Fix potential vulnerabilities.

--HG--
branch : develop

src/libs/vdxf/dxflib/dl_dxf.cpp

@@ -49,6 +49,7 @@
 #include "dl_creationinterface.h"
 #include "dl_entities.h"
 #include "iostream"
+#include "strlcpy.h"
 
 /**
  * Default constructor.
@@ -2554,10 +2555,7 @@ void DL_Dxf::endSequence(DL_CreationInterface* creationInterface)
 DL_WriterA* DL_Dxf::out(const char* file, DL_Codes::version version)
 {
     char* f = new char[strlen(file)+1];
-QT_WARNING_PUSH
-QT_WARNING_DISABLE_MSVC(4996)
-    strcpy(f, file);
-QT_WARNING_POP
+    strlcpy(f, file, sizeof(f));
     this->version = version;
 
     DL_WriterA* dw = new DL_WriterA(f, version);
@@ -5864,7 +5862,7 @@ int DL_Dxf::getLibVersion(const std::string& str)
 //        double ret;
 //        if (strchr(value, ',') != NULL) {
 //            char* tmp = new char[strlen(value)+1];
-//            strcpy(tmp, value);
+//            strlcpy(tmp, value, sizeof(tmp));
 //            DL_WriterA::strReplace(tmp, ',', '.');
 //            ret = atof(tmp);
 //            delete[] tmp;
@@ -5891,15 +5889,12 @@ void DL_Dxf::test()
     char* buf5 = new char[10];
     char* buf6 = new char[10];
 
-QT_WARNING_PUSH
-QT_WARNING_DISABLE_MSVC(4996)
-    strcpy(buf1, "  10\n");
-    strcpy(buf2, "10");
-    strcpy(buf3, "10\n");
-    strcpy(buf4, "  10 \n");
-    strcpy(buf5, "  10 \r");
-    strcpy(buf6, "\t10 \n");
-QT_WARNING_POP
+    strlcpy(buf1, "  10\n", sizeof(buf1));
+    strlcpy(buf2, "10", sizeof(buf2));
+    strlcpy(buf3, "10\n", sizeof(buf3));
+    strlcpy(buf4, "  10 \n", sizeof(buf4));
+    strlcpy(buf5, "  10 \r", sizeof(buf5));
+    strlcpy(buf6, "\t10 \n", sizeof(buf6));
 
     // Try to avoid deleting array from an offset
     char* buf1Copy = buf1;

src/libs/vdxf/dxflib/dl_writer_ascii.cpp

@@ -66,17 +66,16 @@ void DL_WriterA::dxfReal(int gc, double value) const
 {
     char str[256];
 QT_WARNING_PUSH
-QT_WARNING_DISABLE_MSVC(4996)
 #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__) < 408
 QT_WARNING_DISABLE_GCC("-Wformat")
 #endif
     if (version==DL_Codes::AC1009_MIN)
     {
-        sprintf(str, "%.6lf", value);
+        snprintf(str, sizeof(str), "%.6lf", value);
     }
     else
     {
-        sprintf(str, "%.16lf", value);
+        snprintf(str, sizeof(str), "%.16lf", value);
     }
 QT_WARNING_POP
 
@@ -132,10 +131,7 @@ void DL_WriterA::dxfInt(int gc, int value) const
 void DL_WriterA::dxfHex(int gc, int value) const
 {
     char str[12];
-QT_WARNING_PUSH
-QT_WARNING_DISABLE_MSVC(4996)
-    sprintf(str, "%0X", value);
-QT_WARNING_POP
+    snprintf(str, sizeof(str), "%0X", value);
     dxfString(gc, str);
 }
 

src/libs/vdxf/dxflib/strlcpy.h

@@ -0,0 +1,143 @@
+/************************************************************************
+ **
+ **  @file   strlcpy.h
+ **  @author Roman Telezhynskyi <dismine(at)gmail.com>
+ **  @date   December 20, 2016
+ **
+ **  @brief
+ **  @copyright
+ **  This source code is part of the Valentine project, a pattern making
+ **  program, whose allow create and modeling patterns of clothing.
+ **  Copyright (C) 2013-2016 Valentina project
+ **  <https://bitbucket.org/dismine/valentina> All Rights Reserved.
+ **
+ **  Valentina is free software: you can redistribute it and/or modify
+ **  it under the terms of the GNU General Public License as published by
+ **  the Free Software Foundation, either version 3 of the License, or
+ **  (at your option) any later version.
+ **
+ **  Valentina is distributed in the hope that it will be useful,
+ **  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ **  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ **  GNU General Public License for more details.
+ **
+ **  You should have received a copy of the GNU General Public License
+ **  along with Valentina.  If not, see <http://www.gnu.org/licenses/>.
+ **
+ *************************************************************************/
+
+/*
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef VALENTINA_STRLCPY_H
+#define VALENTINA_STRLCPY_H
+
+/* This function comes from BSD */
+#if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__NetBSD__) && \
+    !defined(__bsdi__) && !defined(__APPLE__)
+#include <sys/types.h>
+#include <string.h>
+
+/*
+ * Copy src to string dst of size siz.  At most siz-1 characters
+ * will be copied.  Always NUL terminates (unless siz == 0).
+ * Returns strlen(src); if retval >= siz, truncation occurred.
+ */
+inline size_t strlcpy(char *dst, const char *src, size_t siz)
+{
+    char *d = dst;
+    const char *s = src;
+    size_t n = siz;
+
+    /* Copy as many bytes as will fit */
+    if (n != 0)
+    {
+        while (--n != 0)
+        {
+            if ((*d++ = *s++) == '\0')
+            {
+                break;
+            }
+        }
+    }
+
+    /* Not enough room in dst, add NUL and traverse rest of src */
+    if (n == 0)
+    {
+        if (siz != 0)
+        {
+            *d = '\0';  /* NUL-terminate dst */
+        }
+        while (*s++)
+            ;
+    }
+
+    return(s - src - 1); /* count does not include NUL */
+}
+
+/*
+ * Appends src to string dst of size siz (unlike strncat, siz is the
+ * full size of dst, not space left).  At most siz-1 characters
+ * will be copied.  Always NUL terminates (unless siz <= strlen(dst)).
+ * Returns strlen(src) + MIN(siz, strlen(initial dst)).
+ * If retval >= siz, truncation occurred.
+ */
+inline size_t strlcat(char *dst, const char *src, size_t siz)
+{
+    char *d = dst;
+    const char *s = src;
+    size_t n = siz;
+    size_t dlen;
+
+    /* Find the end of dst and adjust bytes left but don't go past end */
+    while (n-- != 0 && *d != '\0')
+    {
+        d++;
+    }
+    dlen = d - dst;
+    n = siz - dlen;
+
+    if (n == 0)
+    {
+        return(dlen + strlen(s));
+    }
+    while (*s != '\0')
+    {
+        if (n != 1)
+        {
+            *d++ = *s;
+            n--;
+        }
+        s++;
+    }
+    *d = '\0';
+
+    return(dlen + (s - src)); /* count does not include NUL */
+}
+
+#endif /* ! __*BSD__ */
+#endif // VALENTINA_STRLCPY_H

src/libs/vdxf/vdxf.pri

@@ -24,4 +24,5 @@ HEADERS += \
     $$PWD/dxflib/dl_writer_ascii.h \
     $$PWD/vdxfengine.h \
     $$PWD/vdxfpaintdevice.h \
-    $$PWD/dxfdef.h
+    $$PWD/dxfdef.h \
+    $$PWD/dxflib/strlcpy.h