Broad patch from Dan Scott to move towards better memory management:

 * bzero->memset (with sizeof) - except when followed immediately by
   snprintf(), in which case the call was deleted completely
 * sprintf->snprintf (with sizeof) - for the C99-guaranteed
   null-terminated string and avoidance of overwrites
 * fgets (with sizeof) - because in at least one case "len - 1" was
   being used for the length, even though fgets is defined to retrieve 1
   byte less than the requested length - so the code was effectively
   retrieving 2 bytes less than the allocated buffer
 * in 2 places in srfsh.c, increased buffer size by 1 to allow for
   null terminator
 * various typo fixes

git-svn-id: svn://svn.open-ils.org/OpenSRF/trunk@1098 9efc2488-bf62-4759-914b-345cdb29e865

diff --git a/src/gateway/apachetools.c b/src/gateway/apachetools.c
index d70bfe6..3570310 100644 (file)
--- a/src/gateway/apachetools.c
+++ b/src/gateway/apachetools.c
@@ -24,7 +24,7 @@ string_array* apacheParseParms(request_rec* r) {
                if(ap_should_client_block(r)) {
 
                        char body[1025];
-                       memset(body,0,1025);
+                       memset(body,0,sizeof(body));
                        buffer = buffer_init(1025);
 
 
@@ -40,7 +40,7 @@ string_array* apacheParseParms(request_rec* r) {
                                }
 
                                buffer_add( buffer, body );
-                               memset(body,0,1025);
+                               memset(body,0,sizeof(body));
 
                                osrfLogDebug(OSRF_LOG_MARK, 
                                        "gateway read %d bytes: %d bytes of data so far", bread, buffer->n_used);
@@ -49,7 +49,7 @@ string_array* apacheParseParms(request_rec* r) {
 
                                if(buffer->n_used > APACHE_TOOLS_MAX_POST_SIZE) {
                                        osrfLogError(OSRF_LOG_MARK, "gateway received POST larger "
-                                               "than %d bytes. dropping reqeust", APACHE_TOOLS_MAX_POST_SIZE);
+                                               "than %d bytes. dropping request", APACHE_TOOLS_MAX_POST_SIZE);
                                        buffer_free(buffer);
                                        return NULL;
                                }

diff --git a/src/gateway/osrf_json_gateway.c b/src/gateway/osrf_json_gateway.c
index 0663789..4c6a247 100644 (file)
--- a/src/gateway/osrf_json_gateway.c
+++ b/src/gateway/osrf_json_gateway.c
@@ -90,9 +90,8 @@ static void osrf_json_gateway_child_init(apr_pool_t *p, server_rec *s) {
 
        char* cfg = osrf_json_gateway_config_file;
        char buf[32];
-       memset(buf, 0x0, 32);
        int t = time(NULL);
-       snprintf(buf, 32, "%d", t);
+       snprintf(buf, sizeof(buf), "%d", t);
 
        if( ! osrfSystemBootstrapClientResc( cfg, CONFIG_CONTEXT, buf ) ) {
                ap_log_error( APLOG_MARK, APLOG_ERR, 0, s, 
@@ -377,18 +376,16 @@ static int osrf_json_gateway_method_handler (request_rec *r) {
                                        "OpenSRF JSON Request returned error: %s -> %s", statusname, statustext );
                        int l = strlen(statusname) + strlen(statustext) + 32;
                        char buf[l];
-                       bzero(buf,l);
 
                        if (isXML)
-                               snprintf( buf, l, "<debug>\"%s : %s\"</debug>", statusname, statustext );
+                               snprintf( buf, sizeof(buf), "<debug>\"%s : %s\"</debug>", statusname, statustext );
 
                        else {
                                char bb[l];
-                               bzero(bb, l);
-                               snprintf(bb, l,  "%s : %s", statusname, statustext);
+                               snprintf(bb, sizeof(bb),  "%s : %s", statusname, statustext);
                                jsonObject* tmp = jsonNewObject(bb);
                                char* j = jsonToStringFunc(tmp);
-                               snprintf( buf, l, ",\"debug\": %s", j);
+                               snprintf( buf, sizeof(buf), ",\"debug\": %s", j);
                                free(j);
                                jsonObjectFree(tmp);
                        }
@@ -401,12 +398,11 @@ static int osrf_json_gateway_method_handler (request_rec *r) {
 
                /* insert the status code */
                char buf[32];
-               bzero(buf,32);
 
                if (isXML)
-                       snprintf(buf, 32, "<status>%d</status>", statuscode );
+                       snprintf(buf, sizeof(buf), "<status>%d</status>", statuscode );
                else
-                       snprintf(buf, 32, ",\"status\":%d", statuscode );
+                       snprintf(buf, sizeof(buf), ",\"status\":%d", statuscode );
 
                ap_rputs( buf, r );
 

diff --git a/src/jserver/osrf_chat.c b/src/jserver/osrf_chat.c
index 9a20bd6..9891698 100644 (file)
--- a/src/jserver/osrf_chat.c
+++ b/src/jserver/osrf_chat.c
@@ -279,7 +279,7 @@ int osrfChatSend( osrfChatServer* cs, osrfChatNode* node, char* toAddr, char* fr
 
        int l = strlen(toAddr);
        char dombuf[l];
-       bzero(dombuf, l);
+       memset(dombuf, 0, sizeof(dombuf));
        jid_get_domain( toAddr, dombuf, l );    
 
        if( eq( dombuf, cs->domain ) ) { /* this is to a user we host */
@@ -595,8 +595,7 @@ int osrfChatHandleNewConnection( osrfChatNode* node, const char* name, const xml
 
 char* osrfChatMkAuthKey() {
        char keybuf[112];
-       bzero(keybuf, 112);
-       snprintf(keybuf, 111, "%d%ld%s", (int) time(NULL), (long) getpid(), getenv("HOSTNAME"));
+       snprintf(keybuf, sizeof(keybuf), "%d%ld%s", (int) time(NULL), (long) getpid(), getenv("HOSTNAME"));
        return strdup(shahash(keybuf));
 }
 

diff --git a/src/libopensrf/basic_client.c b/src/libopensrf/basic_client.c
index 5cf8f76..246c1b9 100644 (file)
--- a/src/libopensrf/basic_client.c
+++ b/src/libopensrf/basic_client.c
@@ -31,10 +31,10 @@ int main( int argc, char** argv ) {
                signal(SIGINT, sig_int);
                fprintf(stderr, "Listener: %ld\n", (long) getpid() );   
                char buf[300];
-               memset(buf, 0, 300);
+               memset(buf, 0, sizeof(buf));
                printf("=> ");
 
-               while( fgets( buf, 299, stdin) ) {
+               while( fgets( buf, sizeof(buf), stdin) ) {
 
                        // remove newline
                        buf[strlen(buf)-1] = '\0';
@@ -48,7 +48,7 @@ int main( int argc, char** argv ) {
                        client_send_message( client, send );
                        message_free( send );
                        printf("\n=> ");
-                       memset(buf, 0, 300);
+                       memset(buf, 0, sizeof(buf));
                }
                fprintf(stderr, "Killing child %d\n", pid );
                kill( pid, SIGKILL );

diff --git a/src/libopensrf/log.c b/src/libopensrf/log.c
index 94c5359..744cdbd 100644 (file)
--- a/src/libopensrf/log.c
+++ b/src/libopensrf/log.c
@@ -58,8 +58,7 @@ void osrfLogMkXid( void ) {
    if(_osrfLogIsClient) {
       static int _osrfLogXidInc = 0; /* increments with each new xid for uniqueness */
       char buf[32];
-      memset(buf, 0x0, 32);
-      snprintf(buf, 32, "%s%d", _osrfLogXidPfx, _osrfLogXidInc);
+      snprintf(buf, sizeof(buf), "%s%d", _osrfLogXidPfx, _osrfLogXidInc);
       _osrfLogSetXid(buf);
       _osrfLogXidInc++;
    }
@@ -74,8 +73,7 @@ void osrfLogSetIsClient(int is) {
    if(!is) return;
    /* go ahead and create the xid prefix so it will be consistent later */
    static char buff[32];
-   memset(buff, 0x0, 32);
-   snprintf(buff, 32, "%d%ld", (int)time(NULL), (long) getpid());
+   snprintf(buff, sizeof(buff), "%d%ld", (int)time(NULL), (long) getpid());
    _osrfLogXidPfx = buff;
 }
 
@@ -223,7 +221,7 @@ static void _osrfLogDetail( int level, const char* filename, int line, char* msg
 
    if( logtype == OSRF_LOG_TYPE_SYSLOG ) {
                char buf[1536];  
-               memset(buf, 0x0, 1536);
+               memset(buf, 0x0, sizeof(buf));
                /* give syslog some breathing room, and be cute about it */
                strncat(buf, msg, 1535);
                buf[1532] = '.';

diff --git a/src/libopensrf/osrf_app_session.c b/src/libopensrf/osrf_app_session.c
index e6f25f7..bf852b2 100644 (file)
--- a/src/libopensrf/osrf_app_session.c
+++ b/src/libopensrf/osrf_app_session.c
@@ -240,7 +240,7 @@ osrf_app_session* osrf_app_client_session_init( char* remote_service ) {
        char target_buf[512];
        target_buf[ 0 ] = '\0';
 
-       int len = snprintf( target_buf, 512, "%s@%s/%s",
+       int len = snprintf( target_buf, sizeof(target_buf), "%s@%s/%s",
                        router_name ? router_name : "(null)",
                        domain ? domain : "(null)",
                        remote_service ? remote_service : "(null)" );
@@ -271,9 +271,8 @@ osrf_app_session* osrf_app_client_session_init( char* remote_service ) {
 
        /* build a chunky, random session id */
        char id[256];
-       memset(id,0,256);
 
-       sprintf(id, "%f.%d%ld", get_timestamp_millis(), (int)time(NULL), (long) getpid());
+       snprintf(id, sizeof(id), "%f.%d%ld", get_timestamp_millis(), (int)time(NULL), (long) getpid());
        session->session_id = strdup(id);
        osrfLogDebug( OSRF_LOG_MARK,  "Building a new client session with id [%s] [%s]", 
                        session->remote_service, session->session_id );

diff --git a/src/libopensrf/osrf_json_parser.c b/src/libopensrf/osrf_json_parser.c
index 37c09f2..14cb45c 100644 (file)
--- a/src/libopensrf/osrf_json_parser.c
+++ b/src/libopensrf/osrf_json_parser.c
@@ -75,8 +75,7 @@ int _jsonParserError( jsonParserContext* ctx, char* err, ... ) {
                while( post >= ctx->chunksize ) post--;
                int l = post - pre;
                char buf[l];
-        memset(buf, 0, l);
-               snprintf(buf, l, ctx->chunk + pre);
+               snprintf(buf, sizeof(buf), ctx->chunk + pre);
                ctx->handler->handleError( ctx->userData, 
                        "*JSON Parser Error\n - char  = %c\n "
                        "- index = %d\n - near  => %s\n - %s", 
@@ -107,7 +106,7 @@ int _jsonParserHandleUnicode( jsonParserContext* ctx ) {
         */
        #define hexdigit(x) ( ((x) <= '9') ? (x) - '0' : ((x) & 7) + 9)
        unsigned char utf_out[4];
-       memset(utf_out,0,4);
+       memset(utf_out, 0, sizeof(utf_out));
        char* buf = ctx->utfbuf->buf;
 
        unsigned int ucs_char =

diff --git a/src/libopensrf/osrf_json_test.c b/src/libopensrf/osrf_json_test.c
index b3df610..4d1994d 100644 (file)
--- a/src/libopensrf/osrf_json_test.c
+++ b/src/libopensrf/osrf_json_test.c
@@ -32,8 +32,7 @@ static void speedTest() {
 
     for(i = 0; i < count; i++) {
         
-        memset(buf, 0, 16);
-        snprintf(buf, 16, "key_%d", i);
+        snprintf(buf, sizeof(buf), "key_%d", i);
 
         array = jsonNewObject(NULL);
         for(k = 0; k < count + i; k++) {

diff --git a/src/libopensrf/osrf_legacy_json.c b/src/libopensrf/osrf_legacy_json.c
index 69b9867..fbd3064 100644 (file)
--- a/src/libopensrf/osrf_legacy_json.c
+++ b/src/libopensrf/osrf_legacy_json.c
@@ -94,12 +94,13 @@ int _json_parse_string(char* string, unsigned long* index, jsonObject* obj, int
                /* json string */
                case '"': 
                        (*index)++;
-                       status = json_parse_json_string(string, index, obj, current_strlen); break;
+                       status = json_parse_json_string(string, index, obj, current_strlen);
+                       break;
 
                /* json array */
                case '[':
                        (*index)++;
-                       status = json_parse_json_array(string, index, obj, current_strlen);                     
+                       status = json_parse_json_array(string, index, obj, current_strlen);
                        break;
 
                /* json object */
@@ -125,7 +126,7 @@ int _json_parse_string(char* string, unsigned long* index, jsonObject* obj, int
 
                default:
                        if(isdigit(c) || c == '.' || c == '-') { /* are we a number? */
-                               status = json_parse_json_number(string, index, obj, current_strlen);    
+                               status = json_parse_json_number(string, index, obj, current_strlen);
                                if(status) return status;
                                break;
                        }
@@ -479,7 +480,7 @@ int json_parse_json_string(char* string, unsigned long* index, jsonObject* obj,
                                                        "json_parse_json_string(): truncated escaped unicode"); }
 
                                        char buff[5];
-                                       memset(buff,0,5);
+                                       memset(buff, 0, sizeof(buff));
                                        memcpy(buff, string + (*index), 4);
 
 
@@ -488,7 +489,7 @@ int json_parse_json_string(char* string, unsigned long* index, jsonObject* obj,
                                        /* The following chunk was borrowed with permission from 
                                                json-c http://oss.metaparadigm.com/json-c/ */
                                        unsigned char utf_out[3];
-                                       memset(utf_out,0,3);
+                                       memset(utf_out, 0, sizeof(utf_out));
 
                                        #define hexdigit(x) ( ((x) <= '9') ? (x) - '0' : ((x) & 7) + 9)
 
@@ -692,7 +693,7 @@ int json_eat_comment(char* string, unsigned long* index, char** buffer, int pars
 int json_handle_error(char* string, unsigned long* index, char* err_msg) {
 
        char buf[60];
-       memset(buf, 0, 60);
+       memset(buf, 0, sizeof(buf));
 
        if(*index > 30)
                strncpy( buf, string + (*index - 30), 59 );

diff --git a/src/libopensrf/osrf_message.c b/src/libopensrf/osrf_message.c
index 1ed6ba7..c5ce04c 100644 (file)
--- a/src/libopensrf/osrf_message.c
+++ b/src/libopensrf/osrf_message.c
@@ -174,7 +174,8 @@ jsonObject* osrfMessageToJSON( osrfMessage* msg ) {
        jsonObject* json = jsonNewObject(NULL);
        jsonObjectSetClass(json, "osrfMessage");
        jsonObject* payload;
-       char sc[64]; memset(sc,0,64);
+       char sc[64];
+       memset(sc, 0, sizeof(sc));
 
        char* str;
 
@@ -204,7 +205,7 @@ jsonObject* osrfMessageToJSON( osrfMessage* msg ) {
                        payload = jsonNewObject(NULL);
                        jsonObjectSetClass(payload, msg->status_name);
                        jsonObjectSetKey(payload, "status", jsonNewObject(msg->status_text));
-         sprintf(sc,"%d",msg->status_code);
+                       snprintf(sc, sizeof(sc), "%d", msg->status_code);
                        jsonObjectSetKey(payload, "statusCode", jsonNewObject(sc));
                        jsonObjectSetKey(json, "payload", payload);
                        break;
@@ -226,7 +227,7 @@ jsonObject* osrfMessageToJSON( osrfMessage* msg ) {
                        payload = jsonNewObject(NULL);
                        jsonObjectSetClass(payload,"osrfResult");
                        jsonObjectSetKey(payload, "status", jsonNewObject(msg->status_text));
-         sprintf(sc,"%d",msg->status_code);
+                       snprintf(sc, sizeof(sc), "%d", msg->status_code);
                        jsonObjectSetKey(payload, "statusCode", jsonNewObject(sc));
                        str = jsonObjectToJSON(msg->_result_content);
                        jsonObjectSetKey(payload, "content", jsonParseString(str));

diff --git a/src/libopensrf/osrf_prefork.c b/src/libopensrf/osrf_prefork.c
index 36b203c..a75ea3a 100644 (file)
--- a/src/libopensrf/osrf_prefork.c
+++ b/src/libopensrf/osrf_prefork.c
@@ -210,7 +210,7 @@ void prefork_child_process_request(prefork_child* child, char* data) {
 
                /* if no data was reveived within the timeout interval */
                if( !recvd && (end - start) >= keepalive ) {
-                       osrfLogInfo(OSRF_LOG_MARK, "No request was reveived in %d seconds, exiting stateful session", keepalive);
+                       osrfLogInfo(OSRF_LOG_MARK, "No request was received in %d seconds, exiting stateful session", keepalive);
                        osrfAppSessionStatus( 
                                        session, 
                                        OSRF_STATUS_TIMEOUT, 
@@ -547,9 +547,9 @@ void check_children( prefork_simple* forker, int forever ) {
 
                        /* now suck off the data */
                        char buf[64];
-                       memset( buf, 0, 64);
+                       memset( buf, 0, sizeof(buf) );
                        if( (n=read(cur_child->read_status_fd, buf, 63))  < 0 ) {
-                               osrfLogWarning( OSRF_LOG_MARK, "Read error afer select in child status read with errno %d", errno);
+                               osrfLogWarning( OSRF_LOG_MARK, "Read error after select in child status read with errno %d", errno);
                        }
 
                        osrfLogDebug( OSRF_LOG_MARK,  "Read %d bytes from status buffer: %s", n, buf );
@@ -566,7 +566,7 @@ void prefork_child_wait( prefork_child* child ) {
        int i,n;
        growing_buffer* gbuf = buffer_init( READ_BUFSIZE );
        char buf[READ_BUFSIZE];
-       memset( buf, 0, READ_BUFSIZE );
+       memset( buf, 0, sizeof(buf) );
 
        for( i = 0; i < child->max_requests; i++ ) {
 
@@ -579,7 +579,7 @@ void prefork_child_wait( prefork_child* child ) {
                        if(!gotdata)
                                set_fl(child->read_data_fd, O_NONBLOCK );
                        buffer_add( gbuf, buf );
-                       memset( buf, 0, READ_BUFSIZE );
+                       memset( buf, 0, sizeof(buf) );
                        gotdata = 1;
                }
 

diff --git a/src/libopensrf/osrf_stack.c b/src/libopensrf/osrf_stack.c
index 231ccbc..7a7ed16 100644 (file)
--- a/src/libopensrf/osrf_stack.c
+++ b/src/libopensrf/osrf_stack.c
@@ -67,7 +67,7 @@ osrfAppSession* osrf_stack_transport_handler( transport_message* msg, char* my_s
 
        osrf_app_session_set_remote( session, msg->sender );
        osrf_message* arr[OSRF_MAX_MSGS_PER_PACKET];
-       memset(arr, 0, OSRF_MAX_MSGS_PER_PACKET );
+       memset(arr, 0, sizeof(arr));
        int num_msgs = osrf_message_deserialize(msg->body, arr, OSRF_MAX_MSGS_PER_PACKET);
 
        osrfLogDebug( OSRF_LOG_MARK,  "We received %d messages from %s", num_msgs, msg->sender );
@@ -92,7 +92,7 @@ osrfAppSession* osrf_stack_transport_handler( transport_message* msg, char* my_s
 
                        } else {
                                osrfLogWarning( OSRF_LOG_MARK, " * Jabber Error is for top level remote id [%s], no one "
-                                               "to send my message too!!!", session->remote_id );
+                                               "to send my message to!!!", session->remote_id );
                        }
                }
 

diff --git a/src/libopensrf/osrf_transgroup.c b/src/libopensrf/osrf_transgroup.c
index 72b203f..3c419c4 100644 (file)
--- a/src/libopensrf/osrf_transgroup.c
+++ b/src/libopensrf/osrf_transgroup.c
@@ -89,7 +89,7 @@ int osrfTransportGroupSendMatch( osrfTransportGroup* grp, transport_message* msg
        if(!(grp && msg)) return -1;
 
        char domain[256];
-       bzero(domain, 256);
+       memset(domain, 0, sizeof(domain));
        jid_get_domain( msg->recipient, domain, 255 );
 
        osrfTransportGroupNode* node = osrfHashGet(grp->nodes, domain);
@@ -108,15 +108,15 @@ int osrfTransportGroupSend( osrfTransportGroup* grp, transport_message* msg ) {
        int bufsize = 256;
 
        char domain[bufsize];
-       bzero(domain, bufsize);
+       memset(domain, 0, sizeof(domain));
        jid_get_domain( msg->recipient, domain, bufsize - 1 );
 
        char msgrecip[bufsize];
-       bzero(msgrecip, bufsize);
+       memset(msgrecip, 0, sizeof(msgrecip));
        jid_get_username(msg->recipient, msgrecip, bufsize - 1);
 
        char msgres[bufsize];
-       bzero(msgres, bufsize);
+       memset(msgres, 0, sizeof(msgres));
        jid_get_resource(msg->recipient, msgres, bufsize - 1);
 
        char* firstdomain = NULL;
@@ -149,8 +149,7 @@ int osrfTransportGroupSend( osrfTransportGroup* grp, transport_message* msg ) {
                /* update the recipient domain if necessary */
 
                if(updateRecip) {
-                       bzero(newrcp, 1024);
-                       sprintf(newrcp, "%s@%s/%s", msgrecip, node->domain, msgres);
+                       snprintf(newrcp, sizeof(newrcp), "%s@%s/%s", msgrecip, node->domain, msgres);
                        free(msg->recipient);
                        msg->recipient = strdup(newrcp);
                }

diff --git a/src/libopensrf/socket_bundle.c b/src/libopensrf/socket_bundle.c
index 6dc91b0..59f4c55 100644 (file)
--- a/src/libopensrf/socket_bundle.c
+++ b/src/libopensrf/socket_bundle.c
@@ -707,7 +707,7 @@ static int _socket_handle_client_data(socket_manager* mgr, socket_node* node) {
        int read_bytes;
        int sock_fd = node->sock_fd;
 
-       memset(buf, 0, RBUFSIZE);
+       memset(buf, 0, sizeof(buf));
        set_fl(sock_fd, O_NONBLOCK);
 
        osrfLogInternal( OSRF_LOG_MARK, "%ld : Received data at %f\n", (long) getpid(), get_timestamp_millis());
@@ -717,7 +717,7 @@ static int _socket_handle_client_data(socket_manager* mgr, socket_node* node) {
                if(mgr->data_received)
                        mgr->data_received(mgr->blob, mgr, sock_fd, buf, node->parent_id);
 
-               memset(buf, 0, RBUFSIZE);
+               memset(buf, 0, sizeof(buf));
        }
     int local_errno = errno; /* capture errno as set by recv() */
 

diff --git a/src/libopensrf/transport_session.c b/src/libopensrf/transport_session.c
index 4fb0290..684cd11 100644 (file)
--- a/src/libopensrf/transport_session.c
+++ b/src/libopensrf/transport_session.c
@@ -183,8 +183,7 @@ int session_connect( transport_session* session,
                char* our_hostname = getenv("HOSTNAME");
                size1 = 150 + strlen( server );
                char stanza1[ size1 ]; 
-               memset( stanza1, 0, size1 );
-               sprintf( stanza1, 
+               snprintf( stanza1, sizeof(stanza1),
                                "<stream:stream version='1.0' xmlns:stream='http://etherx.jabber.org/streams' "
                                "xmlns='jabber:component:accept' to='%s' from='%s' xml:lang='en'>",
                                username, our_hostname );
@@ -207,14 +206,12 @@ int session_connect( transport_session* session,
        
                        int ss = session->session_id->n_used + strlen(password) + 5;
                        char hashstuff[ss];
-                       memset(hashstuff,0,ss);
-                       sprintf( hashstuff, "%s%s", session->session_id->buf, password );
+                       snprintf( hashstuff, sizeof(hashstuff), "%s%s", session->session_id->buf, password );
 
                        char* hash = shahash( hashstuff );
                        size2 = 100 + strlen( hash );
                        char stanza2[ size2 ];
-                       memset( stanza2, 0, size2 );
-                       sprintf( stanza2, "<handshake>%s</handshake>", hash );
+                       snprintf( stanza2, sizeof(stanza2), "<handshake>%s</handshake>", hash );
        
                        //if( ! tcp_send( session->sock_obj, stanza2 )  ) {
                        if( socket_send( session->sock_id, stanza2 )  ) {
@@ -228,8 +225,7 @@ int session_connect( transport_session* session,
                /* the first Jabber connect stanza */
                size1 = 100 + strlen( server );
                char stanza1[ size1 ]; 
-               memset( stanza1, 0, size1 );
-               sprintf( stanza1, 
+               snprintf( stanza1, sizeof(stanza1), 
                                "<stream:stream to='%s' xmlns='jabber:client' "
                                "xmlns:stream='http://etherx.jabber.org/streams'>",
                        server );
@@ -253,9 +249,7 @@ int session_connect( transport_session* session,
                        /* the second jabber connect stanza including login info*/
                        size2 = 150 + strlen( username ) + strlen(password) + strlen(resource);
                        char stanza2[ size2 ];
-                       memset( stanza2, 0, size2 );
-               
-                       sprintf( stanza2, 
+                       snprintf( stanza2, sizeof(stanza2), 
                                        "<iq id='123456789' type='set'><query xmlns='jabber:iq:auth'>"
                                        "<username>%s</username><password>%s</password><resource>%s</resource></query></iq>",
                                        username, password, resource );
@@ -273,17 +267,14 @@ int session_connect( transport_session* session,
 
                        int ss = session->session_id->n_used + strlen(password) + 5;
                        char hashstuff[ss];
-                       memset(hashstuff,0,ss);
-                       sprintf( hashstuff, "%s%s", session->session_id->buf, password );
+                       snprintf( hashstuff, sizeof(hashstuff), "%s%s", session->session_id->buf, password );
 
                        char* hash = shahash( hashstuff );
 
                        /* the second jabber connect stanza including login info*/
                        size2 = 150 + strlen( hash ) + strlen(password) + strlen(resource);
                        char stanza2[ size2 ];
-                       memset( stanza2, 0, size2 );
-               
-                       sprintf( stanza2, 
+                       snprintf( stanza2, sizeof(stanza2), 
                                        "<iq id='123456789' type='set'><query xmlns='jabber:iq:auth'>"
                                        "<username>%s</username><digest>%s</digest><resource>%s</resource></query></iq>",
                                        username, hash, resource );
@@ -566,7 +557,6 @@ void characterHandler(
                void *session, const xmlChar *ch, int len) {
 
        char data[len+1];
-       memset( data, 0, len+1 );
        strncpy( data, (char*) ch, len );
        data[len] = 0;
 
@@ -597,7 +587,7 @@ void characterHandler(
 
        if( ses->state_machine->in_error ) {
                /* for now... */
-               osrfLogWarning( OSRF_LOG_MARK,  "ERROR Xml fragment: %s\n", ch );
+               osrfLogWarning( OSRF_LOG_MARK,  "ERROR XML fragment: %s\n", ch );
        }
 
 }

diff --git a/src/libopensrf/utils.c b/src/libopensrf/utils.c
index 908145b..987a527 100644 (file)
--- a/src/libopensrf/utils.c
+++ b/src/libopensrf/utils.c
@@ -45,8 +45,9 @@ int init_proc_title( int argc, char* argv[] ) {
        int i = 0;
        while( i < argc ) {
                int len = strlen( global_argv[i]);
-               bzero( global_argv[i++], len );
+               memset( global_argv[i], 0, len);
                global_argv_size += len;
+               i++;
        }
 
        global_argv_size -= 2;
@@ -55,7 +56,7 @@ int init_proc_title( int argc, char* argv[] ) {
 
 int set_proc_title( char* format, ... ) {
        VA_LIST_TO_STRING(format);
-       bzero( *(global_argv), global_argv_size );
+       memset( *(global_argv), 0, global_argv_size);
        return snprintf( *(global_argv), global_argv_size, VA_BUF );
 }
 
@@ -121,7 +122,7 @@ char* va_list_to_string(const char* format, ...) {
        len = va_list_size(format, args);
 
        char buf[len];
-       memset(buf, 0, len);
+       memset(buf, 0, sizeof(buf));
 
        va_start(a_copy, format);
        vsnprintf(buf, len - 1, format, a_copy);
@@ -164,7 +165,7 @@ int buffer_fadd(growing_buffer* gb, const char* format, ... ) {
        len = va_list_size(format, args);
 
        char buf[len];
-       memset(buf, 0, len);
+       memset(buf, 0, sizeof(buf));
 
        va_start(a_copy, format);
        vsnprintf(buf, len - 1, format, a_copy);
@@ -212,7 +213,7 @@ int buffer_add(growing_buffer* gb, char* data) {
 int buffer_reset( growing_buffer *gb){
        if( gb == NULL ) { return 0; }
        if( gb->buf == NULL ) { return 0; }
-       memset( gb->buf, 0, gb->size );
+       memset( gb->buf, 0, sizeof(gb->buf) );
        gb->n_used = 0;
        return 1;
 }
@@ -416,7 +417,7 @@ char* file_to_string(const char* filename) {
 
        int len = 1024;
        char buf[len];
-       bzero(buf, len);
+       memset(buf, 0, sizeof(buf));
        growing_buffer* gb = buffer_init(len);
 
        FILE* file = fopen(filename, "r");
@@ -425,9 +426,9 @@ char* file_to_string(const char* filename) {
                return NULL;
        }
 
-       while(fgets(buf, len - 1, file)) {
+       while(fgets(buf, sizeof(buf), file)) {
                buffer_add(gb, buf);
-               bzero(buf, len);
+               memset(buf, 0, sizeof(buf));
        }
 
        fclose(file);
@@ -454,13 +455,11 @@ char* md5sum( char* text, ... ) {
        MD5_stop (&ctx, digest);
 
        char buf[16];
-       memset(buf,0,16);
-
        char final[256];
-       memset(final,0,256);
+       memset(final, 0, sizeof(final));
 
        for ( i=0 ; i<16 ; i++ ) {
-               sprintf(buf, "%02x", digest[i]);
+               snprintf(buf, sizeof(buf), "%02x", digest[i]);
                strcat( final, buf );
        }
 

diff --git a/src/objson/json_parser.c b/src/objson/json_parser.c
index 18cd2a8..84f9879 100644 (file)
--- a/src/objson/json_parser.c
+++ b/src/objson/json_parser.c
@@ -482,7 +482,7 @@ int json_parse_json_string(char* string, unsigned long* index, jsonObject* obj,
                                                        "json_parse_json_string(): truncated escaped unicode"); }
 
                                        char buff[5];
-                                       memset(buff,0,5);
+                                       memset(buff, 0, sizeof(buff));
                                        memcpy(buff, string + (*index), 4);
 
 
@@ -491,7 +491,7 @@ int json_parse_json_string(char* string, unsigned long* index, jsonObject* obj,
                                        /* The following chunk was borrowed with permission from 
                                                json-c http://oss.metaparadigm.com/json-c/ */
                                        unsigned char utf_out[4];
-                                       memset(utf_out,0,4);
+                                       memset(utf_out, 0, sizeof(utf_out));
 
                                        #define hexdigit(x) ( ((x) <= '9') ? (x) - '0' : ((x) & 7) + 9)
 
@@ -695,7 +695,7 @@ int json_eat_comment(char* string, unsigned long* index, char** buffer, int pars
 int json_handle_error(char* string, unsigned long* index, char* err_msg) {
 
        char buf[60];
-       memset(buf, 0, 60);
+       memset(buf, 0, sizeof(buf));
 
        if(*index > 30)
                strncpy( buf, string + (*index - 30), 59 );

diff --git a/src/objson/objson_test.c b/src/objson/objson_test.c
index 5813780..61b7f9f 100644 (file)
--- a/src/objson/objson_test.c
+++ b/src/objson/objson_test.c
@@ -183,11 +183,11 @@ int main() {
 
        char buf[10240];
        char smallbuf[512];
-       bzero(buf, 10240);
-       bzero(smallbuf, 512);
+       memset(buf, 0, sizeof(buf));
+       memset(smallbuf, 0, sizeof(smallbuf));
 
-       while(fgets(smallbuf, 512, F)) 
-               strcat(buf, smallbuf);
+       while(fgets(smallbuf, sizeof(smallbuf), F)) 
+               strncat(buf, smallbuf, sizeof(buf) - 1);
 
        /* dig our way into the JSON object we parsed, see test.json to get
           an idea of the object structure */

diff --git a/src/router/osrf_router.c b/src/router/osrf_router.c
index 4fdc053..3c12745 100644 (file)
--- a/src/router/osrf_router.c
+++ b/src/router/osrf_router.c
@@ -119,7 +119,7 @@ void osrfRouterHandleIncoming( osrfRouter* router ) {
                        /* if the sender is not a trusted server, drop the message */
                        int len = strlen(msg->sender) + 1;
                        char domain[len];
-                       bzero(domain, len);
+                       memset(domain, 0, sizeof(domain));
                        jid_get_domain( msg->sender, domain, len - 1 );
 
                        if(osrfStringArrayContains( router->trustedServers, domain)) 
@@ -150,7 +150,7 @@ int osrfRouterClassHandleIncoming( osrfRouter* router, char* classname, osrfRout
                        /* if the client is not from a trusted domain, drop the message */
                        int len = strlen(msg->sender) + 1;
                        char domain[len];
-                       bzero(domain, len);
+                       memset(domain, 0, sizeof(domain));
                        jid_get_domain( msg->sender, domain, len - 1 );
 
                        if(osrfStringArrayContains( router->trustedClients, domain)) {
@@ -486,7 +486,7 @@ int osrfRouterHandleAppRequest( osrfRouter* router, transport_message* msg ) {
 
        int T = 32;
        osrfMessage* arr[T];
-       memset(arr, 0, T );
+       memset(arr, 0, sizeof(arr));
 
        int num_msgs = osrf_message_deserialize( msg->body, arr, T );
        osrfMessage* omsg = NULL;
@@ -520,7 +520,7 @@ int osrfRouterRespondConnect( osrfRouter* router, transport_message* msg, osrfMe
 
        osrfMessage* success = osrf_message_init( STATUS, omsg->thread_trace, omsg->protocol );
 
-       osrfLogDebug( OSRF_LOG_MARK, "router recevied a CONNECT message from %s", msg->sender );
+       osrfLogDebug( OSRF_LOG_MARK, "router received a CONNECT message from %s", msg->sender );
 
        osrf_message_set_status_info( 
                success, "osrfConnectStatus", "Connection Successful", OSRF_STATUS_OK );

diff --git a/src/srfsh/srfsh.c b/src/srfsh/srfsh.c
index b58677a..a659c14 100644 (file)
--- a/src/srfsh/srfsh.c
+++ b/src/srfsh/srfsh.c
@@ -80,8 +80,7 @@ int main( int argc, char* argv[] ) {
        char* home = getenv("HOME");
        int l = strlen(home) + 36;
        char fbuf[l];
-       memset(fbuf, 0, l);
-       sprintf(fbuf,"%s/.srfsh.xml",home);
+       snprintf(fbuf, sizeof(fbuf), "%s/.srfsh.xml", home);
        
        if(!access(fbuf, R_OK)) {
                if( ! osrf_system_bootstrap_client(fbuf, "srfsh") ) {
@@ -193,9 +192,7 @@ static int load_history( void ) {
        char* home = getenv("HOME");
        int l = strlen(home) + 24;
        char fbuf[l];
-
-       memset(fbuf, 0, l);
-       sprintf(fbuf,"%s/.srfsh_history",home);
+       snprintf(fbuf, sizeof(fbuf), "%s/.srfsh_history", home);
        history_file = strdup(fbuf);
 
        if(!access(history_file, W_OK | R_OK )) {
@@ -322,14 +319,14 @@ static int handle_introspect(char* words[]) {
                static const char text[] = "request %s opensrf.system.method %s";
                len = sizeof( text ) + strlen( words[1] ) + strlen( words[2] );
                char buf[len];
-               sprintf( buf, text, words[1], words[2] );
+               snprintf( buf, sizeof(buf), text, words[1], words[2] );
                return parse_request( buf );
 
        } else {
                static const char text[] = "request %s opensrf.system.method.all";
                len = sizeof( text ) + strlen( words[1] );
                char buf[len];
-               sprintf( buf, text, words[1] );
+               snprintf( buf, sizeof(buf), text, words[1] );
                return parse_request( buf );
 
        }
@@ -349,11 +346,10 @@ static int handle_login( char* words[]) {
                if(!type) type = "opac";
 
                char login_text[] = "request open-ils.auth open-ils.auth.authenticate.init \"%s\"";
-               size_t len = sizeof( login_text ) + strlen(username);
+               size_t len = sizeof( login_text ) + strlen(username) + 1;
 
                char buf[len];
-               buf[0] = '\0';
-               sprintf( buf, login_text, username );
+               snprintf( buf, sizeof(buf), login_text, username );
                parse_request(buf);
 
                const char* hash;
@@ -367,8 +363,7 @@ static int handle_login( char* words[]) {
 
                size_t both_len = strlen( hash ) + strlen( pass_buf ) + 1;
                char both_buf[both_len];
-               both_buf[0] = '\0';
-               sprintf(both_buf,"%s%s",hash, pass_buf);
+               snprintf(both_buf, sizeof(both_buf), "%s%s", hash, pass_buf);
 
                char* mess_buf = md5sum(both_buf);
 
@@ -629,8 +624,7 @@ int send_request( char* server,
                        } else {
 
                                char code[16];
-                               memset(code, 0, 16);
-                               sprintf( code, "%d", omsg->status_code );
+                               snprintf( code, sizeof(code), "%d", omsg->status_code );
                                buffer_add( resp_buffer, code );
 
                                printf( "\nReceived Exception:\nName: %s\nStatus: %s\nStatus: %s\n", 
@@ -674,8 +668,7 @@ int send_request( char* server,
                                buffer_add( resp_buffer, omsg->status_text );
                                buffer_add( resp_buffer, "\nStatus: " );
                                char code[16];
-                               memset(code, 0, 16);
-                               sprintf( code, "%d", omsg->status_code );
+                               snprintf( code, sizeof(code), "%d", omsg->status_code );
                                buffer_add( resp_buffer, code );
                        }
                }
@@ -727,10 +720,9 @@ static int router_query_servers( const char* router_server ) {
                return 0;
 
        const static char router_text[] = "router@%s/router";
-       size_t len = sizeof( router_text ) + strlen( router_server );
+       size_t len = sizeof( router_text ) + strlen( router_server ) + 1;
        char rbuf[len];
-       rbuf[0] = '\0';
-       sprintf(rbuf, router_text, router_server );
+       snprintf(rbuf, sizeof(rbuf), router_text, router_server );
                
        transport_message* send = 
                message_init( "servers", NULL, NULL, rbuf, NULL );
@@ -849,7 +841,7 @@ static int do_math( int count, int style ) {
        char* answers[] = { "3", "-1", "2", "0.500000" };
 
        float times[ count * 4 ];
-       memset(times,0,count*4);
+       memset(times, 0, sizeof(times));
 
        int k;
        for(k=0;k!=100;k++) {