[openrtm-commit:02407] r2931 - in branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil: posix/coil win32/coil

[openrtm ＠ openrtm.org]

Author: sec_fukai
Date: 2017-02-08 15:46:50 +0900 (Wed, 08 Feb 2017)
New Revision: 2931

Modified:
   branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/posix/coil/File.h
   branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/win32/coil/OS.h
Log:
[incompat,->DEV_IQ_2016] Modify vulnerable code. refs #3819

Modified: branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/posix/coil/File.h
===================================================================
--- branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/posix/coil/File.h	2017-02-08 04:45:46 UTC (rev 2930)
+++ branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/posix/coil/File.h	2017-02-08 06:46:50 UTC (rev 2931)
@@ -24,6 +24,7 @@
 
 #include <dirent.h>
 #include <libgen.h>
+#include <stdio.h>
 #include <sys/types.h>
 #include <string>
 #include <cstring>
@@ -62,7 +63,7 @@
   inline std::string dirname(char* path)
   {
     char path_name[strlen(path)+1];
-    strcpy(path_name, path);
+    snprintf(path_name, sizeof(path_name), "%s", path);
     std::string dir_name = ::dirname(path);
     return dir_name;
   }
@@ -93,7 +94,7 @@
   inline std::string basename(const char* path)
   {
     char path_name[strlen(path)+1];
-    strcpy(path_name, path);
+    snprintf(path_name, sizeof(path_name), "%s", path);
     std::string base_name = ::basename(path_name);
     return base_name;
   }

Modified: branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/win32/coil/OS.h
===================================================================
--- branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/win32/coil/OS.h	2017-02-08 04:45:46 UTC (rev 2930)
+++ branches/DEV_IQ_2016/OpenRTM-aist/src/lib/coil/win32/coil/OS.h	2017-02-08 06:46:50 UTC (rev 2931)
@@ -120,23 +120,23 @@
     switch (arch)
       {
       case PROCESSOR_ARCHITECTURE_INTEL:
-        strcpy(cputype, "Intel");
+        snprintf(cputype, sizeof(cputype), "Intel");
         if (sys_info.wProcessorLevel == 3)
-          strcpy(subtype, "80386");
+          snprintf(subtype, sizeof(subtype), "80386");
         else if (sys_info.wProcessorLevel == 4)
-          strcpy(subtype, "80486");
+          snprintf(subtype, sizeof(subtype), "80486");
         else if (sys_info.wProcessorLevel == 5)
-          strcpy(subtype, "Pentium");
+          snprintf(subtype, sizeof(subtype), "Pentium");
         else if (sys_info.wProcessorLevel == 6)
-          strcpy(subtype, "Pentium Pro");
+          snprintf(subtype, sizeof(subtype), "Pentium Pro");
         else if (sys_info.wProcessorLevel == 7)
-          strcpy(subtype, "Pentium II");
+          snprintf(subtype, sizeof(subtype), "Pentium II");
         else
-          strcpy(subtype, "Pentium Family");
+          snprintf(subtype, sizeof(subtype), "Pentium Family");
         break;
       default:
-        strcpy(cputype, "Unknown");
-        strcpy(subtype, "Unknown");
+        snprintf(cputype, sizeof(cputype), "Unknown");
+        snprintf(subtype, sizeof(subtype), "Unknown");
       }
     sprintf(name->machine, "%s %s", cputype, subtype);