The last argument to strncat() should not be the total buffer length; it
should be the space remaining:
The strncat() function shall append not more than n bytes (a null
byte and bytes that follow it are not appended) from the array
pointed to by s2 to the end of the string pointed to by s1. The
initial byte of s2 overwrites the null byte at the end of s1. A
terminating null byte is always appended to the result.
This patch fixes a couple of potential buffer overflow vulnerabilities.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
Use this constant everywhere when referring to a null pointer instead of
casting 0 to various types of pointers. Created using following semantic
patch:
@@
type type;
@@
- (type *)0
+ NULL
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
A small style fix that removes all remaining "(void)" casts. Using these
isn't encouraged in GNU coding guidelines and doesn't serve a certain
purpose, except for satisfying a few static code analysis tools. We
already nuked some of these in previous patches, but this semantic patch
should fix what's left:
@@
identifier func;
@@
- (void)func (
+ func (
...);
Long lines were re-formatted manually.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
Use one of the following functions where appropriate:
* puts() (whenever we print hard coded strings to stdout)
* fputs() (whenever we print hard coded strings to a stream)
* putchar() (whenever we print a single character to stdout)
* fputc() (whenever we print a single character to a stream)
* strncpy() (whenever we copy hard coded strings to a buffer)
This removes the overhead introduced by the format string parser and
reduces the number of false positive C-format strings spotted by
xgettext(1)'s heuristics.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
Key commands can be prefixed with a natural number - keys_getch() will
store this number in the buffer pointed to by the second parameter. Set
this parameter to NULL to disable count prefixes.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
This removes the need of reading the whole data file and find matching
entries if we want to parse appointments in external programs.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
* Update copyright dates (use 2004-2011 as date range everywhere).
* Change copyright holder from "Frederic Culot" to "calcurse Development
Team".
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
Use spaces instead of tabs for source code indentation only, strip
trailing whitespaces from lines.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
Key descriptions are just strncpy()'ed to key[], with KEYS_KEYLEN as
maximum character count. This leads to a non-null-terminated string if
the source pointer actually points to a string with a length of
KEYS_KEYLEN bytes. Always appending a null character fixes this.
Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
