From: David Griffith <dave@661.org>
Date: Wed, 30 Jan 2019 15:17:51 +0000 (-0800)
Subject: Where strncat() is called with a fixed string source, increase the size by one.
X-Git-Url: https://scope-eye.net/git/?a=commitdiff_plain;h=6ee99799f30b55b90f2b3d0bfa4e85136b62a03a;p=liskon_frotz.git

Where strncat() is called with a fixed string source, increase the size by one.

GCC version 8 introduced some new warnings on strncat() usage in an
effort to warn about unsafe usage.  When the source string is a constant
literal and there will always be enough space in the destination, then
you could safely use strcat().  But lots of error-checking processes
will balk at ANY usage of strcat().  Given all this, putting a size of
something greater than the source will cause no harm.

See https://github.com/gcc-mirror/gcc/commit/d8aad7864e5b4c654dcea86b98085baf36d8db76
---

diff --git a/src/curses/ux_init.c b/src/curses/ux_init.c
index bc8981c..f7ad952 100644
--- a/src/curses/ux_init.c
+++ b/src/curses/ux_init.c
@@ -219,12 +219,12 @@ void os_process_arguments (int argc, char *argv[])
     /* $HOME/.frotzrc overrides CONFIG_DIR/frotz.conf */
 
     strncpy(configfile, home, FILENAME_MAX);
-    strncat(configfile, "/", 1);
+    strncat(configfile, "/", 2);
 
-    strncat(configfile, USER_CONFIG, strlen(USER_CONFIG));
+    strncat(configfile, USER_CONFIG, strlen(USER_CONFIG) + 1);
     if (!getconfig(configfile)) {
         strncpy(configfile, CONFIG_DIR, FILENAME_MAX);
-        strncat(configfile, "/", 1);    /* added by DJP */
+        strncat(configfile, "/", 2);    /* added by DJP */
         strncat(configfile, MASTER_CONFIG, FILENAME_MAX-10);
         getconfig(configfile);  /* we're not concerned if this fails */
     }
@@ -321,16 +321,16 @@ void os_process_arguments (int argc, char *argv[])
 
     f_setup.script_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SCRIPT)) * sizeof(char) + 1);
     strncpy(f_setup.script_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT));
+    strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT) + 1);
 
     f_setup.command_name = malloc((strlen(f_setup.story_name) + strlen(EXT_COMMAND)) * sizeof(char) + 1);
     strncpy(f_setup.command_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND));
+    strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND) + 1);
 
     if (!f_setup.restore_mode) {
 	f_setup.save_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
 	strncpy(f_setup.save_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-	strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE));
+	strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE) + 1);
     } else {  /*Set our auto load save as the name_save*/
 	f_setup.save_name = malloc((strlen(f_setup.tmp_save_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
 	strncpy(f_setup.save_name, f_setup.tmp_save_name, strlen(f_setup.tmp_save_name) + 1);
@@ -339,7 +339,7 @@ void os_process_arguments (int argc, char *argv[])
 
     f_setup.aux_name = malloc((strlen(f_setup.story_name) + strlen(EXT_AUX)) * sizeof(char) + 1);
     strncpy(f_setup.aux_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX));
+    strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX) + 1);
 
 }/* os_process_arguments */
 
diff --git a/src/dumb/dumb_init.c b/src/dumb/dumb_init.c
index fcabc5c..0b1d678 100644
--- a/src/dumb/dumb_init.c
+++ b/src/dumb/dumb_init.c
@@ -161,16 +161,16 @@ void os_process_arguments(int argc, char *argv[])
 
     f_setup.script_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SCRIPT)) * sizeof(char) + 1);
     strncpy(f_setup.script_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT));
+    strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT) + 1);
 
     f_setup.command_name = malloc((strlen(f_setup.story_name) + strlen(EXT_COMMAND)) * sizeof(char) + 1);
     strncpy(f_setup.command_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND));
+    strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND) + 1);
 
     if (!f_setup.restore_mode) {
       f_setup.save_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
       strncpy(f_setup.save_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-      strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE));
+      strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE) + 1);
     } else { /* Set our auto load save as the name save */
       f_setup.save_name = malloc((strlen(f_setup.tmp_save_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
       strncpy(f_setup.save_name, f_setup.tmp_save_name, strlen(f_setup.tmp_save_name) + 1);
@@ -179,7 +179,7 @@ void os_process_arguments(int argc, char *argv[])
 
     f_setup.aux_name = malloc((strlen(f_setup.story_name) + strlen(EXT_AUX)) * sizeof(char) + 1);
     strncpy(f_setup.aux_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX));
+    strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX) + 1);
 
 }
 
diff --git a/src/sdl/sf_util.c b/src/sdl/sf_util.c
index df43227..1102ec2 100644
--- a/src/sdl/sf_util.c
+++ b/src/sdl/sf_util.c
@@ -370,16 +370,16 @@ void os_process_arguments (int argc, char *argv[])
 
   f_setup.script_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SCRIPT)) * sizeof(char) + 1);
   strncpy(f_setup.script_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-  strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT));
+  strncat(f_setup.script_name, EXT_SCRIPT, strlen(EXT_SCRIPT) + 1);
 
   f_setup.command_name = malloc((strlen(f_setup.story_name) + strlen(EXT_COMMAND)) * sizeof(char) + 1);
   strncpy(f_setup.command_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-  strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND));
+  strncat(f_setup.command_name, EXT_COMMAND, strlen(EXT_COMMAND) + 1);
 
   if (!f_setup.restore_mode) {
     f_setup.save_name = malloc((strlen(f_setup.story_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
     strncpy(f_setup.save_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-    strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE));
+    strncat(f_setup.save_name, EXT_SAVE, strlen(EXT_SAVE) + 1);
   } else {  /*Set our auto load save as the name_save*/
     f_setup.save_name = malloc((strlen(f_setup.tmp_save_name) + strlen(EXT_SAVE)) * sizeof(char) + 1);
     strncpy(f_setup.save_name, f_setup.tmp_save_name, strlen(f_setup.tmp_save_name) + 1);
@@ -388,7 +388,7 @@ void os_process_arguments (int argc, char *argv[])
 
   f_setup.aux_name = malloc((strlen(f_setup.story_name) + strlen(EXT_AUX)) * sizeof(char) + 1);
   strncpy(f_setup.aux_name, f_setup.story_name, strlen(f_setup.story_name) + 1);
-  strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX));
+  strncat(f_setup.aux_name, EXT_AUX, strlen(EXT_AUX) + 1);
 
   /* Save the executable file name */