diff --git a/swad_account.c b/swad_account.c index 3fc09fea..fb0d1027 100644 --- a/swad_account.c +++ b/swad_account.c @@ -697,7 +697,7 @@ void Acc_CreateNewUsr (struct UsrData *UsrDat,bool CreatingMyOwnAccount) extern const char *Pri_VisibilityDB[Pri_NUM_OPTIONS_PRIVACY]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; extern const char *Usr_StringsSexDB[Usr_NUM_SEXS]; - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]; + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]; char Query[2048]; char PathRelUsr[PATH_MAX+1]; unsigned NumID; diff --git a/swad_agenda.c b/swad_agenda.c index ff217cd0..5401862a 100644 --- a/swad_agenda.c +++ b/swad_agenda.c @@ -504,7 +504,7 @@ static void Agd_PutIconToViewEditMyFullAgenda (void) static void Agd_PutIconToShowQR (void) { - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; sprintf (URL,"%s/%s?agd=@%s", diff --git a/swad_changelog.h b/swad_changelog.h index 82c3d250..341b87ed 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -189,13 +189,14 @@ /****************************** Public constants *****************************/ /*****************************************************************************/ -#define Log_PLATFORM_VERSION "SWAD 16.115 (2017-01-15)" +#define Log_PLATFORM_VERSION "SWAD 16.116 (2017-01-15)" #define CSS_FILE "swad16.111.5.css" #define JS_FILE "swad16.114.js" // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 /* + Version 16.116: Jan 15, 2017 Code refactoring related to string copy. (211195 lines) Version 16.115: Jan 15, 2017 Code refactoring related to string copy. (211046 lines) Version 16.114.3: Jan 15, 2017 Fixed bug in chat. (211412 lines) Version 16.114.2: Jan 15, 2017 Fixed bug in file browser. (211412 lines) diff --git a/swad_constant.h b/swad_constant.h index 45465ad9..4cbb2dc0 100644 --- a/swad_constant.h +++ b/swad_constant.h @@ -49,9 +49,6 @@ #define Cns_MAX_LENGTH_STRING (128 - 1) #define Cns_MAX_BYTES_STRING (128 - 1) -#define Cns_MAX_LENGTH_URL (128 - 1) -#define Cns_MAX_BYTES_URL (256 - 1) - /*****************************************************************************/ /******************************* Public types ********************************/ /*****************************************************************************/ diff --git a/swad_date.c b/swad_date.c index fa53874f..b86e17dd 100644 --- a/swad_date.c +++ b/swad_date.c @@ -140,17 +140,17 @@ time_t Dat_GetUNIXTimeFromStr (const char *Str) bool Dat_GetDateFromYYYYMMDD (struct Date *Date,const char *YYYYMMDD) { - if (sscanf (YYYYMMDD,"%04u%02u%02u",&(Date->Year),&(Date->Month),&(Date->Day)) == 3) - { - Str_Copy (Date->YYYYMMDD,YYYYMMDD,Dat_LENGTH_YYYYMMDD); - return true; - } - else - { - Date->Year = Date->Month = Date->Day = 0; - Date->YYYYMMDD[0] = '\0'; - return false; - } + if (YYYYMMDD) + if (YYYYMMDD[0]) + if (sscanf (YYYYMMDD,"%04u%02u%02u",&(Date->Year),&(Date->Month),&(Date->Day)) == 3) + { + Str_Copy (Date->YYYYMMDD,YYYYMMDD,Dat_LENGTH_YYYYMMDD); + return true; + } + + Date->Year = Date->Month = Date->Day = 0; + Date->YYYYMMDD[0] = '\0'; + return false; } /*****************************************************************************/ diff --git a/swad_enrollment.c b/swad_enrollment.c index c43626d9..93ba2e22 100644 --- a/swad_enrollment.c +++ b/swad_enrollment.c @@ -421,7 +421,7 @@ void Enr_UpdateUsrData (struct UsrData *UsrDat) extern const char *Pri_VisibilityDB[Pri_NUM_OPTIONS_PRIVACY]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; extern const char *Usr_StringsSexDB[Usr_NUM_SEXS]; - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]; + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]; char Query[2048]; /***** Check if user's code is initialized *****/ diff --git a/swad_exam.c b/swad_exam.c index 2e2c1daa..6d0f1986 100644 --- a/swad_exam.c +++ b/swad_exam.c @@ -1620,7 +1620,8 @@ static long Exa_GetParamExaCod (void) // This function may be called inside a web service, so don't report error // MaxChars must be > 3+(2+Cns_MAX_LENGTH_DATE+6) -void Exa_GetSummaryAndContentExamAnnouncement (char *SummaryStr,char **ContentStr, +void Exa_GetSummaryAndContentExamAnnouncement (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr, long ExaCod,unsigned MaxChars,bool GetContent) { extern const char *Txt_hours_ABBREVIATION; diff --git a/swad_exam.h b/swad_exam.h index c1787490..c92f8332 100644 --- a/swad_exam.h +++ b/swad_exam.h @@ -99,7 +99,8 @@ void Exa_GetDateToHighlight (void); void Exa_CreateListDatesOfExamAnnouncements (void); void Exa_PutHiddenParamExaCod (long ExaCod); -void Exa_GetSummaryAndContentExamAnnouncement (char *SummaryStr,char **ContentStr, +void Exa_GetSummaryAndContentExamAnnouncement (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr, long ExaCod,unsigned MaxChars,bool GetContent); #endif diff --git a/swad_file.c b/swad_file.c index 80342ac8..7c9b975f 100644 --- a/swad_file.c +++ b/swad_file.c @@ -610,7 +610,7 @@ void Fil_CloseReportFile (void) #define Ti 1099511627776.0 void Fil_WriteFileSizeBrief (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]) + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); @@ -625,7 +625,7 @@ void Fil_WriteFileSizeBrief (double SizeInBytes, } void Fil_WriteFileSizeFull (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]) + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); diff --git a/swad_file.h b/swad_file.h index d6d82e5d..def5409b 100644 --- a/swad_file.h +++ b/swad_file.h @@ -53,7 +53,7 @@ struct Files FILE *Rep; // Temporary file to save report }; -#define Fil_MAX_BYTES_FILE_SIZE_STRING 32 +#define Fil_MAX_BYTES_FILE_SIZE_STRING (32 - 1) /*****************************************************************************/ /***************************** Public prototypes *****************************/ @@ -82,8 +82,8 @@ void Fil_CloseXMLFile (void); void Fil_CloseReportFile (void); void Fil_WriteFileSizeBrief (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]); + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]); void Fil_WriteFileSizeFull (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]); + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]); #endif diff --git a/swad_file_browser.c b/swad_file_browser.c index 1fd37a59..f05a1781 100644 --- a/swad_file_browser.c +++ b/swad_file_browser.c @@ -4040,7 +4040,7 @@ static void Brw_ShowAndStoreSizeOfFileTree (void) extern const char *Txt_file; extern const char *Txt_files; extern const char *Txt_of_PART_OF_A_TOTAL; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; fprintf (Gbl.F.Out,"
"); @@ -6084,7 +6084,7 @@ static void Brw_WriteFileSizeAndDate (struct FileMetadata *FileMetadata) { extern const char *Txt_Today; static unsigned UniqueId = 0; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; /***** Write the file size *****/ if (Gbl.FileBrowser.FileType == Brw_IS_FILE) @@ -8968,7 +8968,7 @@ void Brw_ShowFileMetadata (void) struct UsrData PublisherUsrDat; char FileNameToShow[NAME_MAX+1]; char URL[PATH_MAX+1]; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; bool Found; bool ICanView = false; bool IAmTheOwner; diff --git a/swad_follow.c b/swad_follow.c index 2b9b8779..910d9373 100644 --- a/swad_follow.c +++ b/swad_follow.c @@ -929,7 +929,8 @@ void Fol_GetAndShowRankingFollowers (void) /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Fol_GetNotifFollower (char *SummaryStr,char **ContentStr) +void Fol_GetNotifFollower (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr) { SummaryStr[0] = '\0'; diff --git a/swad_follow.h b/swad_follow.h index f061bc8d..6b57710f 100644 --- a/swad_follow.h +++ b/swad_follow.h @@ -60,7 +60,8 @@ void Fol_UnfollowUsr (void); void Fol_GetAndShowRankingFollowers (void); -void Fol_GetNotifFollower (char *SummaryStr,char **ContentStr); +void Fol_GetNotifFollower (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr); void Fol_RemoveUsrFromUsrFollow (long UsrCod); diff --git a/swad_global.h b/swad_global.h index 30a4a668..52fa78df 100644 --- a/swad_global.h +++ b/swad_global.h @@ -144,8 +144,8 @@ struct Globals long TimeGenerationInMicroseconds; long TimeSendInMicroseconds; - char IP[Cns_MAX_LENGTH_IP+1]; - char UniqueNameEncrypted[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1]; // Used for session id, temporary directory names, etc. + char IP[Cns_MAX_LENGTH_IP + 1]; + char UniqueNameEncrypted[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]; // Used for session id, temporary directory names, etc. struct { @@ -154,10 +154,10 @@ struct Globals Mnu_Menu_t Menu; unsigned SideCols; The_Theme_t Theme; - char PathTheme[PATH_MAX+1]; + char PathTheme[PATH_MAX + 1]; Ico_IconSet_t IconSet; - char PathIconSet[PATH_MAX+1]; - char IconsURL[PATH_MAX+1]; + char PathIconSet[PATH_MAX + 1]; + char IconsURL[PATH_MAX + 1]; } Prefs; struct @@ -165,7 +165,7 @@ struct Globals unsigned NumSessions; bool IsOpen; bool HasBeenDisconnected; - char Id[Ses_LENGTH_SESSION_ID+1]; + char Id[Ses_LENGTH_SESSION_ID + 1]; long UsrCod; } Session; @@ -290,11 +290,11 @@ struct Globals Rol_Role_t LoggedRoleBeforeCloseSession; Rol_Role_t MaxRole; bool RoleHasChanged; // Set when I have changed my role - char UsrIdLogin[Usr_MAX_BYTES_USR_LOGIN+1]; // String to store the ID, nickname or email entered in the user's login - char LoginPlainPassword[Pwd_MAX_LENGTH_PLAIN_PASSWORD+1]; - char LoginEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64+1]; - char PendingPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64+1]; - char PathDir[PATH_MAX+1]; + char UsrIdLogin[Usr_MAX_BYTES_USR_LOGIN + 1]; // String to store the ID, nickname or email entered in the user's login + char LoginPlainPassword[Pwd_MAX_LENGTH_PLAIN_PASSWORD + 1]; + char LoginEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char PendingPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char PathDir[PATH_MAX + 1]; bool Logged; bool IBelongToCurrentIns; bool IBelongToCurrentCtr; @@ -302,7 +302,7 @@ struct Globals bool IBelongToCurrentCrs; bool MyPhotoExists; unsigned NumAccWithoutPhoto; - char PhotoURL[PATH_MAX+1]; + char PhotoURL[PATH_MAX + 1]; time_t TimeLastAccToThisFileBrowser; bool ConfirmEmailJustSent; // An email to confirm my email address has just been sent struct @@ -463,7 +463,7 @@ struct Globals struct { Inf_InfoType_t Type; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; bool MustBeRead[Inf_NUM_INFO_TYPES]; // Students must read info? bool ShowMsgMustBeRead; } Info; diff --git a/swad_info.c b/swad_info.c index f9114df2..e2c11e36 100644 --- a/swad_info.c +++ b/swad_info.c @@ -924,7 +924,7 @@ static bool Inf_CheckURL (long CrsCod,Inf_InfoType_t InfoType) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -952,7 +952,7 @@ static bool Inf_CheckAndShowURL (void) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -983,7 +983,7 @@ static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType,char *PathFile /*****************************************************************************/ // This function is called only from web service -void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]) +void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_LENGTH_WWW+1]) { char PathFile[PATH_MAX+1]; FILE *FileURL; @@ -997,7 +997,7 @@ void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (TxtBuffer,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (TxtBuffer,Cns_MAX_LENGTH_WWW,FileURL) == NULL) TxtBuffer[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -1303,7 +1303,7 @@ void Inf_FormToSendURL (Inf_InfoSrc_t InfoSrc) fprintf (Gbl.F.Out,"http://"); else { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not needed now. Close it */ fclose (FileURL); @@ -2214,7 +2214,7 @@ void Inf_ReceiveURLInfo (void) Gbl.CurrentCrs.Info.Type = Inf_AsignInfoType (); /***** Get parameter with URL *****/ - Par_GetParToText ("InfoSrcURL",Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL); + Par_GetParToText ("InfoSrcURL",Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW); /***** Build path to file containing URL *****/ Inf_BuildPathURL (Gbl.CurrentCrs.Crs.CrsCod,Gbl.CurrentCrs.Info.Type,PathFile); diff --git a/swad_info.h b/swad_info.h index a8754157..0c89b301 100644 --- a/swad_info.h +++ b/swad_info.h @@ -75,7 +75,7 @@ void Inf_ChangeIHaveReadInfo (void); bool Inf_GetIfIMustReadAnyCrsInfoInThisCrs (void); void Inf_RemoveUsrFromCrsInfoRead (long UsrCod,long CrsCod); int Inf_WritePageIntoHTMLBuffer (char **HTMLBuffer); -void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]); +void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_LENGTH_WWW + 1]); void Inf_SetInfoSrc (void); void Inf_FormsToSelSendInfo (void); void Inf_FormToEnterIntegratedEditor (Inf_InfoSrc_t InfoSrc); diff --git a/swad_message.c b/swad_message.c index f410dce7..392d0657 100644 --- a/swad_message.c +++ b/swad_message.c @@ -103,7 +103,7 @@ static void Msg_WriteFormUsrsIDsOrNicksOtherRecipients (void); static void Msg_WriteFormSubjectAndContentMsgToUsrs (char *Content); static void Msg_ShowNumMsgsDeleted (unsigned NumMsgs); -static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery); +static void Msg_MakeFilterFromToSubquery (char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]); static void Msg_ExpandSentMsg (long MsgCod); static void Msg_ExpandReceivedMsg (long MsgCod); @@ -943,7 +943,7 @@ void Msg_ReqDelAllSntMsgs (void) void Msg_DelAllRecMsgs (void) { - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; unsigned long NumMsgs; /***** Get parameters *****/ @@ -965,7 +965,7 @@ void Msg_DelAllRecMsgs (void) void Msg_DelAllSntMsgs (void) { - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; unsigned long NumMsgs; /***** Get parameters *****/ @@ -1011,16 +1011,18 @@ void Msg_GetParamMsgsCrsCod (void) Par_GetParToText ("FilterCrsCod",LongStr,1+10); Gbl.Msg.FilterCrsCod = Str_ConvertStrCodToLongCod (LongStr); - if (Gbl.Msg.FilterCrsCod >= 0) // If origin course specified + if (Gbl.Msg.FilterCrsCod > 0) // If origin course specified { /* Get data of course */ Crs.CrsCod = Gbl.Msg.FilterCrsCod; Crs_GetDataOfCourseByCod (&Crs); - strcpy (Gbl.Msg.FilterCrsShrtName,Crs.ShrtName); + Str_Copy (Gbl.Msg.FilterCrsShrtName,Crs.ShrtName, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); } else - strcpy (Gbl.Msg.FilterCrsShrtName,Txt_any_course); + Str_Copy (Gbl.Msg.FilterCrsShrtName,Txt_any_course, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); } /*****************************************************************************/ @@ -1047,7 +1049,7 @@ void Msg_GetParamFilterContent (void) /************************* Make "from"/"to" subquery *************************/ /*****************************************************************************/ -static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery) +static void Msg_MakeFilterFromToSubquery (char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]) { const char *Ptr; char SearchWord[Usr_MAX_LENGTH_USR_NAME_OR_SURNAME+1]; @@ -1056,7 +1058,9 @@ static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery) if (Gbl.Msg.FilterFromTo[0]) { Ptr = Gbl.Msg.FilterFromTo; - strcpy (FilterFromToSubquery," AND CONCAT(usr_data.FirstName,usr_data.Surname1,usr_data.Surname2) LIKE '"); + Str_Copy (FilterFromToSubquery, + " AND CONCAT(usr_data.FirstName,usr_data.Surname1,usr_data.Surname2) LIKE '", + Msg_MAX_LENGTH_MESSAGES_QUERY); while (*Ptr) { Str_GetNextStringUntilSpace (&Ptr,SearchWord,Usr_MAX_LENGTH_USR_NAME_OR_SURNAME); @@ -1671,7 +1675,7 @@ static void Msg_ShowSentOrReceivedMessages (void) extern const char *The_ClassFormBold[The_NUM_THEMES]; extern const char *Txt_Filter; extern const char *Txt_Update_messages; - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; char Query[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -2507,7 +2511,8 @@ void Msg_GetDistinctCoursesInMyMessages (void) if (Crs_GetDataOfCourseByCod (&Crs)) { Gbl.Msg.Courses[Gbl.Msg.NumCourses].CrsCod = Crs.CrsCod; - strcpy (Gbl.Msg.Courses[Gbl.Msg.NumCourses].ShrtName,Crs.ShrtName); + Str_Copy (Gbl.Msg.Courses[Gbl.Msg.NumCourses].ShrtName,Crs.ShrtName, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); Gbl.Msg.NumCourses++; } } @@ -2997,13 +3002,15 @@ static void Msg_ShowASentOrReceivedMessage (long MsgNum,long MsgCod) /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, +void Msg_GetNotifMessage (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long MsgCod, unsigned MaxChars,bool GetContent) { extern const char *Txt_MSG_Subject; char Query[128]; MYSQL_RES *mysql_res; MYSQL_ROW row; + size_t Length; SummaryStr[0] = '\0'; // Return nothing on error @@ -3020,16 +3027,17 @@ void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, row = mysql_fetch_row (mysql_res); /***** Copy subject *****/ - strcpy (SummaryStr,row[0]); + Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT); if (MaxChars) Str_LimitLengthHTMLStr (SummaryStr,MaxChars); /***** Copy subject *****/ if (GetContent) { - if ((*ContentStr = (char *) malloc (strlen (row[1])+1)) == NULL) + Length = strlen (row[1]); + if ((*ContentStr = (char *) malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Error allocating memory for notification content."); - strcpy (*ContentStr,row[1]); + Str_Copy (*ContentStr,row[1],Length); } } mysql_free_result (mysql_res); diff --git a/swad_message.h b/swad_message.h index bac55cac..79df99fd 100644 --- a/swad_message.h +++ b/swad_message.h @@ -94,7 +94,8 @@ void Msg_GetDistinctCoursesInMyMessages (void); void Msg_ShowFormSelectCourseSentOrRecMsgs (void); void Msg_ShowFormToFilterMsgs (void); void Msg_GetMsgSubject (long MsgCod,char *Subject); -void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, +void Msg_GetNotifMessage (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long MsgCod, unsigned MaxChars,bool GetContent); void Msg_WriteMsgNumber (unsigned long MsgNum,bool NewMsg); diff --git a/swad_network.c b/swad_network.c index ee6d42d1..b42aa18e 100644 --- a/swad_network.c +++ b/swad_network.c @@ -201,7 +201,7 @@ void Net_ShowWebsAndSocialNets (const struct UsrData *UsrDat) MYSQL_RES *mysql_res; MYSQL_ROW row; Net_WebsAndSocialNetworks_t NumURL; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Start container *****/ fprintf (Gbl.F.Out,"
"); @@ -225,7 +225,7 @@ void Net_ShowWebsAndSocialNets (const struct UsrData *UsrDat) { /* Get URL */ row = mysql_fetch_row (mysql_res); - Str_Copy (URL,row[0],Cns_MAX_BYTES_URL); + Str_Copy (URL,row[0],Cns_MAX_LENGTH_WWW); /* Show the web / social network */ Net_ShowAWebOrSocialNet (URL, @@ -292,7 +292,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) MYSQL_RES *mysql_res; MYSQL_ROW row; Net_WebsAndSocialNetworks_t NumURL; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Start table *****/ Lay_StartRoundFrameTable (NULL,Txt_Webs_social_networks, @@ -315,7 +315,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) row = mysql_fetch_row (mysql_res); /* Get URL */ - Str_Copy (URL,row[0],Cns_MAX_BYTES_URL); + Str_Copy (URL,row[0],Cns_MAX_LENGTH_WWW); } else URL[0] = '\0'; @@ -347,7 +347,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) " maxlength=\"%u\" value=\"%s\" style=\"width:%upx;\"" " onchange=\"document.getElementById('%s').submit();\" />", (unsigned) NumURL, - Cns_MAX_LENGTH_URL,URL,Net_COL2_WIDTH - 20, + Cns_MAX_LENGTH_WWW,URL,Net_COL2_WIDTH - 20, Gbl.Form.Id); Act_FormEnd (); fprintf (Gbl.F.Out,"" @@ -388,11 +388,11 @@ void Net_UpdateMyWebsAndSocialNets (void) static void Net_GetMyWebsAndSocialNetsFromForm (void) { - char Query[256+Cns_MAX_BYTES_URL]; + char Query[256+Cns_MAX_LENGTH_WWW]; char UnsignedStr[10+1]; unsigned UnsignedNum; Net_WebsAndSocialNetworks_t Web; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Get parameter with the type of web / social network *****/ Par_GetParToText ("Web",UnsignedStr,10); @@ -403,7 +403,7 @@ static void Net_GetMyWebsAndSocialNetsFromForm (void) Web = (Net_WebsAndSocialNetworks_t) UnsignedNum; /***** Get URL *****/ - Par_GetParToText ("URL",URL,Cns_MAX_BYTES_URL); + Par_GetParToText ("URL",URL,Cns_MAX_LENGTH_WWW); if (URL[0]) { /***** Insert or replace web / social network *****/ diff --git a/swad_nickname.c b/swad_nickname.c index 4a72b8ae..814d96b4 100644 --- a/swad_nickname.c +++ b/swad_nickname.c @@ -396,7 +396,8 @@ void Nck_UpdateNick (void) { // Now we know the new nickname is not already in database and is diffent to the current one Nck_UpdateMyNick (NewNicknameWithoutArroba); - strcpy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba); + Str_Copy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba, + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); sprintf (Gbl.Message,Txt_Your_nickname_X_has_been_registered_successfully, NewNicknameWithoutArroba); diff --git a/swad_notice.c b/swad_notice.c index 9a55b395..3a7dea44 100644 --- a/swad_notice.c +++ b/swad_notice.c @@ -743,12 +743,14 @@ static void Not_DrawANotice (Not_Listing_t TypeNoticesListing, /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, - long NotCod,unsigned MaxChars,bool GetContent) +void Not_GetSummaryAndContentNotice (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long NotCod, + unsigned MaxChars,bool GetContent) { char Query[512]; MYSQL_RES *mysql_res; MYSQL_ROW row; + size_t Length; SummaryStr[0] = '\0'; // Return nothing on error @@ -765,16 +767,17 @@ void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, row = mysql_fetch_row (mysql_res); /***** Copy summary *****/ - strcpy (SummaryStr,row[0]); + Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT); if (MaxChars) Str_LimitLengthHTMLStr (SummaryStr,MaxChars); /***** Copy content *****/ if (GetContent) { - if ((*ContentStr = (char *) malloc (strlen (row[0])+1)) == NULL) + Length = strlen (row[0]); + if ((*ContentStr = (char *) malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Error allocating memory for notification content."); - strcpy (*ContentStr,row[0]); + Str_Copy (*ContentStr,row[0],Length); } } mysql_free_result (mysql_res); diff --git a/swad_notice.h b/swad_notice.h index 764fad44..826bd789 100644 --- a/swad_notice.h +++ b/swad_notice.h @@ -68,8 +68,9 @@ void Not_RemoveNotice (void); void Not_GetNotCodToHighlight (void); void Not_ShowNotices (Not_Listing_t TypeNoticesListing); -void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, - long NotCod,unsigned MaxChars,bool GetContent); +void Not_GetSummaryAndContentNotice (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long NotCod, + unsigned MaxChars,bool GetContent); unsigned Not_GetNumNotices (Sco_Scope_t Scope,Not_Status_t Status,unsigned *NumNotif); unsigned Not_GetNumNoticesDeleted (Sco_Scope_t Scope,unsigned *NumNotif); diff --git a/swad_parameter.c b/swad_parameter.c index 35292534..af63ca7b 100644 --- a/swad_parameter.c +++ b/swad_parameter.c @@ -70,14 +70,17 @@ static bool Par_CheckIsParamCanBeUsedInGETMethod (const char *ParamName); /*** Read all parameters passed to this CGI and store for later processing ***/ /*****************************************************************************/ +#define Par_MAX_LENGTH_METHOD (256 - 1) +#define Par_MAX_LENGTH_CONTENT_TYPE (256 - 1) + bool Par_GetQueryString (void) { - char Method[256]; - char ContentType[512]; - char UnsignedLongStr[10+1]; + char Method[Par_MAX_LENGTH_METHOD + 1]; + char ContentType[Par_MAX_LENGTH_CONTENT_TYPE + 1]; + char UnsignedLongStr[10 + 1]; unsigned long UnsignedLong; - strcpy (Method,getenv ("REQUEST_METHOD")); + Str_Copy (Method,getenv ("REQUEST_METHOD"),Par_MAX_LENGTH_METHOD); if (!strcmp (Method,"GET")) { @@ -93,7 +96,8 @@ bool Par_GetQueryString (void) return false; /* Copy query string from environment variable */ - strcpy (Gbl.Params.QueryString,getenv ("QUERY_STRING")); + Str_Copy (Gbl.Params.QueryString,getenv ("QUERY_STRING"), + Gbl.Params.ContentLength); } else { @@ -101,7 +105,7 @@ bool Par_GetQueryString (void) /* Get content length */ if (getenv ("CONTENT_LENGTH")) { - strcpy (UnsignedLongStr,getenv ("CONTENT_LENGTH")); + Str_Copy (UnsignedLongStr,getenv ("CONTENT_LENGTH"),10); if (sscanf (UnsignedLongStr,"%lu",&UnsignedLong) != 1) return false; Gbl.Params.ContentLength = (size_t) UnsignedLong; @@ -115,7 +119,7 @@ bool Par_GetQueryString (void) if (getenv ("CONTENT_TYPE") == NULL) return false; - strcpy (ContentType,getenv ("CONTENT_TYPE")); + Str_Copy (ContentType,getenv ("CONTENT_TYPE"),Par_MAX_LENGTH_CONTENT_TYPE); if (!strncmp (ContentType,"multipart/form-data",strlen ("multipart/form-data"))) { @@ -679,7 +683,8 @@ void Par_GetMainParameters (void) { /* Set another user's nickname */ Str_RemoveLeadingArrobas (Nickname); - strcpy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname); // without arroba + Str_Copy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname, // without arroba + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); // This user's code is used to go to public profile // and to refresh old publishings in user's timeline @@ -694,7 +699,8 @@ void Par_GetMainParameters (void) { /* Set another user's nickname */ Str_RemoveLeadingArrobas (Nickname); - strcpy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname); // without arroba + Str_Copy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname, // without arroba + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); // This user's code is used to go to public agenda // If user does not exist ==> UsrCod = -1 diff --git a/swad_password.c b/swad_password.c index 2d1324d3..0197b185 100644 --- a/swad_password.c +++ b/swad_password.c @@ -117,7 +117,8 @@ bool Pwd_CheckPendingPassword (void) { /* Get encrypted pending password */ row = mysql_fetch_row (mysql_res); - strcpy (Gbl.Usrs.Me.PendingPassword,row[0]); + Str_Copy (Gbl.Usrs.Me.PendingPassword,row[0], + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); } else Gbl.Usrs.Me.PendingPassword[0] = '\0'; @@ -136,7 +137,7 @@ bool Pwd_CheckPendingPassword (void) void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) { - char Query[128+Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; + char Query[128 + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; /***** Update my current password in database *****/ sprintf (Query,"UPDATE usr_data SET Password='%s'" @@ -146,7 +147,8 @@ void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) DB_QueryUPDATE (Query,"can not update your password"); /***** Update my current password *****/ - strcpy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword); + Str_Copy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); } /*****************************************************************************/ @@ -177,7 +179,8 @@ void Pwd_ActChgMyPwd1 (void) /***** Check if I have written twice the same password *****/ if (strcmp (NewPlainPassword[0],NewPlainPassword[1])) // Passwords don't match - strcpy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password); + Str_Copy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password, + Lay_MAX_BYTES_ALERT); else { Str_ChangeFormat (Str_FROM_FORM,Str_TO_TEXT, @@ -185,16 +188,19 @@ void Pwd_ActChgMyPwd1 (void) Cry_EncryptSHA512Base64 (NewPlainPassword[0],NewEncryptedPassword); if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Me.UsrDat.UsrCod)) // New password is good? { - strcpy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword); + Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); Ses_UpdateSessionDataInDB (); Enr_UpdateUsrData (&Gbl.Usrs.Me.UsrDat); - strcpy (Gbl.Message,Txt_Your_password_has_been_changed_successfully); + Str_Copy (Gbl.Message,Txt_Your_password_has_been_changed_successfully, + Lay_MAX_BYTES_ALERT); Gbl.Usrs.Error = false; } } } else - strcpy (Gbl.Message,Txt_You_have_not_entered_your_password_correctly); + Str_Copy (Gbl.Message,Txt_You_have_not_entered_your_password_correctly, + Lay_MAX_BYTES_ALERT); } void Pwd_ActChgMyPwd2 (void) @@ -324,7 +330,8 @@ void Pwd_ChkIdLoginAndSendNewPwd (void) ID_ReallocateListIDs (&Gbl.Usrs.Me.UsrDat,1); // User has typed a user's ID - strcpy (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID,Gbl.Usrs.Me.UsrIdLogin); + Str_Copy (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID,Gbl.Usrs.Me.UsrIdLogin, + ID_MAX_LENGTH_USR_ID); Str_ConvertToUpperText (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID); /* Get users' codes for this ID */ @@ -494,7 +501,8 @@ void Pwd_UpdateOtherPwd1 (void) if (strcmp (NewPlainPassword[0],NewPlainPassword[1])) // Paswords don't match - strcpy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password); + Str_Copy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password, + Lay_MAX_BYTES_ALERT); else { Str_ChangeFormat (Str_FROM_FORM,Str_TO_TEXT, @@ -503,7 +511,8 @@ void Pwd_UpdateOtherPwd1 (void) if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Other.UsrDat.UsrCod)) // Good password { /* Update other user's data */ - strcpy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword); + Str_Copy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); Enr_UpdateUsrData (&Gbl.Usrs.Other.UsrDat); sprintf (Gbl.Message,Txt_The_X_password_has_been_changed_successfully, @@ -513,10 +522,12 @@ void Pwd_UpdateOtherPwd1 (void) } } else - strcpy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_); + Str_Copy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_, + Lay_MAX_BYTES_ALERT); } else // User not found - strcpy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_); + Str_Copy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_, + Lay_MAX_BYTES_ALERT); } void Pwd_UpdateOtherPwd2 (void) @@ -552,7 +563,8 @@ bool Pwd_SlowCheckIfPasswordIsGood (const char *PlainPassword, /***** Check if password is found in user's ID, first name or surnames of anybody *****/ if (Pwd_CheckIfPasswdIsUsrIDorName (PlainPassword)) // PlainPassword is a user's ID, name or surname { - strcpy (Gbl.Message,Txt_The_password_is_too_trivial_); + Str_Copy (Gbl.Message,Txt_The_password_is_too_trivial_, + Lay_MAX_BYTES_ALERT); return false; } @@ -560,7 +572,8 @@ bool Pwd_SlowCheckIfPasswordIsGood (const char *PlainPassword, if (Pwd_GetNumOtherUsrsWhoUseThisPassword (EncryptedPassword,UsrCod) > Pwd_MAX_OTHER_USERS_USING_THE_SAME_PASSWORD) { - strcpy (Gbl.Message,Txt_The_password_is_too_trivial_); + Str_Copy (Gbl.Message,Txt_The_password_is_too_trivial_, + Lay_MAX_BYTES_ALERT); return false; } @@ -637,7 +650,8 @@ bool Pwd_FastCheckIfPasswordSeemsGood (const char *PlainPassword) /***** Check spaces in password *****/ if (strchr (PlainPassword,(int) ' ') != NULL) // PlainPassword with spaces { - strcpy (Gbl.Message,Txt_The_password_can_not_contain_spaces); + Str_Copy (Gbl.Message,Txt_The_password_can_not_contain_spaces, + Lay_MAX_BYTES_ALERT); return false; } @@ -649,7 +663,8 @@ bool Pwd_FastCheckIfPasswordSeemsGood (const char *PlainPassword) ItsANumber = false; if (ItsANumber) { - strcpy (Gbl.Message,Txt_The_password_can_not_consist_only_of_digits); + Str_Copy (Gbl.Message,Txt_The_password_can_not_consist_only_of_digits, + Lay_MAX_BYTES_ALERT); return false; } diff --git a/swad_photo.c b/swad_photo.c index be632e43..d2a185c6 100644 --- a/swad_photo.c +++ b/swad_photo.c @@ -1117,7 +1117,8 @@ void Pho_UpdatePhotoName (struct UsrData *UsrDat) unlink (PathPublPhoto); // Remove public link /***** Update photo name in user's data *****/ - strcpy (UsrDat->Photo,Gbl.UniqueNameEncrypted); + Str_Copy (UsrDat->Photo,Gbl.UniqueNameEncrypted, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); } /*****************************************************************************/ @@ -1129,8 +1130,8 @@ void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, bool FormUnique) { extern struct Act_Actions Act_Actions[Act_NUM_ACTIONS]; - char FullName [3*(Usr_MAX_BYTES_NAME+1)]; - char ShortName[3*(Usr_MAX_BYTES_NAME+1)]; + char FullName [Usr_MAX_BYTES_FULL_NAME + 1]; + char ShortName[Usr_MAX_BYTES_FULL_NAME + 1]; char Surnames [Usr_MAX_BYTES_SURNAMES + 1]; bool PhotoExists; bool PutLinkToPublicProfile = !Gbl.Form.Inside && // Only if not inside another form @@ -1156,14 +1157,14 @@ void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, } /***** Hidden div to pass user's name to Javascript *****/ - strcpy (FullName,UsrDat->FullName); + Str_Copy (FullName,UsrDat->FullName,Usr_MAX_BYTES_FULL_NAME); if (PutZoomCode) { - strcpy (ShortName,UsrDat->FirstName); + Str_Copy (ShortName,UsrDat->FirstName,Usr_MAX_BYTES_FULL_NAME); Str_LimitLengthHTMLStr (ShortName,23); Surnames[0] = '\0'; if (UsrDat->Surname1[0]) - strcpy (Surnames,UsrDat->Surname1); + Str_Copy (Surnames,UsrDat->Surname1,Usr_MAX_BYTES_SURNAMES); if (UsrDat->Surname2[0]) { strcat (Surnames," "); @@ -1898,6 +1899,7 @@ static void Pho_PutLinkToPrintViewOfDegreeStatsParams (void) /*************** Put a link to calculate the stats of degrees ****************/ /*****************************************************************************/ +#define Pho_MAX_LENGTH_ESTIMATED_TIME (64 - 1) static void Pho_PutLinkToCalculateDegreeStats (void) { extern const char *The_ClassFormBold[The_NUM_THEMES]; @@ -1909,7 +1911,7 @@ static void Pho_PutLinkToCalculateDegreeStats (void) unsigned NumDeg; struct Degree Deg; long EstimatedTimeToComputeAvgPhotoInMicroseconds; - char StrEstimatedTimeToComputeAvgPhoto[64]; + char StrEstimatedTimeToComputeAvgPhoto[Pho_MAX_LENGTH_ESTIMATED_TIME + 1]; if ((Deg.DegCod = Pho_GetDegWithAvgPhotoLeastRecentlyUpdated ()) > 0) { @@ -1945,7 +1947,8 @@ static void Pho_PutLinkToCalculateDegreeStats (void) /* Get time to compute average photo of this degree */ EstimatedTimeToComputeAvgPhotoInMicroseconds = Pho_GetTimeToComputeAvgPhoto (Degs.Lst[NumDeg].DegCod); if (EstimatedTimeToComputeAvgPhotoInMicroseconds == -1L) - strcpy (StrEstimatedTimeToComputeAvgPhoto,Txt_unknown_TIME); + Str_Copy (StrEstimatedTimeToComputeAvgPhoto,Txt_unknown_TIME, + Pho_MAX_LENGTH_ESTIMATED_TIME); else Sta_WriteTime (StrEstimatedTimeToComputeAvgPhoto,EstimatedTimeToComputeAvgPhotoInMicroseconds); diff --git a/swad_place.c b/swad_place.c index 63597669..2ab5f237 100644 --- a/swad_place.c +++ b/swad_place.c @@ -302,10 +302,10 @@ void Plc_GetListPlaces (void) Lay_ShowErrorAndExit ("Wrong code of place."); /* Get the short name of the place (row[1]) */ - strcpy (Plc->ShrtName,row[1]); + Str_Copy (Plc->ShrtName,row[1],Plc_MAX_LENGTH_PLACE_SHRT_NAME); /* Get the full name of the place (row[2]) */ - strcpy (Plc->FullName,row[2]); + Str_Copy (Plc->FullName,row[2],Plc_MAX_LENGTH_PLACE_FULL_NAME); /* Get number of centres in this place (row[3]) */ if (sscanf (row[3],"%u",&Plc->NumCtrs) != 1) @@ -651,7 +651,7 @@ static void Plc_RenamePlace (Cns_ShrtOrFullName_t ShrtOrFullName) } /***** Show the form again *****/ - strcpy (CurrentPlcName,NewPlcName); + Str_Copy (CurrentPlcName,NewPlcName,MaxLength); Plc_EditPlaces (); } diff --git a/swad_place.h b/swad_place.h index 67f6c529..982f9266 100644 --- a/swad_place.h +++ b/swad_place.h @@ -38,8 +38,8 @@ struct Place { long PlcCod; long InsCod; - char ShrtName[Plc_MAX_LENGTH_PLACE_SHRT_NAME+1]; - char FullName[Plc_MAX_LENGTH_PLACE_FULL_NAME+1]; + char ShrtName[Plc_MAX_LENGTH_PLACE_SHRT_NAME + 1]; + char FullName[Plc_MAX_LENGTH_PLACE_FULL_NAME + 1]; unsigned NumCtrs; }; diff --git a/swad_plugin.c b/swad_plugin.c index 5b99b1c0..a696b90e 100644 --- a/swad_plugin.c +++ b/swad_plugin.c @@ -569,7 +569,7 @@ void Plg_RenamePlugin (void) } /***** Show the form again *****/ - strcpy (Plg->Name,NewPlgName); + Str_Copy (Plg->Name,NewPlgName,Plg_MAX_LENGTH_PLUGIN_NAME); Plg_EditPlugins (); } @@ -629,7 +629,7 @@ void Plg_ChangePlgDescription (void) } /***** Show the form again *****/ - strcpy (Plg->Description,NewDescription); + Str_Copy (Plg->Description,NewDescription,Plg_MAX_LENGTH_PLUGIN_DESCRIPTION); Plg_EditPlugins (); } @@ -672,7 +672,7 @@ void Plg_ChangePlgLogo (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_logo_empty); /***** Show the form again *****/ - strcpy (Plg->Logo,NewLogo); + Str_Copy (Plg->Logo,NewLogo,Plg_MAX_LENGTH_PLUGIN_LOGO); Plg_EditPlugins (); } @@ -715,7 +715,7 @@ void Plg_ChangePlgAppKey (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_logo_empty); // TODO!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! /***** Show the form again *****/ - strcpy (Plg->AppKey,NewAppKey); + Str_Copy (Plg->AppKey,NewAppKey,Plg_MAX_LENGTH_PLUGIN_APP_KEY); Plg_EditPlugins (); } @@ -758,7 +758,7 @@ void Plg_ChangePlgURL (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_URL_empty); /***** Show the form again *****/ - strcpy (Plg->URL,NewURL); + Str_Copy (Plg->URL,NewURL,Cns_MAX_LENGTH_WWW); Plg_EditPlugins (); } @@ -801,7 +801,7 @@ void Plg_ChangePlgIP (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_IP_address_empty); /***** Show the form again *****/ - strcpy (Plg->IP,NewIP); + Str_Copy (Plg->IP,NewIP,Cns_MAX_LENGTH_IP); Plg_EditPlugins (); } diff --git a/swad_plugin.h b/swad_plugin.h index 7dc5e91c..bc80dea3 100644 --- a/swad_plugin.h +++ b/swad_plugin.h @@ -43,12 +43,12 @@ struct Plugin { long PlgCod; - char Name[Plg_MAX_LENGTH_PLUGIN_NAME+1]; - char Description[Plg_MAX_LENGTH_PLUGIN_DESCRIPTION+1]; - char Logo[Plg_MAX_LENGTH_PLUGIN_LOGO+1]; - char AppKey[Plg_MAX_LENGTH_PLUGIN_APP_KEY+1]; - char URL[Cns_MAX_LENGTH_WWW+1]; - char IP[Cns_MAX_LENGTH_IP+1]; + char Name[Plg_MAX_LENGTH_PLUGIN_NAME + 1]; + char Description[Plg_MAX_LENGTH_PLUGIN_DESCRIPTION + 1]; + char Logo[Plg_MAX_LENGTH_PLUGIN_LOGO + 1]; + char AppKey[Plg_MAX_LENGTH_PLUGIN_APP_KEY + 1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; + char IP[Cns_MAX_LENGTH_IP + 1]; }; /*****************************************************************************/ diff --git a/swad_profile.c b/swad_profile.c index 993a97a2..175a286c 100644 --- a/swad_profile.c +++ b/swad_profile.c @@ -1027,14 +1027,18 @@ static void Prf_ResetUsrFigures (struct UsrFigures *UsrFigures) /***** Get number of messages sent by a user and store in user's figures *****/ /*****************************************************************************/ +#define Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME (64 - 1) + static void Prf_CreateUsrFigures (long UsrCod,const struct UsrFigures *UsrFigures, bool CreatingMyOwnAccount) { - char Query[512]; - char SubQueryFirstClickTime[64]; + char Query[512 + Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME]; + char SubQueryFirstClickTime[Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME + 1]; if (CreatingMyOwnAccount) - strcpy (SubQueryFirstClickTime,"NOW()"); // This is the first click + // This is the first click + Str_Copy (SubQueryFirstClickTime,"NOW()", + Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME); else sprintf (SubQueryFirstClickTime,"FROM_UNIXTIME('%ld')", (long) UsrFigures->FirstClickTimeUTC); // 0 ==> unknown first click time or user never logged diff --git a/swad_record.c b/swad_record.c index 9817ab90..ede63427 100644 --- a/swad_record.c +++ b/swad_record.c @@ -71,7 +71,8 @@ extern struct Globals Gbl; /*****************************************************************************/ static void Rec_WriteHeadingRecordFields (void); -static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility); +static void Rec_GetFieldByCod (long FieldCod,char Name[Rec_MAX_LENGTH_NAME_FIELD+1], + unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility); static void Rec_ShowRecordOneStdCrs (void); static void Rec_ListRecordsStds (Rec_SharedRecordViewType_t ShaTypeOfView, @@ -680,7 +681,8 @@ void Rec_RemoveFieldFromDB (void) /************** Get the data of a field of records from its code *************/ /*****************************************************************************/ -static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility) +static void Rec_GetFieldByCod (long FieldCod,char Name[Rec_MAX_LENGTH_NAME_FIELD + 1], + unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility) { char Query[512]; MYSQL_RES *mysql_res; @@ -701,7 +703,7 @@ static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_V row = mysql_fetch_row (mysql_res); /* Name of the field */ - strcpy (Name,row[0]); + Str_Copy (Name,row[0],Rec_MAX_LENGTH_NAME_FIELD); /* Number of lines of the field (row[1]) */ *NumLines = Rec_ConvertToNumLinesField (row[1]); @@ -798,7 +800,8 @@ void Rec_RenameField (void) } /***** Show the form again *****/ - strcpy (Gbl.CurrentCrs.Records.Field.Name,NewFieldName); + Str_Copy (Gbl.CurrentCrs.Records.Field.Name,NewFieldName, + Rec_MAX_LENGTH_NAME_FIELD); Rec_ReqEditRecordFields (); } @@ -1582,7 +1585,7 @@ static void Rec_ShowCrsRecord (Rec_CourseRecordViewType_t TypeOfView, bool ShowField; bool ThisFieldHasText; bool ICanEdit; - char Text[Cns_MAX_BYTES_TEXT+1]; + char Text[Cns_MAX_BYTES_TEXT + 1]; if (Gbl.Usrs.Me.LoggedRole == Rol_STUDENT) // I am a student { @@ -1719,7 +1722,7 @@ static void Rec_ShowCrsRecord (Rec_CourseRecordViewType_t TypeOfView, { if (ThisFieldHasText) { - strcpy (Text,row[0]); + Str_Copy (Text,row[0],Cns_MAX_BYTES_TEXT); Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML, Text,Cns_MAX_BYTES_TEXT,false); fprintf (Gbl.F.Out,"%s",Text); diff --git a/swad_record.h b/swad_record.h index 294aaec4..debb6d7b 100644 --- a/swad_record.h +++ b/swad_record.h @@ -89,7 +89,7 @@ typedef enum struct RecordField { long FieldCod; // FieldCode - char Name[Rec_MAX_LENGTH_NAME_FIELD+1]; // Field name + char Name[Rec_MAX_LENGTH_NAME_FIELD + 1]; // Field name unsigned NumLines; // Number of rows of form used to edit the filed (always >= 2) Rec_VisibilityRecordFields_t Visibility; // Hidden, visible or editable by students? char *Text; // Filed text diff --git a/swad_session.c b/swad_session.c index 9458adad..7f9e5f8c 100644 --- a/swad_session.c +++ b/swad_session.c @@ -80,7 +80,7 @@ void Ses_GetNumSessions (void) void Ses_CreateSession (void) { /***** Create a unique name for the session *****/ - strcpy (Gbl.Session.Id,Gbl.UniqueNameEncrypted); + Str_Copy (Gbl.Session.Id,Gbl.UniqueNameEncrypted,Ses_LENGTH_SESSION_ID); /***** Check that session is not open *****/ if (Ses_CheckIfSessionExists (Gbl.Session.Id)) @@ -283,7 +283,8 @@ bool Ses_GetSessionData (void) Gbl.Session.UsrCod = Str_ConvertStrCodToLongCod (row[0]); /***** Get password (row[1]) *****/ - strcpy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1]); + Str_Copy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1], + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); /***** Get logged user type (row[2]) *****/ if (sscanf (row[2],"%u",&Gbl.Usrs.Me.RoleFromSession) != 1) diff --git a/swad_social.c b/swad_social.c index b925c0db..1186a77e 100644 --- a/swad_social.c +++ b/swad_social.c @@ -487,6 +487,8 @@ void Soc_MarkMyNotifAsSeen (void) /*****************************************************************************/ // Query must have space for at least 1024 chars +#define Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS (256 - 1) + static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, char *Query) @@ -494,7 +496,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl char SubQueryPublishers[128]; char SubQueryRangeBottom[128]; char SubQueryRangeTop[128]; - char SubQueryAlreadyExists[256]; + char SubQueryAlreadyExists[Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS + 1]; struct { long Top; @@ -569,12 +571,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl { case Soc_GET_ONLY_NEW_PUBS: case Soc_GET_RECENT_TIMELINE: - strcpy (SubQueryAlreadyExists," AND NotCod NOT IN" - " (SELECT NotCod FROM not_codes)"); + Str_Copy (SubQueryAlreadyExists, + " AND NotCod NOT IN" + " (SELECT NotCod FROM not_codes)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; case Soc_GET_ONLY_OLD_PUBS: - strcpy (SubQueryAlreadyExists," AND NotCod NOT IN" - " (SELECT NotCod FROM current_timeline)"); + Str_Copy (SubQueryAlreadyExists, + " AND NotCod NOT IN" + " (SELECT NotCod FROM current_timeline)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; } break; @@ -583,12 +589,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl { case Soc_GET_ONLY_NEW_PUBS: case Soc_GET_RECENT_TIMELINE: - strcpy (SubQueryAlreadyExists," AND social_pubs.NotCod NOT IN" - " (SELECT NotCod FROM not_codes)"); + Str_Copy (SubQueryAlreadyExists, + " AND social_pubs.NotCod NOT IN" + " (SELECT NotCod FROM not_codes)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; case Soc_GET_ONLY_OLD_PUBS: - strcpy (SubQueryAlreadyExists," AND social_pubs.NotCod NOT IN" - " (SELECT NotCod FROM current_timeline)"); + Str_Copy (SubQueryAlreadyExists, + " AND social_pubs.NotCod NOT IN" + " (SELECT NotCod FROM current_timeline)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; } break; @@ -1953,8 +1963,8 @@ static void Soc_PutFormToWriteNewPost (void) { extern const char *Txt_New_SOCIAL_post; bool ShowPhoto; - char PhotoURL[PATH_MAX+1]; - char FullName[(Usr_MAX_BYTES_NAME + 1) * 3]; + char PhotoURL[PATH_MAX + 1]; + char FullName[Usr_MAX_BYTES_FULL_NAME + 2]; /***** Start list *****/ fprintf (Gbl.F.Out,"