Replace most strlen with strnlen_s
This commit is contained in:
parent
c87e37fcbd
commit
93b9938e02
|
@ -1253,7 +1253,7 @@ char * pdo_sqlsrv_dbh_last_id( _Inout_ pdo_dbh_t *dbh, _In_z_ const char *name,
|
||||||
else {
|
else {
|
||||||
char* quoted_table = NULL;
|
char* quoted_table = NULL;
|
||||||
size_t quoted_len = 0;
|
size_t quoted_len = 0;
|
||||||
int quoted = pdo_sqlsrv_dbh_quote( dbh, name, strlen( name ), "ed_table, "ed_len, PDO_PARAM_NULL TSRMLS_CC );
|
int quoted = pdo_sqlsrv_dbh_quote( dbh, name, strnlen_s( name ), "ed_table, "ed_len, PDO_PARAM_NULL TSRMLS_CC );
|
||||||
SQLSRV_ASSERT( quoted, "PDO::lastInsertId failed to quote the table name.");
|
SQLSRV_ASSERT( quoted, "PDO::lastInsertId failed to quote the table name.");
|
||||||
snprintf( last_insert_id_query, LAST_INSERT_ID_QUERY_MAX_LEN, SEQUENCE_CURRENT_VALUE_QUERY, quoted_table );
|
snprintf( last_insert_id_query, LAST_INSERT_ID_QUERY_MAX_LEN, SEQUENCE_CURRENT_VALUE_QUERY, quoted_table );
|
||||||
sqlsrv_free( quoted_table );
|
sqlsrv_free( quoted_table );
|
||||||
|
@ -1270,7 +1270,7 @@ char * pdo_sqlsrv_dbh_last_id( _Inout_ pdo_dbh_t *dbh, _In_z_ const char *name,
|
||||||
|
|
||||||
sqlsrv_malloc_auto_ptr<SQLWCHAR> wsql_string;
|
sqlsrv_malloc_auto_ptr<SQLWCHAR> wsql_string;
|
||||||
unsigned int wsql_len;
|
unsigned int wsql_len;
|
||||||
wsql_string = utf16_string_from_mbcs_string( SQLSRV_ENCODING_CHAR, reinterpret_cast<const char*>( last_insert_id_query ), static_cast<unsigned int>( strlen( last_insert_id_query )), &wsql_len );
|
wsql_string = utf16_string_from_mbcs_string( SQLSRV_ENCODING_CHAR, reinterpret_cast<const char*>( last_insert_id_query ), static_cast<unsigned int>( strnlen_s( last_insert_id_query )), &wsql_len );
|
||||||
|
|
||||||
CHECK_CUSTOM_ERROR( wsql_string == 0, driver_stmt, SQLSRV_ERROR_QUERY_STRING_ENCODING_TRANSLATE, get_last_error_message() ) {
|
CHECK_CUSTOM_ERROR( wsql_string == 0, driver_stmt, SQLSRV_ERROR_QUERY_STRING_ENCODING_TRANSLATE, get_last_error_message() ) {
|
||||||
throw core::CoreException();
|
throw core::CoreException();
|
||||||
|
|
|
@ -473,7 +473,7 @@ bool pdo_sqlsrv_handle_dbh_error( _Inout_ sqlsrv_context& ctx, _In_opt_ unsigned
|
||||||
SQLSRV_ASSERT( err == true, "No ODBC error was found" );
|
SQLSRV_ASSERT( err == true, "No ODBC error was found" );
|
||||||
}
|
}
|
||||||
|
|
||||||
SQLSRV_ASSERT(strlen(reinterpret_cast<const char*>(error->sqlstate)) <= sizeof(dbh->error_code), "Error code overflow");
|
SQLSRV_ASSERT(strnlen_s(reinterpret_cast<const char*>(error->sqlstate)) <= sizeof(dbh->error_code), "Error code overflow");
|
||||||
strcpy_s(dbh->error_code, sizeof(dbh->error_code), reinterpret_cast<const char*>(error->sqlstate));
|
strcpy_s(dbh->error_code, sizeof(dbh->error_code), reinterpret_cast<const char*>(error->sqlstate));
|
||||||
|
|
||||||
switch( dbh->error_mode ) {
|
switch( dbh->error_mode ) {
|
||||||
|
@ -486,7 +486,7 @@ bool pdo_sqlsrv_handle_dbh_error( _Inout_ sqlsrv_context& ctx, _In_opt_ unsigned
|
||||||
break;
|
break;
|
||||||
case PDO_ERRMODE_WARNING:
|
case PDO_ERRMODE_WARNING:
|
||||||
if( !warning ) {
|
if( !warning ) {
|
||||||
size_t msg_len = strlen( reinterpret_cast<const char*>( error->native_message )) + SQL_SQLSTATE_BUFSIZE
|
size_t msg_len = strnlen_s( reinterpret_cast<const char*>( error->native_message )) + SQL_SQLSTATE_BUFSIZE
|
||||||
+ MAX_DIGITS + WARNING_MIN_LENGTH + 1;
|
+ MAX_DIGITS + WARNING_MIN_LENGTH + 1;
|
||||||
sqlsrv_malloc_auto_ptr<char> msg;
|
sqlsrv_malloc_auto_ptr<char> msg;
|
||||||
msg = static_cast<char*>( sqlsrv_malloc( msg_len ) );
|
msg = static_cast<char*>( sqlsrv_malloc( msg_len ) );
|
||||||
|
@ -525,7 +525,7 @@ bool pdo_sqlsrv_handle_stmt_error( _Inout_ sqlsrv_context& ctx, _In_opt_ unsigne
|
||||||
SQLSRV_ASSERT( err == true, "No ODBC error was found" );
|
SQLSRV_ASSERT( err == true, "No ODBC error was found" );
|
||||||
}
|
}
|
||||||
|
|
||||||
SQLSRV_ASSERT( strlen( reinterpret_cast<const char*>( error->sqlstate ) ) <= sizeof( pdo_stmt->error_code ), "Error code overflow");
|
SQLSRV_ASSERT( strnlen_s( reinterpret_cast<const char*>( error->sqlstate ) ) <= sizeof( pdo_stmt->error_code ), "Error code overflow");
|
||||||
strcpy_s( pdo_stmt->error_code, sizeof( pdo_stmt->error_code ), reinterpret_cast<const char*>( error->sqlstate ));
|
strcpy_s( pdo_stmt->error_code, sizeof( pdo_stmt->error_code ), reinterpret_cast<const char*>( error->sqlstate ));
|
||||||
|
|
||||||
switch( pdo_stmt->dbh->error_mode ) {
|
switch( pdo_stmt->dbh->error_mode ) {
|
||||||
|
@ -612,7 +612,7 @@ void pdo_sqlsrv_throw_exception( _In_ sqlsrv_error_const* error TSRMLS_DC )
|
||||||
SQLSRV_ASSERT( zr != FAILURE, "Failed to initialize exception object" );
|
SQLSRV_ASSERT( zr != FAILURE, "Failed to initialize exception object" );
|
||||||
|
|
||||||
sqlsrv_malloc_auto_ptr<char> ex_msg;
|
sqlsrv_malloc_auto_ptr<char> ex_msg;
|
||||||
size_t ex_msg_len = strlen( reinterpret_cast<const char*>( error->native_message )) + SQL_SQLSTATE_BUFSIZE +
|
size_t ex_msg_len = strnlen_s( reinterpret_cast<const char*>( error->native_message )) + SQL_SQLSTATE_BUFSIZE +
|
||||||
12 + 1; // 12 = "SQLSTATE[]: "
|
12 + 1; // 12 = "SQLSTATE[]: "
|
||||||
ex_msg = reinterpret_cast<char*>( sqlsrv_malloc( ex_msg_len ));
|
ex_msg = reinterpret_cast<char*>( sqlsrv_malloc( ex_msg_len ));
|
||||||
snprintf( ex_msg, ex_msg_len, EXCEPTION_MSG_TEMPLATE, error->sqlstate, error->native_message );
|
snprintf( ex_msg, ex_msg_len, EXCEPTION_MSG_TEMPLATE, error->sqlstate, error->native_message );
|
||||||
|
|
|
@ -709,7 +709,7 @@ int FormattedPrintA( IFormattedPrintOutput<char> * output, const char *format, v
|
||||||
++text.sz;
|
++text.sz;
|
||||||
}
|
}
|
||||||
|
|
||||||
textlen = (int)strlen(text.sz); /* compute length of text */
|
textlen = (int)strnlen_s(text.sz); /* compute length of text */
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
|
@ -138,6 +138,12 @@ int mplat_strcat_s( char * dest, size_t destSize, const char * src )
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t strnlen_s(const char * _Str, size_t _MaxCount)
|
||||||
|
{
|
||||||
|
return (_Str==0) ? 0 : strnlen(_Str, _MaxCount);
|
||||||
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
// End copy functions
|
// End copy functions
|
||||||
//----------------------------------------------------------------------------
|
//----------------------------------------------------------------------------
|
||||||
|
|
|
@ -31,6 +31,8 @@ int mplat_memcpy_s(void *_S1, size_t _N1, const void *_S2, size_t _N);
|
||||||
int mplat_strcat_s( char *strDestination, size_t numberOfElements, const char *strSource );
|
int mplat_strcat_s( char *strDestination, size_t numberOfElements, const char *strSource );
|
||||||
int mplat_strcpy_s(char * _Dst, size_t _SizeInBytes, const char * _Src);
|
int mplat_strcpy_s(char * _Dst, size_t _SizeInBytes, const char * _Src);
|
||||||
|
|
||||||
|
size_t strnlen_s(const char * _Str, size_t _MaxCount = INT_MAX);
|
||||||
|
|
||||||
// Copy
|
// Copy
|
||||||
#define memcpy_s mplat_memcpy_s
|
#define memcpy_s mplat_memcpy_s
|
||||||
#define strcat_s mplat_strcat_s
|
#define strcat_s mplat_strcat_s
|
||||||
|
|
|
@ -755,31 +755,31 @@ void build_connection_string_and_set_conn_attr( _Inout_ sqlsrv_conn* conn, _Inou
|
||||||
try {
|
try {
|
||||||
|
|
||||||
// Add the server name
|
// Add the server name
|
||||||
common_conn_str_append_func( ODBCConnOptions::SERVER, server, strlen( server ), connection_string TSRMLS_CC );
|
common_conn_str_append_func( ODBCConnOptions::SERVER, server, strnlen_s( server ), connection_string TSRMLS_CC );
|
||||||
|
|
||||||
// if uid is not present then we use trusted connection.
|
// if uid is not present then we use trusted connection.
|
||||||
if(uid == NULL || strlen( uid ) == 0 ) {
|
if(uid == NULL || strnlen_s( uid ) == 0 ) {
|
||||||
|
|
||||||
connection_string += "Trusted_Connection={Yes};";
|
connection_string += "Trusted_Connection={Yes};";
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
||||||
bool escaped = core_is_conn_opt_value_escaped( uid, strlen( uid ));
|
bool escaped = core_is_conn_opt_value_escaped( uid, strnlen_s( uid ));
|
||||||
CHECK_CUSTOM_ERROR( !escaped, conn, SQLSRV_ERROR_UID_PWD_BRACES_NOT_ESCAPED ) {
|
CHECK_CUSTOM_ERROR( !escaped, conn, SQLSRV_ERROR_UID_PWD_BRACES_NOT_ESCAPED ) {
|
||||||
throw core::CoreException();
|
throw core::CoreException();
|
||||||
}
|
}
|
||||||
|
|
||||||
common_conn_str_append_func( ODBCConnOptions::UID, uid, strlen( uid ), connection_string TSRMLS_CC );
|
common_conn_str_append_func( ODBCConnOptions::UID, uid, strnlen_s( uid ), connection_string TSRMLS_CC );
|
||||||
|
|
||||||
// if no password was given, then don't add a password to the connection string. Perhaps the UID
|
// if no password was given, then don't add a password to the connection string. Perhaps the UID
|
||||||
// given doesn't have a password?
|
// given doesn't have a password?
|
||||||
if( pwd != NULL ) {
|
if( pwd != NULL ) {
|
||||||
escaped = core_is_conn_opt_value_escaped( pwd, strlen( pwd ));
|
escaped = core_is_conn_opt_value_escaped( pwd, strnlen_s( pwd ));
|
||||||
CHECK_CUSTOM_ERROR( !escaped, conn, SQLSRV_ERROR_UID_PWD_BRACES_NOT_ESCAPED ) {
|
CHECK_CUSTOM_ERROR( !escaped, conn, SQLSRV_ERROR_UID_PWD_BRACES_NOT_ESCAPED ) {
|
||||||
throw core::CoreException();
|
throw core::CoreException();
|
||||||
}
|
}
|
||||||
|
|
||||||
common_conn_str_append_func( ODBCConnOptions::PWD, pwd, strlen( pwd ), connection_string TSRMLS_CC );
|
common_conn_str_append_func( ODBCConnOptions::PWD, pwd, strnlen_s( pwd ), connection_string TSRMLS_CC );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -56,10 +56,9 @@
|
||||||
|
|
||||||
// #define MultiByteToWideChar SystemLocale::ToUtf16
|
// #define MultiByteToWideChar SystemLocale::ToUtf16
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#define stricmp strcasecmp
|
#define stricmp strcasecmp
|
||||||
#define strnicmp strncasecmp
|
#define strnicmp strncasecmp
|
||||||
|
#define strnlen_s(s) strnlen_s(s, INT_MAX)
|
||||||
|
|
||||||
#ifndef _WIN32
|
#ifndef _WIN32
|
||||||
#define GetLastError() errno
|
#define GetLastError() errno
|
||||||
|
@ -998,7 +997,7 @@ struct sqlsrv_encoding {
|
||||||
bool not_for_connection;
|
bool not_for_connection;
|
||||||
|
|
||||||
sqlsrv_encoding( _In_ const char* iana, _In_ unsigned int code_page, _In_ bool not_for_conn = false ):
|
sqlsrv_encoding( _In_ const char* iana, _In_ unsigned int code_page, _In_ bool not_for_conn = false ):
|
||||||
iana( iana ), iana_len( strlen( iana )), code_page( code_page ), not_for_connection( not_for_conn )
|
iana( iana ), iana_len( strnlen_s( iana )), code_page( code_page ), not_for_connection( not_for_conn )
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
@ -1784,7 +1783,7 @@ inline bool call_error_handler( _Inout_ sqlsrv_context* ctx, _In_ unsigned long
|
||||||
inline bool is_truncated_warning( _In_ SQLCHAR* state )
|
inline bool is_truncated_warning( _In_ SQLCHAR* state )
|
||||||
{
|
{
|
||||||
#if defined(ZEND_DEBUG)
|
#if defined(ZEND_DEBUG)
|
||||||
if( state == NULL || strlen( reinterpret_cast<char*>( state )) != 5 ) { \
|
if( state == NULL || strnlen_s( reinterpret_cast<char*>( state )) != 5 ) { \
|
||||||
DIE( "Incorrect SQLSTATE given to is_truncated_warning." ); \
|
DIE( "Incorrect SQLSTATE given to is_truncated_warning." ); \
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -310,7 +310,7 @@ SystemLocale::SystemLocale( const char * localeName )
|
||||||
charsetName = charsetName ? charsetName + 1 : localeName;
|
charsetName = charsetName ? charsetName + 1 : localeName;
|
||||||
for (const LocaleCP& lcp : lcpTable)
|
for (const LocaleCP& lcp : lcpTable)
|
||||||
{
|
{
|
||||||
if (!strncasecmp(lcp.localeName, charsetName, strlen(lcp.localeName)))
|
if (!strncasecmp(lcp.localeName, charsetName, strnlen_s(lcp.localeName)))
|
||||||
{
|
{
|
||||||
m_uAnsiCP = lcp.codePage;
|
m_uAnsiCP = lcp.codePage;
|
||||||
return;
|
return;
|
||||||
|
@ -346,7 +346,7 @@ size_t SystemLocale::ToUtf16( UINT srcCodePage, const char * src, SSIZE_T cchSrc
|
||||||
*pErrorCode = ERROR_INVALID_PARAMETER;
|
*pErrorCode = ERROR_INVALID_PARAMETER;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
size_t cchSrcActual = (cchSrc < 0 ? (1+strlen(src)) : cchSrc);
|
size_t cchSrcActual = (cchSrc < 0 ? (1+strnlen_s(src)) : cchSrc);
|
||||||
bool hasLoss;
|
bool hasLoss;
|
||||||
return cvt.Convert( dest, cchDest, src, cchSrcActual, false, &hasLoss, pErrorCode );
|
return cvt.Convert( dest, cchDest, src, cchSrcActual, false, &hasLoss, pErrorCode );
|
||||||
}
|
}
|
||||||
|
@ -361,7 +361,7 @@ size_t SystemLocale::ToUtf16Strict( UINT srcCodePage, const char * src, SSIZE_T
|
||||||
*pErrorCode = ERROR_INVALID_PARAMETER;
|
*pErrorCode = ERROR_INVALID_PARAMETER;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
size_t cchSrcActual = (cchSrc < 0 ? (1+strlen(src)) : cchSrc);
|
size_t cchSrcActual = (cchSrc < 0 ? (1+strnlen_s(src)) : cchSrc);
|
||||||
bool hasLoss;
|
bool hasLoss;
|
||||||
return cvt.Convert( dest, cchDest, src, cchSrcActual, true, &hasLoss, pErrorCode );
|
return cvt.Convert( dest, cchDest, src, cchSrcActual, true, &hasLoss, pErrorCode );
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue