78af534f82
Per warnings from flawfinder: "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused).". Replaced called to strcpy and strcat in `fileio.c` to calls with a specified size (`strncpy` and `strncat`). Tested the changes on OSX, Linux, Windows. On OSX + Linux, changes were tested with ASAN. The following flags were used: 'check_initialization_order=1:strict_init_order=1:detect_odr_violation=1:detect_stack_use_after_return=1' To reproduce warning: ./flawfinder.py ./programs/fileio.c
67 lines
635 B
Plaintext
67 lines
635 B
Plaintext
# local binary (Makefile)
|
|
fullbench
|
|
fullbench32
|
|
fuzzer
|
|
fuzzer32
|
|
fuzzer-dll
|
|
zbufftest
|
|
zbufftest32
|
|
zbufftest-dll
|
|
zstreamtest
|
|
zstreamtest32
|
|
zstreamtest_asan
|
|
zstreamtest_tsan
|
|
zstreamtest-dll
|
|
datagen
|
|
paramgrill
|
|
paramgrill32
|
|
roundTripCrash
|
|
longmatch
|
|
symbols
|
|
legacy
|
|
decodecorpus
|
|
pool
|
|
poolTests
|
|
invalidDictionaries
|
|
checkTag
|
|
zcat
|
|
zstdcat
|
|
tm
|
|
|
|
# Tmp test directory
|
|
zstdtest
|
|
speedTest
|
|
versionsTest
|
|
namespaceTest
|
|
|
|
# Local script
|
|
startSpeedTest
|
|
speedTest.pid
|
|
|
|
# Object files
|
|
*.o
|
|
*.ko
|
|
|
|
# Executables
|
|
*.exe
|
|
*.out
|
|
*.app
|
|
|
|
# Default result files
|
|
dictionary
|
|
grillResults.txt
|
|
_*
|
|
tmp*
|
|
*.zst
|
|
*.gz
|
|
result
|
|
out
|
|
*.zstd
|
|
|
|
# fuzzer
|
|
afl
|
|
|
|
# Misc files
|
|
*.bat
|
|
dirTest*
|