From d32ae10f4cdcff2351c9f34ce477089111093d32 Mon Sep 17 00:00:00 2001 From: Yunlian Jiang Date: Wed, 13 Sep 2017 12:01:15 -0700 Subject: [PATCH] Replace strcpy with memcpy. This fixes the warning Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. As a side effect, it sliences the warning frameworks/base/tools/aapt/Images.cpp:1270:50: warning: Potential leak of memory pointed to by field 'data' [clang-analyzer-unix.Malloc] frameworks/base/tools/aapt2/compile/Png.cpp:562:42: warning: Potential leak of memory pointed to by field 'data' [clang-analyzer-unix.Malloc]. Bug: None Test: The warning is gone. Change-Id: I25f68ff85bea7069c21549c7deb7920d1877069e --- tools/aapt/Images.cpp | 6 +++--- tools/aapt2/compile/Png.cpp | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/aapt/Images.cpp b/tools/aapt/Images.cpp index 5f586a15eeb8e..627a231de5c8b 100644 --- a/tools/aapt/Images.cpp +++ b/tools/aapt/Images.cpp @@ -1246,7 +1246,7 @@ static void write_png(const char* imageName, if (kIsDebug) { printf("Adding 9-patch info...\n"); } - strcpy((char*)unknowns[p_index].name, "npTc"); + memcpy((char*)unknowns[p_index].name, "npTc", 5); unknowns[p_index].data = (png_byte*)imageInfo.serialize9patch(); unknowns[p_index].size = imageInfo.info9Patch.serializedSize(); // TODO: remove the check below when everything works @@ -1254,7 +1254,7 @@ static void write_png(const char* imageName, // automatically generated 9 patch outline data int chunk_size = sizeof(png_uint_32) * 6; - strcpy((char*)unknowns[o_index].name, "npOl"); + memcpy((char*)unknowns[o_index].name, "npOl", 5); unknowns[o_index].data = (png_byte*) calloc(chunk_size, 1); png_byte outputData[chunk_size]; memcpy(&outputData, &imageInfo.outlineInsetsLeft, 4 * sizeof(png_uint_32)); @@ -1266,7 +1266,7 @@ static void write_png(const char* imageName, // optional optical inset / layout bounds data if (imageInfo.haveLayoutBounds) { int chunk_size = sizeof(png_uint_32) * 4; - strcpy((char*)unknowns[b_index].name, "npLb"); + memcpy((char*)unknowns[b_index].name, "npLb", 5); unknowns[b_index].data = (png_byte*) calloc(chunk_size, 1); memcpy(unknowns[b_index].data, &imageInfo.layoutBoundsLeft, chunk_size); unknowns[b_index].size = chunk_size; diff --git a/tools/aapt2/compile/Png.cpp b/tools/aapt2/compile/Png.cpp index 6d6147d8c97a0..33122dccb7def 100644 --- a/tools/aapt2/compile/Png.cpp +++ b/tools/aapt2/compile/Png.cpp @@ -538,7 +538,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, if (kDebug) { diag->Note(DiagMessage() << "adding 9-patch info.."); } - strcpy((char*)unknowns[pIndex].name, "npTc"); + memcpy((char*)unknowns[pIndex].name, "npTc", 5); unknowns[pIndex].data = (png_byte*)info->serialize9Patch(); unknowns[pIndex].size = info->info9Patch.serializedSize(); // TODO: remove the check below when everything works @@ -546,7 +546,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, // automatically generated 9 patch outline data int chunkSize = sizeof(png_uint_32) * 6; - strcpy((char*)unknowns[oIndex].name, "npOl"); + memcpy((char*)unknowns[oIndex].name, "npOl", 5); unknowns[oIndex].data = (png_byte*)calloc(chunkSize, 1); png_byte outputData[chunkSize]; memcpy(&outputData, &info->outlineInsetsLeft, 4 * sizeof(png_uint_32)); @@ -558,7 +558,7 @@ static bool writePng(IDiagnostics* diag, png_structp writePtr, // optional optical inset / layout bounds data if (info->haveLayoutBounds) { int chunkSize = sizeof(png_uint_32) * 4; - strcpy((char*)unknowns[bIndex].name, "npLb"); + memcpy((char*)unknowns[bIndex].name, "npLb", 5); unknowns[bIndex].data = (png_byte*)calloc(chunkSize, 1); memcpy(unknowns[bIndex].data, &info->layoutBoundsLeft, chunkSize); unknowns[bIndex].size = chunkSize;