Try hard to build even with hardening flags switched on
Andreas Tille
5 years ago
65 | 65 | { |
66 | 66 | |
67 | 67 | /* open up the block file to write to */ |
68 | @@ -255,7 +260,7 @@ void display_output() | |
69 | ||
70 | printf("<pre>\n"); | |
71 | while (!feof(outf) && fgets(buf, LARGE_BUFF_LENGTH, outf) != NULL) | |
72 | - printf(buf) ; | |
73 | + printf("%s", buf) ; | |
74 | printf("</pre>\n"); | |
75 | ||
76 | fclose(outf); | |
68 | 77 | @@ -264,7 +269,7 @@ void display_output() |
69 | 78 | |
70 | 79 | /**********************************************************************/ |
372 | 381 | } |
373 | 382 | --- a/blimps/blocks_search.c |
374 | 383 | +++ b/blimps/blocks_search.c |
375 | @@ -104,8 +104,8 @@ char mailprog[LARGE_BUFF_LENGTH]; | |
376 | char seq_file[LARGE_BUFF_LENGTH]; | |
377 | char cs_file[LARGE_BUFF_LENGTH]; | |
378 | char csh_file[LARGE_BUFF_LENGTH]; | |
379 | -char log_dir[LARGE_BUFF_LENGTH]; | |
380 | -char log_file[LARGE_BUFF_LENGTH]; | |
381 | +const char log_dir[LARGE_BUFF_LENGTH]; | |
382 | +const char log_file[LARGE_BUFF_LENGTH]; | |
383 | char blimps_output[LARGE_BUFF_LENGTH]; | |
384 | char blksort_output[LARGE_BUFF_LENGTH]; | |
385 | char html_output[LARGE_BUFF_LENGTH]; | |
386 | @@ -118,7 +118,7 @@ char frq[LARGE_BUFF_LENGTH]; /* for am | |
387 | char tmp_dir[LARGE_BUFF_LENGTH]; | |
388 | char mail_file[LARGE_BUFF_LENGTH]; | |
389 | char email_addr[LARGE_BUFF_LENGTH]; | |
390 | -char buf[LARGE_BUFF_LENGTH]; | |
391 | +const char buf[LARGE_BUFF_LENGTH]; | |
392 | ||
393 | int pid; | |
394 | ||
395 | 384 | @@ -302,8 +302,9 @@ fprintf(jgh,"Address_Ptr->val=%s\n", Add |
396 | 385 | else if (!strncmp(entries[i].val, "pfam", 9)) |
397 | 386 | { Pfam_Flag = TRUE; } |
431 | 420 | printf("<H1>Search Error</H1>\n"); |
432 | 421 | printf("You need to enter a sequence to search with.<P>\n"); |
433 | 422 | exit(0); |
423 | @@ -562,7 +563,7 @@ void display_output() | |
424 | ||
425 | while (!feof(fp) && | |
426 | fgets(buf, LARGE_BUFF_LENGTH, fp) != NULL) { | |
427 | - printf(buf); | |
428 | + printf("%s", buf); | |
429 | } | |
430 | ||
431 | pclose(fp); | |
432 | @@ -581,7 +582,7 @@ void display_html() | |
433 | ||
434 | while (!feof(fp) && | |
435 | fgets(buf, LARGE_BUFF_LENGTH, fp) != NULL) { | |
436 | - printf(buf); | |
437 | + printf("%s", buf); | |
438 | } | |
439 | ||
440 | fclose(fp); | |
434 | 441 | @@ -590,7 +591,7 @@ void display_html() |
435 | 442 | |
436 | 443 | |
884 | 891 | char mail_file[LARGE_BUFF_LENGTH]; |
885 | 892 | char email_addr[LARGE_BUFF_LENGTH]; |
886 | 893 | -char buf[LARGE_BUFF_LENGTH]; |
887 | +const char buf[LARGE_BUFF_LENGTH]; | |
894 | +static char buf[LARGE_BUFF_LENGTH]; | |
888 | 895 | |
889 | 896 | int pid; |
890 | 897 | |
906 | 913 | { |
907 | 914 | |
908 | 915 | /* open up the block file to write to */ |
916 | @@ -535,7 +535,7 @@ void convert_LAMA_output() | |
917 | ||
918 | while (!feof(fp) && | |
919 | fgets(buf, LARGE_BUFF_LENGTH, fp) != NULL) | |
920 | - printf(buf) ; | |
921 | + printf("%s", buf) ; | |
922 | ||
923 | printf("</pre>\n"); | |
924 | ||
909 | 925 | @@ -579,7 +579,7 @@ void queue_to_mail() |
910 | 926 | /* mail the person the results */ |
911 | 927 | /* NOTE: need to echo the header lines for the LAMA output :P */ |
1452 | 1468 | printf("\nEnter number of hits to report or "); |
1453 | 1469 | printf("blimps configuration file name [%d]: ", MaxHit); |
1454 | 1470 | - gets(ctemp); |
1455 | + fgets(ctemp, MAXNAME, stdin); | |
1471 | + fgets(ctemp, FNAMELEN, stdin); | |
1456 | 1472 | } |
1457 | 1473 | if (!strlen(ctemp)) strcpy(ctemp, "0"); |
1458 | 1474 | for (i=0; i<strlen(ctemp); i++) |
1485 | 1501 | { |
1486 | 1502 | printf("\nEnter Block accession number: "); |
1487 | 1503 | - gets(BlockFam); |
1488 | + fgets(BlockFam, MAXNAME, stdin); | |
1504 | + fgets(BlockFam, FNAMELEN, stdin); | |
1489 | 1505 | } |
1490 | 1506 | } |
1491 | 1507 | /* Chop off any A-Z block designator at the end */ |
1620 | 1636 | |
1621 | 1637 | |
1622 | 1638 | -extern char ErrorBuffer[LARGE_BUFF_LENGTH]; |
1623 | +extern const char ErrorBuffer[LARGE_BUFF_LENGTH+SMALL_BUFF_LENGTH]; | |
1639 | +extern char ErrorBuffer[LARGE_BUFF_LENGTH+SMALL_BUFF_LENGTH]; | |
1624 | 1640 | extern int ErrorLevelReport; |
1625 | 1641 | |
1626 | 1642 | |
1631 | 1647 | */ |
1632 | 1648 | |
1633 | 1649 | -char ErrorBuffer[LARGE_BUFF_LENGTH]; |
1634 | +const char ErrorBuffer[LARGE_BUFF_LENGTH+SMALL_BUFF_LENGTH]; | |
1650 | +char ErrorBuffer[LARGE_BUFF_LENGTH+SMALL_BUFF_LENGTH]; | |
1635 | 1651 | int ErrorLevelReport; |
1636 | 1652 | |
1637 | 1653 | |
1654 | @@ -113,7 +113,7 @@ void ErrorReport(err_level) | |
1655 | exit(FATAL_ERR_LVL); /* closes all the open files */ | |
1656 | } | |
1657 | ||
1658 | - ErrorBuffer[0] = '\0'; /* clear the string incase the caller does */ | |
1659 | + ((char *)ErrorBuffer)[0] = '\0'; /* clear the string incase the caller does */ | |
1660 | /* not setup ErrorBuffer correctly for the */ | |
1661 | /* next call */ | |
1662 | if (dont_skip_error_file_report) { | |
1663 | --- a/protomat/blosum.c | |
1664 | +++ b/protomat/blosum.c | |
1665 | @@ -125,7 +125,7 @@ char *argv[]; | |
1666 | else | |
1667 | { | |
1668 | printf("Enter name of blocks database:\n"); | |
1669 | - gets(datfile); | |
1670 | + fgets(datfile, FNAMELEN, stdin); | |
1671 | } | |
1672 | if ( (fdat=fopen(datfile, "r")) == NULL) | |
1673 | { | |
1674 | @@ -139,7 +139,7 @@ char *argv[]; | |
1675 | { | |
1676 | MinStr = MINSTR; | |
1677 | printf("Enter minimum block strength [%d]: ", MinStr); | |
1678 | - gets(ctemp); | |
1679 | + fgets(ctemp, FNAMELEN, stdin); | |
1680 | if (strlen(ctemp)) MinStr = atoi(ctemp); | |
1681 | } | |
1682 | /*-----------Arg 3, Maximum block strength----------------------*/ | |
1683 | @@ -148,7 +148,7 @@ char *argv[]; | |
1684 | { | |
1685 | MaxStr = MAXSTR; | |
1686 | printf("Enter maximum block strength [%d]: ", MaxStr); | |
1687 | - gets(ctemp); | |
1688 | + fgets(ctemp, FNAMELEN, stdin); | |
1689 | if (strlen(ctemp)) MaxStr = atoi(ctemp); | |
1690 | } | |
1691 | printf("Minimum block strength=%d, Maximum block strength=%d\n", | |
1692 | @@ -165,7 +165,7 @@ char *argv[]; | |
1693 | printf(" or w for existing sequence weights\n"); | |
1694 | printf(" or pn for position-based weights, PB weight = 1/n\n"); | |
1695 | printf("Enter clustering identity percentage or n/e/w/pn [e]: "); | |
1696 | - gets(ctemp); | |
1697 | + fgets(ctemp, FNAMELEN, stdin); | |
1698 | } | |
1699 | /* e => -1, n=> -2, w=> -3 p=> -4 */ | |
1700 | Cluster = -1; | |
1701 | @@ -208,7 +208,7 @@ char *argv[]; | |
1702 | { | |
1703 | iscale = 0; | |
1704 | printf("Enter scale n for 1/n bits [%d]: ", iscale); | |
1705 | - gets(ctemp); | |
1706 | + fgets(ctemp, FNAMELEN, stdin); | |
1707 | if (strlen(ctemp)) iscale = atoi(ctemp); | |
1708 | } | |
1709 | if (iscale < 0) iscale = 0; | |
1710 | --- a/protomat/uextract.c | |
1711 | +++ b/protomat/uextract.c | |
1712 | @@ -130,7 +130,7 @@ char *argv[]; | |
1713 | else | |
1714 | { | |
1715 | printf("\nEnter name of file containing list of entries to extract: "); | |
1716 | - gets(lisfile); | |
1717 | + fgets(lisfile, FNAMELEN, stdin); | |
1718 | } | |
1719 | if ( (flis=fopen(lisfile, "r")) == NULL) | |
1720 | { | |
1721 | @@ -144,7 +144,7 @@ char *argv[]; | |
1722 | else | |
1723 | { | |
1724 | printf("\nEnter name of database file to extract entries from: "); | |
1725 | - gets(infile); | |
1726 | + fgets(infile, FNAMELEN, stdin); | |
1727 | } | |
1728 | if ( (fin=fopen(infile, "r")) == NULL) | |
1729 | { |