Andreas/tbamud
1
0
Fork 0
mirror of https://github.com/tbamud/tbamud.git synced 2025-12-23 10:40:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make some string ops bounded and fix bug in editor toggle command (#54)

Browse source 
* Replace a few strcat/sprintf instances with bounded variants

Also cleaned up the whitespace in the parse_edit_action function as it was
not consistent.

Fix bug in editor format command introduced in earlier commit

* Fix bug in editor toggle command when an escaped @ is in the buffer

Previously, toggling between @ and \t would always try to convert
@ to \t, even if already toggled, iff an escaped @ was present in the
buffer (i.e. '@@').
This commit is contained in:
Kevin Fischer 2018-07-16 04:17:45 -05:00 committed by wyld-sw
parent 14855c273a
commit b27003e881
3 changed files with 151 additions and 141 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/act.informative.c
View file

@ -2554,7 +2554,7 @@ ACMD(do_areas)
static void list_scanned_chars(struct char_data * list, struct char_data * ch, int static void list_scanned_chars(struct char_data * list, struct char_data * ch, int
distance, int door) distance, int door)
{ {
char buf[MAX_STRING_LENGTH], buf2[MAX_STRING_LENGTH]; char buf[MAX_STRING_LENGTH], buf2[MAX_STRING_LENGTH - 1];
const char *how_far[] = { const char *how_far[] = {
"close by", "close by",
@ -2589,16 +2589,16 @@ distance, int door)
if (!CAN_SEE(ch, i)) if (!CAN_SEE(ch, i))
continue; continue;
if (!*buf) if (!*buf)
sprintf(buf, "You see %s", GET_NAME(i)); snprintf(buf, sizeof(buf), "You see %s", GET_NAME(i));
else else
strcat(buf, GET_NAME(i)); strncat(buf, GET_NAME(i), sizeof(buf) - strlen(buf) - 1);
if (--count > 1) if (--count > 1)
strcat(buf, ", "); strncat(buf, ", ", sizeof(buf) - strlen(buf) - 1);
else if (count == 1) else if (count == 1)
strcat(buf, " and "); strncat(buf, " and ", sizeof(buf) - strlen(buf) - 1);
else { else {
sprintf(buf2, " %s %s.\r\n", how_far[distance], dirs[door]); snprintf(buf2, sizeof(buf2), " %s %s.\r\n", how_far[distance], dirs[door]);
strcat(buf, buf2); strncat(buf, buf2, sizeof(buf) - strlen(buf) - 1);
} }
} }

6
src/dg_olc.c
View file

@ -470,14 +470,14 @@ static void script_syntax_highlighting(struct descriptor_data *d, char *string)
for (cmd = 0; *complete_cmd_info[cmd].command != '\n'; cmd++) { for (cmd = 0; *complete_cmd_info[cmd].command != '\n'; cmd++) {
if (complete_cmd_info[cmd].command_pointer == do_action) { if (complete_cmd_info[cmd].command_pointer == do_action) {
char replace_social[MAX_INPUT_LENGTH]; char replace_social[MAX_INPUT_LENGTH];
sprintf(replace_social, "\tc%s\tn", complete_cmd_info[cmd].command); snprintf(replace_social, MAX_INPUT_LENGTH, "\tc%s\tn", complete_cmd_info[cmd].command);
line = str_replace(line, complete_cmd_info[cmd].command, replace_social); line = str_replace(line, complete_cmd_info[cmd].command, replace_social);
} }
} }
} }
strcat(buffer, line); strncat(buffer, line, sizeof(buffer) - strlen(buffer) - 1);
strcat(buffer, "\tn\r\n"); strncat(buffer, "\tn\r\n", sizeof(buffer) - strlen(buffer) - 1);
} }
page_string(d, buffer, TRUE); page_string(d, buffer, TRUE);

272
src/improved-edit.c
View file

@ -102,34 +102,43 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
unsigned int total_len; unsigned int total_len;
char *s, *t, temp; char *s, *t, temp;
char buf[MAX_STRING_LENGTH]; char buf[MAX_STRING_LENGTH];
char buf2[MAX_STRING_LENGTH]; char buf2[MAX_STRING_LENGTH - 1];
switch (command) { switch (command) {
case PARSE_HELP: case PARSE_HELP:
write_to_output(d, write_to_output(d,
"Editor command formats: /<letter>\r\n\r\n" "Editor command formats: /<letter>\r\n\r\n"
"/a - aborts editor\r\n" "/a - aborts editor\r\n"
"/c - clears buffer\r\n" "/c - clears buffer\r\n"
"/d# - deletes a line #\r\n" "/d# - deletes a line #\r\n"
"/e# <text> - changes the line at # with <text>\r\n" "/e# <text> - changes the line at # with <text>\r\n"
"/f - formats text\r\n" "/f - formats text\r\n"
"/fi - indented formatting of text\r\n" "/fi - indented formatting of text\r\n"
"/h - list text editor commands\r\n" "/h - list text editor commands\r\n"
"/i# <text> - inserts <text> before line #\r\n" "/i# <text> - inserts <text> before line #\r\n"
"/l - lists buffer\r\n" "/l - lists buffer\r\n"
"/n - lists buffer with line numbers\r\n" "/n - lists buffer with line numbers\r\n"
"/r 'a' 'b' - replace 1st occurence of text <a> in buffer with text <b>\r\n" "/r 'a' 'b' - replace 1st occurence of text <a> in buffer with text <b>\r\n"
"/ra 'a' 'b'- replace all occurences of text <a> within buffer with text <b>\r\n" "/ra 'a' 'b'- replace all occurences of text <a> within buffer with text <b>\r\n"
" usage: /r[a] 'pattern' 'replacement'\r\n" " usage: /r[a] 'pattern' 'replacement'\r\n"
"/t - toggles '@' and tabs\r\n" "/t - toggles '@' and tabs\r\n"
"/s - saves text\r\n"); "/s - saves text\r\n");
break; break;
case PARSE_TOGGLE: case PARSE_TOGGLE:
if (!*d->str) { if (!*d->str) {
write_to_output(d, "No string.\r\n"); write_to_output(d, "No string.\r\n");
break; break;
} }
if (strchr(*d->str, '@')) { bool has_at = FALSE;
for (char* c = *d->str; *c; ++c) {
if (*c == '@') {
if (*(++c) != '@') {
has_at = TRUE;
break;
}
}
}
if (has_at) {
parse_at(*d->str); parse_at(*d->str);
write_to_output(d, "Toggling (at) into (tab) Characters...\r\n"); write_to_output(d, "Toggling (at) into (tab) Characters...\r\n");
} else { } else {
@ -144,8 +153,8 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
} }
while (isalpha(string[j]) && j < 2) { while (isalpha(string[j]) && j < 2) {
if (string[j++] == 'i' && !indent) { if (string[j++] == 'i' && !indent) {
indent = TRUE; indent = TRUE;
flags += FORMAT_INDENT; flags += FORMAT_INDENT;
} }
} }
switch (sscanf((indent ? string + 1 : string), " %d - %d ", &line_low, &line_high)) switch (sscanf((indent ? string + 1 : string), " %d - %d ", &line_low, &line_high))
@ -174,7 +183,7 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
case PARSE_REPLACE: case PARSE_REPLACE:
while (isalpha(string[j]) && j < 2) while (isalpha(string[j]) && j < 2)
if (string[j++] == 'a' && !indent) if (string[j++] == 'a' && !indent)
rep_all = 1; rep_all = 1;
if ((s = strtok(string, "'")) == NULL) { if ((s = strtok(string, "'")) == NULL) {
write_to_output(d, "Invalid format.\r\n"); write_to_output(d, "Invalid format.\r\n");
@ -193,11 +202,11 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
return; return;
} else if ((total_len = ((strlen(t) - strlen(s)) + strlen(*d->str))) <= d->max_str) { } else if ((total_len = ((strlen(t) - strlen(s)) + strlen(*d->str))) <= d->max_str) {
if ((replaced = replace_str(d->str, s, t, rep_all, d->max_str)) > 0) { if ((replaced = replace_str(d->str, s, t, rep_all, d->max_str)) > 0) {
write_to_output(d, "Replaced %d occurence%sof '%s' with '%s'.\r\n", replaced, ((replaced != 1) ? "s " : " "), s, t); write_to_output(d, "Replaced %d occurence%sof '%s' with '%s'.\r\n", replaced, ((replaced != 1) ? "s " : " "), s, t);
} else if (replaced == 0) { } else if (replaced == 0) {
write_to_output(d, "String '%s' not found.\r\n", s); write_to_output(d, "String '%s' not found.\r\n", s);
} else } else
write_to_output(d, "ERROR: Replacement string causes buffer overflow, aborted replace.\r\n"); write_to_output(d, "ERROR: Replacement string causes buffer overflow, aborted replace.\r\n");
} else } else
write_to_output(d, "Not enough space left in buffer.\r\n"); write_to_output(d, "Not enough space left in buffer.\r\n");
break; break;
@ -211,8 +220,8 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
break; break;
case 2: case 2:
if (line_high < line_low) { if (line_high < line_low) {
write_to_output(d, "That range is invalid.\r\n"); write_to_output(d, "That range is invalid.\r\n");
return; return;
} }
break; break;
} }
@ -224,26 +233,26 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
return; return;
} else if (line_low > 0) { } else if (line_low > 0) {
while (s && i < line_low) while (s && i < line_low)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
s++; s++;
} }
if (s == NULL || i < line_low) { if (s == NULL || i < line_low) {
write_to_output(d, "Line(s) out of range; not deleting.\r\n"); write_to_output(d, "Line(s) out of range; not deleting.\r\n");
return; return;
} }
t = s; t = s;
while (s && i < line_high) while (s && i < line_high)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
total_len++; total_len++;
s++; s++;
} }
if (s && (s = strchr(s, '\n')) != NULL) { if (s && (s = strchr(s, '\n')) != NULL) {
while (*(++s)) while (*(++s))
*(t++) = *s; *(t++) = *s;
} else } else
total_len--; total_len--;
*t = '\0'; *t = '\0';
RECREATE(*d->str, char, strlen(*d->str) + 3); RECREATE(*d->str, char, strlen(*d->str) + 3);
@ -260,12 +269,12 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
if (*string) if (*string)
switch (sscanf(string, " %d - %d ", &line_low, &line_high)) { switch (sscanf(string, " %d - %d ", &line_low, &line_high)) {
case 0: case 0:
line_low = 1; line_low = 1;
line_high = 999999; line_high = 999999;
break; break;
case 1: case 1:
line_high = line_low; line_high = line_low;
break; break;
} else { } else {
line_low = 1; line_low = 1;
line_high = 999999; line_high = 999999;
@ -280,14 +289,14 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
} }
*buf = '\0'; *buf = '\0';
if (line_high < 999999 || line_low > 1) if (line_high < 999999 || line_low > 1)
sprintf(buf, "Current buffer range [%d - %d]:\r\n", line_low, line_high); snprintf(buf, sizeof(buf), "Current buffer range [%d - %d]:\r\n", line_low, line_high);
i = 1; i = 1;
total_len = 0; total_len = 0;
s = *d->str; s = *d->str;
while (s && (i < line_low)) while (s && (i < line_low))
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
s++; s++;
} }
if (i < line_low || s == NULL) { if (i < line_low || s == NULL) {
write_to_output(d, "Line(s) out of range; no buffer listing.\r\n"); write_to_output(d, "Line(s) out of range; no buffer listing.\r\n");
@ -296,19 +305,19 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
t = s; t = s;
while (s && i <= line_high) while (s && i <= line_high)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
total_len++; total_len++;
s++; s++;
} }
if (s) { if (s) {
temp = *s; temp = *s;
*s = '\0'; *s = '\0';
strcat(buf, t); strncat(buf, t, sizeof(buf) - strlen(buf) - 1);
*s = temp; *s = temp;
} else } else
strcat(buf, t); strncat(buf, t, sizeof(buf) - strlen(buf) - 1);
/* This is kind of annoying...but some people like it. */ /* This is kind of annoying...but some people like it. */
sprintf(buf + strlen(buf), "\r\n%d line%sshown.\r\n", total_len, (total_len != 1) ? "s " : " "); snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "\r\n%d line%sshown.\r\n", total_len, (total_len != 1) ? "s " : " ");
page_string(d, buf, TRUE); page_string(d, buf, TRUE);
break; break;
case PARSE_LIST_NUM: case PARSE_LIST_NUM:
@ -318,12 +327,12 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
if (*string) if (*string)
switch (sscanf(string, " %d - %d ", &line_low, &line_high)) { switch (sscanf(string, " %d - %d ", &line_low, &line_high)) {
case 0: case 0:
line_low = 1; line_low = 1;
line_high = 999999; line_high = 999999;
break; break;
case 1: case 1:
line_high = line_low; line_high = line_low;
break; break;
} else { } else {
line_low = 1; line_low = 1;
line_high = 999999; line_high = 999999;
@ -343,8 +352,8 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
s = *d->str; s = *d->str;
while (s && i < line_low) while (s && i < line_low)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
s++; s++;
} }
if (i < line_low || s == NULL) { if (i < line_low || s == NULL) {
write_to_output(d, "Line(s) out of range; no buffer listing.\r\n"); write_to_output(d, "Line(s) out of range; no buffer listing.\r\n");
@ -353,25 +362,25 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
t = s; t = s;
while (s && i <= line_high) while (s && i <= line_high)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
total_len++; total_len++;
s++; s++;
temp = *s; temp = *s;
*s = '\0'; *s = '\0';
char buf3[8]; char buf3[9];
sprintf(buf3, "%4d: ", (i - 1)); sprintf(buf3, "%4d: ", (i - 1));
strcat(buf, buf3); strncat(buf, buf3, sizeof(buf) - strlen(buf) - 1);
strcat(buf, t); strncat(buf, t, sizeof(buf) - strlen(buf) - 1);
*s = temp; *s = temp;
t = s; t = s;
} }
if (s && t) { if (s && t) {
temp = *s; temp = *s;
*s = '\0'; *s = '\0';
strcat(buf, t); strncat(buf, t, sizeof(buf) - strlen(buf) - 1);
*s = temp; *s = temp;
} else if (t) } else if (t)
strcat(buf, t); strncat(buf, t, sizeof(buf) - strlen(buf) - 1);
page_string(d, buf, TRUE); page_string(d, buf, TRUE);
break; break;
@ -383,7 +392,7 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
return; return;
} }
line_low = atoi(buf); line_low = atoi(buf);
strcat(buf2, "\r\n"); strncat(buf2, "\r\n", sizeof(buf2) - strlen(buf2) - 1);
i = 1; i = 1;
*buf = '\0'; *buf = '\0';
@ -393,27 +402,27 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
} }
if (line_low > 0) { if (line_low > 0) {
while (s && (i < line_low)) while (s && (i < line_low))
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
s++; s++;
} }
if (i < line_low || s == NULL) { if (i < line_low || s == NULL) {
write_to_output(d, "Line number out of range; insert aborted.\r\n"); write_to_output(d, "Line number out of range; insert aborted.\r\n");
return; return;
} }
temp = *s; temp = *s;
*s = '\0'; *s = '\0';
if ((strlen(*d->str) + strlen(buf2) + strlen(s + 1) + 3) > d->max_str) { if ((strlen(*d->str) + strlen(buf2) + strlen(s + 1) + 3) > d->max_str) {
*s = temp; *s = temp;
write_to_output(d, "Insert text pushes buffer over maximum size, insert aborted.\r\n"); write_to_output(d, "Insert text pushes buffer over maximum size, insert aborted.\r\n");
return; return;
} }
if (*d->str && **d->str) if (*d->str && **d->str)
strcat(buf, *d->str); strncat(buf, *d->str, sizeof(buf) - strlen(buf) - 1);
*s = temp; *s = temp;
strcat(buf, buf2); strncat(buf, buf2, sizeof(buf) - strlen(buf) - 1);
if (s && *s) if (s && *s)
strcat(buf, s); strncat(buf, s, sizeof(buf) - strlen(buf) - 1);
RECREATE(*d->str, char, strlen(buf) + 3); RECREATE(*d->str, char, strlen(buf) + 3);
strcpy(*d->str, buf); strcpy(*d->str, buf);
@ -431,7 +440,7 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
return; return;
} }
line_low = atoi(buf); line_low = atoi(buf);
strcat(buf2, "\r\n"); strncat(buf2, "\r\n", sizeof(buf2) - strlen(buf2) - 1);
i = 1; i = 1;
*buf = '\0'; *buf = '\0';
@ -442,39 +451,39 @@ void parse_edit_action(int command, char *string, struct descriptor_data *d)
if (line_low > 0) { if (line_low > 0) {
/* Loop through the text counting \n characters until we get to the line. */ /* Loop through the text counting \n characters until we get to the line. */
while (s && i < line_low) while (s && i < line_low)
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
i++; i++;
s++; s++;
} }
/* Make sure that there was a THAT line in the text. */ /* Make sure that there was a THAT line in the text. */
if (s == NULL || i < line_low) { if (s == NULL || i < line_low) {
write_to_output(d, "Line number out of range; change aborted.\r\n"); write_to_output(d, "Line number out of range; change aborted.\r\n");
return; return;
} }
/* If s is the same as *d->str that means I'm at the beginning of the /* If s is the same as *d->str that means I'm at the beginning of the
* message text and I don't need to put that into the changed buffer. */ * message text and I don't need to put that into the changed buffer. */
if (s != *d->str) { if (s != *d->str) {
/* First things first .. we get this part into the buffer. */ /* First things first .. we get this part into the buffer. */
temp = *s; temp = *s;
*s = '\0'; *s = '\0';
/* Put the first 'good' half of the text into storage. */ /* Put the first 'good' half of the text into storage. */
strcat(buf, *d->str); strncat(buf, *d->str, sizeof(buf) - strlen(buf) - 1);
*s = temp; *s = temp;
} }
/* Put the new 'good' line into place. */ /* Put the new 'good' line into place. */
strcat(buf, buf2); strncat(buf, buf2, sizeof(buf) - strlen(buf) - 1);
if ((s = strchr(s, '\n')) != NULL) { if ((s = strchr(s, '\n')) != NULL) {
/* This means that we are at the END of the line, we want out of there, /* This means that we are at the END of the line, we want out of there,
* but we want s to point to the beginning of the line. AFTER the line * but we want s to point to the beginning of the line. AFTER the line
* we want edited. */ * we want edited. */
s++; s++;
/* Now put the last 'good' half of buffer into storage. */ /* Now put the last 'good' half of buffer into storage. */
strcat(buf, s); strncat(buf, s, sizeof(buf) - strlen(buf) - 1);
} }
/* Check for buffer overflow. */ /* Check for buffer overflow. */
if (strlen(buf) > d->max_str) { if (strlen(buf) > d->max_str) {
write_to_output(d, "Change causes new length to exceed buffer maximum size, aborted.\r\n"); write_to_output(d, "Change causes new length to exceed buffer maximum size, aborted.\r\n");
return; return;
} }
/* Change the size of the REAL buffer to fit the new text. */ /* Change the size of the REAL buffer to fit the new text. */
RECREATE(*d->str, char, strlen(buf) + 3); RECREATE(*d->str, char, strlen(buf) + 3);
@ -511,7 +520,7 @@ int format_text(char **ptr_string, int mode, struct descriptor_data *d, unsigned
if ((flow = *ptr_string) == NULL) if ((flow = *ptr_string) == NULL)
return 0; return 0;
strcpy(str, flow); strncpy(str, flow, sizeof(str) - 1);
for (i = 0; i < low - 1; i++) { for (i = 0; i < low - 1; i++) {
start = strtok(str, "\n"); start = strtok(str, "\n");
@ -519,13 +528,13 @@ int format_text(char **ptr_string, int mode, struct descriptor_data *d, unsigned
write_to_output(d, "There aren't that many lines!\r\n"); write_to_output(d, "There aren't that many lines!\r\n");
return 0; return 0;
} }
strcat(formatted, strcat(start, "\n")); strncat(formatted, strcat(start, "\n"), sizeof(formatted) - strlen(formatted) - 1);
flow = strstr(flow, "\n"); flow = strstr(flow, "\n");
strcpy(str, ++flow); strncpy(str, ++flow, sizeof(str) - 1);
} }
if (IS_SET(mode, FORMAT_INDENT)) { if (IS_SET(mode, FORMAT_INDENT)) {
strcat(formatted, " "); strncat(formatted, " ", sizeof(formatted) - strlen(formatted) - 1);
line_chars = 3; line_chars = 3;
} else { } else {
line_chars = 0; line_chars = 0;
@ -591,14 +600,14 @@ int format_text(char **ptr_string, int mode, struct descriptor_data *d, unsigned
} }
if (line_chars + strlen(start) + 1 - color_chars > PAGE_WIDTH) { if (line_chars + strlen(start) + 1 - color_chars > PAGE_WIDTH) {
strcat(formatted, "\r\n"); strncat(formatted, "\r\n", sizeof(formatted) - strlen(formatted) - 1);
line_chars = 0; line_chars = 0;
color_chars = count_color_chars(start); color_chars = count_color_chars(start);
} }
if (!cap_next) { if (!cap_next) {
if (line_chars > 0) { if (line_chars > 0) {
strcat(formatted, " "); strncat(formatted, " ", sizeof(formatted) - strlen(formatted) - 1);
line_chars++; line_chars++;
} }
} else { } else {
@ -607,38 +616,38 @@ int format_text(char **ptr_string, int mode, struct descriptor_data *d, unsigned
} }
line_chars += strlen(start); line_chars += strlen(start);
strcat(formatted, start); strncat(formatted, start, sizeof(formatted) - strlen(formatted) - 1);
*flow = temp; *flow = temp;
} }
if (cap_next_next && *flow) { if (cap_next_next && *flow) {
if (line_chars + 3 - color_chars > PAGE_WIDTH) { if (line_chars + 3 - color_chars > PAGE_WIDTH) {
strcat(formatted, "\r\n"); strncat(formatted, "\r\n", sizeof(formatted) - strlen(formatted) - 1);
line_chars = 0; line_chars = 0;
color_chars = count_color_chars(start); color_chars = count_color_chars(start);
} else if (*flow == '\"' || *flow == '\'') { } else if (*flow == '\"' || *flow == '\'') {
char buf[MAX_STRING_LENGTH]; char buf[MAX_STRING_LENGTH - 1];
sprintf(buf, "%c ", *flow); snprintf(buf, sizeof(buf), "%c ", *flow);
strcat(formatted, buf); strncat(formatted, buf, sizeof(formatted) - strlen(formatted) - 1);
flow++; flow++;
line_chars++; line_chars++;
} else { } else {
strcat(formatted, " "); strncat(formatted, " ", sizeof(formatted) - strlen(formatted) - 1);
line_chars += 2; line_chars += 2;
} }
} }
} }
if (*flow) if (*flow)
strcat(formatted, "\r\n"); strncat(formatted, "\r\n", sizeof(formatted) - strlen(formatted) - 1);
strcat(formatted, flow); strncat(formatted, flow, sizeof(formatted) - strlen(formatted) - 1);
if (!*flow) if (!*flow)
strcat(formatted, "\r\n"); strncat(formatted, "\r\n", sizeof(formatted) - strlen(formatted) - 1);
if (strlen(formatted) + 1 > maxlen) int len = MIN(maxlen, strlen(formatted) + 1);
formatted[maxlen - 1] = '\0'; RECREATE(*ptr_string, char, len);
RECREATE(*ptr_string, char, MIN(maxlen, strlen(formatted) + 1)); strncpy(*ptr_string, formatted, len - 1);
strcpy(*ptr_string, formatted); (*ptr_string)[len - 1] = '\0';
return 1; return 1;
} }
@ -666,21 +675,22 @@ int replace_str(char **string, char *pattern, char *replacement, int rep_all, un
i = -1; i = -1;
break; break;
} }
strcat(replace_buffer, jetsam); strncat(replace_buffer, jetsam, max_size - strlen(replace_buffer) -1);
strcat(replace_buffer, replacement); strncat(replace_buffer, replacement, max_size - strlen(replace_buffer) - 1);
*flow = temp; *flow = temp;
flow += strlen(pattern); flow += strlen(pattern);
jetsam = flow; jetsam = flow;
} }
strcat(replace_buffer, jetsam); strncat(replace_buffer, jetsam, max_size - strlen(replace_buffer) - 1);
} else { } else {
if ((flow = (char *)strstr(*string, pattern)) != NULL) { if ((flow = (char *)strstr(*string, pattern)) != NULL) {
i++; i++;
flow += strlen(pattern); flow += strlen(pattern);
len = ((char *)flow - (char *)*string) - strlen(pattern); len = ((char *)flow - (char *)*string) - strlen(pattern);
strncpy(replace_buffer, *string, len); strncpy(replace_buffer, *string, len < max_size - 1 ? len : max_size - 1);
strcat(replace_buffer, replacement); replace_buffer[max_size - 1] = '\0';
strcat(replace_buffer, flow); strncat(replace_buffer, replacement, max_size - strlen(replace_buffer) - 1);
strncat(replace_buffer, flow, max_size - strlen(replace_buffer) - 1);
} }
} }