Commit 8c927e75 authored by Norby, Tom's avatar Norby, Tom

Protect against overflow.

parent 873ecbba
Pipeline #99620 failed with stages
in 3 minutes and 41 seconds
......@@ -213,8 +213,8 @@ void CoordinateConversion::validate(const std::pair<double, double>& point)
std::string CoordinateConversion::toString(const UTMCoordinate& utm)
{
char buff[120];
sprintf(buff, "%02d %c %f %f", utm.longitude_zone, utm.lattitude_zone,
utm.easting, utm.northing);
snprintf(buff, sizeof(buff), "%02d %c %f %f", utm.longitude_zone,
utm.lattitude_zone, utm.easting, utm.northing);
return std::string(buff);
}
......@@ -329,4 +329,4 @@ std::pair<double, double> UTM2LatLon::toLatLon(const UTMCoordinate& c)
}
// UTMZones::latZone
} // namespace radix
\ No newline at end of file
} // namespace radix
......@@ -128,11 +128,12 @@ bool ARLDataStream::write_record_header(const ARLRecordHeader& rheader)
// Construct index header string
char recordHeader[51];
sprintf(recordHeader, "%2d%2d%2d%2d%2d%2d%2d%4s%4d%14.7E%14.7E", year,
rheader.month, rheader.day, rheader.hour, rheader.ic, rheader.il,
std::stoi(rheader.cgrid.c_str()), rheader.kvar.c_str(), rheader.nexp,
rheader.prec, rheader.var1);
recordHeader[50] = '\0'; // null-terminate
snprintf(recordHeader, sizeof(recordHeader),
"%2d%2d%2d%2d%2d%2d%2d%4s%4d%14.7E%14.7E", year, rheader.month,
rheader.day, rheader.hour, rheader.ic, rheader.il,
std::stoi(rheader.cgrid.c_str()), rheader.kvar.c_str(), rheader.nexp,
rheader.prec, rheader.var1);
recordHeader[50] = '\0'; // null-terminate
p->stream->writeString(std::string(recordHeader),
ARLDataStream::PImpl::recordHeaderLength);
......@@ -222,7 +223,7 @@ bool ARLDataStream::write_index_header(const ARLRecordHeader& rheader,
radix_line(" Size of each record = " << p->recordSize);
const size_t MAX_HEADER_LENGTH = 10000;
char indexHeaderMain[ARLDataStream::PImpl::indexHeaderLength+1],
char indexHeaderMain[ARLDataStream::PImpl::indexHeaderLength + 1],
indexHeaderVars[MAX_HEADER_LENGTH];
int pos = 0;
......@@ -251,7 +252,8 @@ bool ARLDataStream::write_index_header(const ARLRecordHeader& rheader,
iheader.orient, iheader.tang_lat, iheader.sync_xp, iheader.sync_yp,
iheader.sync_lat, iheader.sync_lon, iheader.dummy, iheader.nx,
iheader.ny, iheader.nz, iheader.z_flag, headerLength);
indexHeaderMain[ARLDataStream::PImpl::indexHeaderLength] = '\0'; // null-terminate
indexHeaderMain[ARLDataStream::PImpl::indexHeaderLength] =
'\0'; // null-terminate
// Write the two elements of the header
p->stream->writeString(std::string(indexHeaderMain),
......
......@@ -78,7 +78,7 @@ eafstream &eafstream::operator>>(int &value)
eafstream &eafstream::operator>>(std::vector<int> &value)
{
int *tData;
tData = readIntArray((int)value.size());
tData = readIntArray(value.size());
//
// We failed to read from disk.
//
......@@ -410,7 +410,7 @@ void eafstream::writeDouble(double var)
* endianness \param[in] size number of integers to read in \return integer
* array or NULL on error.
*/
int *eafstream::readIntArray(int size)
int *eafstream::readIntArray(size_t size)
{
int *array = NULL;
try
......@@ -424,7 +424,7 @@ int *eafstream::readIntArray(int size)
exit(1);
}
this->read((char *)(array), size * int_size);
this->read((char *)(array), int(size) * int_size);
if (this->bad() || this->eof())
{
std::stringstream ss;
......@@ -467,7 +467,7 @@ void eafstream::writeIntArray(const std::vector<int> &var)
* \brief read floats from the file, accounting for endianness
* \return floats or -1 on error.
*/
float *eafstream::readFloatArray(int size)
float *eafstream::readFloatArray(size_t size)
{
float *array = NULL;
try
......@@ -480,7 +480,7 @@ float *eafstream::readFloatArray(int size)
<< __LINE__ << std::endl;
exit(1);
}
this->read((char *)(array), size * float_size);
this->read((char *)(array), int(size) * float_size);
if (this->bad() || this->eof())
{
std::stringstream ss;
......@@ -579,10 +579,10 @@ void eafstream::writeDoubleArray(const std::vector<double> &var)
* \brief read a string of size from the file, accounting for endianness
* \return string of size size
*/
std::string eafstream::readString(int size)
std::string eafstream::readString(size_t size)
{
char *array = new char[size + 1];
this->read((char *)(array), size);
this->read(static_cast<char *>(array), int(size));
array[size] = '\0';
if (this->bad() || this->eof())
{
......@@ -608,7 +608,7 @@ std::string eafstream::readString(int size)
void eafstream::writeString(const std::string &var)
{
this->write(var.c_str(), var.size());
this->write(var.c_str(), int(var.size()));
if (this->bad() || this->eof())
{
std::stringstream ss;
......
......@@ -80,13 +80,13 @@ class RADIX_PUBLIC eafstream : public std::fstream
* \param[in] size number of integers to read in
* \return integer array or NULL on error.
*/
int *readIntArray(int size);
int *readIntArray(size_t size);
void writeIntArray(const std::vector<int> &var);
/**
* \brief read an array of floats from the file, accounting for endianness
* \return array of floats or NULL on error
*/
float *readFloatArray(int size);
float *readFloatArray(size_t size);
void writeFloatArray(const std::vector<float> &var);
/**
* \brief read an array of doubles from the file, accounting for endianness
......@@ -98,7 +98,7 @@ class RADIX_PUBLIC eafstream : public std::fstream
* \brief read a string of size from the file, accounting for endianness
* \return string of size size
*/
std::string readString(int size);
std::string readString(size_t size);
void writeString(const std::string &var);
void writeString(const std::string &var, size_t length, char filler = ' ');
......
......@@ -69,9 +69,9 @@ int reverse_int_bytes(int value)
/*!
* Reverses the bytes of all integers in an array
* */
void reverse_array_int_bytes(int *array, int size)
void reverse_array_int_bytes(int *array, size_t size)
{
for (int i = 0; i < size; i++)
for (size_t i = 0; i < size; i++)
{
array[i] = reverse_int_bytes(array[i]);
}
......@@ -100,9 +100,9 @@ float reverse_float_bytes(float value)
/*!
* Reverses the bytes of all float in an array
* */
void reverse_array_float_bytes(float *array, int size)
void reverse_array_float_bytes(float *array, size_t size)
{
for (int i = 0; i < size; i++)
for (size_t i = 0; i < size; i++)
{
array[i] = reverse_float_bytes(array[i]);
}
......
......@@ -13,8 +13,8 @@ void RADIX_PUBLIC reverse_bytes(char *original, void *returnVal, int length);
short RADIX_PUBLIC reverse_short_bytes(short value);
unsigned short RADIX_PUBLIC reverse_ushort_bytes(unsigned short value);
int RADIX_PUBLIC reverse_int_bytes(int value);
void RADIX_PUBLIC reverse_array_int_bytes(int *array, int size);
void RADIX_PUBLIC reverse_array_float_bytes(float *array, int size);
void RADIX_PUBLIC reverse_array_int_bytes(int *array, size_t size);
void RADIX_PUBLIC reverse_array_float_bytes(float *array, size_t size);
long RADIX_PUBLIC reverse_long_bytes(long value);
float RADIX_PUBLIC reverse_float_bytes(float value);
double RADIX_PUBLIC reverse_double_bytes(double value);
......
......@@ -147,18 +147,10 @@ bool HysplitCDumpStream<data_type>::write_to(const std::string &file) const
std::string id = mData->id();
{
// force string to be only 4 characters
// force string to be no more than 4 characters
char cid[5];
if (id.size() > 4)
{
sprintf(cid, "%4s", id.substr(0, 4).c_str());
}
else
{
sprintf(cid, "%4s", id.c_str());
}
cid[4] = '\0'; // null terminate
id = cid;
snprintf(cid, sizeof(cid), "%4s", id.c_str());
id = cid;
}
record_length = id.size() + sizeof(int) * 7;
int year, month, day, hour, forecastHour, minutes, numLocations, packing = 1;
......@@ -236,17 +228,9 @@ bool HysplitCDumpStream<data_type>::write_to(const std::string &file) const
{
std::string pol = mData->pollutant(i);
radix_tagged_line("pollutant=" << pol);
// force string to be only 4 characters
// force string to be no more than 4 characters
char icid[5];
if (pol.size() > 4)
{
sprintf(icid, "%4s", pol.substr(0, 4).c_str());
}
else
{
sprintf(icid, "%4s", pol.c_str());
}
icid[4] = '\0';
snprintf(icid, sizeof(icid), "%4s", pol.c_str());
std::string tmp = icid;
fstr.writeString(tmp);
local_pols.push_back(tmp);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment