[brlcad-commits] SF.net SVN: brlcad:[56168] brlcad/trunk/src/proc-db/cchannel.c

Sat, 20 Jul 2013 08:20:34 -0700 

Revision: 56168
          http://sourceforge.net/p/brlcad/code/56168
Author:   n_reed
Date:     2013-07-20 15:20:08 +0000 (Sat, 20 Jul 2013)
Log Message:
-----------
no need to copy read-only filename strings, especially when we've misused 
strcpy and sscanf to do it - textbook buffer-overflow

Modified Paths:
--------------
    brlcad/trunk/src/proc-db/cchannel.c

Modified: brlcad/trunk/src/proc-db/cchannel.c
===================================================================
--- brlcad/trunk/src/proc-db/cchannel.c 2013-07-20 15:18:39 UTC (rev 56167)
+++ brlcad/trunk/src/proc-db/cchannel.c 2013-07-20 15:20:08 UTC (rev 56168)
@@ -28,7 +28,6 @@
 
 #include <math.h>
 #include <stdio.h>
-#include <string.h>
 #include "bn.h"
 #include "bu.h"
 #include "ged.h"
@@ -51,7 +50,7 @@
     double conversionFactor;
     int holes;
     double holeR;
-    char filename[64];
+    const char *filename;
 };
 
 static void
@@ -102,7 +101,7 @@
                sscanf(bu_optarg, "%lf", &(parameters->topR));
                break;
            case('f'):
-               sscanf(bu_optarg, "%s", (parameters->filename));
+               parameters->filename = bu_optarg;
                break;
            case('u'):
                sscanf(bu_optarg, "%lf", &(parameters->conversionFactor));
@@ -212,7 +211,7 @@
     parameters.conversionFactor = 25.4;
     parameters.holes = 0;
     parameters.holeR = .25;
-    strcpy(parameters.filename, "channel.g");
+    parameters.filename = "channel.g";
     parseArgs(argc, argv, options, &parameters);
     convert(0, 1, &parameters);
     db = wdb_fopen(parameters.filename);

This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.


------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
BRL-CAD Source Commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/brlcad-commits

Reply via email to