From 305c74d5163c5e344a675d39ca2394a9e45bd2c2 Mon Sep 17 00:00:00 2001 From: Aaron Brashears Date: Fri, 2 Feb 2007 17:28:58 +0000 Subject: Result of svn merge -r57264:57370 svn+ssh://svn/svn/linden/branches/adroit.r40-68 into release. --- indra/llinventory/llinventory.cpp | 132 +++++++++++++++++++++++------------- indra/llinventory/lllandmark.cpp | 7 +- indra/llinventory/llnotecard.cpp | 2 +- indra/llinventory/llparcel.cpp | 4 +- indra/llinventory/llpermissions.cpp | 66 ++++++++++-------- indra/llinventory/llsaleinfo.cpp | 22 +++--- 6 files changed, 143 insertions(+), 90 deletions(-) (limited to 'indra/llinventory') diff --git a/indra/llinventory/llinventory.cpp b/indra/llinventory/llinventory.cpp index cad1371247..124f22d5cf 100644 --- a/indra/llinventory/llinventory.cpp +++ b/indra/llinventory/llinventory.cpp @@ -303,16 +303,16 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf(buffer, " %254s %254s", keyword, valuestr); /* Flawfinder: ignore */ if(!keyword) { continue; @@ -341,7 +341,10 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -361,7 +364,7 @@ BOOL LLInventoryObject::importLegacyStream(std::istream& input_stream) // not sure whether exportLegacyStream(llofstream(fp)) would work, fp may need to get icramented... BOOL LLInventoryObject::exportFile(FILE* fp, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_object\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\tobj_id\t%s\n", uuid_str); @@ -375,7 +378,7 @@ BOOL LLInventoryObject::exportFile(FILE* fp, BOOL) const BOOL LLInventoryObject::exportLegacyStream(std::ostream& output_stream, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_object\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\tobj_id\t" << uuid_str << "\n"; @@ -628,12 +631,12 @@ BOOL LLInventoryItem::unpackMessage(LLMessageSystem* msg, const char* block, S32 mSaleInfo.unpackMultiMessage(msg, block, block_num); - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name, block_num); mName.assign(name); LLString::replaceNonstandardASCII(mName, ' '); - char desc[DB_INV_ITEM_DESC_BUF_SIZE]; + char desc[DB_INV_ITEM_DESC_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Description, DB_INV_ITEM_DESC_BUF_SIZE, desc, block_num); mDescription.assign(desc); LLString::replaceNonstandardASCII(mDescription, ' '); @@ -666,10 +669,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; - char junk[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ + char junk[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -680,7 +683,7 @@ BOOL LLInventoryItem::importFile(FILE* fp) while(success && (!feof(fp))) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf(buffer, " %254s %254s", keyword, valuestr); /* Flawfinder: ignore */ if(!keyword) { continue; @@ -754,7 +757,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); // IW: sscanf chokes and puts | in valuestr if there's no name if (valuestr[0] == '|') @@ -770,7 +776,10 @@ BOOL LLInventoryItem::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); if (valuestr[0] == '|') { @@ -812,7 +821,7 @@ BOOL LLInventoryItem::importFile(FILE* fp) BOOL LLInventoryItem::exportFile(FILE* fp, BOOL include_asset_key) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_item\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\titem_id\t%s\n", uuid_str); @@ -862,10 +871,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; - char junk[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ + char junk[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -876,7 +885,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) while(success && input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -950,7 +962,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); // IW: sscanf chokes and puts | in valuestr if there's no name if (valuestr[0] == '|') @@ -966,7 +981,10 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s%254[\t]%254[^|]", keyword, junk, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s%254[\t]%254[^|]", + keyword, junk, valuestr); if (valuestr[0] == '|') { @@ -1008,7 +1026,7 @@ BOOL LLInventoryItem::importLegacyStream(std::istream& input_stream) BOOL LLInventoryItem::exportLegacyStream(std::ostream& output_stream, BOOL include_asset_key) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_item\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\titem_id\t" << uuid_str << "\n"; @@ -1045,8 +1063,8 @@ BOOL LLInventoryItem::exportLegacyStream(std::ostream& output_stream, BOOL inclu const char* inv_type_str = LLInventoryType::lookup(mInventoryType); if(inv_type_str) output_stream << "\t\tinv_type\t" << inv_type_str << "\n"; - char buffer[32]; - sprintf(buffer, "\t\tflags\t%08x\n", mFlags); + char buffer[32]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), "\t\tflags\t%08x\n", mFlags); /* Flawfinder: ignore */ output_stream << buffer; mSaleInfo.exportLegacyStream(output_stream); output_stream << "\t\tname\t" << mName.c_str() << "|\n"; @@ -1316,18 +1334,18 @@ S32 LLInventoryItem::packBinaryBucket(U8* bin_bucket, LLPermissions* perm_overri // describe the inventory item char* buffer = (char*) bin_bucket; - char creator_id_str[UUID_STR_LENGTH]; + char creator_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getCreator().toString(creator_id_str); - char owner_id_str[UUID_STR_LENGTH]; + char owner_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getOwner().toString(owner_id_str); - char last_owner_id_str[UUID_STR_LENGTH]; + char last_owner_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getLastOwner().toString(last_owner_id_str); - char group_id_str[UUID_STR_LENGTH]; + char group_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ perm.getGroup().toString(group_id_str); - char asset_id_str[UUID_STR_LENGTH]; + char asset_id_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ getAssetUUID().toString(asset_id_str); - S32 size = sprintf(buffer, + S32 size = sprintf(buffer, /* Flawfinder: ignore */ "%d|%d|%s|%s|%s|%s|%s|%x|%x|%x|%x|%x|%s|%s|%d|%d|%x", getType(), getInventoryType(), @@ -1357,7 +1375,15 @@ void LLInventoryItem::unpackBinaryBucket(U8* bin_bucket, S32 bin_bucket_size) // Convert the bin_bucket into a string. char* item_buffer = new char[bin_bucket_size+1]; - memcpy(item_buffer, bin_bucket, bin_bucket_size); + if ((item_buffer != NULL) && (bin_bucket != NULL)) + { + memcpy(item_buffer, bin_bucket, bin_bucket_size); /* Flawfinder: ignore */ + } + else + { + llerrs << "unpackBinaryBucket failed. item_buffer or bin_bucket is Null." << llendl; + return; + } item_buffer[bin_bucket_size] = '\0'; std::string str(item_buffer); @@ -1500,7 +1526,7 @@ void LLInventoryCategory::unpackMessage(LLMessageSystem* msg, S8 type; msg->getS8Fast(block, _PREHASH_Type, type, block_num); mPreferredType = static_cast(type); - char name[DB_INV_ITEM_NAME_BUF_SIZE]; + char name[DB_INV_ITEM_NAME_BUF_SIZE]; /* Flawfinder: ignore */ msg->getStringFast(block, _PREHASH_Name, DB_INV_ITEM_NAME_BUF_SIZE, name, block_num); mName.assign(name); LLString::replaceNonstandardASCII(mName, ' '); @@ -1511,16 +1537,19 @@ BOOL LLInventoryCategory::importFile(FILE* fp) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(!feof(fp)) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -1553,7 +1582,10 @@ BOOL LLInventoryCategory::importFile(FILE* fp) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -1569,7 +1601,7 @@ BOOL LLInventoryCategory::importFile(FILE* fp) BOOL LLInventoryCategory::exportFile(FILE* fp, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ fprintf(fp, "\tinv_category\t0\n\t{\n"); mUUID.toString(uuid_str); fprintf(fp, "\t\tcat_id\t%s\n", uuid_str); @@ -1588,16 +1620,19 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) { // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ keyword[0] = '\0'; valuestr[0] = '\0'; while(input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -1630,7 +1665,10 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) { //strcpy(valuestr, buffer + strlen(keyword) + 3); // *NOTE: Not ANSI C, but widely supported. - sscanf(buffer, " %254s %254[^|]", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254[^|]", + keyword, valuestr); mName.assign(valuestr); LLString::replaceNonstandardASCII(mName, ' '); LLString::replaceChar(mName, '|', ' '); @@ -1646,7 +1684,7 @@ BOOL LLInventoryCategory::importLegacyStream(std::istream& input_stream) BOOL LLInventoryCategory::exportLegacyStream(std::ostream& output_stream, BOOL) const { - char uuid_str[UUID_STR_LENGTH]; + char uuid_str[UUID_STR_LENGTH]; /* Flawfinder: ignore */ output_stream << "\tinv_category\t0\n\t{\n"; mUUID.toString(uuid_str); output_stream << "\t\tcat_id\t" << uuid_str << "\n"; diff --git a/indra/llinventory/lllandmark.cpp b/indra/llinventory/lllandmark.cpp index 00d373cf02..7cb145d386 100644 --- a/indra/llinventory/lllandmark.cpp +++ b/indra/llinventory/lllandmark.cpp @@ -121,10 +121,13 @@ LLLandmark* LLLandmark::constructFromString(const char *buffer) { // *NOTE: Changing the buffer size will require changing the // scanf call below. - char region_id_str[MAX_STRING]; + char region_id_str[MAX_STRING]; /* Flawfinder: ignore */ LLVector3 pos; cur += chars_read; - count = sscanf(cur, "region_id %254s\n%n", region_id_str, &chars_read); + count = sscanf( /* Flawfinder: ignore */ + cur, + "region_id %254s\n%n", + region_id_str, &chars_read); if(count != 1) goto error; cur += chars_read; count = sscanf(cur, "local_pos %f %f %f\n%n", pos.mV+VX, pos.mV+VY, pos.mV+VZ, &chars_read); diff --git a/indra/llinventory/llnotecard.cpp b/indra/llinventory/llnotecard.cpp index 3e994a61aa..79545874b4 100644 --- a/indra/llinventory/llnotecard.cpp +++ b/indra/llinventory/llnotecard.cpp @@ -170,7 +170,7 @@ bool LLNotecard::importStream(std::istream& str) return FALSE; } - char line_buf[STD_STRING_BUF_SIZE]; + char line_buf[STD_STRING_BUF_SIZE]; /* Flawfinder: ignore */ str.getline(line_buf, STD_STRING_BUF_SIZE); if(str.fail()) { diff --git a/indra/llinventory/llparcel.cpp b/indra/llinventory/llparcel.cpp index a19c2216df..42a9d64254 100644 --- a/indra/llinventory/llparcel.cpp +++ b/indra/llinventory/llparcel.cpp @@ -998,7 +998,7 @@ BOOL LLParcel::importAccessEntry(std::istream& input_stream, LLAccessEntry* entr BOOL LLParcel::exportStream(std::ostream& output_stream) { S32 setting; - char id_string[MAX_STRING]; + char id_string[MAX_STRING]; /* Flawfinder: ignore */ std::ios::fmtflags old_flags = output_stream.flags(); output_stream.setf(std::ios::showpoint); @@ -1229,7 +1229,7 @@ void LLParcel::packMessage(LLMessageSystem* msg) void LLParcel::unpackMessage(LLMessageSystem* msg) { - char buffer[256]; + char buffer[256]; /* Flawfinder: ignore */ msg->getU32Fast( _PREHASH_ParcelData,_PREHASH_ParcelFlags, mParcelFlags ); msg->getS32Fast( _PREHASH_ParcelData,_PREHASH_SalePrice, mSalePrice ); diff --git a/indra/llinventory/llpermissions.cpp b/indra/llinventory/llpermissions.cpp index 124ba4d634..ac106eb09c 100644 --- a/indra/llinventory/llpermissions.cpp +++ b/indra/llinventory/llpermissions.cpp @@ -487,18 +487,18 @@ void LLPermissions::unpackMessage(LLMessageSystem* msg, const char* block, S32 b // File support // -BOOL LLPermissions::importFile(FILE *fp) +BOOL LLPermissions::importFile(FILE* fp) { init(LLUUID::null, LLUUID::null, LLUUID::null, LLUUID::null); const S32 BUFSIZE = 16384; // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[BUFSIZE]; - char keyword[256]; - char valuestr[256]; - char uuid_str[256]; - U32 mask; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ + char uuid_str[256]; /* Flawfinder: ignore */ + U32 mask; keyword[0] = '\0'; valuestr[0] = '\0'; @@ -506,7 +506,10 @@ BOOL LLPermissions::importFile(FILE *fp) while (!feof(fp)) { fgets(buffer, BUFSIZE, fp); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -554,22 +557,22 @@ BOOL LLPermissions::importFile(FILE *fp) } else if (!strcmp("creator_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mCreator.set(uuid_str); } else if (!strcmp("owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mOwner.set(uuid_str); } else if (!strcmp("last_owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mLastOwner.set(uuid_str); } else if (!strcmp("group_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mGroup.set(uuid_str); } else if (!strcmp("group_owned", keyword)) @@ -588,9 +591,9 @@ BOOL LLPermissions::importFile(FILE *fp) } -BOOL LLPermissions::exportFile(FILE *fp) const +BOOL LLPermissions::exportFile(FILE* fp) const { - char uuid_str[256]; + char uuid_str[256]; /* Flawfinder: ignore */ fprintf(fp, "\tpermissions 0\n"); fprintf(fp, "\t{\n"); @@ -629,11 +632,11 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[BUFSIZE]; - char keyword[256]; - char valuestr[256]; - char uuid_str[256]; - U32 mask; + char buffer[BUFSIZE]; /* Flawfinder: ignore */ + char keyword[256]; /* Flawfinder: ignore */ + char valuestr[256]; /* Flawfinder: ignore */ + char uuid_str[256]; /* Flawfinder: ignore */ + U32 mask; keyword[0] = '\0'; valuestr[0] = '\0'; @@ -641,7 +644,10 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) while (input_stream.good()) { input_stream.getline(buffer, BUFSIZE); - sscanf(buffer, " %255s %255s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %255s %255s", + keyword, valuestr); if (!keyword) { continue; @@ -689,22 +695,22 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) } else if (!strcmp("creator_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mCreator.set(uuid_str); } else if (!strcmp("owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mOwner.set(uuid_str); } else if (!strcmp("last_owner_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mLastOwner.set(uuid_str); } else if (!strcmp("group_id", keyword)) { - sscanf(valuestr, "%255s", uuid_str); + sscanf(valuestr, "%255s", uuid_str); /* Flawfinder: ignore */ mGroup.set(uuid_str); } else if (!strcmp("group_owned", keyword)) @@ -725,21 +731,21 @@ BOOL LLPermissions::importLegacyStream(std::istream& input_stream) BOOL LLPermissions::exportLegacyStream(std::ostream& output_stream) const { - char uuid_str[256]; + char uuid_str[256]; /* Flawfinder: ignore */ output_stream << "\tpermissions 0\n"; output_stream << "\t{\n"; - char buffer[256]; - sprintf(buffer, "\t\tbase_mask\t%08x\n", mMaskBase); + char buffer[256]; /* Flawfinder: ignore */ + snprintf(buffer, sizeof(buffer), "\t\tbase_mask\t%08x\n", mMaskBase); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\towner_mask\t%08x\n", mMaskOwner); + snprintf(buffer, sizeof(buffer), "\t\towner_mask\t%08x\n", mMaskOwner); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\tgroup_mask\t%08x\n", mMaskGroup); + snprintf(buffer, sizeof(buffer), "\t\tgroup_mask\t%08x\n", mMaskGroup); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\teveryone_mask\t%08x\n", mMaskEveryone); + snprintf(buffer, sizeof(buffer), "\t\teveryone_mask\t%08x\n", mMaskEveryone); /* Flawfinder: ignore */ output_stream << buffer; - sprintf(buffer, "\t\tnext_owner_mask\t%08x\n", mMaskNextOwner); + snprintf(buffer, sizeof(buffer), "\t\tnext_owner_mask\t%08x\n", mMaskNextOwner); /* Flawfinder: ignore */ output_stream << buffer; mCreator.toString(uuid_str); diff --git a/indra/llinventory/llsaleinfo.cpp b/indra/llinventory/llsaleinfo.cpp index 2bfac4d3e7..c469eae33c 100644 --- a/indra/llinventory/llsaleinfo.cpp +++ b/indra/llinventory/llsaleinfo.cpp @@ -141,9 +141,9 @@ BOOL LLSaleInfo::importFile(FILE* fp, BOOL& has_perm_mask, U32& perm_mask) // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -151,7 +151,10 @@ BOOL LLSaleInfo::importFile(FILE* fp, BOOL& has_perm_mask, U32& perm_mask) while(success && (!feof(fp))) { fgets(buffer, MAX_STRING, fp); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; @@ -194,9 +197,9 @@ BOOL LLSaleInfo::importLegacyStream(std::istream& input_stream, BOOL& has_perm_m // *NOTE: Changing the buffer size will require changing the scanf // calls below. - char buffer[MAX_STRING]; - char keyword[MAX_STRING]; - char valuestr[MAX_STRING]; + char buffer[MAX_STRING]; /* Flawfinder: ignore */ + char keyword[MAX_STRING]; /* Flawfinder: ignore */ + char valuestr[MAX_STRING]; /* Flawfinder: ignore */ BOOL success = TRUE; keyword[0] = '\0'; @@ -204,7 +207,10 @@ BOOL LLSaleInfo::importLegacyStream(std::istream& input_stream, BOOL& has_perm_m while(success && input_stream.good()) { input_stream.getline(buffer, MAX_STRING); - sscanf(buffer, " %254s %254s", keyword, valuestr); + sscanf( /* Flawfinder: ignore */ + buffer, + " %254s %254s", + keyword, valuestr); if(!keyword) { continue; -- cgit v1.2.3