,7 @@ void LLLogChat::loadHistory(LLString filename , void (*callback)(LLString,void*) while ( fgets(buffer, LOG_RECALL_SIZE, fptr) && !feof(fptr) ) { - len = strlen(buffer) - 1; + len = strlen(buffer) - 1; /*Flawfinder: ignore*/ for ( bptr = (buffer + len); (*bptr == '\n' || *bptr == '\r') && bptr>buffer; bptr--) *bptr='\0'; if (!firstline) diff --git a/indra/newview/llmanip.cpp b/indra/newview/llmanip.cpp index 74c7ae6c18..1eded15121 100644 --- a/indra/newview/llmanip.cpp +++ b/indra/newview/llmanip.cpp @@ -385,7 +385,7 @@ void LLManip::renderGuidelines(BOOL draw_x, BOOL draw_y, BOOL draw_z) void LLManip::renderXYZ(const LLVector3 &vec) { const S32 PAD = 10; - char feedback_string[128]; + char feedback_string[128]; /*Flawfinder: ignore*/ LLVector3 camera_pos = gCamera->getOrigin() + gCamera->getAtAxis(); S32 vertical_offset = gViewerWindow->getWindowHeight() / 2 - VERTICAL_OFFSET; S32 window_center_x = gViewerWindow->getWindowWidth() / 2; @@ -420,25 +420,25 @@ void LLManip::renderXYZ(const LLVector3 &vec) LLGLDepthTest gls_depth(GL_FALSE); LLGLEnable tex(GL_TEXTURE_2D); // render drop shadowed text - sprintf(feedback_string, "X: %.3f", vec.mV[VX]); + snprintf(feedback_string, sizeof(feedback_string), "X: %.3f", vec.mV[VX]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, -102.f + 1.f, (F32)vertical_offset - 1.f, LLColor4::black, FALSE); - sprintf(feedback_string, "Y: %.3f", vec.mV[VY]); + snprintf(feedback_string, sizeof(feedback_string), "Y: %.3f", vec.mV[VY]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, -27.f + 1.f, (F32)vertical_offset - 1.f, LLColor4::black, FALSE); - sprintf(feedback_string, "Z: %.3f", vec.mV[VZ]); + snprintf(feedback_string, sizeof(feedback_string), "Z: %.3f", vec.mV[VZ]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, 48.f + 1.f, (F32)vertical_offset - 1.f, LLColor4::black, FALSE); // render text on top - sprintf(feedback_string, "X: %.3f", vec.mV[VX]); + snprintf(feedback_string, sizeof(feedback_string), "X: %.3f", vec.mV[VX]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, -102.f, (F32)vertical_offset, LLColor4(1.f, 0.5f, 0.5f, 1.f), FALSE); glColor3f(0.5f, 1.f, 0.5f); - sprintf(feedback_string, "Y: %.3f", vec.mV[VY]); + snprintf(feedback_string, sizeof(feedback_string), "Y: %.3f", vec.mV[VY]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, -27.f, (F32)vertical_offset, LLColor4(0.5f, 1.f, 0.5f, 1.f), FALSE); glColor3f(0.5f, 0.5f, 1.f); - sprintf(feedback_string, "Z: %.3f", vec.mV[VZ]); + snprintf(feedback_string, sizeof(feedback_string), "Z: %.3f", vec.mV[VZ]); /*Flawfinder: ignore*/ hud_render_text(utf8str_to_wstring(feedback_string), camera_pos, *gResMgr->getRes( LLFONT_SANSSERIF ), LLFontGL::NORMAL, 48.f, (F32)vertical_offset, LLColor4(0.5f, 0.5f, 1.f, 1.f), FALSE); } } @@ -479,30 +479,30 @@ void LLManip::renderTickValue(const LLVector3& pos, F32 value, const char* suffi const LLFontGL* big_fontp = gResMgr->getRes( LLFONT_SANSSERIF ); const LLFontGL* small_fontp = gResMgr->getRes( LLFONT_SANSSERIF_SMALL ); - char val_string[128]; - char fraction_string[128]; + char val_string[128]; /*Flawfinder: ignore*/ + char fraction_string[128]; /*Flawfinder: ignore*/ F32 val_to_print = llround(value, 0.001f); S32 fractional_portion = llround(fmodf(llabs(val_to_print), 1.f) * 100.f); if (val_to_print < 0.f) { if (fractional_portion == 0) { - sprintf(val_string, "-%d%s", lltrunc(llabs(val_to_print)), suffix); + snprintf(val_string, sizeof(val_string), "-%d%s", lltrunc(llabs(val_to_print)), suffix); /*Flawfinder: ignore*/ } else { - sprintf(val_string, "-%d", lltrunc(llabs(val_to_print))); + snprintf(val_string, sizeof(val_string), "-%d", lltrunc(llabs(val_to_print))); /*Flawfinder: ignore*/ } } else { if (fractional_portion == 0) { - sprintf(val_string, "%d%s", lltrunc(llabs(val_to_print)), suffix); + snprintf(val_string, sizeof(val_string), "%d%s", lltrunc(llabs(val_to_print)), suffix); /*Flawfinder: ignore*/ } else { - sprintf(val_string, "%d", lltrunc(val_to_print)); + snprintf(val_string, sizeof(val_string), "%d", lltrunc(val_to_print)); /*Flawfinder: ignore*/ } } @@ -525,7 +525,7 @@ void LLManip::renderTickValue(const LLVector3& pos, F32 value, const char* suffi LLGLEnable tex(GL_TEXTURE_2D); if (fractional_portion != 0) { - sprintf(fraction_string, "%c%d%s", gResMgr->getDecimalPoint(), fractional_portion, suffix); + snprintf(fraction_string, sizeof(fraction_string), "%c%d%s", gResMgr->getDecimalPoint(), fractional_portion, suffix); /*Flawfinder: ignore*/ gViewerWindow->setupViewport(1, -1); hud_render_utf8text(val_string, render_pos, *big_fontp, LLFontGL::NORMAL, -1.f * big_fontp->getWidthF32(val_string), 3.f, shadow_color, hud_selection); diff --git a/indra/newview/llmorphview.cpp b/indra/newview/llmorphview.cpp index de4c6dcbd6..c1ae5e90d4 100644 --- a/indra/newview/llmorphview.cpp +++ b/indra/newview/llmorphview.cpp @@ -124,7 +124,7 @@ void LLMorphView::setVisible(BOOL visible) llassert( !gFloaterCustomize ); gFloaterCustomize = new LLFloaterCustomize(); gFloaterCustomize->fetchInventory(); - gFloaterCustomize->open(); + gFloaterCustomize->open(); /*Flawfinder: ignore*/ // Must do this _after_ gFloaterView is initialized. gFloaterCustomize->switchToDefaultSubpart(); diff --git a/indra/newview/llmoveview.cpp b/indra/newview/llmoveview.cpp index 8485a8b177..e5cae30600 100644 --- a/indra/newview/llmoveview.cpp +++ b/indra/newview/llmoveview.cpp @@ -116,12 +116,12 @@ void LLFloaterMove::show(void*) { if (sInstance) { - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } else { LLFloaterMove* f = new LLFloaterMove(); - f->open(); + f->open(); /*Flawfinder: ignore*/ } gSavedSettings.setBOOL("ShowMovementControls", TRUE); diff --git a/indra/newview/llmutelist.cpp b/indra/newview/llmutelist.cpp index 53b7bf80f7..874f315cc7 100644 --- a/indra/newview/llmutelist.cpp +++ b/indra/newview/llmutelist.cpp @@ -337,7 +337,13 @@ std::vector<LLMute> LLMuteList::getMutes() const //----------------------------------------------------------------------------- BOOL LLMuteList::loadFromFile(const LLString& filename) { - FILE* fp = LLFile::fopen(filename.c_str(), "rb"); + if(!filename.size()) + { + llwarns << "Mute List Filename is Empty!" << llendl; + return FALSE; + } + + FILE* fp = LLFile::fopen(filename.c_str(), "rb"); /*Flawfinder: ignore*/ if (!fp) { llwarns << "Couldn't open mute list " << filename << llendl; @@ -346,16 +352,17 @@ BOOL LLMuteList::loadFromFile(const LLString& filename) // *NOTE: Changing the size of these buffers will require changes // in the scanf below. - char id_buffer[MAX_STRING]; - char name_buffer[MAX_STRING]; - char buffer[MAX_STRING]; + char id_buffer[MAX_STRING]; /*Flawfinder: ignore*/ + char name_buffer[MAX_STRING]; /*Flawfinder: ignore*/ + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ while (!feof(fp) && fgets(buffer, MAX_STRING, fp)) { id_buffer[0] = '\0'; name_buffer[0] = '\0'; S32 type = 0; - sscanf(buffer, " %d %254s %254[^|]", &type, id_buffer, name_buffer); + sscanf( /* Flawfinder: ignore */ + buffer, " %d %254s %254[^|]", &type, id_buffer, name_buffer); LLUUID id = LLUUID(id_buffer); LLMute mute(id, name_buffer, (LLMute::EType)type); if (mute.mID.isNull() @@ -379,14 +386,20 @@ BOOL LLMuteList::loadFromFile(const LLString& filename) //----------------------------------------------------------------------------- BOOL LLMuteList::saveToFile(const LLString& filename) { - FILE* fp = LLFile::fopen(filename.c_str(), "wb"); + if(!filename.size()) + { + llwarns << "Mute List Filename is Empty!" << llendl; + return FALSE; + } + + FILE* fp = LLFile::fopen(filename.c_str(), "wb"); /*Flawfinder: ignore*/ if (!fp) { llwarns << "Couldn't open mute list " << filename << llendl; return FALSE; } // legacy mutes have null uuid - char id_string[UUID_STR_LENGTH]; + char id_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ LLUUID::null.toString(id_string); for (string_set_t::iterator it = mLegacyMutes.begin(); it != mLegacyMutes.end(); @@ -427,10 +440,10 @@ BOOL LLMuteList::isMuted(const LLUUID& id, const LLString& name) const //----------------------------------------------------------------------------- void LLMuteList::requestFromServer(const LLUUID& agent_id) { - char agent_id_string[UUID_STR_LENGTH]; - char filename[LL_MAX_PATH]; + char agent_id_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ agent_id.toString(agent_id_string); - sprintf(filename, "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); + snprintf(filename, sizeof(filename), "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); /*Flawfinder: ignore*/ LLCRC crc; crc.update(filename); @@ -453,10 +466,10 @@ void LLMuteList::cache(const LLUUID& agent_id) // Write to disk even if empty. if(mIsLoaded) { - char agent_id_string[UUID_STR_LENGTH]; - char filename[LL_MAX_PATH]; + char agent_id_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ agent_id.toString(agent_id_string); - sprintf(filename, "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); + snprintf(filename, sizeof(filename), "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); /*Flawfinder: ignore*/ saveToFile(filename); } } @@ -476,7 +489,7 @@ void LLMuteList::processMuteListUpdate(LLMessageSystem* msg, void**) llwarns << "Got an mute list update for the wrong agent." << llendl; return; } - char filename[MAX_STRING]; + char filename[MAX_STRING]; /*Flawfinder: ignore*/ filename[0] = '\0'; msg->getStringFast(_PREHASH_MuteData, _PREHASH_Filename, MAX_STRING, filename); @@ -496,10 +509,10 @@ void LLMuteList::processUseCachedMuteList(LLMessageSystem* msg, void**) llinfos << "LLMuteList::processUseCachedMuteList()" << llendl; if (!gMuteListp) return; - char agent_id_string[UUID_STR_LENGTH]; + char agent_id_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ gAgent.getID().toString(agent_id_string); - char filename[LL_MAX_PATH]; - sprintf(filename, "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(filename, sizeof(filename), "%s.cached_mute", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,agent_id_string).c_str()); /*Flawfinder: ignore*/ gMuteListp->loadFromFile(filename); } diff --git a/indra/newview/llnamebox.cpp b/indra/newview/llnamebox.cpp index 8782f529f1..789fc3d4d3 100644 --- a/indra/newview/llnamebox.cpp +++ b/indra/newview/llnamebox.cpp @@ -47,9 +47,9 @@ void LLNameBox::setNameID(const LLUUID& name_id, BOOL is_group) { mNameID = name_id; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLString name; if (!is_group) diff --git a/indra/newview/llnameeditor.cpp b/indra/newview/llnameeditor.cpp index bc6a105a51..ade4cf3473 100644 --- a/indra/newview/llnameeditor.cpp +++ b/indra/newview/llnameeditor.cpp @@ -67,9 +67,9 @@ void LLNameEditor::setNameID(const LLUUID& name_id, BOOL is_group) { mNameID = name_id; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLString name; if (!is_group) diff --git a/indra/newview/llnamelistctrl.cpp b/indra/newview/llnamelistctrl.cpp index 520dd06af1..ddf88c94df 100644 --- a/indra/newview/llnamelistctrl.cpp +++ b/indra/newview/llnamelistctrl.cpp @@ -50,8 +50,8 @@ BOOL LLNameListCtrl::addNameItem(const LLUUID& agent_id, EAddPosition pos, { //llinfos << "LLNameListCtrl::addNameItem " << agent_id << llendl; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ BOOL result = gCacheName->getName(agent_id, first, last); @@ -119,7 +119,7 @@ void LLNameListCtrl::addGroupNameItem(const LLUUID& group_id, EAddPosition pos, BOOL enabled) { //llinfos << "LLNameListCtrl::addGroupNameItem " << group_id << llendl; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getGroupName(group_id, group_name); addStringUUIDItem(group_name, group_id, pos, enabled); } @@ -130,7 +130,7 @@ void LLNameListCtrl::addGroupNameItem(LLScrollListItem* item, EAddPosition pos) { //llinfos << "LLNameListCtrl::addGroupNameItem " << item->getUUID() << llendl; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getGroupName(item->getUUID(), group_name); LLScrollListCell* cell = (LLScrollListCell*)item->getColumn(mNameColumnIndex); @@ -143,8 +143,8 @@ BOOL LLNameListCtrl::addNameItem(LLScrollListItem* item, EAddPosition pos) { //llinfos << "LLNameListCtrl::addNameItem " << item->getUUID() << llendl; - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ BOOL result = gCacheName->getName(item->getUUID(), first, last); @@ -165,8 +165,8 @@ LLScrollListItem* LLNameListCtrl::addElement(const LLSD& value, EAddPosition pos { LLScrollListItem* item = LLScrollListCtrl::addElement(value, pos, userdata); - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ gCacheName->getName(item->getUUID(), first, last); diff --git a/indra/newview/llnetmap.cpp b/indra/newview/llnetmap.cpp index 6be8bc8c78..26f4a2fb5b 100644 --- a/indra/newview/llnetmap.cpp +++ b/indra/newview/llnetmap.cpp @@ -590,7 +590,7 @@ BOOL LLNetMap::handleToolTip( S32 x, S32 y, LLString& msg, LLRect* sticky_rect_s msg.assign( region->getName() ); #ifndef LL_RELEASE_FOR_DOWNLOAD - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ msg.append("\n"); region->getHost().getHostName(buffer, MAX_STRING); msg.append(buffer); diff --git a/indra/newview/llpanelavatar.cpp b/indra/newview/llpanelavatar.cpp index 615086e7d4..653dd636f9 100644 --- a/indra/newview/llpanelavatar.cpp +++ b/indra/newview/llpanelavatar.cpp @@ -261,8 +261,8 @@ void LLPanelAvatarSecondLife::updatePartnerName() { if (mPartnerID.notNull()) { - char first[128]; - char last[128]; + char first[128]; /*Flawfinder: ignore*/ + char last[128]; /*Flawfinder: ignore*/ BOOL found = gCacheName->getName(mPartnerID, first, last); if (found) { @@ -873,7 +873,7 @@ void LLPanelAvatarClassified::processAvatarClassifiedReply(LLMessageSystem* msg, S32 block = 0; S32 block_count = 0; LLUUID classified_id; - char classified_name[DB_PICK_NAME_SIZE]; + char classified_name[DB_PICK_NAME_SIZE]; /*Flawfinder: ignore*/ LLPanelClassified* panel_classified = NULL; LLTabContainerCommon* tabs = LLViewerUICtrlFactory::getTabContainerByName(this,"classified tab"); @@ -1059,7 +1059,7 @@ void LLPanelAvatarPicks::processAvatarPicksReply(LLMessageSystem* msg, void**) S32 block = 0; S32 block_count = 0; LLUUID pick_id; - char pick_name[DB_PICK_NAME_SIZE]; + char pick_name[DB_PICK_NAME_SIZE]; /*Flawfinder: ignore*/ LLPanelPick* panel_pick = NULL; LLTabContainerCommon* tabs = LLUICtrlFactory::getTabContainerByName(this,"picks tab"); @@ -1702,16 +1702,16 @@ void LLPanelAvatar::processAvatarPropertiesReply(LLMessageSystem *msg, void**) LLUUID image_id; LLUUID fl_image_id; LLUUID partner_id; - char about_text[DB_USER_ABOUT_BUF_SIZE]; - char fl_about_text[DB_USER_FL_ABOUT_BUF_SIZE]; - char born_on[DB_BORN_BUF_SIZE]; + char about_text[DB_USER_ABOUT_BUF_SIZE]; /*Flawfinder: ignore*/ + char fl_about_text[DB_USER_FL_ABOUT_BUF_SIZE]; /*Flawfinder: ignore*/ + char born_on[DB_BORN_BUF_SIZE]; /*Flawfinder: ignore*/ S32 charter_member_size = 0; BOOL allow_publish = FALSE; //BOOL mature = FALSE; BOOL identified = FALSE; BOOL transacted = FALSE; BOOL online = FALSE; - char profile_url[DB_USER_PROFILE_URL_BUF_SIZE]; + char profile_url[DB_USER_PROFILE_URL_BUF_SIZE]; /*Flawfinder: ignore*/ U32 flags = 0x0; @@ -1767,7 +1767,7 @@ void LLPanelAvatar::processAvatarPropertiesReply(LLMessageSystem *msg, void**) } else if(1 < charter_member_size) { - char caption[MAX_STRING]; + char caption[MAX_STRING]; /*Flawfinder: ignore*/ msg->getString("PropertiesData", "CharterMember", MAX_STRING, caption); caption_text = caption; } @@ -1849,10 +1849,10 @@ void LLPanelAvatar::processAvatarInterestsReply(LLMessageSystem *msg, void**) LLUUID avatar_id; // target of this panel U32 want_to_mask; - char want_to_text[DB_USER_WANT_TO_BUF_SIZE]; + char want_to_text[DB_USER_WANT_TO_BUF_SIZE]; /*Flawfinder: ignore*/ U32 skills_mask; - char skills_text[DB_USER_SKILLS_BUF_SIZE]; - char languages_text[DB_USER_SKILLS_BUF_SIZE]; + char skills_text[DB_USER_SKILLS_BUF_SIZE]; /*Flawfinder: ignore*/ + char languages_text[DB_USER_SKILLS_BUF_SIZE]; /*Flawfinder: ignore*/ //llinfos << "properties packet size " << msg->getReceiveSize() << llendl; @@ -1884,9 +1884,9 @@ void LLPanelAvatar::processAvatarGroupsReply(LLMessageSystem *msg, void**) LLUUID agent_id; // your id LLUUID avatar_id; // target of this panel U64 group_powers; - char group_title[DB_GROUP_TITLE_BUF_SIZE]; + char group_title[DB_GROUP_TITLE_BUF_SIZE]; /*Flawfinder: ignore*/ LLUUID group_id; - char group_name[DB_GROUP_NAME_BUF_SIZE]; + char group_name[DB_GROUP_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ LLUUID group_insignia_id; const LLFontGL* FONT = LLFontGL::sSansSerifSmall; @@ -2098,10 +2098,10 @@ void LLPanelAvatar::processAvatarStatisticsReply(LLMessageSystem *msg, void**) S32 items = msg->getNumberOfBlocksFast(_PREHASH_StatisticsData); for (S32 i = 0; i < items; i++) { - char name[MAX_STRING]; + char name[MAX_STRING]; /*Flawfinder: ignore*/ S32 positive; S32 negative; - char value_string[MAX_STRING]; + char value_string[MAX_STRING]; /*Flawfinder: ignore*/ msg->getStringFast( _PREHASH_StatisticsData, _PREHASH_Name, MAX_STRING, name, i); @@ -2115,7 +2115,7 @@ void LLPanelAvatar::processAvatarStatisticsReply(LLMessageSystem *msg, void**) item = new LLScrollListItem(); item->addColumn( name, font, TEXT_WIDTH ); - sprintf( value_string, "+%d", positive); + snprintf( value_string, sizeof(value_string), "+%d", positive); /*Flawfinder: ignore*/ item->addColumn( value_string, font, 50 ); item->addColumn("", font); // extra column to force striped appearance @@ -2144,7 +2144,7 @@ void LLPanelAvatar::processAvatarNotesReply(LLMessageSystem *msg, void**) continue; } - char text[DB_USER_NOTE_SIZE]; + char text[DB_USER_NOTE_SIZE]; /*Flawfinder: ignore*/ msg->getString("Data", "Notes", DB_USER_NOTE_SIZE, text); self->childSetValue("notes edit", text); } diff --git a/indra/newview/llpanelclassified.cpp b/indra/newview/llpanelclassified.cpp index dbd97fc7d1..74600a262a 100644 --- a/indra/newview/llpanelclassified.cpp +++ b/indra/newview/llpanelclassified.cpp @@ -422,10 +422,10 @@ void LLPanelClassified::processClassifiedInfoReply(LLMessageSystem *msg, void ** LLUUID parcel_id; msg->getUUIDFast(_PREHASH_Data, _PREHASH_ParcelID, parcel_id); - char name[DB_PARCEL_NAME_SIZE]; + char name[DB_PARCEL_NAME_SIZE]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_Data, _PREHASH_Name, DB_PARCEL_NAME_SIZE, name); - char desc[DB_PICK_DESC_SIZE]; + char desc[DB_PICK_DESC_SIZE]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_Data, _PREHASH_Desc, DB_PICK_DESC_SIZE, desc); LLUUID snapshot_id; @@ -433,7 +433,7 @@ void LLPanelClassified::processClassifiedInfoReply(LLMessageSystem *msg, void ** // "Location text" is actually the original // name that owner gave the parcel, and the location. - char buffer[256]; + char buffer[256]; /*Flawfinder: ignore*/ LLString location_text; msg->getStringFast(_PREHASH_Data, _PREHASH_ParcelName, 256, buffer); @@ -447,7 +447,7 @@ void LLPanelClassified::processClassifiedInfoReply(LLMessageSystem *msg, void ** location_text.assign(""); } - char sim_name[256]; + char sim_name[256]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_Data, _PREHASH_SimName, 256, sim_name); LLVector3d pos_global; @@ -457,7 +457,7 @@ void LLPanelClassified::processClassifiedInfoReply(LLMessageSystem *msg, void ** S32 region_y = llround((F32)pos_global.mdV[VY]) % REGION_WIDTH_UNITS; S32 region_z = llround((F32)pos_global.mdV[VZ]); - sprintf(buffer, "%s (%d, %d, %d)", sim_name, region_x, region_y, region_z); + snprintf(buffer, sizeof(buffer), "%s (%d, %d, %d)", sim_name, region_x, region_y, region_z); /*Flawfinder: ignore*/ location_text.append(buffer); U8 flags; diff --git a/indra/newview/llpanelcontents.cpp b/indra/newview/llpanelcontents.cpp index e9b446568e..848a9c26ae 100644 --- a/indra/newview/llpanelcontents.cpp +++ b/indra/newview/llpanelcontents.cpp @@ -184,7 +184,7 @@ void LLPanelContents::onClickNewScript(void *userdata) "Script: New Script", object->mID, LLUUID::null); - editor->open(); + editor->open(); /*Flawfinder: ignore*/ // keep onscreen gFloaterView->adjustToFitScreen(editor, FALSE); diff --git a/indra/newview/llpanelgroupgeneral.cpp b/indra/newview/llpanelgroupgeneral.cpp index c996354044..06a7598918 100644 --- a/indra/newview/llpanelgroupgeneral.cpp +++ b/indra/newview/llpanelgroupgeneral.cpp @@ -619,7 +619,7 @@ void LLPanelGroupGeneral::update(LLGroupChange gc) } if ( mBtnJoinGroup ) { - char fee_buff[20]; + char fee_buff[20]; /*Flawfinder: ignore*/ bool visible; visible = !is_member && gdatap->mOpenEnrollment; @@ -627,7 +627,7 @@ void LLPanelGroupGeneral::update(LLGroupChange gc) if ( visible ) { - sprintf(fee_buff, "Join (L$%d)", gdatap->mMembershipFee); + snprintf(fee_buff, sizeof(fee_buff), "Join (L$%d)", gdatap->mMembershipFee); /*Flawfinder: ignore*/ mBtnJoinGroup->setLabelSelected(std::string(fee_buff)); mBtnJoinGroup->setLabelUnselected(std::string(fee_buff)); } diff --git a/indra/newview/llpanelgrouplandmoney.cpp b/indra/newview/llpanelgrouplandmoney.cpp index 1cff3a6ea4..f44afc136e 100644 --- a/indra/newview/llpanelgrouplandmoney.cpp +++ b/indra/newview/llpanelgrouplandmoney.cpp @@ -207,9 +207,9 @@ int LLPanelGroupLandMoney::impl::getStoredContribution() // Fills in the text field with the contribution, contrib void LLPanelGroupLandMoney::impl::setYourContributionTextField(int contrib) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore*/ buffer[0] = '\0'; - sprintf(buffer, "%d", contrib); + snprintf(buffer, sizeof(buffer), "%d", contrib); /* Flawfinder: ignore*/ if ( mYourContributionEditorp ) { @@ -220,10 +220,10 @@ void LLPanelGroupLandMoney::impl::setYourContributionTextField(int contrib) void LLPanelGroupLandMoney::impl::setYourMaxContributionTextBox(int max) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ buffer[0] = '\0'; - sprintf(buffer, "(%d max)", max); + snprintf(buffer, sizeof(buffer), "(%d max)", max); /*Flawfinder: ignore*/ if ( mYourContributionMaxTextp ) { mYourContributionMaxTextp->setText(buffer); @@ -288,15 +288,15 @@ void LLPanelGroupLandMoney::impl::processGroupLand(LLMessageSystem* msg) ++first_block; S32 total_contribution; msg->getS32("QueryData", "ActualArea", total_contribution, 0); - char buffer[MAX_STRING]; - sprintf(buffer, "%d sq. meters", total_contribution); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "%d sq. meters", total_contribution); /*Flawfinder: ignore*/ mTotalContributedLandp->setText(buffer); S32 committed; msg->getS32("QueryData", "BillableArea", committed, 0); - sprintf(buffer, "%d sq. meters", committed); + snprintf(buffer, sizeof(buffer), "%d sq. meters", committed); /*Flawfinder: ignore*/ mTotalLandInUsep->setText(buffer); S32 available = total_contribution - committed; - sprintf(buffer, "%d sq. meters", available); + snprintf(buffer, sizeof(buffer), "%d sq. meters", available); /*Flawfinder: ignore*/ mLandAvailablep->setText(buffer); buffer[0] = '\0'; if ( mGroupOverLimitTextp && mGroupOverLimitIconp ) @@ -317,14 +317,14 @@ void LLPanelGroupLandMoney::impl::processGroupLand(LLMessageSystem* msg) mMapButtonp->setEnabled(TRUE); } - char name[MAX_STRING]; - char desc[MAX_STRING]; + char name[MAX_STRING]; /*Flawfinder: ignore*/ + char desc[MAX_STRING]; /*Flawfinder: ignore*/ S32 actual_area; S32 billable_area; U8 flags; F32 global_x; F32 global_y; - char sim_name[MAX_STRING]; + char sim_name[MAX_STRING]; /*Flawfinder: ignore*/ for(S32 i = first_block; i < count; ++i) { msg->getUUID("QueryData", "OwnerID", owner_id, i); @@ -339,19 +339,19 @@ void LLPanelGroupLandMoney::impl::processGroupLand(LLMessageSystem* msg) S32 region_x = llround(global_x) % REGION_WIDTH_UNITS; S32 region_y = llround(global_y) % REGION_WIDTH_UNITS; - char location[MAX_STRING]; - sprintf(location, "%s (%d, %d)", sim_name, region_x, region_y); - char area[MAX_STRING]; + char location[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(location, MAX_STRING, "%s (%d, %d)", sim_name, region_x, region_y); /*Flawfinder: ignore*/ + char area[MAX_STRING]; /*Flawfinder: ignore*/ if(billable_area == actual_area) { - sprintf(area, "%d", billable_area); + snprintf(area, MAX_STRING, "%d", billable_area); /*Flawfinder: ignore*/ } else { - sprintf(area, "%d / %d", billable_area, actual_area); + snprintf(area, MAX_STRING, "%d / %d", billable_area, actual_area); /*Flawfinder: ignore*/ } - char hidden[MAX_STRING]; - sprintf(hidden, "%f %f", global_x, global_y); + char hidden[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(hidden, MAX_STRING, "%f %f", global_x, global_y); /*Flawfinder: ignore*/ LLSD row; @@ -958,10 +958,10 @@ void LLGroupMoneyDetailsTabEventHandler::processReply(LLMessageSystem* msg, return; } - char line[MAX_STRING]; + char line[MAX_STRING]; /*Flawfinder: ignore*/ LLString text; - char start_date[MAX_STRING]; + char start_date[MAX_STRING]; /*Flawfinder: ignore*/ S32 interval_days; S32 current_interval; @@ -977,7 +977,7 @@ void LLGroupMoneyDetailsTabEventHandler::processReply(LLMessageSystem* msg, return; } - sprintf(line, "%s\n\n", start_date); + snprintf(line, MAX_STRING, "%s\n\n", start_date); /*Flawfinder: ignore*/ text.append(line); S32 total_amount = 0; @@ -985,14 +985,14 @@ void LLGroupMoneyDetailsTabEventHandler::processReply(LLMessageSystem* msg, for(S32 i = 0; i < transactions; i++) { S32 amount = 0; - char desc[MAX_STRING]; + char desc[MAX_STRING]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_HistoryData, _PREHASH_Description, MAX_STRING, desc, i ); msg->getS32Fast(_PREHASH_HistoryData, _PREHASH_Amount, amount, i); if (amount != 0) { - sprintf(line, "%-24s %6d\n", desc, amount ); + snprintf(line, MAX_STRING, "%-24s %6d\n", desc, amount ); /*Flawfinder: ignore*/ text.append(line); } else @@ -1005,7 +1005,7 @@ void LLGroupMoneyDetailsTabEventHandler::processReply(LLMessageSystem* msg, text.append(1, '\n'); - sprintf(line, "%-24s %6d\n", "Total", total_amount ); + snprintf(line, MAX_STRING, "%-24s %6d\n", "Total", total_amount ); /*Flawfinder: ignore*/ text.append(line); if ( mImplementationp->mTextEditorp ) @@ -1097,10 +1097,10 @@ void LLGroupMoneySalesTabEventHandler::processReply(LLMessageSystem* msg, return; } - char line[MAX_STRING]; + char line[MAX_STRING]; /*Flawfinder: ignore*/ std::string text = mImplementationp->mTextEditorp->getText(); - char start_date[MAX_STRING]; + char start_date[MAX_STRING]; /*Flawfinder: ignore*/ S32 interval_days; S32 current_interval; @@ -1122,7 +1122,7 @@ void LLGroupMoneySalesTabEventHandler::processReply(LLMessageSystem* msg, { text.clear(); - sprintf(line, "%s\n\n", start_date); + snprintf(line, MAX_STRING, "%s\n\n", start_date); /*Flawfinder: ignore*/ text.append(line); } @@ -1136,11 +1136,11 @@ void LLGroupMoneySalesTabEventHandler::processReply(LLMessageSystem* msg, for(S32 i = 0; i < transactions; i++) { const S32 SHORT_STRING = 64; - char time[SHORT_STRING]; + char time[SHORT_STRING]; /*Flawfinder: ignore*/ S32 type = 0; S32 amount = 0; - char user[SHORT_STRING]; - char item[SHORT_STRING]; + char user[SHORT_STRING]; /*Flawfinder: ignore*/ + char item[SHORT_STRING]; /*Flawfinder: ignore*/ msg->getStringFast(_PREHASH_HistoryData, _PREHASH_Time, SHORT_STRING, time, i); msg->getStringFast(_PREHASH_HistoryData, _PREHASH_User, SHORT_STRING, user, i ); @@ -1177,7 +1177,7 @@ void LLGroupMoneySalesTabEventHandler::processReply(LLMessageSystem* msg, break; } - sprintf(line, "%s %6d - %s %s %s\n", time, amount, user, verb, item); + snprintf(line, sizeof(line), "%s %6d - %s %s %s\n", time, amount, user, verb, item); /*Flawfinder: ignore*/ text.append(line); } } @@ -1273,12 +1273,12 @@ void LLGroupMoneyPlanningTabEventHandler::processReply(LLMessageSystem* msg, return; } - char line[MAX_STRING]; + char line[MAX_STRING]; /*Flawfinder: ignore*/ LLString text; - char start_date[MAX_STRING]; - char last_stipend_date[MAX_STRING]; - char next_stipend_date[MAX_STRING]; + char start_date[MAX_STRING]; /*Flawfinder: ignore*/ + char last_stipend_date[MAX_STRING]; /*Flawfinder: ignore*/ + char next_stipend_date[MAX_STRING]; /*Flawfinder: ignore*/ S32 interval_days; S32 current_interval; S32 balance; @@ -1330,26 +1330,26 @@ void LLGroupMoneyPlanningTabEventHandler::processReply(LLMessageSystem* msg, return; } - sprintf(line, "Summary for this week, beginning on %s\n", start_date); + snprintf(line, MAX_STRING, "Summary for this week, beginning on %s\n", start_date); /*Flawfinder: ignore*/ text.append(line); if (current_interval == 0) { - sprintf(line, "The next stipend day is %s\n\n", next_stipend_date); + snprintf(line, MAX_STRING, "The next stipend day is %s\n\n", next_stipend_date); /*Flawfinder: ignore*/ text.append(line); - sprintf(line, "%-24sL$%6d\n", "Balance", balance ); + snprintf(line, MAX_STRING, "%-24sL$%6d\n", "Balance", balance ); /*Flawfinder: ignore*/ text.append(line); text.append(1, '\n'); } - sprintf(line, " Group Individual Share\n"); + snprintf(line, MAX_STRING, " Group Individual Share\n"); /*Flawfinder: ignore*/ text.append(line); - sprintf(line, "%-24s %6d %6d \n", "Credits", total_credits, (S32)floor((F32)total_credits/(F32)non_exempt_members)); + snprintf(line, MAX_STRING, "%-24s %6d %6d \n", "Credits", total_credits, (S32)floor((F32)total_credits/(F32)non_exempt_members)); /*Flawfinder: ignore*/ text.append(line); - sprintf(line, "%-24s %6d %6d \n", "Debits", total_debits, (S32)floor((F32)total_debits/(F32)non_exempt_members)); + snprintf(line, MAX_STRING, "%-24s %6d %6d \n", "Debits", total_debits, (S32)floor((F32)total_debits/(F32)non_exempt_members)); /*Flawfinder: ignore*/ text.append(line); - sprintf(line, "%-24s %6d %6d \n", "Total", total_credits + total_debits, (S32)floor((F32)(total_credits + total_debits)/(F32)non_exempt_members)); + snprintf(line, MAX_STRING, "%-24s %6d %6d \n", "Total", total_credits + total_debits, (S32)floor((F32)(total_credits + total_debits)/(F32)non_exempt_members)); /*Flawfinder: ignore*/ text.append(line); if ( mImplementationp->mTextEditorp ) diff --git a/indra/newview/llpanelgroupnotices.cpp b/indra/newview/llpanelgroupnotices.cpp index 4b2b200f3f..1cef8153b8 100644 --- a/indra/newview/llpanelgroupnotices.cpp +++ b/indra/newview/llpanelgroupnotices.cpp @@ -162,7 +162,7 @@ char* build_notice_date(const time_t& the_time, char* buffer) tm* lt = localtime(&t); //for some reason, the month is off by 1. See other uses of //"local" time in the code... - sprintf(buffer,"%i/%i/%i", lt->tm_mon + 1, lt->tm_mday, lt->tm_year + 1900); + snprintf(buffer, sizeof(buffer), "%i/%i/%i", lt->tm_mon + 1, lt->tm_mday, lt->tm_year + 1900); /*Flawfinder: ignore*/ return buffer; } @@ -428,8 +428,8 @@ void LLPanelGroupNotices::processGroupNoticesListReply(LLMessageSystem* msg, voi void LLPanelGroupNotices::processNotices(LLMessageSystem* msg) { LLUUID id; - char subj[MAX_STRING]; - char name[MAX_STRING]; + char subj[MAX_STRING]; /*Flawfinder: ignore*/ + char name[MAX_STRING]; /*Flawfinder: ignore*/ U32 timestamp; BOOL has_attachment; U8 asset_type; @@ -473,12 +473,12 @@ void LLPanelGroupNotices::processNotices(LLMessageSystem* msg) row["columns"][2]["column"] = "from"; row["columns"][2]["value"] = name; - char buffer[30]; + char buffer[30]; /*Flawfinder: ignore*/ build_notice_date(t, buffer); row["columns"][3]["column"] = "date"; row["columns"][3]["value"] = buffer; - snprintf(buffer, 30, "%u", timestamp); + snprintf(buffer, 30, "%u", timestamp); /*Flawfinder: ignore*/ row["columns"][4]["column"] = "sort"; row["columns"][4]["value"] = buffer; diff --git a/indra/newview/llpanelgrouproles.cpp b/indra/newview/llpanelgrouproles.cpp index ccec55efce..4b90a205d6 100644 --- a/indra/newview/llpanelgrouproles.cpp +++ b/indra/newview/llpanelgrouproles.cpp @@ -1677,8 +1677,8 @@ void LLPanelGroupMembersSubTab::updateMembers() LLGroupMgrGroupData::member_iter end = gdatap->mMembers.end(); - char first[DB_FIRST_NAME_BUF_SIZE]; - char last[DB_LAST_NAME_BUF_SIZE]; + char first[DB_FIRST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ + char last[DB_LAST_NAME_BUF_SIZE]; /*Flawfinder: ignore*/ S32 i = 0; for( ; mMemberProgress != end && i<UPDATE_MEMBERS_PER_FRAME; ++mMemberProgress, ++i) diff --git a/indra/newview/llpanellogin.cpp b/indra/newview/llpanellogin.cpp index dfaf872d92..05897c6bd9 100644 --- a/indra/newview/llpanellogin.cpp +++ b/indra/newview/llpanellogin.cpp @@ -499,14 +499,15 @@ void LLPanelLogin::setFields(const std::string& firstname, const std::string& la // nice row of asterixes. const char* filler = "123456789!123456"; sInstance->childSetText("password_edit", filler); - strcpy(sInstance->mIncomingPassword, filler); - strcpy(sInstance->mMungedPassword, password.c_str()); + strcpy(sInstance->mIncomingPassword, filler); /*Flawfinder: ignore*/ + strcpy(sInstance->mMungedPassword, password.c_str()); /*Flawfinder: ignore*/ } else { // this is a normal text password sInstance->childSetText("password_edit", password); - strcpy(sInstance->mIncomingPassword, password.c_str()); + strncpy(sInstance->mIncomingPassword, password.c_str(), sizeof(sInstance->mIncomingPassword) -1); /*Flawfinder: ignore*/ + sInstance->mIncomingPassword[sizeof(sInstance->mIncomingPassword) -1] = '\0'; LLMD5 pass((unsigned char *)password.c_str()); pass.hex_digest(sInstance->mMungedPassword); } diff --git a/indra/newview/llpanellogin.h b/indra/newview/llpanellogin.h index 060f2f6732..801b06ba55 100644 --- a/indra/newview/llpanellogin.h +++ b/indra/newview/llpanellogin.h @@ -72,8 +72,8 @@ private: void (*mCallback)(S32 option, void *userdata); void* mCallbackData; - char mIncomingPassword[DB_USER_PASSWORD_BUF_SIZE]; - char mMungedPassword[MD5HEX_STR_SIZE]; + char mIncomingPassword[DB_USER_PASSWORD_BUF_SIZE]; /*Flawfinder: ignore*/ + char mMungedPassword[MD5HEX_STR_SIZE]; /*Flawfinder: ignore*/ static LLPanelLogin* sInstance; static BOOL sCapslockDidNotification; diff --git a/indra/newview/llpanelpermissions.cpp b/indra/newview/llpanelpermissions.cpp index d3642838b2..adcf17febf 100644 --- a/indra/newview/llpanelpermissions.cpp +++ b/indra/newview/llpanelpermissions.cpp @@ -364,8 +364,8 @@ void LLPanelPermissions::refresh() } else { - char buffer[MAX_STRING]; - sprintf(buffer, "%d Objects, ", obj_count); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, MAX_STRING, "%d Objects, ", obj_count); /*Flawfinder: ignore*/ object_info_string.assign(buffer); } if (1 == prim_count) @@ -374,8 +374,8 @@ void LLPanelPermissions::refresh() } else { - char buffer[MAX_STRING]; - sprintf(buffer, "%d Primitives", prim_count); + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ + snprintf(buffer, MAX_STRING, "%d Primitives", prim_count); /*Flawfinder: ignore*/ object_info_string.append(buffer); } childSetText("prim info",object_info_string); @@ -477,36 +477,36 @@ void LLPanelPermissions::refresh() if( gSavedSettings.getBOOL("DebugPermissions") ) { - char perm_string[10]; + char perm_string[10]; /*Flawfinder: ignore*/ if (valid_base_perms) { - strcpy(perm_string, "B: "); + strcpy(perm_string, "B: "); /*Flawfinder: ignore*/ mask_to_string(base_mask_on, perm_string+3); childSetText("B:",perm_string); childSetVisible("B:",true); - strcpy(perm_string, "O: "); + strcpy(perm_string, "O: "); /*Flawfinder: ignore*/ mask_to_string(owner_mask_on, perm_string+3); childSetText("O:",perm_string); childSetVisible("O:",true); - strcpy(perm_string, "G: "); + strcpy(perm_string, "G: "); /*Flawfinder: ignore*/ mask_to_string(group_mask_on, perm_string+3); childSetText("G:",perm_string); childSetVisible("G:",true); - strcpy(perm_string, "E: "); + strcpy(perm_string, "E: "); /*Flawfinder: ignore*/ mask_to_string(everyone_mask_on, perm_string+3); childSetText("E:",perm_string); childSetVisible("E:",true); - strcpy(perm_string, "N: "); + strcpy(perm_string, "N: "); /*Flawfinder: ignore*/ mask_to_string(next_owner_mask_on, perm_string+3); childSetText("N:",perm_string); childSetVisible("N:",true); } - strcpy(perm_string, "F: "); + strcpy(perm_string, "F: "); /*Flawfinder: ignore*/ U32 flag_mask = 0x0; if (objectp->permMove()) flag_mask |= PERM_MOVE; diff --git a/indra/newview/llpanelpick.cpp b/indra/newview/llpanelpick.cpp index 9ad039d01b..6c5dcc1f45 100644 --- a/indra/newview/llpanelpick.cpp +++ b/indra/newview/llpanelpick.cpp @@ -270,10 +270,10 @@ void LLPanelPick::processPickInfoReply(LLMessageSystem *msg, void **) LLUUID parcel_id; msg->getUUID("Data", "ParcelID", parcel_id); - char name[DB_PARCEL_NAME_SIZE]; + char name[DB_PARCEL_NAME_SIZE]; /*Flawfinder: ignore*/ msg->getString("Data", "Name", DB_PARCEL_NAME_SIZE, name); - char desc[DB_PICK_DESC_SIZE]; + char desc[DB_PICK_DESC_SIZE]; /*Flawfinder: ignore*/ msg->getString("Data", "Desc", DB_PICK_DESC_SIZE, desc); LLUUID snapshot_id; @@ -281,7 +281,7 @@ void LLPanelPick::processPickInfoReply(LLMessageSystem *msg, void **) // "Location text" is actually the owner name, the original // name that owner gave the parcel, and the location. - char buffer[256]; + char buffer[256]; /*Flawfinder: ignore*/ LLString location_text; msg->getString("Data", "User", 256, buffer); @@ -295,7 +295,7 @@ void LLPanelPick::processPickInfoReply(LLMessageSystem *msg, void **) location_text.append(", "); } - char sim_name[256]; + char sim_name[256]; /*Flawfinder: ignore*/ msg->getString("Data", "SimName", 256, sim_name); LLVector3d pos_global; @@ -305,7 +305,7 @@ void LLPanelPick::processPickInfoReply(LLMessageSystem *msg, void **) S32 region_y = llround((F32)pos_global.mdV[VY]) % REGION_WIDTH_UNITS; S32 region_z = llround((F32)pos_global.mdV[VZ]); - sprintf(buffer, "%s (%d, %d, %d)", sim_name, region_x, region_y, region_z); + snprintf(buffer, sizeof(buffer), "%s (%d, %d, %d)", sim_name, region_x, region_y, region_z); /*Flawfinder: ignore*/ location_text.append(buffer); S32 sort_order; @@ -340,7 +340,7 @@ void LLPanelPick::processPickInfoReply(LLMessageSystem *msg, void **) self->mLocationEditor->setText(location_text); self->mEnabledCheck->set(enabled); - sprintf(buffer, "%d", sort_order); + snprintf(buffer, sizeof(buffer), "%d", sort_order); /*Flawfinder: ignore*/ self->mSortOrderEditor->setText(buffer); } } diff --git a/indra/newview/llpanelplace.cpp b/indra/newview/llpanelplace.cpp index 45ca1b0871..ade30bf1f9 100644 --- a/indra/newview/llpanelplace.cpp +++ b/indra/newview/llpanelplace.cpp @@ -120,20 +120,20 @@ void LLPanelPlace::processParcelInfoReply(LLMessageSystem *msg, void **) LLUUID agent_id; LLUUID parcel_id; LLUUID owner_id; - char name[MAX_STRING]; - char desc[MAX_STRING]; + char name[MAX_STRING]; /*Flawfinder: ignore*/ + char desc[MAX_STRING]; /*Flawfinder: ignore*/ S32 actual_area; S32 billable_area; U8 flags; F32 global_x; F32 global_y; F32 global_z; - char sim_name[MAX_STRING]; + char sim_name[MAX_STRING]; /*Flawfinder: ignore*/ LLUUID snapshot_id; F32 dwell; S32 sale_price; S32 auction_id; - char buffer[256]; + char buffer[256]; /*Flawfinder: ignore*/ msg->getUUID("AgentData", "AgentID", agent_id ); msg->getUUID("Data", "ParcelID", parcel_id); @@ -174,16 +174,16 @@ void LLPanelPlace::processParcelInfoReply(LLMessageSystem *msg, void **) self->mDescEditor->setText(desc); LLString info; - sprintf(buffer, "Traffic: %.0f, Area: %d sq. m.", dwell, actual_area); + snprintf(buffer, sizeof(buffer), "Traffic: %.0f, Area: %d sq. m.", dwell, actual_area); /*Flawfinder: ignore*/ info.append(buffer); if (flags & DFQ_FOR_SALE) { - sprintf(buffer, ", For Sale for L$%d", sale_price); + snprintf(buffer, sizeof(buffer), ", For Sale for L$%d", sale_price); /*Flawfinder: ignore*/ info.append(buffer); } if (auction_id != 0) { - sprintf(buffer, ", Auction ID %010d", auction_id); + snprintf(buffer, sizeof(buffer), ", Auction ID %010d", auction_id); /*Flawfinder: ignore*/ info.append(buffer); } self->mInfoEditor->setText(info); @@ -199,7 +199,7 @@ void LLPanelPlace::processParcelInfoReply(LLMessageSystem *msg, void **) rating = LLViewerRegion::accessToString(SIM_ACCESS_MATURE); } - sprintf(buffer, "%s %d, %d, %d (%s)", + snprintf(buffer, sizeof(buffer), "%s %d, %d, %d (%s)", /*Flawfinder: ignore*/ sim_name, region_x, region_y, region_z, rating); self->mLocationEditor->setText(buffer); @@ -261,8 +261,8 @@ void LLPanelPlace::callbackAuctionWebPage(S32 option, void* data) if (0 == option) { - char url[256]; - sprintf(url, "%s%010d", AUCTION_URL, self->mAuctionID); + char url[256]; /*Flawfinder: ignore*/ + snprintf(url, sizeof(url), "%s%010d", AUCTION_URL, self->mAuctionID); /*Flawfinder: ignore*/ llinfos << "Loading auction page " << url << llendl; diff --git a/indra/newview/llpolymesh.cpp b/indra/newview/llpolymesh.cpp index 593a502b37..76769c6c7c 100644 --- a/indra/newview/llpolymesh.cpp +++ b/indra/newview/llpolymesh.cpp @@ -242,7 +242,12 @@ BOOL LLPolyMeshSharedData::loadMesh( const char *fileName ) //------------------------------------------------------------------------- // Open the file //------------------------------------------------------------------------- - FILE *fp = LLFile::fopen(fileName, "rb"); + if(!fileName) + { + llerrs << "Filename is Empty!" << llendl; + return FALSE; + } + FILE* fp = LLFile::fopen(fileName, "rb"); /*Flawfinder: ignore*/ if (!fp) { llerrs << "can't open: " << fileName << llendl; @@ -252,14 +257,14 @@ BOOL LLPolyMeshSharedData::loadMesh( const char *fileName ) //------------------------------------------------------------------------- // Read a chunk //------------------------------------------------------------------------- - char header[128]; + char header[128]; /*Flawfinder: ignore*/ fread(header, sizeof(char), 128, fp); //------------------------------------------------------------------------- // Check for proper binary header //------------------------------------------------------------------------- BOOL status = FALSE; - if ( strncmp(header, HEADER_BINARY, strlen(HEADER_BINARY)) == 0 ) + if ( strncmp(header, HEADER_BINARY, strlen(HEADER_BINARY)) == 0 ) /*Flawfinder: ignore*/ { lldebugs << "Loading " << fileName << llendl; @@ -522,7 +527,7 @@ BOOL LLPolyMeshSharedData::loadMesh( const char *fileName ) //---------------------------------------------------------------- for (i=0; i < numSkinJoints; i++) { - char jointName[64]; + char jointName[64]; /*Flawfinder: ignore*/ numRead = fread(jointName, sizeof(jointName), 1, fp); if (numRead != 1) { @@ -536,7 +541,7 @@ BOOL LLPolyMeshSharedData::loadMesh( const char *fileName ) //------------------------------------------------------------------------- // look for morph section //------------------------------------------------------------------------- - char morphName[64]; + char morphName[64]; /*Flawfinder: ignore*/ while(fread(&morphName, sizeof(char), 64, fp) == 64) { if (!strcmp(morphName, "End Morphs")) @@ -720,8 +725,8 @@ LLPolyMesh *LLPolyMesh::getMesh(const LLString &name, LLPolyMesh* reference_mesh //------------------------------------------------------------------------- // if not found, create a new one, add it to the list //------------------------------------------------------------------------- - char full_path[LL_MAX_PATH]; - sprintf(full_path, "%s", (gDirUtilp->getExpandedFilename(LL_PATH_CHARACTER,name.c_str())).c_str()); + char full_path[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(full_path, LL_MAX_PATH, "%s", (gDirUtilp->getExpandedFilename(LL_PATH_CHARACTER,name.c_str())).c_str()); /*Flawfinder: ignore*/ LLPolyMeshSharedData *mesh_data = new LLPolyMeshSharedData(); if (reference_mesh) @@ -780,7 +785,7 @@ void LLPolyMesh::dumpDiagInfo() U32 total_faces = 0; U32 total_kb = 0; - char buf[1024]; + char buf[1024]; /*Flawfinder: ignore*/ llinfos << "-----------------------------------------------------" << llendl; llinfos << " Global PolyMesh Table (DEBUG only)" << llendl; @@ -799,7 +804,7 @@ void LLPolyMesh::dumpDiagInfo() S32 num_faces = mesh.mNumFaces; U32 num_kb = mesh.getNumKB(); - sprintf(buf, "%8d %8d %8d %s", num_verts, num_faces, num_kb, mesh_name_p->c_str()); + snprintf(buf, sizeof(buf), "%8d %8d %8d %s", num_verts, num_faces, num_kb, mesh_name_p->c_str()); /*Flawfinder: ignore*/ llinfos << buf << llendl; total_verts += num_verts; @@ -808,7 +813,7 @@ void LLPolyMesh::dumpDiagInfo() } llinfos << "-----------------------------------------------------" << llendl; - sprintf(buf, "%8d %8d %8d TOTAL", total_verts, total_faces, total_kb ); + snprintf(buf, sizeof(buf), "%8d %8d %8d TOTAL", total_verts, total_faces, total_kb ); /*Flawfinder: ignore*/ llinfos << buf << llendl; llinfos << "-----------------------------------------------------" << llendl; } @@ -887,12 +892,12 @@ void LLPolyMesh::initializeForMorph() if (!mSharedData) return; - memcpy(mCoords, mSharedData->mBaseCoords, sizeof(LLVector3) * mSharedData->mNumVertices); - memcpy(mNormals, mSharedData->mBaseNormals, sizeof(LLVector3) * mSharedData->mNumVertices); - memcpy(mScaledNormals, mSharedData->mBaseNormals, sizeof(LLVector3) * mSharedData->mNumVertices); - memcpy(mBinormals, mSharedData->mBaseBinormals, sizeof(LLVector3) * mSharedData->mNumVertices); - memcpy(mScaledBinormals, mSharedData->mBaseBinormals, sizeof(LLVector3) * mSharedData->mNumVertices); - memcpy(mTexCoords, mSharedData->mTexCoords, sizeof(LLVector2) * mSharedData->mNumVertices); + memcpy(mCoords, mSharedData->mBaseCoords, sizeof(LLVector3) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ + memcpy(mNormals, mSharedData->mBaseNormals, sizeof(LLVector3) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ + memcpy(mScaledNormals, mSharedData->mBaseNormals, sizeof(LLVector3) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ + memcpy(mBinormals, mSharedData->mBaseBinormals, sizeof(LLVector3) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ + memcpy(mScaledBinormals, mSharedData->mBaseBinormals, sizeof(LLVector3) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ + memcpy(mTexCoords, mSharedData->mTexCoords, sizeof(LLVector2) * mSharedData->mNumVertices); /*Flawfinder: ignore*/ memset(mClothingWeights, 0, sizeof(LLVector4) * mSharedData->mNumVertices); } diff --git a/indra/newview/llpolymorph.cpp b/indra/newview/llpolymorph.cpp index 317550a383..9cbe6522cb 100644 --- a/indra/newview/llpolymorph.cpp +++ b/indra/newview/llpolymorph.cpp @@ -30,8 +30,8 @@ LLPolyMorphData::LLPolyMorphData(char *morph_name) { llassert (morph_name); - mName = new char[strlen(morph_name) + 1]; - strcpy(mName, morph_name); + mName = new char[strlen(morph_name) + 1]; /*Flawfinder: ignore*/ + strcpy(mName, morph_name); /*Flawfinder: ignore*/ mNumIndices = 0; mCurrentIndex = 0; diff --git a/indra/newview/llpreview.cpp b/indra/newview/llpreview.cpp index 23f5b381ca..a2cb01310f 100644 --- a/indra/newview/llpreview.cpp +++ b/indra/newview/llpreview.cpp @@ -253,7 +253,7 @@ LLPreview* LLPreview::show( const LLUUID& item_uuid, BOOL take_focus ) // needs to be rehosted LLFloater::getFloaterHost()->addFloater(instance, TRUE); } - instance->open(); + instance->open(); /*Flawfinder: ignore*/ if (take_focus) { instance->setFocus(TRUE); @@ -363,14 +363,14 @@ BOOL LLPreview::handleHover(S32 x, S32 y, MASK mask) return LLFloater::handleHover(x,y,mask); } -void LLPreview::open() +void LLPreview::open() /*Flawfinder: ignore*/ { LLMultiFloater* hostp = getHost(); if (!sHostp && !hostp && getAssetStatus() == PREVIEW_ASSET_UNLOADED) { loadAsset(); } - LLFloater::open(); + LLFloater::open(); /*Flawfinder: ignore*/ } // virtual @@ -474,9 +474,9 @@ LLMultiPreview::LLMultiPreview(const LLRect& rect) : LLMultiFloater("Preview", r { } -void LLMultiPreview::open() +void LLMultiPreview::open() /*Flawfinder: ignore*/ { - LLMultiFloater::open(); + LLMultiFloater::open(); /*Flawfinder: ignore*/ LLPreview* frontmost_preview = (LLPreview*)mTabContainer->getCurrentPanel(); if (frontmost_preview && frontmost_preview->getAssetStatus() == LLPreview::PREVIEW_ASSET_UNLOADED) { diff --git a/indra/newview/llpreview.h b/indra/newview/llpreview.h index eb82965cd6..6477393267 100644 --- a/indra/newview/llpreview.h +++ b/indra/newview/llpreview.h @@ -26,7 +26,7 @@ class LLMultiPreview : public LLMultiFloater public: LLMultiPreview(const LLRect& rect); - /*virtual*/void open(); + /*virtual*/void open(); /*Flawfinder: ignore*/ /*virtual*/void tabOpen(LLFloater* opened_floater, bool from_click); }; @@ -60,7 +60,7 @@ public: virtual BOOL handleMouseDown(S32 x, S32 y, MASK mask); virtual BOOL handleMouseUp(S32 x, S32 y, MASK mask); virtual BOOL handleHover(S32 x, S32 y, MASK mask); - virtual void open(); + virtual void open(); /*Flawfinder: ignore*/ virtual bool saveItem(LLPointer<LLInventoryItem>* itemptr); void setAuxItem( const LLInventoryItem* item ) diff --git a/indra/newview/llpreviewgesture.cpp b/indra/newview/llpreviewgesture.cpp index 9496b5df5f..938976241b 100644 --- a/indra/newview/llpreviewgesture.cpp +++ b/indra/newview/llpreviewgesture.cpp @@ -93,7 +93,7 @@ LLPreviewGesture* LLPreviewGesture::show(const std::string& title, const LLUUID& LLPreviewGesture* previewp = (LLPreviewGesture*)LLPreview::find(item_id); if (previewp) { - previewp->open(); + previewp->open(); /*Flawfinder: ignore*/ if (take_focus) { previewp->setFocus(TRUE); @@ -771,8 +771,8 @@ void LLPreviewGesture::refresh() mWaitTimeCheck->setVisible(TRUE); mWaitTimeCheck->set(wait_step->mFlags & WAIT_FLAG_TIME); mWaitTimeEditor->setVisible(TRUE); - char buffer[16]; - sprintf(buffer, "%.1f", (double)wait_step->mWaitSeconds); + char buffer[16]; /*Flawfinder: ignore*/ + snprintf(buffer, sizeof(buffer), "%.1f", (double)wait_step->mWaitSeconds); /*Flawfinder: ignore*/ mWaitTimeEditor->setText(buffer); break; } @@ -876,7 +876,7 @@ void LLPreviewGesture::onLoadComplete(LLVFS *vfs, S32 size = file.getSize(); char* buffer = new char[size+1]; - file.read((U8*)buffer, size); + file.read((U8*)buffer, size); /*Flawfinder: ignore*/ buffer[size] = '\0'; LLMultiGesture* gesture = new LLMultiGesture(); diff --git a/indra/newview/llpreviewnotecard.cpp b/indra/newview/llpreviewnotecard.cpp index e88c702453..a37ed692b1 100644 --- a/indra/newview/llpreviewnotecard.cpp +++ b/indra/newview/llpreviewnotecard.cpp @@ -318,7 +318,7 @@ void LLPreviewNotecard::onLoadComplete(LLVFS *vfs, S32 file_length = file.getSize(); char* buffer = new char[file_length+1]; - file.read((U8*)buffer, file_length); + file.read((U8*)buffer, file_length); /*Flawfinder: ignore*/ // put a EOS at the end buffer[file_length] = 0; @@ -532,10 +532,10 @@ void LLPreviewNotecard::onSaveComplete(const LLUUID& asset_uuid, void* user_data gViewerWindow->alertXml("SaveNotecardFailReason",args); } - char uuid_string[UUID_STR_LENGTH]; + char uuid_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ asset_uuid.toString(uuid_string); - char filename[LL_MAX_PATH]; - sprintf(filename, "%s.tmp", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(filename, LL_MAX_PATH, "%s.tmp", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ LLFile::remove(filename); delete info; } diff --git a/indra/newview/llpreviewscript.cpp b/indra/newview/llpreviewscript.cpp index 934b73000b..f7e063b412 100644 --- a/indra/newview/llpreviewscript.cpp +++ b/indra/newview/llpreviewscript.cpp @@ -136,7 +136,7 @@ public: LLScriptEdCore* getEditorCore() { return mEditorCore; } static LLFloaterScriptSearch* getInstance() { return sInstance; } - void open(); + void open(); /*Flawfinder: ignore*/ private: @@ -189,7 +189,7 @@ void LLFloaterScriptSearch::show(LLScriptEdCore* editor_core) new LLFloaterScriptSearch("Script Search",LLRect(left,top,left + SCRIPT_SEARCH_WIDTH,top - SCRIPT_SEARCH_HEIGHT),editor_core); } - sInstance->open(); + sInstance->open(); /*Flawfinder: ignore*/ } LLFloaterScriptSearch::~LLFloaterScriptSearch() @@ -236,9 +236,9 @@ void LLFloaterScriptSearch::handleBtnReplaceAll() mEditorCore->mEditor->replaceTextAll(childGetText("search_text"), childGetText("replace_text"), caseChk->get()); } -void LLFloaterScriptSearch::open() +void LLFloaterScriptSearch::open() /*Flawfinder: ignore*/ { - LLFloater::open(); + LLFloater::open(); /*Flawfinder: ignore*/ childSetFocus("search_text", TRUE); } /// --------------------------------------------------------------------------- @@ -409,8 +409,8 @@ void LLScriptEdCore::draw() S32 line = 0; S32 column = 0; mEditor->getCurrentLineAndColumn( &line, &column, FALSE ); // don't include wordwrap - char cursor_pos[STD_STRING_BUF_SIZE]; - sprintf( cursor_pos, "Line %d, Column %d", line, column ); + char cursor_pos[STD_STRING_BUF_SIZE]; /*Flawfinder: ignore*/ + snprintf( cursor_pos, STD_STRING_BUF_SIZE, "Line %d, Column %d", line, column ); /*Flawfinder: ignore*/ childSetText("line_col", cursor_pos); } else @@ -894,9 +894,9 @@ BOOL LLPreviewLSL::canClose() } //override the llpreview open which attempts to load asset, load after xml ui made -void LLPreviewLSL::open() +void LLPreviewLSL::open() /*Flawfinder: ignore*/ { - LLFloater::open(); + LLFloater::open(); /*Flawfinder: ignore*/ } // static @@ -933,11 +933,11 @@ void LLPreviewLSL::saveIfNeeded() LLAssetID uuid; tid.generate(); uuid = tid.makeAssetID(gAgent.getSecureSessionID()); - char uuid_string[UUID_STR_LENGTH]; + char uuid_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ uuid.toString(uuid_string); - char filename[LL_MAX_PATH]; - sprintf(filename, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); - FILE* fp = LLFile::fopen(filename, "wb"); + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(filename, LL_MAX_PATH, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ + FILE* fp = LLFile::fopen(filename, "wb"); /*Flawfinder: ignore*/ if(!fp) { llwarns << "Unable to write to " << filename << llendl; @@ -979,10 +979,10 @@ void LLPreviewLSL::saveIfNeeded() gAssetStorage->storeAssetData(tid, LLAssetType::AT_LSL_TEXT, &LLPreviewLSL::onSaveComplete, info); } - char dst_filename[LL_MAX_PATH]; - sprintf(dst_filename, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); - char err_filename[LL_MAX_PATH]; - sprintf(err_filename, "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + char dst_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(dst_filename, LL_MAX_PATH, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ + char err_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(err_filename, LL_MAX_PATH, "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ LLScrollListItem* item = NULL; const LLFontGL* err_font = gResMgr->getRes(LLFONT_OCRA); if(!lscript_compile(filename, dst_filename, err_filename, gAgent.isGodlike())) @@ -993,9 +993,9 @@ void LLPreviewLSL::saveIfNeeded() //system(command); // load the error file into the error scrolllist - if(NULL != (fp = LLFile::fopen(err_filename, "r"))) + if(NULL != (fp = LLFile::fopen(err_filename, "r"))) /*Flawfinder: ignore*/ { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ LLString line; while(!feof(fp)) { @@ -1028,7 +1028,7 @@ void LLPreviewLSL::saveIfNeeded() if(gAssetStorage) { // move the compiled file into the vfs for transport - FILE* fp = LLFile::fopen(dst_filename, "rb"); + FILE* fp = LLFile::fopen(dst_filename, "rb"); /*Flawfinder: ignore*/ LLVFile file(gVFS, uuid, LLAssetType::AT_LSL_BYTECODE, LLVFile::APPEND); fseek(fp, 0, SEEK_END); @@ -1165,7 +1165,7 @@ void LLPreviewLSL::onLoadComplete( LLVFS *vfs, const LLUUID& asset_uuid, LLAsset S32 file_length = file.getSize(); char* buffer = new char[file_length+1]; - file.read((U8*)buffer, file_length); + file.read((U8*)buffer, file_length); /*Flawfinder: ignore*/ // put a EOS at the end buffer[file_length] = 0; @@ -1477,7 +1477,11 @@ void LLLiveLSLEditor::onLoadComplete(LLVFS *vfs, const LLUUID& asset_id, void LLLiveLSLEditor::loadScriptText(const char* filename) { - FILE* file = LLFile::fopen(filename, "rb"); + if(!filename) + { + llerrs << "Filename is Empty!" << llendl; + } + FILE* file = LLFile::fopen(filename, "rb"); /*Flawfinder: ignore*/ if(file) { // read in the whole file @@ -1503,7 +1507,7 @@ void LLLiveLSLEditor::loadScriptText(LLVFS *vfs, const LLUUID &uuid, LLAssetType LLVFile file(vfs, uuid, type); S32 file_length = file.getSize(); char *buffer = new char[file_length + 1]; - file.read((U8*)buffer, file_length); + file.read((U8*)buffer, file_length); /*Flawfinder: ignore*/ if (file.getLastBytesRead() != file_length || file_length <= 0) @@ -1668,11 +1672,11 @@ void LLLiveLSLEditor::saveIfNeeded() mItem->setTransactionID(tid); // write out the data, and store it in the asset database - char uuid_string[UUID_STR_LENGTH]; + char uuid_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ uuid.toString(uuid_string); - char filename[LL_MAX_PATH]; - sprintf(filename, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); - FILE* fp = LLFile::fopen(filename, "wb"); + char filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(filename, LL_MAX_PATH, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ + FILE* fp = LLFile::fopen(filename, "wb"); /*Flawfinder: ignore*/ if(!fp) { llwarns << "Unable to write to " << filename << llendl; @@ -1716,7 +1720,7 @@ void LLLiveLSLEditor::saveIfNeeded() while((!fp) && --tries) { ms_sleep(17); - fp = LLFile::fopen(filename, "r"); + fp = LLFile::fopen(filename, "r"); /*Flawfinder: ignore*/ if(!fp) { llwarns << "Trying to open the source file " << filename @@ -1730,19 +1734,19 @@ void LLLiveLSLEditor::saveIfNeeded() fp = NULL; #endif - char dst_filename[LL_MAX_PATH]; - sprintf(dst_filename, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); - char err_filename[LL_MAX_PATH]; - sprintf(err_filename, "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + char dst_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(dst_filename, LL_MAX_PATH, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ + char err_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(err_filename, LL_MAX_PATH, "%s.out", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ LLScrollListItem* item = NULL; const LLFontGL* err_font = gResMgr->getRes(LLFONT_OCRA); if(!lscript_compile(filename, dst_filename, err_filename, gAgent.isGodlike())) { // load the error file into the error scrolllist llinfos << "Compile failed!" << llendl; - if(NULL != (fp = LLFile::fopen(err_filename, "r"))) + if(NULL != (fp = LLFile::fopen(err_filename, "r"))) /*Flawfinder: ignore*/ { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /*Flawfinder: ignore*/ LLString line; while(!feof(fp)) { @@ -1784,7 +1788,7 @@ void LLLiveLSLEditor::saveIfNeeded() << mItem->getAssetUUID() << llendl; // move the compiled file into the vfs for transport - FILE* fp = LLFile::fopen(dst_filename, "rb"); + FILE* fp = LLFile::fopen(dst_filename, "rb"); /*Flawfinder: ignore*/ LLVFile file(gVFS, uuid, LLAssetType::AT_LSL_BYTECODE, LLVFile::APPEND); fseek(fp, 0, SEEK_END); @@ -1897,12 +1901,12 @@ void LLLiveLSLEditor::onSaveBytecodeComplete(const LLUUID& asset_uuid, void* use args["[REASON]"] = std::string(LLAssetStorage::getErrorString(status)); gViewerWindow->alertXml("CompileQueueSaveBytecode", args); } - char uuid_string[UUID_STR_LENGTH]; + char uuid_string[UUID_STR_LENGTH]; /*Flawfinder: ignore*/ data->mItem->getAssetUUID().toString(uuid_string); - char dst_filename[LL_MAX_PATH]; - sprintf(dst_filename, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + char dst_filename[LL_MAX_PATH]; /*Flawfinder: ignore*/ + snprintf(dst_filename, LL_MAX_PATH, "%s.lso", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ LLFile::remove(dst_filename); - sprintf(dst_filename, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); + snprintf(dst_filename, LL_MAX_PATH, "%s.lsl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,uuid_string).c_str()); /*Flawfinder: ignore*/ LLFile::remove(dst_filename); delete data; } @@ -1936,7 +1940,7 @@ LLLiveLSLEditor* LLLiveLSLEditor::show(const LLUUID& script_id, const LLUUID& ob { // Move the existing view to the front instance = LLLiveLSLEditor::sInstances[xored_id]; - instance->open(); + instance->open(); /*Flawfinder: ignore*/ } return instance; } diff --git a/indra/newview/llpreviewscript.h b/indra/newview/llpreviewscript.h index 228ca8c637..ead9d8e334 100644 --- a/indra/newview/llpreviewscript.h +++ b/indra/newview/llpreviewscript.h @@ -117,7 +117,7 @@ public: LLPreviewLSL(const std::string& name, const LLRect& rect, const std::string& title, const LLUUID& item_uuid ); - /*virtual*/ void open(); + /*virtual*/ void open(); /*Flawfinder: ignore*/ protected: virtual BOOL canClose(); diff --git a/indra/newview/llselectmgr.cpp b/indra/newview/llselectmgr.cpp index 9c7723517a..50f6d115bd 100644 --- a/indra/newview/llselectmgr.cpp +++ b/indra/newview/llselectmgr.cpp @@ -2139,8 +2139,8 @@ void LLSelectMgr::packGodlikeHead(void* user_data) // static void LLSelectMgr::packObjectIDAsParam(LLSelectNode* node, void *) { - char buf [MAX_STRING]; - sprintf(buf, "%u", node->getObject()->getLocalID()); + char buf [MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buf, MAX_STRING, "%u", node->getObject()->getLocalID()); /* Flawfinder: ignore */ gMessageSystem->nextBlock("ParamList"); gMessageSystem->addString("Parameter", buf); } @@ -2786,8 +2786,8 @@ BOOL LLSelectMgr::selectGetCreator(LLUUID& id, LLString& name) if (identical) { - char firstname[DB_FIRST_NAME_BUF_SIZE]; - char lastname[DB_LAST_NAME_BUF_SIZE]; + char firstname[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char lastname[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ gCacheName->getName(id, firstname, lastname); name.assign( firstname ); name.append( " " ); @@ -2849,8 +2849,8 @@ BOOL LLSelectMgr::selectGetOwner(LLUUID& id, LLString& name) } else if(!public_owner) { - char firstname[DB_FIRST_NAME_BUF_SIZE]; - char lastname[DB_LAST_NAME_BUF_SIZE]; + char firstname[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char lastname[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ gCacheName->getName(id, firstname, lastname); name.assign( firstname ); name.append( " " ); @@ -2908,8 +2908,8 @@ BOOL LLSelectMgr::selectGetLastOwner(LLUUID& id, LLString& name) { if(!public_owner) { - char firstname[DB_FIRST_NAME_BUF_SIZE]; - char lastname[DB_LAST_NAME_BUF_SIZE]; + char firstname[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char lastname[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ gCacheName->getName(id, firstname, lastname); name.assign( firstname ); name.append( " " ); @@ -4701,14 +4701,14 @@ void LLSelectMgr::processObjectProperties(LLMessageSystem* msg, void** user_data msg->getUUIDFast(_PREHASH_ObjectData, _PREHASH_LastOwnerID, last_owner_id, i); - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name, i); - char desc[DB_INV_ITEM_DESC_BUF_SIZE]; + char desc[DB_INV_ITEM_DESC_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_Description, DB_INV_ITEM_DESC_BUF_SIZE, desc, i); - char touch_name[DB_INV_ITEM_NAME_BUF_SIZE]; + char touch_name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_TouchName, DB_INV_ITEM_NAME_BUF_SIZE, touch_name, i); - char sit_name[DB_INV_ITEM_DESC_BUF_SIZE]; + char sit_name[DB_INV_ITEM_DESC_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_SitName, DB_INV_ITEM_DESC_BUF_SIZE, sit_name, i); //unpack TE IDs @@ -4722,7 +4722,7 @@ void LLSelectMgr::processObjectProperties(LLMessageSystem* msg, void** user_data for (S32 buf_offset = 0; buf_offset < size; buf_offset += UUID_BYTES) { LLUUID id; - memcpy(id.mData, packed_buffer + buf_offset, UUID_BYTES); + memcpy(id.mData, packed_buffer + buf_offset, UUID_BYTES); /* Flawfinder: ignore */ texture_ids.push_back(id); } } @@ -4855,10 +4855,10 @@ void LLSelectMgr::processObjectPropertiesFamily(LLMessageSystem* msg, void** use msg->getUUIDFast(_PREHASH_ObjectData, _PREHASH_LastOwnerID, last_owner_id ); // unpack name & desc - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name); - char desc[DB_INV_ITEM_DESC_BUF_SIZE]; + char desc[DB_INV_ITEM_DESC_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_ObjectData, _PREHASH_Description, DB_INV_ITEM_DESC_BUF_SIZE, desc); // the reporter widget askes the server for info about picked objects @@ -4868,8 +4868,8 @@ void LLSelectMgr::processObjectPropertiesFamily(LLMessageSystem* msg, void** use LLFloaterReporter *reporterp = LLFloaterReporter::getReporter(report_type); if (reporterp) { - char first_name[DB_FIRST_NAME_BUF_SIZE]; - char last_name[DB_LAST_NAME_BUF_SIZE]; + char first_name[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char last_name[DB_LAST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ gCacheName->getName(owner_id, first_name, last_name); LLString fullname(first_name); fullname.append(" "); diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index eda759cc2c..5e7b3377d9 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -372,7 +372,7 @@ BOOL idle_startup() std::string message_template_path = gDirUtilp->getExpandedFilename(LL_PATH_APP_SETTINGS,"message_template.msg"); FILE* found_template = NULL; - found_template = LLFile::fopen(message_template_path.c_str(), "r"); + found_template = LLFile::fopen(message_template_path.c_str(), "r"); /* Flawfinder: ignore */ if (found_template) { fclose(found_template); @@ -537,7 +537,7 @@ BOOL idle_startup() lastname = gCmdLineLastName; LLMD5 pass((unsigned char*)gCmdLinePassword.c_str()); - char md5pass[33]; + char md5pass[33]; /* Flawfinder: ignore */ pass.hex_digest(md5pass); password = md5pass; @@ -709,7 +709,7 @@ BOOL idle_startup() if (gUserServerChoice == USERSERVER_OTHER) { gUserServer.setHostByName( server_label.c_str() ); - snprintf(gUserServerName, MAX_STRING, "%s", server_label.c_str()); + snprintf(gUserServerName, MAX_STRING, "%s", server_label.c_str()); /* Flawfinder: ignore */ } } @@ -799,7 +799,7 @@ BOOL idle_startup() case USERSERVER_UMA: { const char* host_name = gUserServerDomainName[gUserServerChoice].mName; - sprintf(gUserServerName,"%s", host_name); + snprintf(gUserServerName, MAX_STRING, "%s", host_name); /* Flawfinder: ignore */ llinfos << "Resolving " << gUserServerDomainName[gUserServerChoice].mLabel << " userserver domain name " << host_name << llendl; @@ -873,7 +873,7 @@ BOOL idle_startup() } write_debug("Userserver: "); - char tmp_str[256]; + char tmp_str[256]; /* Flawfinder: ignore */ gUserServer.getIPString(tmp_str, 256); write_debug(tmp_str); write_debug("\n"); @@ -1109,7 +1109,7 @@ BOOL idle_startup() start << "home"; } - char hashed_mac_string[MD5HEX_STR_SIZE]; + char hashed_mac_string[MD5HEX_STR_SIZE]; /* Flawfinder: ignore */ LLMD5 hashed_mac; hashed_mac.update( gMACAddress, MAC_ADDRESS_BYTES ); hashed_mac.finalize(); @@ -1423,7 +1423,7 @@ BOOL idle_startup() const char* look_at_str = gUserAuthp->getResponse("look_at"); if (look_at_str) { - LLMemoryStream mstr((U8*)look_at_str, strlen(look_at_str)); + LLMemoryStream mstr((U8*)look_at_str, strlen(look_at_str)); /* Flawfinder: ignore */ LLSD sd = LLSDNotationParser::parse(mstr); agent_start_look_at = ll_vector3_from_sd(sd); } @@ -1445,7 +1445,7 @@ BOOL idle_startup() const char* home_location = gUserAuthp->getResponse("home"); if(home_location) { - LLMemoryStream mstr((U8*)home_location, strlen(home_location)); + LLMemoryStream mstr((U8*)home_location, strlen(home_location)); /* Flawfinder: ignore */ LLSD sd = LLSDNotationParser::parse(mstr); S32 region_x = sd["region_handle"][0].asInteger(); S32 region_y = sd["region_handle"][1].asInteger(); @@ -2609,7 +2609,7 @@ LLString load_password_from_disk() std::string filepath = gDirUtilp->getExpandedFilename(LL_PATH_USER_SETTINGS, "password.dat"); - FILE* fp = LLFile::fopen(filepath.c_str(), "rb"); + FILE* fp = LLFile::fopen(filepath.c_str(), "rb"); /* Flawfinder: ignore */ if (!fp) { return hashed_password; @@ -2656,7 +2656,7 @@ void save_password_to_disk(const char* hashed_password) } else { - FILE* fp = LLFile::fopen(filepath.c_str(), "wb"); + FILE* fp = LLFile::fopen(filepath.c_str(), "wb"); /* Flawfinder: ignore */ if (!fp) { return; @@ -2870,7 +2870,7 @@ void update_dialog_callback(S32 option, void *userdata) } #if LL_WINDOWS - char ip[MAX_STRING]; + char ip[MAX_STRING]; /* Flawfinder: ignore */ update_exe_path = gDirUtilp->getTempFilename(); if (update_exe_path.empty()) @@ -2915,7 +2915,7 @@ void update_dialog_callback(S32 option, void *userdata) // Figure out the program name. const char* data_dir = gDirUtilp->getAppRODataDir().c_str(); // Roll back from the end, stopping at the first '\' - const char* program_name = data_dir + strlen(data_dir); + const char* program_name = data_dir + strlen(data_dir); /* Flawfinder: ignore */ while ( (data_dir != --program_name) && *(program_name) != '\\'); @@ -2962,7 +2962,7 @@ void update_dialog_callback(S32 option, void *userdata) remove_marker_file(); // In case updater fails // Run the auto-updater. - system(update_exe_path.c_str()); + system(update_exe_path.c_str()); /* Flawfinder: ignore */ #elif LL_LINUX OSMessageBox("Automatic updating is not yet implemented for Linux.\n" diff --git a/indra/newview/llstatusbar.cpp b/indra/newview/llstatusbar.cpp index f4d87e5c6f..47f804129c 100644 --- a/indra/newview/llstatusbar.cpp +++ b/indra/newview/llstatusbar.cpp @@ -465,8 +465,8 @@ void LLStatusBar::setBalance(S32 balance) void LLStatusBar::setHealth(S32 health) { - char buffer[MAX_STRING]; - sprintf(buffer, "%d%%", health); + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, MAX_STRING, "%d%%", health); /* Flawfinder: ignore */ //llinfos << "Setting health to: " << buffer << llendl; mTextHealth->setText(buffer); diff --git a/indra/newview/lltexturectrl.cpp b/indra/newview/lltexturectrl.cpp index cb7679557e..be33de3cca 100644 --- a/indra/newview/lltexturectrl.cpp +++ b/indra/newview/lltexturectrl.cpp @@ -1020,7 +1020,7 @@ void LLTextureCtrl::showPicker(BOOL take_focus) // Show the dialog if( floaterp ) { - floaterp->open( ); + floaterp->open( ); /* Flawfinder: ignore */ } else { @@ -1041,7 +1041,7 @@ void LLTextureCtrl::showPicker(BOOL take_focus) mFloaterHandle = floaterp->getHandle(); gFloaterView->getParentFloater(this)->addDependentFloater(floaterp); - floaterp->open(); + floaterp->open(); /* Flawfinder: ignore */ } if (take_focus) diff --git a/indra/newview/lltexturefetch.cpp b/indra/newview/lltexturefetch.cpp index cc27fd4b9e..75777024da 100644 --- a/indra/newview/lltexturefetch.cpp +++ b/indra/newview/lltexturefetch.cpp @@ -530,7 +530,7 @@ bool LLTextureFetchWorker::startVFSLoad(LLVFS* vfs, LLAssetType::EType asset_typ { mBufferSize = vfs->getSize(mID, asset_type); mBuffer = new U8[mBufferSize]; - mFileHandle = LLVFSThread::sLocal->read(vfs, mID, asset_type, mBuffer, 0, mBufferSize); + mFileHandle = LLVFSThread::sLocal->read(vfs, mID, asset_type, mBuffer, 0, mBufferSize); /* Flawfinder: ignore */ if (mFileHandle == LLVFSThread::nullHandle()) { llwarns << "loadLocalImage() - vfs read failed in static VFS: " << mID << llendl; @@ -612,8 +612,11 @@ bool LLTextureFetchWorker::processSimulatorPackets() S32 offset = 0; for (S32 i = 0; i<=mLastPacket; i++) { - memcpy(mBuffer + offset, mPackets[i]->mData, mPackets[i]->mSize); - offset += mPackets[i]->mSize; + if (mPackets[i]->mData != NULL) + { + memcpy(mBuffer + offset, mPackets[i]->mData, mPackets[i]->mSize); /* Flawfinder: ignore */ + offset += mPackets[i]->mSize; + } } res = true; } diff --git a/indra/newview/lltooldraganddrop.cpp b/indra/newview/lltooldraganddrop.cpp index f1995ce05a..7e01b18530 100644 --- a/indra/newview/lltooldraganddrop.cpp +++ b/indra/newview/lltooldraganddrop.cpp @@ -1643,7 +1643,7 @@ void LLToolDragAndDrop::commitGiveInventoryItem(const LLUUID& to_agent, const S32 BUCKET_SIZE = sizeof(U8) + UUID_BYTES; U8 bucket[BUCKET_SIZE]; bucket[0] = (U8)item->getType(); - memcpy(&bucket[1], &(item->getUUID().mData), UUID_BYTES); + memcpy(&bucket[1], &(item->getUUID().mData), UUID_BYTES); /* Flawfinder: ignore */ pack_instant_message( gMessageSystem, gAgent.getID(), @@ -1823,26 +1823,26 @@ void LLToolDragAndDrop::commitGiveInventoryCategory(const LLUUID& to_agent, U8* bucket = new U8[bucket_size]; U8* pos = bucket; U8 type = (U8)cat->getType(); - memcpy(pos, &type, sizeof(U8)); + memcpy(pos, &type, sizeof(U8)); /* Flawfinder: ignore */ pos += sizeof(U8); - memcpy(pos, &(cat->getUUID()), UUID_BYTES); + memcpy(pos, &(cat->getUUID()), UUID_BYTES); /* Flawfinder: ignore */ pos += UUID_BYTES; S32 i; count = cats.count(); for(i = 0; i < count; ++i) { - memcpy(pos, &type, sizeof(U8)); + memcpy(pos, &type, sizeof(U8)); /* Flawfinder: ignore */ pos += sizeof(U8); - memcpy(pos, &(cats.get(i)->getUUID()), UUID_BYTES); + memcpy(pos, &(cats.get(i)->getUUID()), UUID_BYTES); /* Flawfinder: ignore */ pos += UUID_BYTES; } count = items.count(); for(i = 0; i < count; ++i) { type = (U8)items.get(i)->getType(); - memcpy(pos, &type, sizeof(U8)); + memcpy(pos, &type, sizeof(U8)); /* Flawfinder: ignore */ pos += sizeof(U8); - memcpy(pos, &(items.get(i)->getUUID()), UUID_BYTES); + memcpy(pos, &(items.get(i)->getUUID()), UUID_BYTES); /* Flawfinder: ignore */ pos += UUID_BYTES; } pack_instant_message( diff --git a/indra/newview/lltracker.cpp b/indra/newview/lltracker.cpp index 10641df4c3..d3d7fd528d 100644 --- a/indra/newview/lltracker.cpp +++ b/indra/newview/lltracker.cpp @@ -537,8 +537,8 @@ void LLTracker::renderBeacon(LLVector3d pos_global, //gCylinder.render(1000); glPopMatrix(); - char text[1024]; - sprintf(text, "%.0f m", to_vec.magVec()); + char text[1024]; /* Flawfinder: ignore */ + snprintf(text, sizeof(text), "%.0f m", to_vec.magVec()); /* Flawfinder: ignore */ LLWString wstr; wstr += utf8str_to_wstring(label); diff --git a/indra/newview/lluploaddialog.cpp b/indra/newview/lluploaddialog.cpp index f91db06ef9..9bcc123eb5 100644 --- a/indra/newview/lluploaddialog.cpp +++ b/indra/newview/lluploaddialog.cpp @@ -83,8 +83,13 @@ void LLUploadDialog::setMessage( const std::string& msg) char* temp_msg = new char[size]; //strcpy(temp_msg,"Uploading...\n\n"); - strcpy( temp_msg, msg.c_str()); + if (temp_msg == NULL) + { + llerrs << "Memory Allocation Failed" << llendl; + return; + } + strcpy( temp_msg, msg.c_str()); /* Flawfinder: ignore */ char* token = strtok( temp_msg, "\n" ); while( token ) { diff --git a/indra/newview/llurl.cpp b/indra/newview/llurl.cpp index 2cd05bdcbf..73444f611d 100644 --- a/indra/newview/llurl.cpp +++ b/indra/newview/llurl.cpp @@ -47,9 +47,10 @@ void LLURL::init(const char * url) mExtension[0] = '\0'; mTag[0] = '\0'; - char url_copy[MAX_STRING]; + char url_copy[MAX_STRING]; /* Flawfinder: ignore */ - strcpy (url_copy,url); + strncpy (url_copy,url, MAX_STRING -1); /* Flawfinder: ignore */ + url_copy[MAX_STRING -1] = '\0'; char *parse; char *leftover_url = url_copy; @@ -58,7 +59,8 @@ void LLURL::init(const char * url) // copy and lop off tag if ((parse = strchr(url_copy,'#'))) { - strcpy(mTag,parse+1); + strncpy(mTag,parse+1, LL_MAX_PATH -1); /* Flawfinder: ignore */ + mTag[LL_MAX_PATH -1] = '\0'; *parse = '\0'; } @@ -66,7 +68,8 @@ void LLURL::init(const char * url) if ((parse = strchr(url_copy,':'))) { *parse = '\0'; - strcpy(mURI,leftover_url); + strncpy(mURI,leftover_url, LL_MAX_PATH -1); /* Flawfinder: ignore */ + mURI[LL_MAX_PATH -1] = '\0'; leftover_url = parse + 1; } @@ -76,14 +79,15 @@ void LLURL::init(const char * url) leftover_url += 2; // skip the "//" span = strcspn(leftover_url, "/"); - strncat(mAuthority,leftover_url,span); + strncat(mAuthority,leftover_url,span); /* Flawfinder: ignore */ leftover_url += span; } if ((parse = strrchr(leftover_url,'.'))) { // copy and lop off extension - strcpy(mExtension,parse+1); + strncpy(mExtension,parse+1, LL_MAX_PATH -1); /* Flawfinder: ignore */ + mExtension[LL_MAX_PATH -1] = '\0'; *parse = '\0'; } @@ -97,11 +101,13 @@ void LLURL::init(const char * url) } // copy and lop off filename - strcpy(mFilename,parse); + strncpy(mFilename,parse, LL_MAX_PATH -1);/* Flawfinder: ignore */ + mFilename[LL_MAX_PATH -1] = '\0'; *parse = '\0'; // what's left should be the path - strcpy(mPath,leftover_url); + strncpy(mPath,leftover_url, LL_MAX_PATH -1); /* Flawfinder: ignore */ + mPath[LL_MAX_PATH -1] = '\0'; // llinfos << url << " decomposed into: " << llendl; // llinfos << " URI : <" << mURI << ">" << llendl; @@ -150,42 +156,43 @@ bool LLURL::operator!=(const LLURL& rhs) const const char * LLURL::getFQURL() const { - char fqurl[LL_MAX_PATH]; + char fqurl[LL_MAX_PATH]; /* Flawfinder: ignore */ fqurl[0] = '\0'; if (mURI[0]) { - strcat(fqurl,mURI); - strcat(fqurl,":"); + strncat(fqurl,mURI, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ + strcat(fqurl,":"); /* Flawfinder: ignore */ if (mAuthority[0]) { - strcat(fqurl,"//"); + strcat(fqurl,"//"); /* Flawfinder: ignore */ } } if (mAuthority[0]) { - strcat(fqurl,mAuthority); + strncat(fqurl,mAuthority, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ } - strcat(fqurl,mPath); + strncat(fqurl,mPath, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ - strcat(fqurl,mFilename); + strncat(fqurl,mFilename, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ if (mExtension[0]) { - strcat(fqurl,"."); - strcat(fqurl,mExtension); + strcat(fqurl,"."); /* Flawfinder: ignore */ + strncat(fqurl,mExtension, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ } if (mTag[0]) { - strcat(fqurl,"#"); - strcat(fqurl,mTag); + strcat(fqurl,"#"); /* Flawfinder: ignore */ + strncat(fqurl,mTag, LL_MAX_PATH - strlen(fqurl) -1); /* Flawfinder: ignore */ } - strcpy(LLURL::sReturnString,fqurl); + strncpy(LLURL::sReturnString,fqurl, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLURL::sReturnString[LL_MAX_PATH -1] = '\0'; return(LLURL::sReturnString); } @@ -193,16 +200,18 @@ const char * LLURL::getFQURL() const const char* LLURL::updateRelativePath(const LLURL &url) { - char new_path[LL_MAX_PATH]; - char tmp_path[LL_MAX_PATH]; + char new_path[LL_MAX_PATH]; /* Flawfinder: ignore */ + char tmp_path[LL_MAX_PATH]; /* Flawfinder: ignore */ char *parse; if (mPath[0] != '/') { //start with existing path - strcpy (new_path,url.mPath); - strcpy (tmp_path,mPath); + strncpy (new_path,url.mPath, LL_MAX_PATH -1); /* Flawfinder: ignore */ + new_path[LL_MAX_PATH -1] = '\0'; + strncpy (tmp_path,mPath, LL_MAX_PATH -1); /* Flawfinder: ignore */ + tmp_path[LL_MAX_PATH -1] = '\0'; parse = strtok(tmp_path,"/"); while (parse) @@ -227,28 +236,30 @@ const char* LLURL::updateRelativePath(const LLURL &url) } else { - strcat(new_path,"../"); + strcat(new_path,"../"); /* Flawfinder: ignore */ } } else { - strcat(new_path,parse); - strcat(new_path,"/"); + strncat(new_path,parse, LL_MAX_PATH - strlen(new_path) -1 ); /* Flawfinder: ignore */ + strcat(new_path,"/"); /* Flawfinder: ignore */ } parse = strtok(NULL,"/"); } - strcpy(mPath,new_path); + strncpy(mPath,new_path, LL_MAX_PATH -1); /* Flawfinder: ignore */ + mPath[LL_MAX_PATH -1] = '\0'; } return mPath; } const char * LLURL::getFullPath() { - strcpy(LLURL::sReturnString,mPath); - strcat(LLURL::sReturnString,mFilename); - strcat(LLURL::sReturnString,"."); - strcat(LLURL::sReturnString,mExtension); + strncpy(LLURL::sReturnString,mPath, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLURL::sReturnString[LL_MAX_PATH -1] = '\0'; + strncat(LLURL::sReturnString,mFilename, LL_MAX_PATH - strlen(LLURL::sReturnString) -1); /* Flawfinder: ignore */ + strcat(LLURL::sReturnString,"."); /* Flawfinder: ignore */ + strncat(LLURL::sReturnString,mExtension, LL_MAX_PATH - strlen(LLURL::sReturnString) -1); /* Flawfinder: ignore */ return(sReturnString); } diff --git a/indra/newview/llurl.h b/indra/newview/llurl.h index 1e13aa94b8..9d5d5b5c65 100644 --- a/indra/newview/llurl.h +++ b/indra/newview/llurl.h @@ -62,14 +62,14 @@ public: public: - char mURI[LL_MAX_PATH]; - char mAuthority[LL_MAX_PATH]; - char mPath[LL_MAX_PATH]; - char mFilename[LL_MAX_PATH]; - char mExtension[LL_MAX_PATH]; - char mTag[LL_MAX_PATH]; + char mURI[LL_MAX_PATH]; /* Flawfinder: ignore */ + char mAuthority[LL_MAX_PATH]; /* Flawfinder: ignore */ + char mPath[LL_MAX_PATH]; /* Flawfinder: ignore */ + char mFilename[LL_MAX_PATH]; /* Flawfinder: ignore */ + char mExtension[LL_MAX_PATH]; /* Flawfinder: ignore */ + char mTag[LL_MAX_PATH]; /* Flawfinder: ignore */ - static char sReturnString[LL_MAX_PATH]; + static char sReturnString[LL_MAX_PATH]; /* Flawfinder: ignore */ }; #endif // LL_LLURL_H diff --git a/indra/newview/llviewerassetstorage.cpp b/indra/newview/llviewerassetstorage.cpp index b75f86d76f..88ffd016cf 100644 --- a/indra/newview/llviewerassetstorage.cpp +++ b/indra/newview/llviewerassetstorage.cpp @@ -82,7 +82,7 @@ void LLViewerAssetStorage::storeAssetData( // Read the data from the VFS if it'll fit in this packet. if (asset_size + 100 < MTUBYTES) { - BOOL res = vfile.read(buffer, asset_size); + BOOL res = vfile.read(buffer, asset_size); /* Flawfinder: ignore */ S32 bytes_read = res ? vfile.getLastBytesRead() : 0; if( bytes_read == asset_size ) @@ -143,6 +143,11 @@ void LLViewerAssetStorage::storeAssetData( bool temp_file, bool is_priority) { + if(!filename) + { + llerrs << "No filename specified" << llendl; + } + LLAssetID asset_id = tid.makeAssetID(gAgent.getSecureSessionID()); llinfos << "LLViewerAssetStorage::storeAssetData (legacy)" << asset_id << ":" << LLAssetType::lookup(asset_type) << llendl; @@ -153,7 +158,7 @@ void LLViewerAssetStorage::storeAssetData( legacy->mUpCallback = callback; legacy->mUserData = user_data; - FILE *fp = LLFile::fopen(filename, "rb"); + FILE* fp = LLFile::fopen(filename, "rb"); /* Flawfinder: ignore */ if (fp) { LLVFile file(mVFS, asset_id, asset_type, LLVFile::WRITE); diff --git a/indra/newview/llviewercontrol.cpp b/indra/newview/llviewercontrol.cpp index ea26802152..6069945725 100644 --- a/indra/newview/llviewercontrol.cpp +++ b/indra/newview/llviewercontrol.cpp @@ -110,7 +110,7 @@ void LLFloaterSettingsDebug::show(void*) gUICtrlFactory->buildFloater(sInstance, "floater_settings_debug.xml"); } - sInstance->open(); + sInstance->open(); /* Flawfinder: ignore */ } //static diff --git a/indra/newview/llviewerdisplay.cpp b/indra/newview/llviewerdisplay.cpp index 1a4ffadeee..413a3ac819 100644 --- a/indra/newview/llviewerdisplay.cpp +++ b/indra/newview/llviewerdisplay.cpp @@ -762,11 +762,12 @@ void render_disconnected_background() { llinfos << "Loading last bitmap..." << llendl; - char temp_str[MAX_PATH]; - strcpy(temp_str, gDirUtilp->getLindenUserDir().c_str()); - strcat(temp_str, gDirUtilp->getDirDelimiter().c_str()); + char temp_str[MAX_PATH]; /* Flawfinder: ignore */ + strncpy(temp_str, gDirUtilp->getLindenUserDir().c_str(), MAX_PATH -1); /* Flawfinder: ignore */ + temp_str[MAX_PATH -1] = '\0'; + strncat(temp_str, gDirUtilp->getDirDelimiter().c_str(), MAX_PATH - strlen(temp_str) -1); /* Flawfinder: ignore */ - strcat(temp_str, SCREEN_LAST_FILENAME); + strcat(temp_str, SCREEN_LAST_FILENAME); /* Flawfinder: ignore */ LLPointer<LLImageBMP> image_bmp = new LLImageBMP; if( !image_bmp->load(temp_str) ) diff --git a/indra/newview/llviewergesture.cpp b/indra/newview/llviewergesture.cpp index 6710f8c00c..69bee4431f 100644 --- a/indra/newview/llviewergesture.cpp +++ b/indra/newview/llviewergesture.cpp @@ -137,18 +137,18 @@ void LLViewerGestureList::saveToServer() //U64 xfer_id = gXferManager->registerXfer(buffer, end - buffer); // write to a file because mem<->mem xfer isn't implemented LLUUID random_uuid; - char filename[LL_MAX_PATH]; + char filename[LL_MAX_PATH]; /* Flawfinder: ignore */ random_uuid.generate(); random_uuid.toString(filename); - strcat(filename,".tmp"); + strcat(filename,".tmp"); /* Flawfinder: ignore */ - char filename_and_path[LL_MAX_PATH]; - sprintf(filename_and_path, "%s%s%s", + char filename_and_path[LL_MAX_PATH]; /* Flawfinder: ignore */ + snprintf(filename_and_path, LL_MAX_PATH, "%s%s%s", /* Flawfinder: ignore */ gDirUtilp->getTempDir().c_str(), gDirUtilp->getDirDelimiter().c_str(), filename); - FILE *fp = LLFile::fopen(filename_and_path, "wb"); + FILE* fp = LLFile::fopen(filename_and_path, "wb"); /* Flawfinder: ignore */ if (fp) { @@ -251,7 +251,7 @@ void LLViewerGestureList::xferCallback(void *data, S32 size, void** /*user_data* // static void LLViewerGestureList::processGestureUpdate(LLMessageSystem *msg, void** /*user_data*/) { - char remote_filename[MAX_STRING]; + char remote_filename[MAX_STRING]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_AgentBlock, _PREHASH_Filename, MAX_STRING, remote_filename); diff --git a/indra/newview/llviewerinventory.cpp b/indra/newview/llviewerinventory.cpp index 24c230a387..7a48367a47 100644 --- a/indra/newview/llviewerinventory.cpp +++ b/indra/newview/llviewerinventory.cpp @@ -249,7 +249,7 @@ bool LLViewerInventoryItem::importFileLocal(FILE* fp) bool LLViewerInventoryItem::exportFileLocal(FILE* fp) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_item\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\titem_id\t%s\n", uuid_str); @@ -431,16 +431,17 @@ bool LLViewerInventoryCategory::fetchDescendents() bool LLViewerInventoryCategory::importFileLocal(FILE* fp) { // *NOTE: This buffer size is hard coded into scanf() below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(!feof(fp)) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, " %254s %254s", keyword, valuestr); if(!keyword) { continue; @@ -473,7 +474,8 @@ bool LLViewerInventoryCategory::importFileLocal(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, " %254s %254[^|]", keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -497,7 +499,7 @@ bool LLViewerInventoryCategory::importFileLocal(FILE* fp) bool LLViewerInventoryCategory::exportFileLocal(FILE* fp) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_category\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\tcat_id\t%s\n", uuid_str); diff --git a/indra/newview/llviewerkeyboard.cpp b/indra/newview/llviewerkeyboard.cpp index 714087e701..d970d1d086 100644 --- a/indra/newview/llviewerkeyboard.cpp +++ b/indra/newview/llviewerkeyboard.cpp @@ -684,12 +684,12 @@ S32 LLViewerKeyboard::loadBindings(const char *filename) { FILE *fp; const S32 BUFFER_SIZE = 2048; - char buffer[BUFFER_SIZE]; + char buffer[BUFFER_SIZE]; /* Flawfinder: ignore */ // *NOTE: This buffer size is hard coded into scanf() below. - char mode_string[MAX_STRING]; - char key_string[MAX_STRING]; - char mask_string[MAX_STRING]; - char function_string[MAX_STRING]; + char mode_string[MAX_STRING]; /* Flawfinder: ignore */ + char key_string[MAX_STRING]; /* Flawfinder: ignore */ + char mask_string[MAX_STRING]; /* Flawfinder: ignore */ + char function_string[MAX_STRING]; /* Flawfinder: ignore */ S32 mode = MODE_THIRD_PERSON; KEY key = 0; MASK mask = 0; @@ -697,10 +697,15 @@ S32 LLViewerKeyboard::loadBindings(const char *filename) S32 binding_count = 0; S32 line_count = 0; - fp = LLFile::fopen(filename, "r"); + fp = LLFile::fopen(filename, "r"); /* Flawfinder: ignore */ if (!fp) { + if(!filename) + { + llerrs << " No filename specified" << llendl; + return 0; + } return 0; } @@ -715,7 +720,13 @@ S32 LLViewerKeyboard::loadBindings(const char *filename) if (buffer[0] == '#' || buffer[0] == '\n') continue; // grab the binding strings - tokens_read = sscanf(buffer, "%254s %254s %254s %254s", mode_string, key_string, mask_string, function_string); + tokens_read = sscanf( /* Flawfinder: ignore */ + buffer, + "%254s %254s %254s %254s", + mode_string, + key_string, + mask_string, + function_string); if (tokens_read == EOF) { diff --git a/indra/newview/llviewermenu.cpp b/indra/newview/llviewermenu.cpp index 05e3159864..ef7027876a 100644 --- a/indra/newview/llviewermenu.cpp +++ b/indra/newview/llviewermenu.cpp @@ -1766,7 +1766,7 @@ class LLObjectEdit : public view_listener_t } } - gFloaterTools->open(); + gFloaterTools->open(); /* Flawfinder: ignore */ gCurrentToolset = gBasicToolset; gFloaterTools->setEditTool( gToolTranslate ); @@ -2317,18 +2317,18 @@ void handle_leave_group(void *) void append_aggregate(LLString& string, const LLAggregatePermissions& ag_perm, PermissionBit bit, const char* txt) { LLAggregatePermissions::EValue val = ag_perm.getValue(bit); - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ buffer[0] = '\0'; switch(val) { case LLAggregatePermissions::AP_NONE: - sprintf(buffer, "* %s None\n", txt); + snprintf(buffer, MAX_STRING, "* %s None\n", txt); /* Flawfinder: ignore */ break; case LLAggregatePermissions::AP_SOME: - sprintf(buffer, "* %s Some\n", txt); + snprintf(buffer, MAX_STRING, "* %s Some\n", txt); /* Flawfinder: ignore */ break; case LLAggregatePermissions::AP_ALL: - sprintf(buffer, "* %s All\n", txt); + snprintf(buffer, MAX_STRING, "* %s All\n", txt); /* Flawfinder: ignore */ break; case LLAggregatePermissions::AP_EMPTY: default: @@ -3393,17 +3393,17 @@ void handle_claim_public_land(void*) msg->nextBlock("MethodData"); msg->addString("Method", "claimpublicland"); msg->addUUID("Invoice", LLUUID::null); - char buffer[32]; - sprintf(buffer, "%f", west_south.mV[VX]); + char buffer[32]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), "%f", west_south.mV[VX]); /* Flawfinder: ignore */ msg->nextBlock("ParamList"); msg->addString("Parameter", buffer); - sprintf(buffer, "%f", west_south.mV[VY]); + snprintf(buffer, sizeof(buffer), "%f", west_south.mV[VY]); /* Flawfinder: ignore */ msg->nextBlock("ParamList"); msg->addString("Parameter", buffer); - sprintf(buffer, "%f", east_north.mV[VX]); + snprintf(buffer, sizeof(buffer), "%f", east_north.mV[VX]); /* Flawfinder: ignore */ msg->nextBlock("ParamList"); msg->addString("Parameter", buffer); - sprintf(buffer, "%f", east_north.mV[VY]); + snprintf(buffer, sizeof(buffer), "%f", east_north.mV[VY]); /* Flawfinder: ignore */ msg->nextBlock("ParamList"); msg->addString("Parameter", buffer); gAgent.sendReliableMessage(); @@ -3812,8 +3812,9 @@ void force_export_copy(void*) } // Copy the directory + file name - char filepath[LL_MAX_PATH]; - strcpy(filepath, picker.getFirstFile()); + char filepath[LL_MAX_PATH]; /* Flawfinder: ignore */ + strncpy(filepath, picker.getFirstFile(), LL_MAX_PATH -1); /* Flawfinder: ignore */ + filepath[LL_MAX_PATH -1] = '\0'; apr_file_t* fp = ll_apr_file_open(filepath, LL_APR_W); @@ -3857,7 +3858,7 @@ void force_export_copy(void*) LLColor4 color = te->getColor(); apr_file_printf(fp, "\t<Face\n\t\tFaceColor='%d %5f %5f %5f %5f'\n", face, color.mV[VX], color.mV[VY], color.mV[VZ], color.mV[VW]); - char texture[UUID_STR_LENGTH]; + char texture[UUID_STR_LENGTH]; /* Flawfinder: ignore */ LLUUID texid = te->getID(); texid.toString(texture); F32 sx, sy, ox, oy; @@ -3923,8 +3924,9 @@ void force_import_geometry(void*) return; } - char directory[LL_MAX_PATH]; - strcpy(directory, picker.getFirstFile()); + char directory[LL_MAX_PATH]; /* Flawfinder: ignore */ + strncpy(directory, picker.getFirstFile(), LL_MAX_PATH -1); /* Flawfinder: ignore */ + directory[LL_MAX_PATH -1] = '\0'; llinfos << "Loading LSG file " << directory << llendl; LLXmlTree *xmlparser = new LLXmlTree(); @@ -3947,8 +3949,8 @@ void force_import_geometry(void*) { // get object data // *NOTE: This buffer size is hard coded into scanf() below. - char name[255]; // Shape - char description[255]; // Description + char name[255]; /* Flawfinder: ignore */ // Shape + char description[255]; /* Flawfinder: ignore */ // Description U32 material; // Material F32 sx, sy, sz; // Scale LLVector3 scale; @@ -3979,9 +3981,11 @@ void force_import_geometry(void*) child->getAttributeString("PCode", &attribute); pcode = atoi(attribute.c_str()); child->getAttributeString("Shape", &attribute); - sscanf(attribute.c_str(), "%254s", name); + sscanf( /* Flawfinder: ignore */ + attribute.c_str(), "%254s", name); child->getAttributeString("Description", &attribute); - sscanf(attribute.c_str(), "%254s", description); + sscanf( /* Flawfinder: ignore */ + attribute.c_str(), "%254s", description); child->getAttributeString("Material", &attribute); material = atoi(attribute.c_str()); child->getAttributeString("Scale", &attribute); @@ -4984,7 +4988,7 @@ void toggle_map( void* user_data ) } else { - gFloaterMap->open(); + gFloaterMap->open(); /* Flawfinder: ignore */ } } @@ -5063,8 +5067,8 @@ const char* upload_pick(void* data) { const char* cur_token = token_iter->c_str(); - if (0 == strnicmp(cur_token, ext, strlen(cur_token)) || - 0 == strnicmp(cur_token, "*.*", strlen(cur_token))) + if (0 == strnicmp(cur_token, ext, strlen(cur_token)) || /* Flawfinder: ignore */ + 0 == strnicmp(cur_token, "*.*", strlen(cur_token))) /* Flawfinder: ignore */ { //valid extension //or the acceptable extension is any @@ -5091,7 +5095,7 @@ const char* upload_pick(void* data) if (type == LLFilePicker::FFLOAD_WAV) { // pre-qualify wavs to make sure the format is acceptable - char error_msg[MAX_STRING]; + char error_msg[MAX_STRING]; /* Flawfinder: ignore */ if (check_for_invalid_wav_formats(filename,error_msg)) { llinfos << error_msg << ": " << filename << llendl; @@ -5194,7 +5198,7 @@ class LLFileUploadBulk : public view_listener_t char* end_p = strrchr(asset_name_str, '.'); // strip extension if exists if( !end_p ) { - end_p = asset_name_str + strlen( asset_name_str ); + end_p = asset_name_str + strlen( asset_name_str ); /* Flawfinder: ignore */ } S32 len = llmin( (S32) (DB_INV_ITEM_NAME_STR_LEN), (S32) (end_p - asset_name_str) ); @@ -5375,7 +5379,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, LLString ext = src_filename.substr(src_filename.find_last_of('.')); LLAssetType::EType asset_type = LLAssetType::AT_NONE; - char error_message[MAX_STRING]; + char error_message[MAX_STRING]; /* Flawfinder: ignore */ error_message[0] = '\0'; LLString temp_str; @@ -5389,7 +5393,8 @@ void upload_new_resource(const LLString& src_filename, std::string name, LLString short_name = filename.substr(offset); // No extension - sprintf(error_message, + snprintf(error_message, /* Flawfinder: ignore */ + MAX_STRING, "No file extension for the file: '%s'\nPlease make sure the file has a correct file extension", short_name.c_str()); args["[FILE]"] = short_name; @@ -5403,7 +5408,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, filename, IMG_CODEC_BMP )) { - sprintf(error_message, "Problem with file %s:\n\n%s\n", + snprintf(error_message, MAX_STRING, "Problem with file %s:\n\n%s\n", /* Flawfinder: ignore */ src_filename.c_str(), LLImageBase::getLastError().c_str()); args["[FILE]"] = src_filename; args["[ERROR]"] = LLImageBase::getLastError(); @@ -5418,7 +5423,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, filename, IMG_CODEC_TGA )) { - sprintf(error_message, "Problem with file %s:\n\n%s\n", + snprintf(error_message, MAX_STRING, "Problem with file %s:\n\n%s\n", /* Flawfinder: ignore */ src_filename.c_str(), LLImageBase::getLastError().c_str()); args["[FILE]"] = src_filename; args["[ERROR]"] = LLImageBase::getLastError(); @@ -5433,7 +5438,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, filename, IMG_CODEC_JPEG )) { - sprintf(error_message, "Problem with file %s:\n\n%s\n", + snprintf(error_message, MAX_STRING, "Problem with file %s:\n\n%s\n", /* Flawfinder: ignore */ src_filename.c_str(), LLImageBase::getLastError().c_str()); args["[FILE]"] = src_filename; args["[ERROR]"] = LLImageBase::getLastError(); @@ -5461,13 +5466,13 @@ void upload_new_resource(const LLString& src_filename, std::string name, switch(encode_result) { case LLVORBISENC_DEST_OPEN_ERR: - sprintf(error_message, "Couldn't open temporary compressed sound file for writing: %s\n", filename.c_str()); + snprintf(error_message, MAX_STRING, "Couldn't open temporary compressed sound file for writing: %s\n", filename.c_str()); /* Flawfinder: ignore */ args["[FILE]"] = filename; upload_error(error_message, "CannotOpenTemporarySoundFile", filename, args); break; default: - sprintf(error_message, "Unknown vorbis encode failure on: %s\n", src_filename.c_str()); + snprintf(error_message, MAX_STRING, "Unknown vorbis encode failure on: %s\n", src_filename.c_str()); /* Flawfinder: ignore */ args["[FILE]"] = src_filename; upload_error(error_message, "UnknownVorbisEncodeFailure", filename, args); break; @@ -5479,26 +5484,29 @@ void upload_new_resource(const LLString& src_filename, std::string name, { // This is a generic .lin resource file asset_type = LLAssetType::AT_OBJECT; - FILE *in = LLFile::fopen(src_filename.c_str(), "rb"); + FILE* in = LLFile::fopen(src_filename.c_str(), "rb"); /* Flawfinder: ignore */ if (in) { // read in the file header - char buf[16384]; - S32 read; + char buf[16384]; /* Flawfinder: ignore */ + S32 read; /* Flawfinder: ignore */ S32 version; if (fscanf(in, "LindenResource\nversion %d\n", &version)) { if (2 == version) { // *NOTE: This buffer size is hard coded into scanf() below. - char label[MAX_STRING]; - char value[MAX_STRING]; + char label[MAX_STRING]; /* Flawfinder: ignore */ + char value[MAX_STRING]; /* Flawfinder: ignore */ S32 tokens_read; while (fgets(buf, 1024, in)) { label[0] = '\0'; value[0] = '\0'; - tokens_read = sscanf(buf, "%254s %254s\n", label, value); + tokens_read = sscanf( /* Flawfinder: ignore */ + buf, + "%254s %254s\n", + label, value); llinfos << "got: " << label << " = " << value << llendl; @@ -5506,7 +5514,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, if (EOF == tokens_read) { fclose(in); - sprintf(error_message, "corrupt resource file: %s", src_filename.c_str()); + snprintf(error_message, MAX_STRING, "corrupt resource file: %s", src_filename.c_str()); /* Flawfinder: ignore */ args["[FILE]"] = src_filename; upload_error(error_message, "CorruptResourceFile", filename, args); return; @@ -5534,7 +5542,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, else { fclose(in); - sprintf(error_message, "unknown linden resource file version in file: %s", src_filename.c_str()); + snprintf(error_message, MAX_STRING, "unknown linden resource file version in file: %s", src_filename.c_str()); /* Flawfinder: ignore */ args["[FILE]"] = src_filename; upload_error(error_message, "UnknownResourceFileVersion", filename, args); return; @@ -5553,24 +5561,24 @@ void upload_new_resource(const LLString& src_filename, std::string name, // read in and throw out most of the header except for the type fread(buf, header_size, 1, in); - memcpy(&type_num, buf + 16, sizeof(S16)); + memcpy(&type_num, buf + 16, sizeof(S16)); /* Flawfinder: ignore */ asset_type = (LLAssetType::EType)type_num; } // copy the file's data segment into another file for uploading - FILE *out = LLFile::fopen(filename.c_str(), "wb"); + FILE* out = LLFile::fopen(filename.c_str(), "wb"); /* Flawfinder: ignore */ if (out) { - while((read = fread(buf, 1, 16384, in))) + while((read = fread(buf, 1, 16384, in))) /* Flawfinder: ignore */ { - fwrite(buf, 1, read, out); + fwrite(buf, 1, read, out); /* Flawfinder: ignore */ } fclose(out); } else { fclose(in); - sprintf(error_message, "Unable to create output file: %s", filename.c_str()); + snprintf(error_message, MAX_STRING, "Unable to create output file: %s", filename.c_str()); /* Flawfinder: ignore */ args["[FILE]"] = filename; upload_error(error_message, "UnableToCreateOutputFile", filename, args); return; @@ -5585,14 +5593,14 @@ void upload_new_resource(const LLString& src_filename, std::string name, } else if (LLString::compareInsensitive(ext.c_str(),".bvh") == 0) { - sprintf(error_message, "We do not currently support bulk upload of animation files\n"); + snprintf(error_message, MAX_STRING, "We do not currently support bulk upload of animation files\n"); /* Flawfinder: ignore */ upload_error(error_message, "DoNotSupportBulkAnimationUpload", filename, args); return; } else { // Unknown extension - sprintf(error_message, "Unknown file extension %s\nExpected .wav, .tga, .bmp, .jpg, .jpeg, or .bvh", ext.c_str()); + snprintf(error_message, MAX_STRING, "Unknown file extension %s\nExpected .wav, .tga, .bmp, .jpg, .jpeg, or .bvh", ext.c_str()); /* Flawfinder: ignore */ error = TRUE;; } @@ -5621,7 +5629,7 @@ void upload_new_resource(const LLString& src_filename, std::string name, } else { - sprintf(error_message, "Unable to access output file: %s", filename.c_str()); + snprintf(error_message, MAX_STRING, "Unable to access output file: %s", filename.c_str()); /* Flawfinder: ignore */ error = TRUE; } } @@ -5865,7 +5873,7 @@ void upload_done_callback(const LLUUID& uuid, void* user_data, S32 result) // St char* end_p = strrchr(asset_name_str, '.'); // strip extension if exists if( !end_p ) { - end_p = asset_name_str + strlen( asset_name_str ); + end_p = asset_name_str + strlen( asset_name_str ); /* Flawfinder: ignore */ } S32 len = llmin( (S32) (DB_INV_ITEM_NAME_STR_LEN), (S32) (end_p - asset_name_str) ); @@ -6605,7 +6613,15 @@ class LLPromptShowURL : public view_listener_t LLString alert = param.substr(0, offset); LLString url = param.substr(offset+1); char *url_copy = new char[url.size()+1]; - strcpy(url_copy, url.c_str()); + if (url_copy != NULL) + { + strcpy(url_copy, url.c_str()); /* Flawfinder: ignore */ + } + else + { + llerrs << "Memory Allocation Failed" << llendl; + return false; + } gViewerWindow->alertXml(alert, callback_show_url, url_copy); } else @@ -6637,7 +6653,15 @@ class LLPromptShowFile : public view_listener_t LLString alert = param.substr(0, offset); LLString file = param.substr(offset+1); char *file_copy = new char[file.size()+1]; - strcpy(file_copy, file.c_str()); + if (file_copy != NULL) + { + strcpy(file_copy, file.c_str()); /* Flawfinder: ignore */ + } + else + { + llerrs << "Memory Allocation Failed" << llendl; + return false; + } gViewerWindow->alertXml(alert, callback_show_file, file_copy); } else @@ -8194,10 +8218,10 @@ LLVOAvatar* find_avatar_from_object( const LLUUID& object_id ) void handle_disconnect_viewer(void *) { - char message[2048]; + char message[2048]; /* Flawfinder: ignore */ message[0] = '\0'; - sprintf(message, "Testing viewer disconnect"); + snprintf(message, sizeof(message), "Testing viewer disconnect"); /* Flawfinder: ignore */ do_disconnect(message); } diff --git a/indra/newview/llviewermessage.cpp b/indra/newview/llviewermessage.cpp index f95ec9e3cc..71e3b5dded 100644 --- a/indra/newview/llviewermessage.cpp +++ b/indra/newview/llviewermessage.cpp @@ -295,7 +295,7 @@ void export_complete() gExporterRequestID.setNull(); gExportDirectory = ""; - FILE *fXML = LLFile::fopen(gExportedFile.c_str(), "rb"); + FILE* fXML = LLFile::fopen(gExportedFile.c_str(), "rb"); /* Flawfinder: ignore */ fseek(fXML, 0, SEEK_END); U32 length = ftell(fXML); fseek(fXML, 0, SEEK_SET); @@ -311,8 +311,8 @@ void export_complete() if (pos_check && pos_uuid) { - char image_uuid_str[UUID_STR_SIZE]; - memcpy(image_uuid_str, pos_uuid+2, UUID_STR_SIZE-1); + char image_uuid_str[UUID_STR_SIZE]; /* Flawfinder: ignore */ + memcpy(image_uuid_str, pos_uuid+2, UUID_STR_SIZE-1); /* Flawfinder: ignore */ image_uuid_str[UUID_STR_SIZE-1] = 0; LLUUID image_uuid(image_uuid_str); @@ -323,12 +323,15 @@ void export_complete() if (itor != gImageChecksums.end()) { llinfos << "Replacing with checksum: " << itor->second << llendl; - memcpy(&pos_check[10], itor->second.c_str(), 32); + if (itor->second.c_str() != NULL) + { + memcpy(&pos_check[10], itor->second.c_str(), 32); /* Flawfinder: ignore */ + } } } } - FILE *fXMLOut = LLFile::fopen(gExportedFile.c_str(), "wb"); + FILE* fXMLOut = LLFile::fopen(gExportedFile.c_str(), "wb"); /* Flawfinder: ignore */ fwrite(buffer, 1, length, fXMLOut); fclose(fXMLOut); @@ -381,7 +384,7 @@ void exported_j2c_complete(const LLTSCode status, void *user_data) } else { - FILE *fIn = LLFile::fopen(filename.c_str(), "rb"); + FILE* fIn = LLFile::fopen(filename.c_str(), "rb"); /* Flawfinder: ignore */ if (fIn) { LLPointer<LLImageJ2C> ImageUtility = new LLImageJ2C; @@ -406,22 +409,22 @@ void exported_j2c_complete(const LLTSCode status, void *user_data) S32 data_size = TargaUtility->getDataSize(); char *file_path = new char[filename.size()+1]; - strcpy(file_path, filename.c_str()); + strcpy(file_path, filename.c_str()); /* Flawfinder: ignore */ char *end = strrchr(file_path, gDirUtilp->getDirDelimiter()[0]); end[0] = 0; LLString output_file = llformat("%s/image-%03d.tga", file_path, image_num);//filename; delete file_path; //S32 name_len = output_file.length(); //strcpy(&output_file[name_len-3], "tga"); - FILE *fOut = LLFile::fopen(output_file.c_str(), "wb"); - char md5_hash_string[33]; - strcpy(md5_hash_string, "00000000000000000000000000000000"); + FILE* fOut = LLFile::fopen(output_file.c_str(), "wb"); /* Flawfinder: ignore */ + char md5_hash_string[33]; /* Flawfinder: ignore */ + strcpy(md5_hash_string, "00000000000000000000000000000000"); /* Flawfinder: ignore */ if (fOut) { fwrite(data, 1, data_size, fOut); fseek(fOut, 0, SEEK_SET); fclose(fOut); - fOut = LLFile::fopen(output_file.c_str(), "rb"); + fOut = LLFile::fopen(output_file.c_str(), "rb"); /* Flawfinder: ignore */ LLMD5 my_md5_hash(fOut); my_md5_hash.hex_digest(md5_hash_string); } @@ -782,7 +785,7 @@ void inventory_offer_callback(S32 option, void* user_data) { if (info->mFromGroup) { - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /* Flawfinder: ignore */ if (gCacheName->getGroupName(info->mFromID, group_name)) { from_string = LLString("An object named ") + info->mFromName + " owned by the group '" + group_name + "'"; @@ -794,8 +797,8 @@ void inventory_offer_callback(S32 option, void* user_data) } else { - char first_name[MAX_STRING]; - char last_name[MAX_STRING]; + char first_name[MAX_STRING]; /* Flawfinder: ignore */ + char last_name[MAX_STRING]; /* Flawfinder: ignore */ if (gCacheName->getName(info->mFromID, first_name, last_name)) { from_string = LLString("An object named ") + info->mFromName + " owned by " + first_name + " " + last_name; @@ -981,8 +984,8 @@ void inventory_offer_handler(LLOfferInfo* info, BOOL from_task) // Name cache callbacks don't store userdata, so can't save // off the LLOfferInfo. Argh. JC BOOL name_found = FALSE; - char first_name[MAX_STRING]; - char last_name[MAX_STRING]; + char first_name[MAX_STRING]; /* Flawfinder: ignore */ + char last_name[MAX_STRING]; /* Flawfinder: ignore */ if (info->mFromGroup) { if (gCacheName->getGroupName(info->mFromID, first_name)) @@ -1114,12 +1117,12 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) U8 d = 0; LLUUID session_id; U32 t; - char name[DB_FULL_NAME_BUF_SIZE]; - char message[DB_IM_MSG_BUF_SIZE]; + char name[DB_FULL_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char message[DB_IM_MSG_BUF_SIZE]; /* Flawfinder: ignore */ U32 parent_estate_id = 0; LLUUID region_id; LLVector3 position; - char buffer[DB_IM_MSG_BUF_SIZE * 2]; + char buffer[DB_IM_MSG_BUF_SIZE * 2]; /* Flawfinder: ignore */ U8 binary_bucket[MTUBYTES]; S32 binary_bucket_size; LLChat chat; @@ -1158,13 +1161,13 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) is_owned_by_me = source->permYouOwner(); } - char separator_string[3]=": "; + char separator_string[3]=": "; /* Flawfinder: ignore */ int message_offset=0; //Handle IRC styled /me messages. if (!strncmp(message, "/me ", 4) || !strncmp(message, "/me'", 4)) { - strcpy(separator_string,""); + strcpy(separator_string,""); /* Flawfinder: ignore */ message_offset=3; } @@ -1218,7 +1221,7 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) // now store incoming IM in chat history - sprintf(buffer, "%s%s%s", name, separator_string, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "%s%s%s", name, separator_string, (message+message_offset)); /* Flawfinder: ignore */ if(from_id == gAgentID) { @@ -1239,14 +1242,14 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) position); // pretend this is chat generated by self, so it does not show up on screen - sprintf(buffer, "IM: %s%s%s", name, separator_string, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "IM: %s%s%s", name, separator_string, (message+message_offset)); /* Flawfinder: ignore */ chat.mText = buffer; LLFloaterChat::addChat( chat, TRUE, TRUE ); } else if (from_id.isNull()) { // Messages from "Second Life" don't go to IM history - sprintf(buffer, "%s: %s", name, message); + snprintf(buffer, sizeof(buffer), "%s: %s", name, message); /* Flawfinder: ignore */ chat.mText = buffer; LLFloaterChat::addChat(chat, FALSE, FALSE); } @@ -1260,7 +1263,7 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) // Treat like a system message and put in chat history. // Claim to be from a local agent so it doesn't go into // console. - sprintf(buffer, "%s%s%s", name, separator_string, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "%s%s%s", name, separator_string, (message+message_offset)); /* Flawfinder: ignore */ chat.mText = buffer; BOOL local_agent = TRUE; LLFloaterChat::addChat(chat, FALSE, local_agent); @@ -1268,15 +1271,15 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) else { // standard message, not from system - char saved[MAX_STRING]; + char saved[MAX_STRING]; /* Flawfinder: ignore */ saved[0] = '\0'; if(offline == IM_OFFLINE) { - char time_buf[TIME_STR_LENGTH]; - sprintf(saved, "(Saved %s) ", + char time_buf[TIME_STR_LENGTH]; /* Flawfinder: ignore */ + snprintf(saved, MAX_STRING, "(Saved %s) ", /* Flawfinder: ignore */ formatted_time(timestamp, time_buf)); } - sprintf(buffer, "%s%s%s%s", name, separator_string, saved,(message+message_offset)); + snprintf(buffer, sizeof(buffer), "%s%s%s%s", name, separator_string, saved,(message+message_offset)); /* Flawfinder: ignore */ if(from_id == gAgentID) { from_id = LLUUID::null; @@ -1295,7 +1298,7 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) parent_estate_id, region_id, position); - sprintf(buffer, "IM: %s%s%s%s", name, separator_string, saved, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "IM: %s%s%s%s", name, separator_string, saved, (message+message_offset)); /* Flawfinder: ignore */ chat.mText = buffer; BOOL local_agent = FALSE; @@ -1559,16 +1562,17 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) } // standard message, not from system - char saved[MAX_STRING]; + char saved[MAX_STRING]; /* Flawfinder: ignore */ saved[0] = '\0'; if(offline == IM_OFFLINE) { - char time_buf[TIME_STR_LENGTH]; - sprintf(saved, + char time_buf[TIME_STR_LENGTH]; /* Flawfinder: ignore */ + snprintf(saved, /* Flawfinder: ignore */ + MAX_STRING, "(Saved %s) ", formatted_time(timestamp, time_buf)); } - sprintf(buffer, "%s%s%s%s", name, separator_string, saved, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "%s%s%s%s", name, separator_string, saved, (message+message_offset)); /* Flawfinder: ignore */ BOOL is_this_agent = FALSE; if(from_id == gAgentID) { @@ -1586,7 +1590,7 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) region_id, position); - sprintf(buffer, "IM: %s%s%s%s", name, separator_string, saved, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "IM: %s%s%s%s", name, separator_string, saved, (message+message_offset)); /* Flawfinder: ignore */ chat.mText = buffer; LLFloaterChat::addChat(chat, TRUE, is_this_agent); } @@ -1597,7 +1601,7 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) { return; } - sprintf(buffer, "%s%s%s", name, separator_string, (message+message_offset)); + snprintf(buffer, sizeof(buffer), "%s%s%s", name, separator_string, (message+message_offset)); /* Flawfinder: ignore */ // Note: lie to LLFloaterChat::addChat(), pretending that this is NOT an IM, because // IMs from objcts don't open IM sessions. chat.mText = buffer; @@ -1669,7 +1673,14 @@ void process_improved_im(LLMessageSystem *msg, void **user_data) case IM_GOTO_URL: { char* url = new char[binary_bucket_size]; - strcpy(url, (char*)binary_bucket); + if (url == NULL) + { + llerrs << "Memory Allocation failed" << llendl; + return; + } + + strncpy(url, (char*)binary_bucket, binary_bucket_size-1); /* Flawfinder: ignore */ + url[binary_bucket_size-1] = '\0'; args["[MESSAGE]"] = message; args["[URL]"] = url; LLNotifyBox::showXml("GotoURL", args, @@ -1912,8 +1923,8 @@ void process_decline_callingcard(LLMessageSystem* msg, void**) void process_chat_from_simulator(LLMessageSystem *msg, void **user_data) { LLChat chat; - char mesg[DB_CHAT_MSG_BUF_SIZE]; - char from_name[DB_FULL_NAME_BUF_SIZE]; + char mesg[DB_CHAT_MSG_BUF_SIZE]; /* Flawfinder: ignore */ + char from_name[DB_FULL_NAME_BUF_SIZE]; /* Flawfinder: ignore */ U8 source_temp; U8 type_temp; U8 audible_temp; @@ -2264,7 +2275,7 @@ void process_teleport_progress(LLMessageSystem* msg, void**) { gViewerWindow->setProgressCancelButtonVisible(TRUE, "Cancel"); } - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ msg->getString("Info", "Message", MAX_STRING, buffer); lldebugs << "teleport progress: " << buffer << llendl; gAgent.setTeleportMessage(buffer); @@ -2354,7 +2365,7 @@ void process_teleport_finish(LLMessageSystem* msg, void**) msg->getU32Fast(_PREHASH_Info, _PREHASH_TeleportFlags, teleport_flags); - char seedCap[STD_STRING_BUF_SIZE]; + char seedCap[STD_STRING_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_Info, _PREHASH_SeedCapability, STD_STRING_BUF_SIZE, seedCap); @@ -2638,7 +2649,7 @@ void process_crossed_region(LLMessageSystem* msg, void**) U64 region_handle; msg->getU64Fast(_PREHASH_RegionData, _PREHASH_RegionHandle, region_handle); - char seedCap[STD_STRING_BUF_SIZE]; + char seedCap[STD_STRING_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_RegionData, _PREHASH_SeedCapability, STD_STRING_BUF_SIZE, seedCap); send_complete_agent_movement(sim_host); @@ -3639,7 +3650,7 @@ void process_set_follow_cam_properties(LLMessageSystem *mesgsys, void **user_dat // Culled from newsim lltask.cpp void process_name_value(LLMessageSystem *mesgsys, void **user_data) { - char temp_str[NAME_VALUE_BUF_SIZE]; + char temp_str[NAME_VALUE_BUF_SIZE]; /* Flawfinder: ignore */ LLUUID id; S32 i, num_blocks; @@ -3665,7 +3676,7 @@ void process_name_value(LLMessageSystem *mesgsys, void **user_data) void process_remove_name_value(LLMessageSystem *mesgsys, void **user_data) { - char temp_str[NAME_VALUE_BUF_SIZE]; + char temp_str[NAME_VALUE_BUF_SIZE]; /* Flawfinder: ignore */ LLUUID id; S32 i, num_blocks; @@ -3691,7 +3702,7 @@ void process_remove_name_value(LLMessageSystem *mesgsys, void **user_data) void process_kick_user(LLMessageSystem *msg, void** /*user_data*/) { - char message[2048]; + char message[2048]; /* Flawfinder: ignore */ message[0] = '\0'; msg->getStringFast(_PREHASH_UserInfo, _PREHASH_Reason, 2048, message); @@ -3759,7 +3770,7 @@ void process_money_balance_reply( LLMessageSystem* msg, void** ) S32 balance = 0; S32 credit = 0; S32 committed = 0; - char desc[STD_STRING_BUF_SIZE] = ""; + char desc[STD_STRING_BUF_SIZE] = ""; /* Flawfinder: ignore */ msg->getS32("MoneyData", "MoneyBalance", balance); msg->getS32("MoneyData", "SquareMetersCredit", credit); @@ -3820,7 +3831,7 @@ void process_money_balance_reply( LLMessageSystem* msg, void** ) void process_agent_alert_message(LLMessageSystem* msgsystem, void** user_data) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ msgsystem->getStringFast(_PREHASH_AlertData, _PREHASH_Message, MAX_STRING, buffer); BOOL modal = FALSE; msgsystem->getBOOL("AlertData", "Modal", modal); @@ -3829,7 +3840,7 @@ void process_agent_alert_message(LLMessageSystem* msgsystem, void** user_data) void process_alert_message(LLMessageSystem *msgsystem, void **user_data) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ msgsystem->getStringFast(_PREHASH_AlertData, _PREHASH_Message, MAX_STRING, buffer); BOOL modal = FALSE; process_alert_core(buffer, modal); @@ -3849,10 +3860,11 @@ void process_alert_core(const char* buffer, BOOL modal) else if( !strcmp( buffer, "Home position set." ) ) { // save the home location image to disk - char temp_str[LL_MAX_PATH]; - strcpy(temp_str, gDirUtilp->getLindenUserDir().c_str()); - strcat(temp_str, "/"); - strcat(temp_str,SCREEN_HOME_FILENAME); + char temp_str[LL_MAX_PATH]; /* Flawfinder: ignore */ + strncpy(temp_str, gDirUtilp->getLindenUserDir().c_str(), LL_MAX_PATH -1); /* Flawfinder: ignore */ + temp_str[LL_MAX_PATH -1] = '\0'; + strcat(temp_str, "/"); /* Flawfinder: ignore */ + strcat(temp_str,SCREEN_HOME_FILENAME); /* Flawfinder: ignore */ gViewerWindow->saveSnapshot(temp_str, gViewerWindow->getWindowWidth(), gViewerWindow->getWindowHeight(), FALSE, FALSE); } @@ -3930,8 +3942,10 @@ void mean_name_callback(const LLUUID &id, const char *first, const char *last, B { if (mcd->mPerp == id) { - strcpy(mcd->mFirstName, first); - strcpy(mcd->mLastName, last); + strncpy(mcd->mFirstName, first, DB_FIRST_NAME_BUF_SIZE -1); /* Flawfinder: ignore */ + mcd->mFirstName[DB_FIRST_NAME_BUF_SIZE -1] = '\0'; + strncpy(mcd->mLastName, last, DB_LAST_NAME_BUF_SIZE -1); /* Flawfinder: ignore */ + mcd->mLastName[DB_LAST_NAME_BUF_SIZE -1] = '\0'; } } } @@ -4082,8 +4096,8 @@ void process_script_question(LLMessageSystem *msg, void **user_data) LLUUID taskid; LLUUID itemid; S32 questions; - char object_name[255]; - char owner_name[DB_FULL_NAME_BUF_SIZE]; + char object_name[255]; /* Flawfinder: ignore */ + char owner_name[DB_FULL_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getUUIDFast(_PREHASH_Data, _PREHASH_TaskID, taskid ); msg->getUUIDFast(_PREHASH_Data, _PREHASH_ItemID, itemid ); @@ -4243,7 +4257,7 @@ char* formatted_time(const time_t& the_time, char* buffer) void process_teleport_failed(LLMessageSystem *msg, void**) { - char reason[STD_STRING_BUF_SIZE]; + char reason[STD_STRING_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_Info, _PREHASH_Reason, STD_STRING_BUF_SIZE, reason); LLStringBase<char>::format_map_t args; @@ -4517,10 +4531,10 @@ void process_user_info_reply(LLMessageSystem* msg, void**) BOOL im_via_email; msg->getBOOLFast(_PREHASH_UserData, _PREHASH_IMViaEMail, im_via_email); - char email[DB_USER_EMAIL_ADDR_BUF_SIZE]; + char email[DB_USER_EMAIL_ADDR_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_UserData, _PREHASH_EMail, DB_USER_EMAIL_ADDR_BUF_SIZE, email); - char dir_visibility[MAX_STRING]; + char dir_visibility[MAX_STRING]; /* Flawfinder: ignore */ msg->getString( "UserData", "DirectoryVisibility", MAX_STRING, dir_visibility); @@ -4577,11 +4591,11 @@ void process_script_dialog(LLMessageSystem* msg, void**) ScriptDialogInfo* info = new ScriptDialogInfo; const S32 messageLength = SCRIPT_DIALOG_MAX_MESSAGE_SIZE + sizeof(SCRIPT_DIALOG_HEADER); - char message[messageLength]; // Account for size of "Script Dialog:\n" + char message[messageLength]; /* Flawfinder: ignore */ // Account for size of "Script Dialog:\n" - char first_name[DB_FIRST_NAME_BUF_SIZE]; - char last_name[DB_GROUP_NAME_BUF_SIZE]; - char title[DB_INV_ITEM_NAME_BUF_SIZE]; + char first_name[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char last_name[DB_GROUP_NAME_BUF_SIZE]; /* Flawfinder: ignore */ + char title[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ info->mSender = msg->getSender(); msg->getUUID("Data", "ObjectID", info->mObjectID); @@ -4603,7 +4617,7 @@ void process_script_dialog(LLMessageSystem* msg, void**) for (i = 0; i < button_count; i++) { - char tdesc[SCRIPT_DIALOG_BUTTON_STR_SIZE+1]; + char tdesc[SCRIPT_DIALOG_BUTTON_STR_SIZE+1]; /* Flawfinder: ignore */ msg->getString("Buttons", "ButtonLabel", SCRIPT_DIALOG_BUTTON_STR_SIZE + 1, tdesc, i); info->mButtons.push_back(LLString(tdesc)); } @@ -4611,7 +4625,7 @@ void process_script_dialog(LLMessageSystem* msg, void**) LLStringBase<char>::format_map_t args; args["[TITLE]"] = title; args["[MESSAGE]"] = message; - if (strlen(first_name) > 0) + if (strlen(first_name) > 0) /* Flawfinder: ignore */ { args["[FIRST]"] = first_name; args["[LAST]"] = last_name; @@ -4637,9 +4651,9 @@ struct LoadUrlInfo LLUUID mObjectID; LLUUID mOwnerID; BOOL mOwnerIsGroup; - char mObjectName[256]; - char mMessage[256]; - char mUrl[256]; + char mObjectName[256]; /* Flawfinder: ignore */ + char mMessage[256]; /* Flawfinder: ignore */ + char mUrl[256]; /* Flawfinder: ignore */ }; std::vector<LoadUrlInfo*> gLoadUrlList; @@ -4751,8 +4765,8 @@ void process_initiate_download(LLMessageSystem* msg, void**) return; } - char sim_filename[MAX_PATH]; - char viewer_filename[MAX_PATH]; + char sim_filename[MAX_PATH]; /* Flawfinder: ignore */ + char viewer_filename[MAX_PATH]; /* Flawfinder: ignore */ msg->getString("FileData", "SimFilename", MAX_PATH, sim_filename); msg->getString("FileData", "ViewerFilename", MAX_PATH, viewer_filename); @@ -4768,8 +4782,8 @@ void process_initiate_download(LLMessageSystem* msg, void**) void process_script_teleport_request(LLMessageSystem* msg, void**) { - char object_name[256]; - char sim_name[256]; + char object_name[256]; /* Flawfinder: ignore */ + char sim_name[256]; /* Flawfinder: ignore */ LLVector3 pos; LLVector3 look_at; @@ -4785,7 +4799,7 @@ void process_script_teleport_request(LLMessageSystem* msg, void**) void process_covenant_reply(LLMessageSystem* msg, void**) { LLUUID covenant_id, estate_owner_id; - char estate_name[MAX_STRING]; + char estate_name[MAX_STRING]; /* Flawfinder: ignore */ U32 covenant_timestamp; msg->getUUID("Data", "CovenantID", covenant_id); msg->getU32("Data", "CovenantTimestamp", covenant_timestamp); @@ -4797,10 +4811,10 @@ void process_covenant_reply(LLMessageSystem* msg, void**) LLFloaterBuyLand::updateEstateName(estate_name); // standard message, not from system - char last_modified[MAX_STRING]; + char last_modified[MAX_STRING]; /* Flawfinder: ignore */ last_modified[0] = '\0'; - char time_buf[TIME_STR_LENGTH]; - sprintf(last_modified, "Last Modified %s", + char time_buf[TIME_STR_LENGTH]; /* Flawfinder: ignore */ + snprintf(last_modified, MAX_STRING, "Last Modified %s", /* Flawfinder: ignore */ formatted_time((time_t)covenant_timestamp, time_buf)); LLPanelEstateCovenant::updateLastModified(last_modified); @@ -4879,7 +4893,13 @@ void onCovenantLoadComplete(LLVFS *vfs, S32 file_length = file.getSize(); char* buffer = new char[file_length+1]; - file.read((U8*)buffer, file_length); + if (buffer == NULL) + { + llerrs << "Memory Allocation failed" << llendl; + return; + } + + file.read((U8*)buffer, file_length); /* Flawfinder: ignore */ // put a EOS at the end buffer[file_length] = 0; @@ -4990,7 +5010,7 @@ void process_feature_disabled_message(LLMessageSystem* msg, void**) // Handle Blacklisted feature simulator response... LLUUID agentID; LLUUID transactionID; - char messageText[MAX_STRING]; + char messageText[MAX_STRING]; /* Flawfinder: ignore */ msg->getStringFast(_PREHASH_FailureInfo,_PREHASH_ErrorMessage,MAX_STRING,&messageText[0],0); msg->getUUIDFast(_PREHASH_FailureInfo,_PREHASH_AgentID,agentID); msg->getUUIDFast(_PREHASH_FailureInfo,_PREHASH_TransactionID,transactionID); diff --git a/indra/newview/llviewernetwork.cpp b/indra/newview/llviewernetwork.cpp index 93c2c7e3f3..b02985ddfa 100644 --- a/indra/newview/llviewernetwork.cpp +++ b/indra/newview/llviewernetwork.cpp @@ -63,7 +63,7 @@ LLUserServerData gUserServerDomainName[USERSERVER_COUNT] = // Use this to figure out which domain name and login URI to use. EUserServerDomain gUserServerChoice = USERSERVER_NONE; -char gUserServerName[MAX_STRING]; +char gUserServerName[MAX_STRING]; /* Flawfinder: ignore */ LLHost gUserServer; @@ -71,4 +71,4 @@ F32 gPacketDropPercentage = 0.f; F32 gInBandwidth = 0.f; F32 gOutBandwidth = 0.f; -unsigned char gMACAddress[MAC_ADDRESS_BYTES]; +unsigned char gMACAddress[MAC_ADDRESS_BYTES]; /* Flawfinder: ignore */
\ No newline at end of file diff --git a/indra/newview/llviewernetwork.h b/indra/newview/llviewernetwork.h index 2de06bf941..d461369d02 100644 --- a/indra/newview/llviewernetwork.h +++ b/indra/newview/llviewernetwork.h @@ -45,9 +45,9 @@ extern F32 gInBandwidth; extern F32 gOutBandwidth; extern EUserServerDomain gUserServerChoice; extern LLUserServerData gUserServerDomainName[]; -extern char gUserServerName[MAX_STRING]; +extern char gUserServerName[MAX_STRING]; /* Flawfinder: ignore */ const S32 MAC_ADDRESS_BYTES = 6; -extern unsigned char gMACAddress[MAC_ADDRESS_BYTES]; +extern unsigned char gMACAddress[MAC_ADDRESS_BYTES]; /* Flawfinder: ignore */ #endif diff --git a/indra/newview/llviewerobject.cpp b/indra/newview/llviewerobject.cpp index 0f1479af68..1ff2d81b0c 100644 --- a/indra/newview/llviewerobject.cpp +++ b/indra/newview/llviewerobject.cpp @@ -933,7 +933,7 @@ U32 LLViewerObject::processUpdateMessage(LLMessageSystem *mesgsys, mText->setOnHUDAttachment(isHUDAttachment()); } - char temp_string[256]; // not MAX_STRING, must hold 255 chars + \0 + char temp_string[256]; /* Flawfinder: ignore */ // not MAX_STRING, must hold 255 chars + \0 mesgsys->getStringFast(_PREHASH_ObjectData, _PREHASH_Text, 256, temp_string, block_num ); LLColor4U coloru; @@ -956,7 +956,7 @@ U32 LLViewerObject::processUpdateMessage(LLMessageSystem *mesgsys, mText = NULL; } - char media_url[MAX_STRING+1]; + char media_url[MAX_STRING+1]; /* Flawfinder: ignore */ mesgsys->getStringFast(_PREHASH_ObjectData, _PREHASH_MediaURL, MAX_STRING+1, media_url, block_num); //if (media_url[0]) //{ @@ -2029,7 +2029,7 @@ BOOL LLViewerObject::setData(const U8 *datap, const U32 data_size) { return FALSE; } - memcpy(mData, datap, data_size); + memcpy(mData, datap, data_size); /* Flawfinder: ignore */ } return TRUE; } @@ -2281,7 +2281,7 @@ void LLViewerObject::requestInventory() struct LLFilenameAndTask { LLUUID mTaskID; - char mFilename[MAX_STRING]; // Just the filename, not the path + char mFilename[MAX_STRING]; /* Flawfinder: ignore */ // Just the filename, not the path #ifdef _DEBUG static S32 sCount; LLFilenameAndTask() @@ -2376,9 +2376,9 @@ void LLViewerObject::loadTaskInvFile(const char* filename) llifstream ifs(filename_and_local_path.c_str()); if(ifs.good()) { - char buffer[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ // *NOTE: This buffer size is hard coded into scanf() below. - char keyword[MAX_STRING]; + char keyword[MAX_STRING]; /* Flawfinder: ignore */ if(mInventory) { mInventory->clear(); // will deref and delete it @@ -2390,7 +2390,7 @@ void LLViewerObject::loadTaskInvFile(const char* filename) while(ifs.good()) { ifs.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s", keyword); + sscanf(buffer, " %254s", keyword); /* Flawfinder: ignore */ if(0 == strcmp("inv_item", keyword)) { LLPointer<LLInventoryObject> inv = new LLViewerInventoryItem; diff --git a/indra/newview/llviewerparcelmgr.cpp b/indra/newview/llviewerparcelmgr.cpp index a3cfe734ff..a31708a621 100644 --- a/indra/newview/llviewerparcelmgr.cpp +++ b/indra/newview/llviewerparcelmgr.cpp @@ -2129,16 +2129,16 @@ void LLViewerParcelMgr::sendParcelAccessListUpdate(U32 which) void LLViewerParcelMgr::deedLandToGroup() { - char group_name[MAX_STRING]; + char group_name[MAX_STRING]; /* Flawfinder: ignore */ gCacheName->getGroupName(mParcel->getGroupID(), group_name); LLString::format_map_t args; args["[AREA]"] = llformat("%d", mParcel->getArea()); args["[GROUP_NAME]"] = group_name; if(mParcel->getContributeWithDeed()) { - char first_name[DB_FIRST_NAME_BUF_SIZE]; + char first_name[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ first_name[0] = '\0'; - char last_name[DB_FIRST_NAME_BUF_SIZE]; + char last_name[DB_FIRST_NAME_BUF_SIZE]; /* Flawfinder: ignore */ last_name[0] = '\0'; gCacheName->getName(mParcel->getOwnerID(), first_name, last_name); args["[FIRST_NAME]"] = first_name; diff --git a/indra/newview/llviewerparceloverlay.cpp b/indra/newview/llviewerparceloverlay.cpp index 2c04c073db..a159bacd16 100644 --- a/indra/newview/llviewerparceloverlay.cpp +++ b/indra/newview/llviewerparceloverlay.cpp @@ -274,7 +274,7 @@ void LLViewerParcelOverlay::uncompressLandOverlay(S32 chunk, U8 *packed_overlay) S32 size = mParcelGridsPerEdge * mParcelGridsPerEdge; S32 chunk_size = size / PARCEL_OVERLAY_CHUNKS; - memcpy(mOwnership + chunk*chunk_size, packed_overlay, chunk_size); + memcpy(mOwnership + chunk*chunk_size, packed_overlay, chunk_size); /*Flawfinder: ignore*/ // Force property lines and overlay texture to update setDirty(); diff --git a/indra/newview/llviewerregion.cpp b/indra/newview/llviewerregion.cpp index 09cbf494bc..fa68e25b0e 100644 --- a/indra/newview/llviewerregion.cpp +++ b/indra/newview/llviewerregion.cpp @@ -159,14 +159,14 @@ void LLViewerRegion::loadCache() LLVOCacheEntry *entry; - char filename[256]; - sprintf(filename, "%s%sobjects_%d_%d.slc", + char filename[256]; /* Flawfinder: ignore */ + snprintf(filename, sizeof(filename), "%s%sobjects_%d_%d.slc", /* Flawfinder: ignore */ gDirUtilp->getExpandedFilename(LL_PATH_CACHE,"").c_str(), gDirUtilp->getDirDelimiter().c_str(), U32(mHandle>>32)/REGION_WIDTH_UNITS, U32(mHandle)/REGION_WIDTH_UNITS ); - FILE *fp = LLFile::fopen(filename, "rb"); + FILE* fp = LLFile::fopen(filename, "rb"); /* Flawfinder: ignore */ if (!fp) { // might not have a file, which is normal @@ -240,14 +240,14 @@ void LLViewerRegion::saveCache() return; } - char filename[256]; - sprintf(filename, "%s%sobjects_%d_%d.slc", + char filename[256]; /* Flawfinder: ignore */ + snprintf(filename, sizeof(filename), "%s%sobjects_%d_%d.slc", /* Flawfinder: ignore */ gDirUtilp->getExpandedFilename(LL_PATH_CACHE,"").c_str(), gDirUtilp->getDirDelimiter().c_str(), U32(mHandle>>32)/REGION_WIDTH_UNITS, U32(mHandle)/REGION_WIDTH_UNITS ); - FILE *fp = LLFile::fopen(filename, "wb"); + FILE* fp = LLFile::fopen(filename, "wb"); /* Flawfinder: ignore */ if (!fp) { llwarns << "Unable to write cache file " << filename << llendl; @@ -481,9 +481,9 @@ char* SIM_ACCESS_STR[] = { "Free Trial", "Unknown" }; // static -const char* LLViewerRegion::accessToString(U8 access) +const char* LLViewerRegion::accessToString(U8 access) /* Flawfinder: ignore */ { - switch(access) + switch(access) /* Flawfinder: ignore */ { case SIM_ACCESS_TRIAL: return SIM_ACCESS_STR[0]; @@ -519,13 +519,13 @@ U8 LLViewerRegion::stringToAccess(const char* access_str) { access = SIM_ACCESS_MATURE; } - return access; + return access; /* Flawfinder: ignore */ } // static -const char* LLViewerRegion::accessToShortString(U8 access) +const char* LLViewerRegion::accessToShortString(U8 access) /* Flawfinder: ignore */ { - switch(access) + switch(access) /* Flawfinder: ignore */ { case SIM_ACCESS_PG: return "PG"; @@ -897,7 +897,7 @@ void LLViewerRegion::updateCoarseLocations(LLMessageSystem* msg) LLString LLViewerRegion::getInfoString() { - char tmp_buf[256]; + char tmp_buf[256]; /* Flawfinder: ignore */ LLString info; info = "Region: "; @@ -909,7 +909,7 @@ LLString LLViewerRegion::getInfoString() U32 x, y; from_region_handle(getHandle(), &x, &y); - sprintf(tmp_buf, "%d:%d", x, y); + snprintf(tmp_buf, sizeof(tmp_buf), "%d:%d", x, y); /* Flawfinder: ignore */ info += "Handle:"; info += tmp_buf; info += "\n"; @@ -1121,7 +1121,7 @@ void LLViewerRegion::unpackRegionHandshake() const S32 SIM_NAME_BUF = 256; U32 region_flags; U8 sim_access; - char sim_name[SIM_NAME_BUF]; + char sim_name[SIM_NAME_BUF]; /* Flawfinder: ignore */ LLUUID sim_owner; BOOL is_estate_manager; F32 water_height; diff --git a/indra/newview/llviewerregion.h b/indra/newview/llviewerregion.h index 984655144b..3ce6c89430 100644 --- a/indra/newview/llviewerregion.h +++ b/indra/newview/llviewerregion.h @@ -143,7 +143,7 @@ public: static U8 stringToAccess(const char* access_str); // Returns "M", "PG", etc. - static const char* accessToShortString(U8 access); + static const char* accessToShortString(U8 access); /* Flawfinder: ignore */ // helper function which just makes sure all interested parties // can process the message. diff --git a/indra/newview/llviewerthrottle.h b/indra/newview/llviewerthrottle.h index ec4323ba81..0a148f9520 100644 --- a/indra/newview/llviewerthrottle.h +++ b/indra/newview/llviewerthrottle.h @@ -54,7 +54,7 @@ public: LLViewerThrottleGroup getThrottleGroup(const F32 bandwidth_kbps); - static const char *sNames[TC_EOF]; + static const char* sNames[TC_EOF]; /* Flawfinder: ignore */ protected: F32 mMaxBandwidth; F32 mCurrentBandwidth; diff --git a/indra/newview/llviewerwindow.cpp b/indra/newview/llviewerwindow.cpp index 77c6794dfe..0773998023 100644 --- a/indra/newview/llviewerwindow.cpp +++ b/indra/newview/llviewerwindow.cpp @@ -1061,19 +1061,19 @@ BOOL LLViewerWindow::handlePaint(LLWindow *window, S32 x, S32 y, S32 width, S gAgent.getName(name_str); S32 len; - char temp_str[255]; - sprintf(temp_str, "%s FPS %3.1f Phy FPS %2.1f Time Dil %1.3f", + char temp_str[255]; /* Flawfinder: ignore */ + snprintf(temp_str, sizeof(temp_str), "%s FPS %3.1f Phy FPS %2.1f Time Dil %1.3f", /* Flawfinder: ignore */ name_str.c_str(), gViewerStats->mFPSStat.getMeanPerSec(), gViewerStats->mSimPhysicsFPS.getPrev(0), gViewerStats->mSimTimeDilation.getPrev(0)); - len = strlen(temp_str); + len = strlen(temp_str); /* Flawfinder: ignore */ TextOutA(hdc, 0, 0, temp_str, len); LLVector3d pos_global = gAgent.getPositionGlobal(); - sprintf(temp_str, "Avatar pos %6.1lf %6.1lf %6.1lf", pos_global.mdV[0], pos_global.mdV[1], pos_global.mdV[2]); - len = strlen(temp_str); + snprintf(temp_str, sizeof(temp_str), "Avatar pos %6.1lf %6.1lf %6.1lf", pos_global.mdV[0], pos_global.mdV[1], pos_global.mdV[2]); /* Flawfinder: ignore */ + len = strlen(temp_str); /* Flawfinder: ignore */ TextOutA(hdc, 0, 25, temp_str, len); TextOutA(hdc, 0, 50, "Set \"DisableRendering FALSE\" in settings.ini file to reenable", 61); @@ -1154,8 +1154,8 @@ LLViewerWindow::LLViewerWindow( mRenderFullFrame(FALSE) { // Default to application directory. - strcpy(LLViewerWindow::sSnapshotBaseName, "Snapshot"); - strcpy(LLViewerWindow::sMovieBaseName, "SLmovie"); + strcpy(LLViewerWindow::sSnapshotBaseName, "Snapshot"); /* Flawfinder: ignore */ + strcpy(LLViewerWindow::sMovieBaseName, "SLmovie"); /* Flawfinder: ignore */ LLViewerWindow::sSnapshotDir[0] = '\0'; mFastFrameTimer.stop(); @@ -1857,7 +1857,7 @@ void LLViewerWindow::draw() if (gSavedSettings.getBOOL("DisplayTimecode")) { // draw timecode block - char text[256]; + char text[256]; /* Flawfinder: ignore */ glLoadIdentity(); @@ -2544,7 +2544,7 @@ BOOL LLViewerWindow::handlePerFrameHover() // Force floater tools to be visible (unless minimized) if (!gFloaterTools->getVisible()) { - gFloaterTools->open(); + gFloaterTools->open(); /* Flawfinder: ignore */ } // Update the location of the blue box tool popup LLCoordGL select_center_screen; @@ -3662,7 +3662,7 @@ BOOL LLViewerWindow::saveImageNumbered(LLImageRaw *raw) } // Get a directory if this is the first time. - if (strlen(sSnapshotDir) == 0) + if (strlen(sSnapshotDir) == 0) /* Flawfinder: ignore */ { LLString proposed_name( sSnapshotBaseName ); proposed_name.append( ".bmp" ); @@ -3676,11 +3676,12 @@ BOOL LLViewerWindow::saveImageNumbered(LLImageRaw *raw) } // Copy the directory + file name - char directory[LL_MAX_PATH]; - strcpy(directory, picker.getFirstFile()); + char directory[LL_MAX_PATH]; /* Flawfinder: ignore */ + strncpy(directory, picker.getFirstFile(), LL_MAX_PATH -1); /* Flawfinder: ignore */ + directory[LL_MAX_PATH -1] = '\0'; // Smash the file extension - S32 length = strlen(directory); + S32 length = strlen(directory); /* Flawfinder: ignore */ S32 index = length; // Back up over ".bmp" @@ -3705,12 +3706,14 @@ BOOL LLViewerWindow::saveImageNumbered(LLImageRaw *raw) { if (index + 1 <= length) { - strcpy(LLViewerWindow::sSnapshotBaseName, directory + index + 1); + strncpy(LLViewerWindow::sSnapshotBaseName, directory + index + 1, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLViewerWindow::sSnapshotBaseName[LL_MAX_PATH -1] = '\0'; } index++; directory[index] = '\0'; - strcpy(LLViewerWindow::sSnapshotDir, directory); + strncpy(LLViewerWindow::sSnapshotDir, directory, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLViewerWindow::sSnapshotDir[LL_MAX_PATH -1] = '\0'; } } @@ -3721,8 +3724,8 @@ BOOL LLViewerWindow::saveImageNumbered(LLImageRaw *raw) do { - char extension[100]; - sprintf( extension, "_%.3d.bmp", i ); + char extension[100]; /* Flawfinder: ignore */ + snprintf( extension, sizeof(extension), "_%.3d.bmp", i ); /* Flawfinder: ignore */ filepath = sSnapshotDir; filepath += sSnapshotBaseName; filepath += extension; @@ -3754,7 +3757,7 @@ void LLViewerWindow::saveMovieNumbered(void*) if (!gbCapturing) { // Get a directory if this is the first time. - if (strlen(sSnapshotDir) == 0) + if (strlen(sSnapshotDir) == 0) /* Flawfinder: ignore */ { LLString proposed_name( sMovieBaseName ); #if LL_DARWIN @@ -3772,11 +3775,12 @@ void LLViewerWindow::saveMovieNumbered(void*) } // Copy the directory + file name - char directory[LL_MAX_PATH]; - strcpy(directory, picker.getFirstFile()); + char directory[LL_MAX_PATH]; /* Flawfinder: ignore */ + strncpy(directory, picker.getFirstFile(), LL_MAX_PATH -1); /* Flawfinder: ignore */ + directory[LL_MAX_PATH -1] = '\0'; // Smash the file extension - S32 length = strlen(directory); + S32 length = strlen(directory); /* Flawfinder: ignore */ S32 index = length; // Back up over ".bmp" @@ -3801,12 +3805,14 @@ void LLViewerWindow::saveMovieNumbered(void*) { if (index + 1 <= length) { - strcpy(LLViewerWindow::sMovieBaseName, directory + index + 1); + strncpy(LLViewerWindow::sMovieBaseName, directory + index + 1, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLViewerWindow::sMovieBaseName[LL_MAX_PATH -1] = '\0'; } index++; directory[index] = '\0'; - strcpy(LLViewerWindow::sSnapshotDir, directory); + strncpy(LLViewerWindow::sSnapshotDir, directory, LL_MAX_PATH -1); /* Flawfinder: ignore */ + LLViewerWindow::sSnapshotDir[LL_MAX_PATH -1] = '\0'; } } @@ -3817,11 +3823,11 @@ void LLViewerWindow::saveMovieNumbered(void*) do { - char extension[100]; + char extension[100]; /* Flawfinder: ignore */ #if LL_DARWIN - sprintf( extension, "_%.3d.mov", i ); + snprintf( extension, sizeof(extension), "_%.3d.mov", i ); /* Flawfinder: ignore */ #else - sprintf( extension, "_%.3d.avi", i ); + snprintf( extension, sizeof(extension), "_%.3d.avi", i ); /* Flawfinder: ignore */ #endif filepath.assign( sSnapshotDir ); filepath.append( sMovieBaseName ); diff --git a/indra/newview/llviewerwindow.h b/indra/newview/llviewerwindow.h index 9c8e78a29d..251c0155b6 100644 --- a/indra/newview/llviewerwindow.h +++ b/indra/newview/llviewerwindow.h @@ -320,10 +320,10 @@ protected: LLString mOverlayTitle; // Used for special titles such as "Second Life - Special E3 2003 Beta" - static char sSnapshotBaseName[LL_MAX_PATH]; - static char sSnapshotDir[LL_MAX_PATH]; + static char sSnapshotBaseName[LL_MAX_PATH]; /* Flawfinder: ignore */ + static char sSnapshotDir[LL_MAX_PATH]; /* Flawfinder: ignore */ - static char sMovieBaseName[LL_MAX_PATH]; + static char sMovieBaseName[LL_MAX_PATH]; /* Flawfinder: ignore */ BOOL mIgnoreActivate; LLFrameTimer mFastFrameTimer; diff --git a/indra/newview/llvoavatar.cpp b/indra/newview/llvoavatar.cpp index b60e19ac93..efcd36af0a 100644 --- a/indra/newview/llvoavatar.cpp +++ b/indra/newview/llvoavatar.cpp @@ -829,7 +829,7 @@ LLVOAvatar::LLVOAvatar( mSpeed = 0.f; setAnimationData("Speed", &mSpeed); - strcpy(mAvatarDefinition, AVATAR_DEFAULT_CHAR); + strcpy(mAvatarDefinition, AVATAR_DEFAULT_CHAR); /* Flawfinder: ignore */ if (id == gAgentID) { @@ -1453,9 +1453,9 @@ void LLVOAvatar::initClass() { LLVOAvatar::sMaxOtherAvatarsToComposite = gSavedSettings.getS32("AvatarCompositeLimit"); - char xmlFile[MAX_PATH]; + char xmlFile[MAX_PATH]; /* Flawfinder: ignore */ - sprintf(xmlFile, "%s_lad.xml", gDirUtilp->getExpandedFilename(LL_PATH_CHARACTER,AVATAR_DEFAULT_CHAR).c_str()); + snprintf(xmlFile, MAX_PATH, "%s_lad.xml", gDirUtilp->getExpandedFilename(LL_PATH_CHARACTER,AVATAR_DEFAULT_CHAR).c_str()); /* Flawfinder: ignore */ BOOL success = sXMLTree.parseFile( xmlFile, FALSE ); if (!success) { @@ -2718,53 +2718,55 @@ BOOL LLVOAvatar::idleUpdate(LLAgent &agent, LLWorld &world, const F64 &time) (is_away != mNameAway || is_busy != mNameBusy || is_muted != mNameMute) || is_appearance != mNameAppearance) { - char line[MAX_STRING]; + char line[MAX_STRING]; /* Flawfinder: ignore */ if (title && title->getString() && title->getString()[0] != '\0') { - strcpy(line, title->getString() ); - strcat(line, "\n"); - strcat(line, firstname->getString() ); + strncpy(line, title->getString(), MAX_STRING -1 ); /* Flawfinder: ignore */ + line[MAX_STRING -1] = '\0'; + strcat(line, "\n"); /* Flawfinder: ignore */ + strncat(line, firstname->getString(), MAX_STRING - strlen(line) -1 ); /* Flawfinder: ignore */ } else { - strcpy(line, firstname->getString() ); + strncpy(line, firstname->getString(), MAX_STRING -1 ); /* Flawfinder: ignore */ + line[MAX_STRING -1] = '\0'; } - strcat(line, " "); - strcat(line, lastname->getString()); + strcat(line, " "); /* Flawfinder: ignore */ + strncat(line, lastname->getString(), MAX_STRING - strlen(line) -1); /* Flawfinder: ignore */ BOOL need_comma = FALSE; if (is_away || is_muted || is_busy) { - strcat(line, " ("); + strcat(line, " ("); /* Flawfinder: ignore */ if (is_away) { - strcat(line, "Away"); + strcat(line, "Away"); /* Flawfinder: ignore */ need_comma = TRUE; } if (is_busy) { if (need_comma) { - strcat(line, ", "); + strcat(line, ", "); /* Flawfinder: ignore */ } - strcat(line, "Busy"); + strcat(line, "Busy"); /* Flawfinder: ignore */ need_comma = TRUE; } if (is_muted) { if (need_comma) { - strcat(line, ", "); + strcat(line, ", "); /* Flawfinder: ignore */ } - strcat(line, "Muted"); + strcat(line, "Muted"); /* Flawfinder: ignore */ need_comma = TRUE; } - strcat(line,")"); + strcat(line,")"); /* Flawfinder: ignore */ } if (is_appearance) { - strcat(line, "\n(Editing Appearance)"); + strcat(line, "\n(Editing Appearance)"); /* Flawfinder: ignore */ } mNameAway = is_away; mNameBusy = is_busy; @@ -2786,7 +2788,7 @@ BOOL LLVOAvatar::idleUpdate(LLAgent &agent, LLWorld &world, const F64 &time) mNameText->setLabel(mNameString); } - char line[MAX_STRING]; + char line[MAX_STRING]; /* Flawfinder: ignore */ line[0] = '\0'; std::deque<LLChat>::iterator chat_iter = mChats.begin(); mNameText->clearString(); @@ -2986,14 +2988,14 @@ void LLVOAvatar::updateCharacter(LLAgent &agent) { if (motionp->getMinPixelArea() < getPixelArea()) { - char output[256]; + char output[256]; /* Flawfinder: ignore */ if (motionp->getName().empty()) { - sprintf(output, "%s - %d", motionp->getID().getString().c_str(), (U32)motionp->getPriority()); + snprintf(output, sizeof(output), "%s - %d", motionp->getID().getString().c_str(), (U32)motionp->getPriority()); /* Flawfinder: ignore */ } else { - sprintf(output, "%s - %d", motionp->getName().c_str(), (U32)motionp->getPriority()); + snprintf(output, sizeof(output), "%s - %d", motionp->getName().c_str(), (U32)motionp->getPriority()); /* Flawfinder: ignore */ } addDebugText(output); } @@ -8332,7 +8334,7 @@ void LLVOAvatar::dumpArchetypeXML( void* ) LLViewerImage* te_image = avatar->getTEImage( te ); if( te_image ) { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ te_image->getID().toString( uuid_str ); apr_file_printf( file, "\t\t<texture te=\"%i\" uuid=\"%s\"/>\n", te, uuid_str); } @@ -9080,7 +9082,7 @@ BOOL LLVOAvatarInfo::parseXmlDriverNodes(LLXmlTreeNode* root) void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) { - char filename[MAX_PATH]; + char filename[MAX_PATH]; /* Flawfinder: ignore */ // reset animated morphs setVisualParamWeight("Blink_Left", 0.f); @@ -9100,7 +9102,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) setVisualParamWeight("Hands_Spread_R", 0.f); updateVisualParams(); - sprintf(filename, "%s\\%s_skeleton.xsf", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_skeleton.xsf", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ apr_file_t* fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { @@ -9112,7 +9114,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) apr_file_printf(fp, "</SKELETON>\n"); apr_file_close(fp); - sprintf(filename, "%s\\%s_mesh_body.xmf", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_mesh_body.xmf", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ //gDirUtilp->getExpandedFilename(LL_PATH_CHARACTER,"avatar.cal").c_str() fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) @@ -9143,7 +9145,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) for (S32 i = 0; i < (has_skirt ? BAKED_TEXTURE_COUNT : BAKED_TEXTURE_COUNT - 1); i++) { - sprintf(filename, "%s\\%s_material_tex_%d.tga", path.c_str(), file_base.c_str(), i); + snprintf(filename, MAX_PATH, "%s\\%s_material_tex_%d.tga", path.c_str(), file_base.c_str(), i); /* Flawfinder: ignore */ LLViewerImage* viewer_imagep = mTEImages[sBakedTextureIndices[i]]; if (!viewer_imagep->getHasGLTexture()) @@ -9158,7 +9160,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) } // output image for hair - sprintf(filename, "%s\\%s_material_tex_5.tga", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_material_tex_5.tga", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ LLViewerImage* viewer_imagep = mTEImages[TEX_HAIR]; if (!viewer_imagep->getHasGLTexture()) { @@ -9173,7 +9175,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) } // save out attachments - sprintf(filename, "%s\\%s_mesh_attachments.xmf", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_mesh_attachments.xmf", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { @@ -9235,7 +9237,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) getSex() == SEX_MALE ? (LLKeyframeMotion*)findMotion(ANIM_AGENT_WALK) : (LLKeyframeMotion*)findMotion(ANIM_AGENT_FEMALE_WALK); if (FALSE)//(walk_motion) { - sprintf(filename, "%s\\%s_anim.xaf", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_anim.xaf", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ apr_file_t* fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { @@ -9249,7 +9251,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) } // finally, write out .cfg file - sprintf(filename, "%s\\%s_avatar.cfg", path.c_str(), file_base.c_str()); + snprintf(filename, MAX_PATH, "%s\\%s_avatar.cfg", path.c_str(), file_base.c_str()); /* Flawfinder: ignore */ fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { @@ -9270,7 +9272,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) for(S32 i = 0; i < 6; i++) { - sprintf(filename, "%s\\%s_material_%d.xrf", path.c_str(), file_base.c_str(), i); + snprintf(filename, MAX_PATH, "%s\\%s_material_%d.xrf", path.c_str(), file_base.c_str(), i); /* Flawfinder: ignore */ apr_file_t* fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { @@ -9297,7 +9299,7 @@ void LLVOAvatar::writeCAL3D(std::string& path, std::string& file_base) { LLMaterialExportInfo* export_info = material_it->second; - sprintf(filename, "%s\\%s_material_%d.xrf", path.c_str(), file_base.c_str(), export_info->mMaterialIndex); + snprintf(filename, MAX_PATH, "%s\\%s_material_%d.xrf", path.c_str(), file_base.c_str(), export_info->mMaterialIndex); /* Flawfinder: ignore */ apr_file_t* fp = ll_apr_file_open(filename, LL_APR_W); if (!fp) { diff --git a/indra/newview/llvoavatar.h b/indra/newview/llvoavatar.h index a47321cb90..871502a373 100644 --- a/indra/newview/llvoavatar.h +++ b/indra/newview/llvoavatar.h @@ -524,7 +524,7 @@ public: //-------------------------------------------------------------------- // avatar definition name //-------------------------------------------------------------------- - char mAvatarDefinition[64]; + char mAvatarDefinition[64]; /* Flawfinder: ignore */ //-------------------------------------------------------------------- // skeleton for skinned avatar diff --git a/indra/newview/llvograss.cpp b/indra/newview/llvograss.cpp index 692b757d9e..b9d39272ac 100644 --- a/indra/newview/llvograss.cpp +++ b/indra/newview/llvograss.cpp @@ -187,13 +187,13 @@ void LLVOGrass::initClass() BOOL have_all_grass = TRUE; LLString err; - char buffer[10]; + char buffer[10]; /* Flawfinder: ignore */ for (S32 i=0;i<sMaxGrassSpecies;++i) { if (!sSpeciesTable.count(i)) { - snprintf(buffer,10," %d",i); + snprintf(buffer,10," %d",i); /* Flawfinder: ignore */ err.append(buffer); have_all_grass = FALSE; } diff --git a/indra/newview/llvotree.cpp b/indra/newview/llvotree.cpp index d2c7ed9b6a..a4b61f13bd 100644 --- a/indra/newview/llvotree.cpp +++ b/indra/newview/llvotree.cpp @@ -212,13 +212,13 @@ void LLVOTree::initClass() BOOL have_all_trees = TRUE; LLString err; - char buffer[10]; + char buffer[10]; /* Flawfinder: ignore */ for (S32 i=0;i<sMaxTreeSpecies;++i) { if (!sSpeciesTable.count(i)) { - snprintf(buffer,10," %d",i); + snprintf(buffer,10," %d",i); /* Flawfinder: ignore */ err.append(buffer); have_all_trees = FALSE; } diff --git a/indra/newview/llvovolume.cpp b/indra/newview/llvovolume.cpp index fc4079f3d2..c1cc5b9ecb 100644 --- a/indra/newview/llvovolume.cpp +++ b/indra/newview/llvovolume.cpp @@ -174,8 +174,8 @@ U32 LLVOVolume::processUpdateMessage(LLMessageSystem *mesgsys, // Well, crap, there's something bogus in the data that we're unpacking. dp->dumpBufferToLog(); llwarns << "Flushing cache files" << llendl; - char mask[LL_MAX_PATH]; - sprintf(mask, "%s*.slc", gDirUtilp->getDirDelimiter().c_str()); + char mask[LL_MAX_PATH]; /* Flawfinder: ignore */ + snprintf(mask, LL_MAX_PATH, "%s*.slc", gDirUtilp->getDirDelimiter().c_str()); /* Flawfinder: ignore */ gDirUtilp->deleteFilesInDir(gDirUtilp->getExpandedFilename(LL_PATH_CACHE,"").c_str(),mask); // llerrs << "Bogus TE data in " << getID() << ", crashing!" << llendl; llwarns << "Bogus TE data in " << getID() << llendl; @@ -1859,8 +1859,8 @@ void LLVOVolume::writeCAL3D(apr_file_t* fp, std::string& path, std::string& file my_texture = texture_index++; //...and export texture as image file - char filename[MAX_PATH]; - sprintf(filename, "%s\\%s_material_tex_%d.tga", path.c_str(), file_base.c_str(), my_texture); + char filename[MAX_PATH]; /* Flawfinder: ignore */ + snprintf(filename, MAX_PATH, "%s\\%s_material_tex_%d.tga", path.c_str(), file_base.c_str(), my_texture); /* Flawfinder: ignore */ LLViewerImage* imagep = facep->getTexture(); if (imagep->getTexName() == 0) diff --git a/indra/newview/llwearable.cpp b/indra/newview/llwearable.cpp index 4fe8a4b98e..522e9c9a56 100644 --- a/indra/newview/llwearable.cpp +++ b/indra/newview/llwearable.cpp @@ -129,10 +129,10 @@ EWearableType LLWearable::typeNameToType( const LLString& type_name ) } -const char* terse_F32_to_string( F32 f, char s[MAX_STRING] ) +const char* terse_F32_to_string( F32 f, char s[MAX_STRING] ) /* Flawfinder: ignore */ { char* r = s; - S32 len = sprintf( s, "%.2f", f ); + S32 len = snprintf( s, MAX_STRING, "%.2f", f ); /* Flawfinder: ignore */ // "1.20" -> "1.2" // "24.00" -> "24." @@ -211,7 +211,7 @@ BOOL LLWearable::exportFile( FILE* file ) return FALSE; } - char s[ MAX_STRING ]; + char s[ MAX_STRING ]; /* Flawfinder: ignore */ for( F32* param_weightp = mVisualParamMap.getFirstData(); param_weightp; param_weightp = mVisualParamMap.getNextData() ) { S32 param_id = mVisualParamMap.getCurrentKeyWithoutIncrement(); @@ -231,7 +231,7 @@ BOOL LLWearable::exportFile( FILE* file ) for( LLUUID* image_id = mTEMap.getFirstData(); image_id; image_id = mTEMap.getNextData() ) { S32 te = mTEMap.getCurrentKeyWithoutIncrement(); - char image_id_string[UUID_STR_LENGTH]; + char image_id_string[UUID_STR_LENGTH]; /* Flawfinder: ignore */ image_id->toString( image_id_string ); if( fprintf( file, "%d %s\n", te, image_id_string) < 0 ) { @@ -249,7 +249,7 @@ BOOL LLWearable::importFile( FILE* file ) // *NOTE: changing the type or size of this buffer will require // changes in the fscanf() code below. You would be better off // rewriting this to use streams and not require an open FILE. - char text_buffer[2048]; + char text_buffer[2048]; /* Flawfinder: ignore */ S32 fields_read = 0; // read header and version @@ -270,7 +270,7 @@ BOOL LLWearable::importFile( FILE* file ) } // name - char next_char = fgetc( file ); + char next_char = fgetc( file ); /* Flawfinder: ignore */ if( '\n' == next_char ) { // no name @@ -279,8 +279,11 @@ BOOL LLWearable::importFile( FILE* file ) else { ungetc( next_char, file ); - fields_read = fscanf( file, "%2047[^\n]", text_buffer ); - if( (1 != fields_read) || (fgetc( file ) != '\n') ) + fields_read = fscanf( /* Flawfinder: ignore */ + file, + "%2047[^\n]", + text_buffer); + if( (1 != fields_read) || (fgetc( file ) != '\n') ) /* Flawfinder: ignore */ { llwarns << "Bad Wearable asset: early end of file" << llendl; return FALSE; @@ -290,7 +293,7 @@ BOOL LLWearable::importFile( FILE* file ) } // description - next_char = fgetc( file ); + next_char = fgetc( file ); /* Flawfinder: ignore */ if( '\n' == next_char ) { // no description @@ -299,8 +302,11 @@ BOOL LLWearable::importFile( FILE* file ) else { ungetc( next_char, file ); - fields_read = fscanf( file, "%2047[^\n]", text_buffer ); - if( (1 != fields_read) || (fgetc( file ) != '\n') ) + fields_read = fscanf( /* Flawfinder: ignore */ + file, + "%2047[^\n]", + text_buffer ); + if( (1 != fields_read) || (fgetc( file ) != '\n') ) /* Flawfinder: ignore */ { llwarns << "Bad Wearable asset: early end of file" << llendl; return FALSE; @@ -406,7 +412,10 @@ BOOL LLWearable::importFile( FILE* file ) for( i = 0; i < num_textures; i++ ) { S32 te = 0; - fields_read = fscanf( file, "%d %2047s\n", &te, text_buffer); + fields_read = fscanf( /* Flawfinder: ignore */ + file, + "%d %2047s\n", + &te, text_buffer); if( fields_read != 2 ) { llwarns << "Bad Wearable asset: bad texture, #" << i << llendl; @@ -844,11 +853,11 @@ void LLWearable::saveNewAsset() // llinfos << "LLWearable::saveNewAsset() type: " << getTypeName() << llendl; //dump(); - char new_asset_id_string[UUID_STR_LENGTH]; + char new_asset_id_string[UUID_STR_LENGTH]; /* Flawfinder: ignore */ mAssetID.toString(new_asset_id_string); - char filename[LL_MAX_PATH]; - sprintf(filename, "%s.wbl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,new_asset_id_string).c_str()); - FILE* fp = LLFile::fopen(filename, "wb"); + char filename[LL_MAX_PATH]; /* Flawfinder: ignore */ + snprintf(filename, LL_MAX_PATH, "%s.wbl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,new_asset_id_string).c_str()); /* Flawfinder: ignore */ + FILE* fp = LLFile::fopen(filename, "wb"); /* Flawfinder: ignore */ BOOL successful_save = FALSE; if(fp && exportFile(fp)) { @@ -861,8 +870,9 @@ void LLWearable::saveNewAsset() } if(!successful_save) { - char buffer[2*MAX_STRING]; - sprintf(buffer, + char buffer[2*MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, /* Flawfinder: ignore */ + sizeof(buffer), "Unable to save '%s' to wearable file.", mName.c_str()); llwarns << buffer << llendl; @@ -896,8 +906,9 @@ void LLWearable::onSaveNewAssetComplete(const LLUUID& new_asset_id, void* userda } else { - char buffer[2*MAX_STRING]; - sprintf(buffer, + char buffer[2*MAX_STRING]; /* Flawfinder: ignore */ + snprintf(buffer, /* Flawfinder: ignore */ + sizeof(buffer), "Unable to save %s to central asset store.", type_name); llwarns << buffer << " Status: " << status << llendl; @@ -907,10 +918,10 @@ void LLWearable::onSaveNewAssetComplete(const LLUUID& new_asset_id, void* userda } // Delete temp file - char new_asset_id_string[UUID_STR_LENGTH]; + char new_asset_id_string[UUID_STR_LENGTH]; /* Flawfinder: ignore */ new_asset_id.toString(new_asset_id_string); - char src_filename[LL_MAX_PATH]; - sprintf(src_filename, "%s.wbl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,new_asset_id_string).c_str()); + char src_filename[LL_MAX_PATH]; /* Flawfinder: ignore */ + snprintf(src_filename, LL_MAX_PATH, "%s.wbl", gDirUtilp->getExpandedFilename(LL_PATH_CACHE,new_asset_id_string).c_str()); /* Flawfinder: ignore */ LLFile::remove(src_filename); // delete the context data diff --git a/indra/newview/llwearablelist.cpp b/indra/newview/llwearablelist.cpp index 297ced71fc..b00decac9a 100644 --- a/indra/newview/llwearablelist.cpp +++ b/indra/newview/llwearablelist.cpp @@ -86,7 +86,7 @@ void LLWearableList::processGetAssetReply( const char* filename, const LLAssetID if( status >= 0 ) { // read the file - FILE* fp = LLFile::fopen(filename, "rb"); + FILE* fp = LLFile::fopen(filename, "rb"); /*Flawfinder: ignore*/ if( !fp ) { llinfos << "Bad Wearable Asset: unable to open file: '" << filename << "'" << llendl; diff --git a/indra/newview/llworldmap.cpp b/indra/newview/llworldmap.cpp index 42d8b9fd20..7a6b89fcda 100644 --- a/indra/newview/llworldmap.cpp +++ b/indra/newview/llworldmap.cpp @@ -487,8 +487,8 @@ void LLWorldMap::processMapBlockReply(LLMessageSystem* msg, void**) { U16 x_regions; U16 y_regions; - char name[MAX_STRING]; - U8 access; + char name[MAX_STRING]; /* Flawfinder: ignore */ + U8 access; /* Flawfinder: ignore */ U32 region_flags; U8 water_height; U8 agents; @@ -496,7 +496,7 @@ void LLWorldMap::processMapBlockReply(LLMessageSystem* msg, void**) msg->getU16Fast(_PREHASH_Data, _PREHASH_X, x_regions, block); msg->getU16Fast(_PREHASH_Data, _PREHASH_Y, y_regions, block); msg->getStringFast(_PREHASH_Data, _PREHASH_Name, MAX_STRING, name, block); - msg->getU8Fast(_PREHASH_Data, _PREHASH_Access, access, block); + msg->getU8Fast(_PREHASH_Data, _PREHASH_Access, access, block); /* Flawfinder: ignore */ msg->getU32Fast(_PREHASH_Data, _PREHASH_RegionFlags, region_flags, block); msg->getU8Fast(_PREHASH_Data, _PREHASH_WaterHeight, water_height, block); msg->getU8Fast(_PREHASH_Data, _PREHASH_Agents, agents, block); @@ -545,7 +545,7 @@ void LLWorldMap::processMapBlockReply(LLMessageSystem* msg, void**) siminfo->mHandle = handle; siminfo->mName.assign( name ); - siminfo->mAccess = access; + siminfo->mAccess = access; /* Flawfinder: ignore */ siminfo->mRegionFlags = region_flags; siminfo->mWaterHeight = (F32) water_height; siminfo->mMapImageID[agent_flags] = image_id; @@ -602,7 +602,7 @@ void LLWorldMap::processMapItemReply(LLMessageSystem* msg, void**) for (S32 block=0; block<num_blocks; ++block) { U32 X, Y; - char name[MAX_STRING]; + char name[MAX_STRING]; /* Flawfinder: ignore */ S32 extra, extra2; LLUUID uuid; msg->getU32Fast(_PREHASH_Data, _PREHASH_X, X, block); @@ -652,7 +652,7 @@ void LLWorldMap::processMapItemReply(LLMessageSystem* msg, void**) case MAP_ITEM_PG_EVENT: // events case MAP_ITEM_MATURE_EVENT: { - char buffer[32]; + char buffer[32]; /* Flawfinder: ignore */ struct tm* timep; // Convert to Pacific, based on server's opinion of whether // it's daylight savings time there. @@ -661,7 +661,7 @@ void LLWorldMap::processMapItemReply(LLMessageSystem* msg, void**) S32 display_hour = timep->tm_hour % 12; if (display_hour == 0) display_hour = 12; - sprintf(buffer, "%d:%02d %s", + snprintf(buffer, sizeof(buffer), "%d:%02d %s", /* Flawfinder: ignore */ display_hour, timep->tm_min, (timep->tm_hour < 12 ? "AM" : "PM") ); diff --git a/indra/newview/llworldmapview.cpp b/indra/newview/llworldmapview.cpp index 78e47dbf83..3644bd0640 100644 --- a/indra/newview/llworldmapview.cpp +++ b/indra/newview/llworldmapview.cpp @@ -621,7 +621,7 @@ void LLWorldMapView::draw() // Draw the region name in the lower left corner LLFontGL* font = LLFontGL::sSansSerifSmall; - char mesg[MAX_STRING]; + char mesg[MAX_STRING]; /* Flawfinder: ignore */ if (gMapScale < sThresholdA) { mesg[0] = '\0'; @@ -639,11 +639,11 @@ void LLWorldMapView::draw() // LLViewerRegion::accessToShortString(info->mAccess) ); if (info->mAccess == SIM_ACCESS_DOWN) { - sprintf(mesg, "%s (Offline)", info->mName.c_str()); + snprintf(mesg, MAX_STRING, "%s (Offline)", info->mName.c_str()); /* Flawfinder: ignore */ } else { - sprintf(mesg, "%s", info->mName.c_str()); + snprintf(mesg, MAX_STRING, "%s", info->mName.c_str()); /* Flawfinder: ignore */ } } @@ -1893,7 +1893,7 @@ BOOL LLWorldMapView::handleDoubleClick( S32 x, S32 y, MASK mask ) { gFloaterWorldMap->close(); // This is an ungainly hack - char uuid_str[38]; + char uuid_str[38]; /* Flawfinder: ignore */ S32 event_id; id.toString(uuid_str); sscanf(&uuid_str[28], "%X", &event_id); diff --git a/indra/newview/llxmlrpctransaction.cpp b/indra/newview/llxmlrpctransaction.cpp index 9cbee095f2..c2726997b2 100644 --- a/indra/newview/llxmlrpctransaction.cpp +++ b/indra/newview/llxmlrpctransaction.cpp @@ -136,7 +136,7 @@ public: std::string mStatusMessage; std::string mStatusURI; - char mCurlErrorBuffer[CURL_ERROR_SIZE]; + char mCurlErrorBuffer[CURL_ERROR_SIZE]; /* Flawfinder: ignore */ std::string mURI; char* mRequestText; diff --git a/indra/newview/pipeline.cpp b/indra/newview/pipeline.cpp index f4de3b0dc3..25aea4c4b3 100644 --- a/indra/newview/pipeline.cpp +++ b/indra/newview/pipeline.cpp @@ -598,7 +598,7 @@ GLhandleARB LLPipeline::loadShader(const LLString& filename, S32 cls, GLenum typ fname << gpu_class << "/" << filename; llinfos << "Looking in " << fname.str().c_str() << llendl; - file = fopen(fname.str().c_str(), "r"); + file = fopen(fname.str().c_str(), "r"); /* Flawfinder: ignore */ if (file) { break; // done @@ -5166,7 +5166,7 @@ void LLGLSLShader::mapUniform(GLint index, const char** uniform_names, S32 count GLenum type; GLsizei length; GLint size; - char name[1024]; + char name[1024]; /* Flawfinder: ignore */ name[0] = 0; glGetActiveUniformARB(mProgramObject, index, 1024, &length, &size, &type, name); @@ -5174,7 +5174,7 @@ void LLGLSLShader::mapUniform(GLint index, const char** uniform_names, S32 count //find the index of this uniform for (S32 i = 0; i < (S32) LLPipeline::sReservedUniformCount; i++) { - if (mUniform[i] == -1 && !strncmp(LLPipeline::sReservedUniforms[i],name, strlen(LLPipeline::sReservedUniforms[i]))) + if (mUniform[i] == -1 && !strncmp(LLPipeline::sReservedUniforms[i],name, strlen(LLPipeline::sReservedUniforms[i]))) /* Flawfinder: ignore */ { //found it S32 location = glGetUniformLocationARB(mProgramObject, name); @@ -5188,7 +5188,7 @@ void LLGLSLShader::mapUniform(GLint index, const char** uniform_names, S32 count for (S32 i = 0; i < count; i++) { if (mUniform[i+LLPipeline::sReservedUniformCount] == -1 && - !strncmp(uniform_names[i],name, strlen(uniform_names[i]))) + !strncmp(uniform_names[i],name, strlen(uniform_names[i]))) /* Flawfinder: ignore */ { //found it S32 location = glGetUniformLocationARB(mProgramObject, name); diff --git a/indra/test/io.cpp b/indra/test/io.cpp index 4695594a90..4908653f0f 100644 --- a/indra/test/io.cpp +++ b/indra/test/io.cpp @@ -58,7 +58,7 @@ namespace tut void buffer_object::test<2>() { const char HELLO_WORLD[] = "hello world"; - const S32 str_len = strlen(HELLO_WORLD); + const S32 str_len = strlen(HELLO_WORLD); /* Flawfinder: ignore */ LLChannelDescriptors ch = mBuffer.nextChannel(); mBuffer.append(ch.in(), (U8*)HELLO_WORLD, str_len); mBuffer.append(ch.in(), (U8*)HELLO_WORLD, str_len); @@ -80,7 +80,7 @@ namespace tut LLChannelDescriptors ch = mBuffer.nextChannel(); mBuffer.append(ch.in(), (U8*)ONE, 3); mBuffer.append(ch.in(), (U8*)TWO, 3); - char buffer[255]; + char buffer[255]; /* Flawfinder: ignore */ S32 len = 6; mBuffer.readAfter(ch.in(), NULL, (U8*)buffer, len); ensure_equals(len, 6); @@ -99,7 +99,7 @@ namespace tut LLChannelDescriptors ch = mBuffer.nextChannel(); mBuffer.append(ch.in(), (U8*)TWO, 3); mBuffer.prepend(ch.in(), (U8*)ONE, 3); - char buffer[255]; + char buffer[255]; /* Flawfinder: ignore */ S32 len = 6; mBuffer.readAfter(ch.in(), NULL, (U8*)buffer, len); ensure_equals(len, 6); @@ -117,7 +117,7 @@ namespace tut LLChannelDescriptors ch = mBuffer.nextChannel(); mBuffer.append(ch.in(), (U8*)TWO, 3); mBuffer.prepend(ch.in(), (U8*)ONE, 3); - char buffer[255]; + char buffer[255]; /* Flawfinder: ignore */ S32 len = 5; LLBufferArray::segment_iterator_t it = mBuffer.beginSegment(); U8* addr = (*it).data(); @@ -144,7 +144,7 @@ namespace tut header << "ContentLength: " << count << "\r\n\r\n"; std::string head(header.str()); mBuffer.prepend(ch.out(), (U8*)head.c_str(), head.length()); - char buffer[1024]; + char buffer[1024]; /* Flawfinder: ignore */ S32 len = response.size() + head.length(); ensure_equals("same length", len, (S32)expected.str().length()); mBuffer.readAfter(ch.out(), NULL, (U8*)buffer, len); @@ -209,11 +209,11 @@ namespace tut delete[] temp; } -/* +#if 0 template<> template<> void buffer_object::test<9>() { - char buffer[1024]; + char buffer[1024]; /* Flawfinder: ignore */ S32 size = sprintf(buffer, "%d|%d|%s|%s|%s|%s|%s|%x|%x|%x|%x|%x|%s|%s|%d|%d|%x", 7, @@ -244,7 +244,7 @@ namespace tut ensure_equals("Buffer sizes",size,(S32)post_size); ensure("Buffer content",!strcmp(buffer,post_buffer)); } -*/ +#endif /* template<> template<> @@ -268,7 +268,7 @@ namespace tut void bas_object::test<1>() { const char HELLO_WORLD[] = "hello world"; - const S32 str_len = strlen(HELLO_WORLD); + const S32 str_len = strlen(HELLO_WORLD); /* Flawfinder: ignore */ LLChannelDescriptors ch = mBuffer.nextChannel(); LLBufferStream str(ch, &mBuffer); mBuffer.append(ch.in(), (U8*)HELLO_WORLD, str_len); @@ -406,7 +406,7 @@ namespace tut ostr << ") "; bstr.flush(); const S32 BUF_LEN = 512; - char buf[BUF_LEN]; + char buf[BUF_LEN]; /* Flawfinder: ignore */ S32 actual_len = BUF_LEN; (void) mBuffer.readAfter(ch.out(), NULL, (U8*)buf, actual_len); buf[actual_len] = '\0'; @@ -460,7 +460,7 @@ namespace tut ++total_size; } need_comma = true; - srand(69 + i); + srand(69 + i); /* Flawfinder: ignore */ S32 size = rand() % 1000 + 1000; std::generate_n( std::back_insert_iterator<buf_t>(source), @@ -526,7 +526,7 @@ namespace tut need_comma = true; ostr << "'" << i << "':"; total_size += 7; - srand(69 + i); + srand(69 + i); /* Flawfinder: ignore */ S32 size = rand() % 1000 + 1000; std::generate_n( std::back_insert_iterator<buf_t>(source), @@ -582,7 +582,7 @@ namespace tut "'circuit_code': i124,'group_id': '8615c885-9cf0-bf0a-6e40-0c11462aa652','limited_to_estate': i1,'look_at': [ i0, i0, i0]," "'agent_id': '0e346d8b-4433-4d66-a6b0-fd37083abc4c','first_name': 'Kelly','start': 'url'}]}"; LLChannelDescriptors ch = mBuffer.nextChannel(); - mBuffer.append(ch.out(), (U8*)LOGIN_STREAM, strlen(LOGIN_STREAM)); + mBuffer.append(ch.out(), (U8*)LOGIN_STREAM, strlen(LOGIN_STREAM)); /* Flawfinder: ignore */ ch = mBuffer.nextChannel(); LLBufferStream istr(ch, &mBuffer); LLSD data; @@ -1100,7 +1100,7 @@ namespace tut stream << "{'task_id':ucc706f2d-0b68-68f8-11a4-f1043ff35ca0}\n{\n\tname\tObject|\n\tpermissions 0\n}"; std::vector<U8> expected_binary; expected_binary.resize(stream.str().size()); - memcpy(&expected_binary[0], stream.str().c_str(), stream.str().size()); + memcpy(&expected_binary[0], stream.str().c_str(), stream.str().size()); /* Flawfinder: ignore */ stream.str(""); stream << "[{'uri':'" << uri << "'}, {'version':i1}, " << "{'agent_id':'3c115e51-04f4-523c-9fa6-98aff1034730', 'session_id':'2c585cec-038c-40b0-b42e-a25ebab4d132', 'circuit_code':i1075, 'start':'region', 'limited_to_estate':i1 'first_name':'Phoenix', 'last_name':'Linden', 'group_title':'', 'group_id':u00000000-0000-0000-0000-000000000000, 'position':[r70.9247,r254.378,r38.7304], 'look_at':[r-0.043753,r-0.999042,r0], 'granters':[ua2e76fcd-9360-4f6d-a924-000000000003], 'texture_data':['5e481e8a-58a6-fc34-6e61-c7a36095c07f', 'c39675f5-ca90-a304-bb31-42cdb803a132', '5c989edf-88d1-b2ac-b00b-5ed4bab8e368', '6522e74d-1660-4e7f-b601-6f48c1659a77', '7ca39b4c-bd19-4699-aff7-f93fd03d3e7b', '41c58177-5eb6-5aeb-029d-bc4093f3c130', '97b75473-8b93-9b25-2a11-035b9ae93195', '1c2d8d9b-90eb-89d4-dea8-c1ed83990614', '69ec543f-e27b-c07c-9094-a8be6300f274', 'c9f8b80f-c629-4633-04ee-c566ce9fea4b', '989cddba-7ab6-01ed-67aa-74accd2a2a65', '45e319b2-6a8c-fa5c-895b-1a7149b88aef', '5748decc-f629-461c-9a36-a35a221fe21f', 'c228d1cf-4b5d-4ba8-84f4-899a0796aa97', 'c228d1cf-4b5d-4ba8-84f4-899a0796aa97', '685fbe10-ab40-f065-0aec-726cc6dfd7a1', '406f98fd-9c89-1d52-5f39-e67d508c5ee5', '685fbe10-ab40-f065-0aec-726cc6dfd7a1', 'c228d1cf-4b5d-4ba8-84f4-899a0796aa97', 'c228d1cf-4b5d-4ba8-84f4-899a0796aa97'], " @@ -1194,7 +1194,7 @@ namespace tut tmp_str << "{'task_id':ucc706f2d-0b68-68f8-11a4-f1043ff35ca0}\n{\n\tname\tObject|\n\tpermissions 0\n}"; std::vector<U8> expected_binary; expected_binary.resize(tmp_str.str().size()); - memcpy( + memcpy( /* Flawfinder: ignore */ &expected_binary[0], tmp_str.str().c_str(), tmp_str.str().size()); diff --git a/indra/test/llpipeutil.cpp b/indra/test/llpipeutil.cpp index e4389aaa33..56789cfae8 100644 --- a/indra/test/llpipeutil.cpp +++ b/indra/test/llpipeutil.cpp @@ -58,8 +58,8 @@ LLIOPipe::EStatus LLPipeStringExtractor::process_impl( std::ostringstream ostr; while (istr.good()) { - char buf[1024]; - istr.read(buf, sizeof(buf)); + char buf[1024]; /* Flawfinder: ignore */ + istr.read(buf, sizeof(buf)); /* Flawfinder: ignore */ ostr.write(buf, istr.gcount()); } mString = ostr.str(); diff --git a/indra/test/test.cpp b/indra/test/test.cpp index f05af10110..2d727daaa5 100644 --- a/indra/test/test.cpp +++ b/indra/test/test.cpp @@ -194,7 +194,7 @@ int main(int argc, char **argv) if(APR_STATUS_IS_EOF(apr_err)) break; if(apr_err) { - char buf[255]; + char buf[255]; /* Flawfinder: ignore */ std::cerr << "Error parsing options: " << apr_strerror(apr_err, buf, 255) << std::endl; return 1; diff --git a/indra/win_crash_logger/win_crash_logger.cpp b/indra/win_crash_logger/win_crash_logger.cpp index fde3bdf7ba..848d4006fd 100644 --- a/indra/win_crash_logger/win_crash_logger.cpp +++ b/indra/win_crash_logger/win_crash_logger.cpp @@ -50,8 +50,8 @@ void write_debug(std::string& str); // Global Variables: HINSTANCE hInst= NULL; // current instance -TCHAR szTitle[MAX_LOADSTRING]; // The title bar text -TCHAR szWindowClass[MAX_LOADSTRING]; // The title bar text +TCHAR szTitle[MAX_LOADSTRING]; /* Flawfinder: ignore */ // The title bar text +TCHAR szWindowClass[MAX_LOADSTRING]; /* Flawfinder: ignore */ // The title bar text LLString gUserText; // User's description of the problem time_t gStartTime = 0; @@ -72,10 +72,10 @@ WCHAR gProductName[512]; // Include product name in the window caption. void ProcessCaption(HWND hWnd) { - TCHAR templateText[1024]; - TCHAR finalText[2048]; + TCHAR templateText[1024]; /* Flawfinder: ignore */ + TCHAR finalText[2048]; /* Flawfinder: ignore */ GetWindowText(hWnd, templateText, sizeof(templateText)); - swprintf(finalText, templateText, gProductName); + swprintf(finalText, templateText, gProductName); /* Flawfinder: ignore */ SetWindowText(hWnd, finalText); } @@ -83,10 +83,10 @@ void ProcessCaption(HWND hWnd) // Include product name in the diaog item text. void ProcessDlgItemText(HWND hWnd, int nIDDlgItem) { - TCHAR templateText[1024]; - TCHAR finalText[2048]; + TCHAR templateText[1024]; /* Flawfinder: ignore */ + TCHAR finalText[2048]; /* Flawfinder: ignore */ GetDlgItemText(hWnd, nIDDlgItem, templateText, sizeof(templateText)); - swprintf(finalText, templateText, gProductName); + swprintf(finalText, templateText, gProductName); /* Flawfinder: ignore */ SetDlgItemText(hWnd, nIDDlgItem, finalText); } @@ -100,7 +100,7 @@ int APIENTRY WinMain(HINSTANCE hInstance, gDirUtilp->initAppDirs("SecondLife"); // Default to the product name "Second Life" (this is overridden by the -name argument) - swprintf(gProductName, L"Second Life"); + swprintf(gProductName, L"Second Life"); /* Flawfinder: ignore */ gCrashSettings.declareS32(CRASH_BEHAVIOR_SETTING, CRASH_BEHAVIOR_ASK, "Controls behavior when viewer crashes " "(0 = ask before sending crash report, 1 = always send crash report, 2 = never send crash report)"); @@ -119,7 +119,7 @@ int APIENTRY WinMain(HINSTANCE hInstance, const S32 MAX_ARGS = 100; int argc = 0; - char *argv[MAX_ARGS]; + char *argv[MAX_ARGS]; /* Flawfinder: ignore */ char *token = NULL; if( cmd_line_including_exe_name[0] == '\"' ) @@ -139,7 +139,7 @@ int APIENTRY WinMain(HINSTANCE hInstance, { argv[argc++] = token; /* Get next token: */ - if (*(token + strlen(token) + 1) == '\"') + if (*(token + strlen(token) + 1) == '\"') /* Flawfinder: ignore */ { token = strtok( NULL, "\""); } @@ -250,11 +250,11 @@ int APIENTRY WinMain(HINSTANCE hInstance, WCHAR header[2048]; if (gCrashInPreviousExec) { - swprintf(header, L"%s appears to have crashed or frozen the last time it ran.", gProductName); + swprintf(header, L"%s appears to have crashed or frozen the last time it ran.", gProductName); /* Flawfinder: ignore */ } else { - swprintf(header, L"%s appears to have crashed.", gProductName); + swprintf(header, L"%s appears to have crashed.", gProductName); /* Flawfinder: ignore */ } SetDlgItemText(gHwndReport, IDC_STATIC_HEADER, header); ShowWindow(gHwndReport, SW_SHOW ); @@ -478,7 +478,7 @@ void send_crash_report() // Get the filename of the SecondLife.log file // *NOTE: This buffer size is hard coded into scanf() below. - char tmp_sl_name[256]; + char tmp_sl_name[256]; /* Flawfinder: ignore */ tmp_sl_name[0] = '\0'; update_messages(); @@ -682,7 +682,7 @@ void send_crash_report() // Post data to web server const S32 BUFSIZE = 65536; HINTERNET hinet, hsession, hrequest; - char data[BUFSIZE]; + char data[BUFSIZE]; /* Flawfinder: ignore */ unsigned long bytes_read; llinfos << "Connecting to crash report server" << llendl; @@ -790,7 +790,7 @@ LLFileEncoder::LLFileEncoder(const char *form_name, const char *filename) while (count < 5) { buf_size = stat_data.st_size; - fp = LLFile::fopen(mFilename.c_str(), "rb"); + fp = LLFile::fopen(mFilename.c_str(), "rb"); /* Flawfinder: ignore */ if (!fp) { llwarns << "Can't open file " << mFilename << ", wait for a second" << llendl; @@ -878,14 +878,14 @@ void write_debug(const char *str) { std::string debug_filename = gDirUtilp->getExpandedFilename(LL_PATH_LOGS,"debug_info.log"); llinfos << "Opening debug file " << debug_filename << llendl; - gDebugFile = LLFile::fopen(debug_filename.c_str(), "a+"); + gDebugFile = LLFile::fopen(debug_filename.c_str(), "a+"); /* Flawfinder: ignore */ if (!gDebugFile) { fprintf(stderr, "Couldn't open %s: debug log to stderr instead.\n", debug_filename.c_str()); gDebugFile = stderr; } } - fprintf(gDebugFile, str); + fprintf(gDebugFile, str); /* Flawfinder: ignore */ fflush(gDebugFile); } diff --git a/indra/win_updater/updater.cpp b/indra/win_updater/updater.cpp index 99680984d1..ea4e8ced5c 100644 --- a/indra/win_updater/updater.cpp +++ b/indra/win_updater/updater.cpp @@ -14,6 +14,7 @@ #include <wininet.h> #include <stdio.h> +#include "llpreprocessor.h" #include "llfile.h" #define BUFSIZE 8192 @@ -62,7 +63,7 @@ int WINAPI get_url_into_file(WCHAR *uri, char *path, int *cancelled) *cancelled = FALSE; HINTERNET hinet, hdownload; - char data[BUFSIZE]; + char data[BUFSIZE]; /* Flawfinder: ignore */ unsigned long bytes_read; #if _DEBUG @@ -70,7 +71,7 @@ int WINAPI get_url_into_file(WCHAR *uri, char *path, int *cancelled) fflush(logfile); #endif - FILE *fp = fopen(path, "wb"); + FILE* fp = fopen(path, "wb"); /* Flawfinder: ignore */ if (!fp) { @@ -301,7 +302,7 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho const int MAX_ARGS = 100; int argc = 0; - char *argv[MAX_ARGS]; + char* argv[MAX_ARGS]; /* Flawfinder: ignore */ #if _DEBUG logfile = _wfopen(TEXT("updater.log"),TEXT("wt")); @@ -327,7 +328,7 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho { argv[argc++] = token; /* Get next token: */ - if (*(token + strlen(token) + 1) == '\"') + if (*(token + strlen(token) + 1) == '\"') /* Flawfinder: ignore */ { token = strtok( NULL, "\""); } @@ -360,7 +361,7 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho if (gProductName) { mbstowcs(window_title, gProductName, 2048); - wcscat(window_title, L" Updater"); + wcscat(window_title, L" Updater"); /* Flawfinder: ignore */ } else { @@ -369,7 +370,7 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho WNDCLASSEX wndclassex = { 0 }; DEVMODE dev_mode = { 0 }; - char update_exec_path[MAX_PATH]; + char update_exec_path[MAX_PATH]; /* Flawfinder: ignore */ char *ptr; WCHAR update_uri[4096]; @@ -438,10 +439,10 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho *(ptr + 2) = 'x'; *(ptr + 3) = 'e'; *(ptr + 4) = 0; - wcscpy(update_uri, UPDATE_URIBASE); + wcscpy(update_uri, UPDATE_URIBASE); /* Flawfinder: ignore */ WCHAR wcmdline[2048]; mbstowcs(wcmdline, gUserServer, 2048); - wcscat(update_uri, wcmdline); + wcscat(update_uri, wcmdline); /* Flawfinder: ignore */ int success; int cancelled; @@ -484,18 +485,18 @@ WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nSho } // Construct some parameters. - char params[2048]; + char params[2048]; /* Flawfinder: ignore */ if (gIsSilent && gProgramName) { - sprintf(params, "/S /P=\"%s\"", gProgramName); + snprintf(params, sizeof(params), "/S /P=\"%s\"", gProgramName); /* Flawfinder: ignore */ } else if (gProgramName) { - sprintf(params, "/P=\"%s\"", gProgramName); + snprintf(params, sizeof(params), "/P=\"%s\"", gProgramName); /* Flawfinder: ignore */ } else if (gIsSilent) { - sprintf(params, "/S"); + sprintf(params, "/S"); /* Flawfinder: ignore */ } else { |