Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d32ae10f authored by Yunlian Jiang's avatar Yunlian Jiang
Browse files

Replace strcpy with memcpy. 

This fixes the warning
Call to function 'strcpy' is insecure as it does not provide bounding of
the memory buffer. As a side effect, it sliences the warning
frameworks/base/tools/aapt/Images.cpp:1270:50: warning: Potential leak
of memory pointed to by field 'data' [clang-analyzer-unix.Malloc]
frameworks/base/tools/aapt2/compile/Png.cpp:562:42: warning: Potential
leak of memory pointed to by field 'data' [clang-analyzer-unix.Malloc].

Bug: None
Test: The warning is gone.

Change-Id: I25f68ff85bea7069c21549c7deb7920d1877069e
parent 2cdd1ce6

tools/aapt/Images.cpp

+3 −3
Original line number Diff line number Diff line
@@ -1246,7 +1246,7 @@ static void write_png(const char* imageName, 
        if (kIsDebug) {

            printf("Adding 9-patch info...\n");

        }

        strcpy((char*)unknowns[p_index].name, "npTc");

        memcpy((char*)unknowns[p_index].name, "npTc", 5);

        unknowns[p_index].data = (png_byte*)imageInfo.serialize9patch();

        unknowns[p_index].size = imageInfo.info9Patch.serializedSize();

        // TODO: remove the check below when everything works
@@ -1254,7 +1254,7 @@ static void write_png(const char* imageName, 


        // automatically generated 9 patch outline data

        int chunk_size = sizeof(png_uint_32) * 6;

        strcpy((char*)unknowns[o_index].name, "npOl");

        memcpy((char*)unknowns[o_index].name, "npOl", 5);

        unknowns[o_index].data = (png_byte*) calloc(chunk_size, 1);

        png_byte outputData[chunk_size];

        memcpy(&outputData, &imageInfo.outlineInsetsLeft, 4 * sizeof(png_uint_32));
@@ -1266,7 +1266,7 @@ static void write_png(const char* imageName, 
        // optional optical inset / layout bounds data

        if (imageInfo.haveLayoutBounds) {

            int chunk_size = sizeof(png_uint_32) * 4;

            strcpy((char*)unknowns[b_index].name, "npLb");

            memcpy((char*)unknowns[b_index].name, "npLb", 5);

            unknowns[b_index].data = (png_byte*) calloc(chunk_size, 1);

            memcpy(unknowns[b_index].data, &imageInfo.layoutBoundsLeft, chunk_size);

            unknowns[b_index].size = chunk_size;

tools/aapt2/compile/Png.cpp

+3 −3
Original line number Diff line number Diff line
@@ -538,7 +538,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, 
    if (kDebug) {

      diag->Note(DiagMessage() << "adding 9-patch info..");

    }

    strcpy((char*)unknowns[pIndex].name, "npTc");

    memcpy((char*)unknowns[pIndex].name, "npTc", 5);

    unknowns[pIndex].data = (png_byte*)info->serialize9Patch();

    unknowns[pIndex].size = info->info9Patch.serializedSize();

    // TODO: remove the check below when everything works
@@ -546,7 +546,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, 


    // automatically generated 9 patch outline data

    int chunkSize = sizeof(png_uint_32) * 6;

    strcpy((char*)unknowns[oIndex].name, "npOl");

    memcpy((char*)unknowns[oIndex].name, "npOl", 5);

    unknowns[oIndex].data = (png_byte*)calloc(chunkSize, 1);

    png_byte outputData[chunkSize];

    memcpy(&outputData, &info->outlineInsetsLeft, 4 * sizeof(png_uint_32));
@@ -558,7 +558,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, 
    // optional optical inset / layout bounds data

    if (info->haveLayoutBounds) {

      int chunkSize = sizeof(png_uint_32) * 4;

      strcpy((char*)unknowns[bIndex].name, "npLb");

      memcpy((char*)unknowns[bIndex].name, "npLb", 5);

      unknowns[bIndex].data = (png_byte*)calloc(chunkSize, 1);

      memcpy(unknowns[bIndex].data, &info->layoutBoundsLeft, chunkSize);

      unknowns[bIndex].size = chunkSize;