From 4e61c627420d8100c5e6012874e6091dfea25983 Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 16:37:40 -0600 Subject: [PATCH 1/9] libDtSearch/dtsrapi.c: Coverity CID 86857; dest buf too small --- cde/lib/DtSearch/dtsrapi.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cde/lib/DtSearch/dtsrapi.c b/cde/lib/DtSearch/dtsrapi.c index d16e7e66b..ae09523fd 100644 --- a/cde/lib/DtSearch/dtsrapi.c +++ b/cde/lib/DtSearch/dtsrapi.c @@ -543,7 +543,8 @@ int DtSearchQuery ( LLIST *llp; enum { TEXT, NAVSTRING, FZKEYI } qryarg; - char date1str[24]; +# define _DATE1STR_LEN (24) + char date1str[_DATE1STR_LEN]; if (!valid_dbname (dbname)) return DtSrREINIT; @@ -621,7 +622,8 @@ QUERY_ERROR: *ptr++ = ' '; } *(--ptr) = 0; - strcpy (date1str, objdate2fzkstr (usrblk.objdate1)); + strncpy(date1str, objdate2fzkstr (usrblk.objdate1), _DATE1STR_LEN); + date1str[_DATE1STR_LEN - 1] = 0; fprintf (aa_stderr, PROGNAME "353 DtSearchQuery(): dbname='%s' srchtype='%c'\n" " maxhits=%d keytypes='%s'\n" From f269c2a07481f97bfd76cae0e473374ef06596d9 Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 16:50:24 -0600 Subject: [PATCH 2/9] dtsr/dtsrclean.c: Coverity CID 86876; dest buf too small --- cde/programs/dtsr/dtsrclean.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cde/programs/dtsr/dtsrclean.c b/cde/programs/dtsr/dtsrclean.c index 2bc3e4035..b5ab2baef 100644 --- a/cde/programs/dtsr/dtsrclean.c +++ b/cde/programs/dtsr/dtsrclean.c @@ -610,14 +610,14 @@ void read_d2x (struct or_hwordrec * glob_word, long field) static void write_d2x (struct or_hwordrec * glob_word, long field) { if (field == OR_SWORDKEY) { - strcpy (d21new.or_swordkey, glob_word->or_hwordkey); + snprintf(d21new.or_swordkey, 16, "%s", glob_word->or_hwordkey); d21new.or_swoffset = htonl (glob_word->or_hwoffset); d21new.or_swfree = htonl (glob_word->or_hwfree); d21new.or_swaddrs = htonl (glob_word->or_hwaddrs); RECWRITE (PROGNAME "102", &d21new, 0); } else if (field == OR_LWORDKEY) { - strcpy (d22new.or_lwordkey, glob_word->or_hwordkey); + snprintf(d22new.or_lwordkey, 40, "%s", glob_word->or_hwordkey); d22new.or_lwoffset = htonl (glob_word->or_hwoffset); d22new.or_lwfree = htonl (glob_word->or_hwfree); d22new.or_lwaddrs = htonl (glob_word->or_hwaddrs); From d5c304d476be11eb67101effb07ab4087031473b Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 16:55:34 -0600 Subject: [PATCH 3/9] dtcm/dssw.c: Coverity CID 88672; dest buf too small --- cde/programs/dtcm/dtcm/dssw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cde/programs/dtcm/dtcm/dssw.c b/cde/programs/dtcm/dtcm/dssw.c index 8ab3c8df0..61d637a68 100644 --- a/cde/programs/dtcm/dtcm/dssw.c +++ b/cde/programs/dtcm/dtcm/dssw.c @@ -945,7 +945,7 @@ load_dssw_times(DSSW *dssw, Tick start, Tick stop, Boolean set_no_time) { dssw->stop_val.block = (buf[5] == 'a') ? TIME_AM : TIME_PM; } else { - strcpy(dssw->stop_val.val, buf); + snprinf(dssw->stop_val.val, START_STOP_LEN, "%s", buf); dssw->stop_val.block = TIME_AM; } } From 45bccb474cb48c83f6e9e69349105f89d0e7c4db Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 18:07:54 -0600 Subject: [PATCH 4/9] dtcalc/ds_xlib.c: Coverity CID 175167; uninit value --- cde/programs/dtcalc/ds_xlib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cde/programs/dtcalc/ds_xlib.c b/cde/programs/dtcalc/ds_xlib.c index 1136c91bb..7115984a1 100644 --- a/cde/programs/dtcalc/ds_xlib.c +++ b/cde/programs/dtcalc/ds_xlib.c @@ -263,8 +263,10 @@ ds_save_resources(XrmDatabase rDB, char *filename) { if ((filename = getenv("DTCALCDEF")) == NULL) { + if ( !(home = getenv("HOME")) ) + return 1; + size_t fileLen = strlen(home) + 18; - home = getenv("HOME"); if ( (filename = calloc(1, fileLen)) != NULL ) { needsFree = true; From ba95bbc073e549e5e0164c8b9f7e7e3f76112cac Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 18:23:22 -0600 Subject: [PATCH 5/9] dtudcfonted/gpftobdf.c: Coverity CID 175168; NULL deref --- cde/programs/dtudcfonted/dtgpftobdf/gpftobdf.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/cde/programs/dtudcfonted/dtgpftobdf/gpftobdf.c b/cde/programs/dtudcfonted/dtgpftobdf/gpftobdf.c index 565f30a61..5bea3380e 100644 --- a/cde/programs/dtudcfonted/dtgpftobdf/gpftobdf.c +++ b/cde/programs/dtudcfonted/dtgpftobdf/gpftobdf.c @@ -1466,9 +1466,19 @@ int fix ; bitmap = pcf->bitmaps + getINT32( (unsigned char *)(pcf->offsets + encodingOffset), pcf->bmp_fmt); - invertBits( bitmap + bmp_adj, pcf->bmp_fmt, ptn_width, cpy_height, bmp_ptn + ptn_adj); - putPtn( (unsigned char *)bmp_ptn, ptn_width, ptn_height ); - fprintf(stdout,"ENDCHAR\n"); + /* Only do this if non-NULL... */ + if (bmp_ptn) + { + invertBits( bitmap + bmp_adj, pcf->bmp_fmt, + ptn_width, cpy_height, bmp_ptn + ptn_adj); + putPtn( (unsigned char *)bmp_ptn, ptn_width, ptn_height ); + } + else + { + fprintf(stderr, "%s: bmp_ptn is NULL", __FUNCTION__); + } + + fprintf(stdout,"ENDCHAR\n"); if( fix == FALSE ) free(bmp_ptn); } if( fix == TRUE ) free(bmp_ptn); From c4e7d355199f38307a4f9506617dc9d4fcc7da8a Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 18:43:14 -0600 Subject: [PATCH 6/9] dtcm/dssw.c: fix typo --- cde/programs/dtcm/dtcm/dssw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cde/programs/dtcm/dtcm/dssw.c b/cde/programs/dtcm/dtcm/dssw.c index 61d637a68..45c7ec6fa 100644 --- a/cde/programs/dtcm/dtcm/dssw.c +++ b/cde/programs/dtcm/dtcm/dssw.c @@ -945,7 +945,7 @@ load_dssw_times(DSSW *dssw, Tick start, Tick stop, Boolean set_no_time) { dssw->stop_val.block = (buf[5] == 'a') ? TIME_AM : TIME_PM; } else { - snprinf(dssw->stop_val.val, START_STOP_LEN, "%s", buf); + snprintf(dssw->stop_val.val, START_STOP_LEN, "%s", buf); dssw->stop_val.block = TIME_AM; } } From 7f70748d6572914541c1a170b339720bc6fcf84b Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Mon, 2 Apr 2018 19:38:14 -0600 Subject: [PATCH 7/9] Disable building of dtudcfonted and dtudcexch This software has a variety of problems, like including renamed X11 header files, and other nuttery. These programs also have a very limited use, I doubt most people even know what they are for or will miss them. This commit prevents them from being built and installed. If no-one volunteers to get these into decent shape after the next release, they will be removed from the repository. --- cde/databases/CDE-LOC.src | 5 --- cde/databases/CDE-MAN.udb | 16 -------- cde/databases/CDE-MSG-LOC.src | 10 ----- cde/databases/CDE-RUN.udb | 70 ----------------------------------- cde/programs/Imakefile | 7 +++- 5 files changed, 5 insertions(+), 103 deletions(-) diff --git a/cde/databases/CDE-LOC.src b/cde/databases/CDE-LOC.src index 1780bac6d..1505940be 100644 --- a/cde/databases/CDE-LOC.src +++ b/cde/databases/CDE-LOC.src @@ -325,11 +325,6 @@ programs/localized/%_LANG_%/app-defaults/Dtbuilder install_target = /usr/dt/app-defaults/%_LANG_%/Dtbuilder } XCOMM -programs/localized/%_LANG_%/app-defaults/Dtudcfonted -{ default - install_target = /usr/dt/app-defaults/%_LANG_%/Dtudcfonted -} -XCOMM XCOMM >>----------------------------- XCOMM appmanager XCOMM <<----------------------------- diff --git a/cde/databases/CDE-MAN.udb b/cde/databases/CDE-MAN.udb index 0c2d2d592..abd1e900f 100644 --- a/cde/databases/CDE-MAN.udb +++ b/cde/databases/CDE-MAN.udb @@ -651,22 +651,6 @@ doc/C/man/man1/dttypes.1 install_target = /usr/dt/share/man/man1/dttypes.1 } # -doc/C/man/man1/dtudcexch.1 -{ uxp - install_target = /usr/dt/share/catman/C/cde_man/cat1/dtudcexch.1 -} -{ default - install_target = /usr/dt/share/man/man1/dtudcexch.1 -} -# -doc/C/man/man1/dtudcfonted.1 -{ uxp - install_target = /usr/dt/share/catman/C/cde_man/cat1/dtudcfonted.1 -} -{ default - install_target = /usr/dt/share/man/man1/dtudcfonted.1 -} -# doc/C/man/man1/dtwm.1 { uxp install_target = /usr/dt/share/catman/C/cde_man/cat1/dtwm.1 diff --git a/cde/databases/CDE-MSG-LOC.src b/cde/databases/CDE-MSG-LOC.src index 2244fcb89..7d3be98e0 100644 --- a/cde/databases/CDE-MSG-LOC.src +++ b/cde/databases/CDE-MSG-LOC.src @@ -328,16 +328,6 @@ programs/localized/%_LANG_%/msg/dtconfig.cat install_target = /usr/dt/lib/nls/msg/%_LANG_%/dtconfig.cat } XCOMM -programs/localized/%_LANG_%/msg/dtudcexch.cat -{ default - install_target = /usr/dt/lib/nls/msg/%_LANG_%/dtudcexch.cat -} -XCOMM -programs/localized/%_LANG_%/msg/dtudcfonted.cat -{ default - install_target = /usr/dt/lib/nls/msg/%_LANG_%/dtudcfonted.cat -} -XCOMM programs/localized/%_LANG_%/msg/dtpdm.cat { default install_target = /usr/dt/lib/nls/msg/%_LANG_%/dtpdm.cat diff --git a/cde/databases/CDE-RUN.udb b/cde/databases/CDE-RUN.udb index 916d7ae4e..beb585d6f 100644 --- a/cde/databases/CDE-RUN.udb +++ b/cde/databases/CDE-RUN.udb @@ -1305,76 +1305,6 @@ programs/dtcalc/dtcalc mode = 0555 } # -programs/dtudcfonted/dtudcfonted -{ default - install_target = /usr/dt/bin/dtudcfonted - mode = 0555 -} -# -programs/localized/C/app-defaults/Dtudcfonted -{ default - install_target = /usr/dt/app-defaults/C/Dtudcfonted -} -# -programs/dtudcexch/dtudcexch -{ default - install_target = /usr/dt/bin/dtudcexch - mode = 0555 -} -# -programs/dtudcfonted/dtaddcpf/dtaddcpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtaddcpf - mode = 0555 -} -# -programs/dtudcfonted/dtbdftocpf/dtbdftocpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtbdftocpf - mode = 0555 -} -# -programs/dtudcfonted/dtcpftobdf/dtcpftobdf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtcpftobdf - mode = 0555 -} -# -programs/dtudcfonted/dtcpftogpf/dtcpftogpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtcpftogpf - mode = 0555 -} -# -programs/dtudcfonted/dtcpgpf/dtcpgpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtcpgpf - mode = 0555 -} -# -programs/dtudcfonted/dtgpftobdf/dtgpftobdf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtgpftobdf - mode = 0555 -} -# -programs/dtudcfonted/dtgpftocpf/dtgpftocpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtgpftocpf - mode = 0555 -} -# -programs/dtudcfonted/dtlsgpf/dtlsgpf -{ default - install_target = /usr/dt/lib/dtudcfonted/dtlsgpf - mode = 0555 -} -# -programs/dtudcfonted/libfal/fonts.list -{ default - install_target = /usr/dt/config/C/fonts.list -} -# programs/dtterm/dtterm { default install_target = /usr/dt/bin/dtterm diff --git a/cde/programs/Imakefile b/cde/programs/Imakefile index 84495b804..f85b6ff1d 100644 --- a/cde/programs/Imakefile +++ b/cde/programs/Imakefile @@ -17,6 +17,9 @@ DTINFODIR = dtinfo DTINFODIR = dtinfo #endif +XCOMM JET 4/2/2018 - disabling dtudcfonted and dtudcexch. They are +XCOMM very broken in terms of coverity and compiler warnings. Also, +XCOMM who uses them? And for what? SUBDIRS = dthelp dsdm dtmail dtpad dtfile dtwm dtlogin \ dtsession dthello dtstyle dtexec dtdbcache dticon dtterm \ @@ -24,7 +27,7 @@ SUBDIRS = dthelp dsdm dtmail dtpad dtfile dtwm dtlogin \ dtscreen dtksh dtcm dtsearchpath \ dtappbuilder dtappintegrate dtprintegrate dtconfig \ dtcreate dtprintinfo fontaliases dtdspmsg ttsnoop \ - dtudcfonted dtudcexch dtimsstart dtdocbook dtpdm dtsr \ + dtimsstart dtdocbook dtpdm dtsr \ dtpdmd $(DTINFODIR) $(EXTRADIRS) LINTSUBDIRS = dthelp dsdm dtmail dtpad dtfile dtwm dtlogin \ @@ -32,7 +35,7 @@ LINTSUBDIRS = dthelp dsdm dtmail dtpad dtfile dtwm dtlogin \ dtcalc dtaction dtcreate \ dtscreen dtksh dtcm dtsearchpath \ dtappbuilder dtappintegrate dtprintegrate dtprintinfo dtdspmsg \ - dtudcfonted dtudcexch dtimsstart dtdocbook dtpdm dtsr \ + dtimsstart dtdocbook dtpdm dtsr \ dtpdmd $(DTINFODIR) $(EXTRADIRS) MakeSubdirs($(SUBDIRS)) From 8f7c874ba0773dca850d1a278c5f001558769c3b Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Tue, 3 Apr 2018 12:55:23 -0600 Subject: [PATCH 8/9] fontaliases: use copy rather than symlink since bdftopcf can't handle those bdftopcf specifically will not read symbolic links. This causes it to fail when creating the programs/fontaliases/*/C/dtinfo.pcf.Z file and subsequently, the fonts.dir file. So, we add a new Imake macro: CopySourceFile(), to copy rather than symlink the dtinfo.bdf file so these operations can complete successfully. The dtinfo.bdf file is only 5KB, so there's very little impact having an extra copy created during a build. --- cde/config/cf/Imake.rules | 21 +++++++++++++++++++ .../dtinfo/dtinfo/install/lib/fonts/Imakefile | 2 +- cde/programs/fontaliases/bdf/fonts.tmpl | 2 +- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/cde/config/cf/Imake.rules b/cde/config/cf/Imake.rules index 78e183435..42323f748 100644 --- a/cde/config/cf/Imake.rules +++ b/cde/config/cf/Imake.rules @@ -134,6 +134,7 @@ XCOMM rules: $TOG: Imake.rules /main/227 1998/02/02 12:07:57 kaleb $ * NormalLintTarget (srclist) * LintTarget () * LinkSourceFile (src,dir) + * CopySourceFile (src,dir) * LinkFile (tofile,fromfile) * MakeSubincludesForBuild (step,dir,srclist) * LangNamedTargetSubdirs (lang,name,dirs,verb,flags,subname) @@ -2075,6 +2076,26 @@ clean:: @@\ #endif +/* + * CopySourceFile - snag source file from some other directory + */ +#ifndef CopySourceFile +#define CopySourceFile(src,dir) @@\ +src: dir/src @@\ + RemoveFile($@) @@\ + $(CP) $? $@ @@\ + @@\ +NoConfigRec(src) @@\ + @@\ +includes:: src @@\ + @@\ +depend:: src @@\ + @@\ +clean:: @@\ + RemoveFile(src) +#endif + + /* * LinkFile - link a file */ diff --git a/cde/programs/dtinfo/dtinfo/install/lib/fonts/Imakefile b/cde/programs/dtinfo/dtinfo/install/lib/fonts/Imakefile index af671a976..ba9c97f1a 100644 --- a/cde/programs/dtinfo/dtinfo/install/lib/fonts/Imakefile +++ b/cde/programs/dtinfo/dtinfo/install/lib/fonts/Imakefile @@ -7,7 +7,7 @@ MKFONTDIR = $(XPROJECTROOT)/bin/mkfontdir OBJS = FontObj(dtinfo) -LinkSourceFile(dtinfo.bdf,$(CDESRC)/fontaliases/bdf) +CopySourceFile(dtinfo.bdf,$(CDESRC)/fontaliases/bdf) MakeFonts() diff --git a/cde/programs/fontaliases/bdf/fonts.tmpl b/cde/programs/fontaliases/bdf/fonts.tmpl index 2369453d8..537c78445 100644 --- a/cde/programs/fontaliases/bdf/fonts.tmpl +++ b/cde/programs/fontaliases/bdf/fonts.tmpl @@ -6,7 +6,7 @@ XCOMM $XConsortium: fonts.tmpl /main/2 1996/09/13 17:55:52 drk $ OBJS = FontObj(dtinfo) $(LOCAL_OBJS) -LinkSourceFile(dtinfo.bdf,$(CDESRC)/fontaliases/bdf) +CopySourceFile(dtinfo.bdf,$(CDESRC)/fontaliases/bdf) MakeFonts() From f7d09f054dff74781dab42ea5572655c2e0faf8f Mon Sep 17 00:00:00 2001 From: Jon Trulson Date: Tue, 3 Apr 2018 20:59:48 -0600 Subject: [PATCH 9/9] dtfile/SharedProcs.c: rework coverity 174852 fix to unbreak dtfile --- cde/programs/dtfile/SharedProcs.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cde/programs/dtfile/SharedProcs.c b/cde/programs/dtfile/SharedProcs.c index 63b7c1158..eadcc2f97 100644 --- a/cde/programs/dtfile/SharedProcs.c +++ b/cde/programs/dtfile/SharedProcs.c @@ -1631,6 +1631,7 @@ _DtPathFromInput( FILE *pfp; char command[MAXPATHLEN]; + memset(command, 0, sizeof(command)); sprintf(command,"echo %s",path); if((pfp=popen(command,"r")) != NULL) @@ -1654,9 +1655,13 @@ _DtPathFromInput( read_ok = 0; } - if (read_ok) + if (read_ok) { - command[MAXPATHLEN-1] = '\0'; + int slen = strlen(command); + /* need to remove the trailing newline safely*/ + if (slen >= 1) + command[slen-1] = '\0'; + XtFree(path); path = XtNewString(command); pclose(pfp);