From ed020a5492a467538e22b2ee026ba9d7f799109a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Ca=C3=B1as=20Vargas?= Date: Sun, 15 Jan 2017 22:58:26 +0100 Subject: [PATCH] Version 16.116 --- swad_account.c | 2 +- swad_agenda.c | 2 +- swad_changelog.h | 3 +- swad_constant.h | 3 - swad_date.c | 22 +++--- swad_enrollment.c | 2 +- swad_exam.c | 3 +- swad_exam.h | 3 +- swad_file.c | 4 +- swad_file.h | 6 +- swad_file_browser.c | 6 +- swad_follow.c | 3 +- swad_follow.h | 3 +- swad_global.h | 26 +++---- swad_info.c | 12 ++-- swad_info.h | 2 +- swad_message.c | 36 ++++++---- swad_message.h | 3 +- swad_network.c | 16 ++--- swad_nickname.c | 3 +- swad_notice.c | 13 ++-- swad_notice.h | 5 +- swad_parameter.c | 24 ++++--- swad_password.c | 47 +++++++----- swad_photo.c | 19 ++--- swad_place.c | 6 +- swad_place.h | 4 +- swad_plugin.c | 12 ++-- swad_plugin.h | 12 ++-- swad_profile.c | 10 ++- swad_record.c | 15 ++-- swad_record.h | 2 +- swad_session.c | 5 +- swad_social.c | 62 ++++++++++------ swad_social.h | 3 +- swad_statistic.c | 50 ++++++------- swad_string.c | 130 +++++++++++++++++++++++----------- swad_survey.c | 41 ++++++----- swad_survey.h | 7 +- swad_test.c | 17 +++-- swad_test.h | 4 +- swad_timetable.c | 16 +++-- swad_timetable.h | 4 +- swad_user.c | 53 +++++++------- swad_user.h | 9 +-- swad_web_service.c | 169 +++++++++++++++++++++++++------------------- swad_zip.c | 18 ++--- 47 files changed, 536 insertions(+), 381 deletions(-) diff --git a/swad_account.c b/swad_account.c index 3fc09fea..fb0d1027 100644 --- a/swad_account.c +++ b/swad_account.c @@ -697,7 +697,7 @@ void Acc_CreateNewUsr (struct UsrData *UsrDat,bool CreatingMyOwnAccount) extern const char *Pri_VisibilityDB[Pri_NUM_OPTIONS_PRIVACY]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; extern const char *Usr_StringsSexDB[Usr_NUM_SEXS]; - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]; + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]; char Query[2048]; char PathRelUsr[PATH_MAX+1]; unsigned NumID; diff --git a/swad_agenda.c b/swad_agenda.c index ff217cd0..5401862a 100644 --- a/swad_agenda.c +++ b/swad_agenda.c @@ -504,7 +504,7 @@ static void Agd_PutIconToViewEditMyFullAgenda (void) static void Agd_PutIconToShowQR (void) { - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; sprintf (URL,"%s/%s?agd=@%s", diff --git a/swad_changelog.h b/swad_changelog.h index 82c3d250..341b87ed 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -189,13 +189,14 @@ /****************************** Public constants *****************************/ /*****************************************************************************/ -#define Log_PLATFORM_VERSION "SWAD 16.115 (2017-01-15)" +#define Log_PLATFORM_VERSION "SWAD 16.116 (2017-01-15)" #define CSS_FILE "swad16.111.5.css" #define JS_FILE "swad16.114.js" // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 /* + Version 16.116: Jan 15, 2017 Code refactoring related to string copy. (211195 lines) Version 16.115: Jan 15, 2017 Code refactoring related to string copy. (211046 lines) Version 16.114.3: Jan 15, 2017 Fixed bug in chat. (211412 lines) Version 16.114.2: Jan 15, 2017 Fixed bug in file browser. (211412 lines) diff --git a/swad_constant.h b/swad_constant.h index 45465ad9..4cbb2dc0 100644 --- a/swad_constant.h +++ b/swad_constant.h @@ -49,9 +49,6 @@ #define Cns_MAX_LENGTH_STRING (128 - 1) #define Cns_MAX_BYTES_STRING (128 - 1) -#define Cns_MAX_LENGTH_URL (128 - 1) -#define Cns_MAX_BYTES_URL (256 - 1) - /*****************************************************************************/ /******************************* Public types ********************************/ /*****************************************************************************/ diff --git a/swad_date.c b/swad_date.c index fa53874f..b86e17dd 100644 --- a/swad_date.c +++ b/swad_date.c @@ -140,17 +140,17 @@ time_t Dat_GetUNIXTimeFromStr (const char *Str) bool Dat_GetDateFromYYYYMMDD (struct Date *Date,const char *YYYYMMDD) { - if (sscanf (YYYYMMDD,"%04u%02u%02u",&(Date->Year),&(Date->Month),&(Date->Day)) == 3) - { - Str_Copy (Date->YYYYMMDD,YYYYMMDD,Dat_LENGTH_YYYYMMDD); - return true; - } - else - { - Date->Year = Date->Month = Date->Day = 0; - Date->YYYYMMDD[0] = '\0'; - return false; - } + if (YYYYMMDD) + if (YYYYMMDD[0]) + if (sscanf (YYYYMMDD,"%04u%02u%02u",&(Date->Year),&(Date->Month),&(Date->Day)) == 3) + { + Str_Copy (Date->YYYYMMDD,YYYYMMDD,Dat_LENGTH_YYYYMMDD); + return true; + } + + Date->Year = Date->Month = Date->Day = 0; + Date->YYYYMMDD[0] = '\0'; + return false; } /*****************************************************************************/ diff --git a/swad_enrollment.c b/swad_enrollment.c index c43626d9..93ba2e22 100644 --- a/swad_enrollment.c +++ b/swad_enrollment.c @@ -421,7 +421,7 @@ void Enr_UpdateUsrData (struct UsrData *UsrDat) extern const char *Pri_VisibilityDB[Pri_NUM_OPTIONS_PRIVACY]; extern const char *Txt_STR_LANG_ID[1+Txt_NUM_LANGUAGES]; extern const char *Usr_StringsSexDB[Usr_NUM_SEXS]; - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]; + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]; char Query[2048]; /***** Check if user's code is initialized *****/ diff --git a/swad_exam.c b/swad_exam.c index 2e2c1daa..6d0f1986 100644 --- a/swad_exam.c +++ b/swad_exam.c @@ -1620,7 +1620,8 @@ static long Exa_GetParamExaCod (void) // This function may be called inside a web service, so don't report error // MaxChars must be > 3+(2+Cns_MAX_LENGTH_DATE+6) -void Exa_GetSummaryAndContentExamAnnouncement (char *SummaryStr,char **ContentStr, +void Exa_GetSummaryAndContentExamAnnouncement (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr, long ExaCod,unsigned MaxChars,bool GetContent) { extern const char *Txt_hours_ABBREVIATION; diff --git a/swad_exam.h b/swad_exam.h index c1787490..c92f8332 100644 --- a/swad_exam.h +++ b/swad_exam.h @@ -99,7 +99,8 @@ void Exa_GetDateToHighlight (void); void Exa_CreateListDatesOfExamAnnouncements (void); void Exa_PutHiddenParamExaCod (long ExaCod); -void Exa_GetSummaryAndContentExamAnnouncement (char *SummaryStr,char **ContentStr, +void Exa_GetSummaryAndContentExamAnnouncement (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr, long ExaCod,unsigned MaxChars,bool GetContent); #endif diff --git a/swad_file.c b/swad_file.c index 80342ac8..7c9b975f 100644 --- a/swad_file.c +++ b/swad_file.c @@ -610,7 +610,7 @@ void Fil_CloseReportFile (void) #define Ti 1099511627776.0 void Fil_WriteFileSizeBrief (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]) + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); @@ -625,7 +625,7 @@ void Fil_WriteFileSizeBrief (double SizeInBytes, } void Fil_WriteFileSizeFull (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]) + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); diff --git a/swad_file.h b/swad_file.h index d6d82e5d..def5409b 100644 --- a/swad_file.h +++ b/swad_file.h @@ -53,7 +53,7 @@ struct Files FILE *Rep; // Temporary file to save report }; -#define Fil_MAX_BYTES_FILE_SIZE_STRING 32 +#define Fil_MAX_BYTES_FILE_SIZE_STRING (32 - 1) /*****************************************************************************/ /***************************** Public prototypes *****************************/ @@ -82,8 +82,8 @@ void Fil_CloseXMLFile (void); void Fil_CloseReportFile (void); void Fil_WriteFileSizeBrief (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]); + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]); void Fil_WriteFileSizeFull (double SizeInBytes, - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]); + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]); #endif diff --git a/swad_file_browser.c b/swad_file_browser.c index 1fd37a59..f05a1781 100644 --- a/swad_file_browser.c +++ b/swad_file_browser.c @@ -4040,7 +4040,7 @@ static void Brw_ShowAndStoreSizeOfFileTree (void) extern const char *Txt_file; extern const char *Txt_files; extern const char *Txt_of_PART_OF_A_TOTAL; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; fprintf (Gbl.F.Out,"
"); @@ -6084,7 +6084,7 @@ static void Brw_WriteFileSizeAndDate (struct FileMetadata *FileMetadata) { extern const char *Txt_Today; static unsigned UniqueId = 0; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; /***** Write the file size *****/ if (Gbl.FileBrowser.FileType == Brw_IS_FILE) @@ -8968,7 +8968,7 @@ void Brw_ShowFileMetadata (void) struct UsrData PublisherUsrDat; char FileNameToShow[NAME_MAX+1]; char URL[PATH_MAX+1]; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; bool Found; bool ICanView = false; bool IAmTheOwner; diff --git a/swad_follow.c b/swad_follow.c index 2b9b8779..910d9373 100644 --- a/swad_follow.c +++ b/swad_follow.c @@ -929,7 +929,8 @@ void Fol_GetAndShowRankingFollowers (void) /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Fol_GetNotifFollower (char *SummaryStr,char **ContentStr) +void Fol_GetNotifFollower (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr) { SummaryStr[0] = '\0'; diff --git a/swad_follow.h b/swad_follow.h index f061bc8d..6b57710f 100644 --- a/swad_follow.h +++ b/swad_follow.h @@ -60,7 +60,8 @@ void Fol_UnfollowUsr (void); void Fol_GetAndShowRankingFollowers (void); -void Fol_GetNotifFollower (char *SummaryStr,char **ContentStr); +void Fol_GetNotifFollower (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr); void Fol_RemoveUsrFromUsrFollow (long UsrCod); diff --git a/swad_global.h b/swad_global.h index 30a4a668..52fa78df 100644 --- a/swad_global.h +++ b/swad_global.h @@ -144,8 +144,8 @@ struct Globals long TimeGenerationInMicroseconds; long TimeSendInMicroseconds; - char IP[Cns_MAX_LENGTH_IP+1]; - char UniqueNameEncrypted[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1]; // Used for session id, temporary directory names, etc. + char IP[Cns_MAX_LENGTH_IP + 1]; + char UniqueNameEncrypted[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]; // Used for session id, temporary directory names, etc. struct { @@ -154,10 +154,10 @@ struct Globals Mnu_Menu_t Menu; unsigned SideCols; The_Theme_t Theme; - char PathTheme[PATH_MAX+1]; + char PathTheme[PATH_MAX + 1]; Ico_IconSet_t IconSet; - char PathIconSet[PATH_MAX+1]; - char IconsURL[PATH_MAX+1]; + char PathIconSet[PATH_MAX + 1]; + char IconsURL[PATH_MAX + 1]; } Prefs; struct @@ -165,7 +165,7 @@ struct Globals unsigned NumSessions; bool IsOpen; bool HasBeenDisconnected; - char Id[Ses_LENGTH_SESSION_ID+1]; + char Id[Ses_LENGTH_SESSION_ID + 1]; long UsrCod; } Session; @@ -290,11 +290,11 @@ struct Globals Rol_Role_t LoggedRoleBeforeCloseSession; Rol_Role_t MaxRole; bool RoleHasChanged; // Set when I have changed my role - char UsrIdLogin[Usr_MAX_BYTES_USR_LOGIN+1]; // String to store the ID, nickname or email entered in the user's login - char LoginPlainPassword[Pwd_MAX_LENGTH_PLAIN_PASSWORD+1]; - char LoginEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64+1]; - char PendingPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64+1]; - char PathDir[PATH_MAX+1]; + char UsrIdLogin[Usr_MAX_BYTES_USR_LOGIN + 1]; // String to store the ID, nickname or email entered in the user's login + char LoginPlainPassword[Pwd_MAX_LENGTH_PLAIN_PASSWORD + 1]; + char LoginEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char PendingPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char PathDir[PATH_MAX + 1]; bool Logged; bool IBelongToCurrentIns; bool IBelongToCurrentCtr; @@ -302,7 +302,7 @@ struct Globals bool IBelongToCurrentCrs; bool MyPhotoExists; unsigned NumAccWithoutPhoto; - char PhotoURL[PATH_MAX+1]; + char PhotoURL[PATH_MAX + 1]; time_t TimeLastAccToThisFileBrowser; bool ConfirmEmailJustSent; // An email to confirm my email address has just been sent struct @@ -463,7 +463,7 @@ struct Globals struct { Inf_InfoType_t Type; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; bool MustBeRead[Inf_NUM_INFO_TYPES]; // Students must read info? bool ShowMsgMustBeRead; } Info; diff --git a/swad_info.c b/swad_info.c index f9114df2..e2c11e36 100644 --- a/swad_info.c +++ b/swad_info.c @@ -924,7 +924,7 @@ static bool Inf_CheckURL (long CrsCod,Inf_InfoType_t InfoType) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -952,7 +952,7 @@ static bool Inf_CheckAndShowURL (void) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -983,7 +983,7 @@ static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType,char *PathFile /*****************************************************************************/ // This function is called only from web service -void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]) +void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_LENGTH_WWW+1]) { char PathFile[PATH_MAX+1]; FILE *FileURL; @@ -997,7 +997,7 @@ void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]) /***** Check if file with URL exists *****/ if ((FileURL = fopen (PathFile,"rb"))) { - if (fgets (TxtBuffer,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (TxtBuffer,Cns_MAX_LENGTH_WWW,FileURL) == NULL) TxtBuffer[0] = '\0'; /* File is not longer needed ==> close it */ fclose (FileURL); @@ -1303,7 +1303,7 @@ void Inf_FormToSendURL (Inf_InfoSrc_t InfoSrc) fprintf (Gbl.F.Out,"http://"); else { - if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL,FileURL) == NULL) + if (fgets (Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW,FileURL) == NULL) Gbl.CurrentCrs.Info.URL[0] = '\0'; /* File is not needed now. Close it */ fclose (FileURL); @@ -2214,7 +2214,7 @@ void Inf_ReceiveURLInfo (void) Gbl.CurrentCrs.Info.Type = Inf_AsignInfoType (); /***** Get parameter with URL *****/ - Par_GetParToText ("InfoSrcURL",Gbl.CurrentCrs.Info.URL,Cns_MAX_BYTES_URL); + Par_GetParToText ("InfoSrcURL",Gbl.CurrentCrs.Info.URL,Cns_MAX_LENGTH_WWW); /***** Build path to file containing URL *****/ Inf_BuildPathURL (Gbl.CurrentCrs.Crs.CrsCod,Gbl.CurrentCrs.Info.Type,PathFile); diff --git a/swad_info.h b/swad_info.h index a8754157..0c89b301 100644 --- a/swad_info.h +++ b/swad_info.h @@ -75,7 +75,7 @@ void Inf_ChangeIHaveReadInfo (void); bool Inf_GetIfIMustReadAnyCrsInfoInThisCrs (void); void Inf_RemoveUsrFromCrsInfoRead (long UsrCod,long CrsCod); int Inf_WritePageIntoHTMLBuffer (char **HTMLBuffer); -void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_BYTES_URL+1]); +void Inf_WriteURLIntoTxtBuffer (char TxtBuffer[Cns_MAX_LENGTH_WWW + 1]); void Inf_SetInfoSrc (void); void Inf_FormsToSelSendInfo (void); void Inf_FormToEnterIntegratedEditor (Inf_InfoSrc_t InfoSrc); diff --git a/swad_message.c b/swad_message.c index f410dce7..392d0657 100644 --- a/swad_message.c +++ b/swad_message.c @@ -103,7 +103,7 @@ static void Msg_WriteFormUsrsIDsOrNicksOtherRecipients (void); static void Msg_WriteFormSubjectAndContentMsgToUsrs (char *Content); static void Msg_ShowNumMsgsDeleted (unsigned NumMsgs); -static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery); +static void Msg_MakeFilterFromToSubquery (char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]); static void Msg_ExpandSentMsg (long MsgCod); static void Msg_ExpandReceivedMsg (long MsgCod); @@ -943,7 +943,7 @@ void Msg_ReqDelAllSntMsgs (void) void Msg_DelAllRecMsgs (void) { - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; unsigned long NumMsgs; /***** Get parameters *****/ @@ -965,7 +965,7 @@ void Msg_DelAllRecMsgs (void) void Msg_DelAllSntMsgs (void) { - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; unsigned long NumMsgs; /***** Get parameters *****/ @@ -1011,16 +1011,18 @@ void Msg_GetParamMsgsCrsCod (void) Par_GetParToText ("FilterCrsCod",LongStr,1+10); Gbl.Msg.FilterCrsCod = Str_ConvertStrCodToLongCod (LongStr); - if (Gbl.Msg.FilterCrsCod >= 0) // If origin course specified + if (Gbl.Msg.FilterCrsCod > 0) // If origin course specified { /* Get data of course */ Crs.CrsCod = Gbl.Msg.FilterCrsCod; Crs_GetDataOfCourseByCod (&Crs); - strcpy (Gbl.Msg.FilterCrsShrtName,Crs.ShrtName); + Str_Copy (Gbl.Msg.FilterCrsShrtName,Crs.ShrtName, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); } else - strcpy (Gbl.Msg.FilterCrsShrtName,Txt_any_course); + Str_Copy (Gbl.Msg.FilterCrsShrtName,Txt_any_course, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); } /*****************************************************************************/ @@ -1047,7 +1049,7 @@ void Msg_GetParamFilterContent (void) /************************* Make "from"/"to" subquery *************************/ /*****************************************************************************/ -static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery) +static void Msg_MakeFilterFromToSubquery (char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]) { const char *Ptr; char SearchWord[Usr_MAX_LENGTH_USR_NAME_OR_SURNAME+1]; @@ -1056,7 +1058,9 @@ static void Msg_MakeFilterFromToSubquery (char *FilterFromToSubquery) if (Gbl.Msg.FilterFromTo[0]) { Ptr = Gbl.Msg.FilterFromTo; - strcpy (FilterFromToSubquery," AND CONCAT(usr_data.FirstName,usr_data.Surname1,usr_data.Surname2) LIKE '"); + Str_Copy (FilterFromToSubquery, + " AND CONCAT(usr_data.FirstName,usr_data.Surname1,usr_data.Surname2) LIKE '", + Msg_MAX_LENGTH_MESSAGES_QUERY); while (*Ptr) { Str_GetNextStringUntilSpace (&Ptr,SearchWord,Usr_MAX_LENGTH_USR_NAME_OR_SURNAME); @@ -1671,7 +1675,7 @@ static void Msg_ShowSentOrReceivedMessages (void) extern const char *The_ClassFormBold[The_NUM_THEMES]; extern const char *Txt_Filter; extern const char *Txt_Update_messages; - char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; + char FilterFromToSubquery[Msg_MAX_LENGTH_MESSAGES_QUERY + 1]; char Query[Msg_MAX_LENGTH_MESSAGES_QUERY+1]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -2507,7 +2511,8 @@ void Msg_GetDistinctCoursesInMyMessages (void) if (Crs_GetDataOfCourseByCod (&Crs)) { Gbl.Msg.Courses[Gbl.Msg.NumCourses].CrsCod = Crs.CrsCod; - strcpy (Gbl.Msg.Courses[Gbl.Msg.NumCourses].ShrtName,Crs.ShrtName); + Str_Copy (Gbl.Msg.Courses[Gbl.Msg.NumCourses].ShrtName,Crs.ShrtName, + Crs_MAX_LENGTH_COURSE_SHRT_NAME); Gbl.Msg.NumCourses++; } } @@ -2997,13 +3002,15 @@ static void Msg_ShowASentOrReceivedMessage (long MsgNum,long MsgCod) /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, +void Msg_GetNotifMessage (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long MsgCod, unsigned MaxChars,bool GetContent) { extern const char *Txt_MSG_Subject; char Query[128]; MYSQL_RES *mysql_res; MYSQL_ROW row; + size_t Length; SummaryStr[0] = '\0'; // Return nothing on error @@ -3020,16 +3027,17 @@ void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, row = mysql_fetch_row (mysql_res); /***** Copy subject *****/ - strcpy (SummaryStr,row[0]); + Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT); if (MaxChars) Str_LimitLengthHTMLStr (SummaryStr,MaxChars); /***** Copy subject *****/ if (GetContent) { - if ((*ContentStr = (char *) malloc (strlen (row[1])+1)) == NULL) + Length = strlen (row[1]); + if ((*ContentStr = (char *) malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Error allocating memory for notification content."); - strcpy (*ContentStr,row[1]); + Str_Copy (*ContentStr,row[1],Length); } } mysql_free_result (mysql_res); diff --git a/swad_message.h b/swad_message.h index bac55cac..79df99fd 100644 --- a/swad_message.h +++ b/swad_message.h @@ -94,7 +94,8 @@ void Msg_GetDistinctCoursesInMyMessages (void); void Msg_ShowFormSelectCourseSentOrRecMsgs (void); void Msg_ShowFormToFilterMsgs (void); void Msg_GetMsgSubject (long MsgCod,char *Subject); -void Msg_GetNotifMessage (char *SummaryStr,char **ContentStr,long MsgCod, +void Msg_GetNotifMessage (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long MsgCod, unsigned MaxChars,bool GetContent); void Msg_WriteMsgNumber (unsigned long MsgNum,bool NewMsg); diff --git a/swad_network.c b/swad_network.c index ee6d42d1..b42aa18e 100644 --- a/swad_network.c +++ b/swad_network.c @@ -201,7 +201,7 @@ void Net_ShowWebsAndSocialNets (const struct UsrData *UsrDat) MYSQL_RES *mysql_res; MYSQL_ROW row; Net_WebsAndSocialNetworks_t NumURL; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Start container *****/ fprintf (Gbl.F.Out,"
"); @@ -225,7 +225,7 @@ void Net_ShowWebsAndSocialNets (const struct UsrData *UsrDat) { /* Get URL */ row = mysql_fetch_row (mysql_res); - Str_Copy (URL,row[0],Cns_MAX_BYTES_URL); + Str_Copy (URL,row[0],Cns_MAX_LENGTH_WWW); /* Show the web / social network */ Net_ShowAWebOrSocialNet (URL, @@ -292,7 +292,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) MYSQL_RES *mysql_res; MYSQL_ROW row; Net_WebsAndSocialNetworks_t NumURL; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Start table *****/ Lay_StartRoundFrameTable (NULL,Txt_Webs_social_networks, @@ -315,7 +315,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) row = mysql_fetch_row (mysql_res); /* Get URL */ - Str_Copy (URL,row[0],Cns_MAX_BYTES_URL); + Str_Copy (URL,row[0],Cns_MAX_LENGTH_WWW); } else URL[0] = '\0'; @@ -347,7 +347,7 @@ void Net_ShowFormMyWebsAndSocialNets (void) " maxlength=\"%u\" value=\"%s\" style=\"width:%upx;\"" " onchange=\"document.getElementById('%s').submit();\" />", (unsigned) NumURL, - Cns_MAX_LENGTH_URL,URL,Net_COL2_WIDTH - 20, + Cns_MAX_LENGTH_WWW,URL,Net_COL2_WIDTH - 20, Gbl.Form.Id); Act_FormEnd (); fprintf (Gbl.F.Out,"" @@ -388,11 +388,11 @@ void Net_UpdateMyWebsAndSocialNets (void) static void Net_GetMyWebsAndSocialNetsFromForm (void) { - char Query[256+Cns_MAX_BYTES_URL]; + char Query[256+Cns_MAX_LENGTH_WWW]; char UnsignedStr[10+1]; unsigned UnsignedNum; Net_WebsAndSocialNetworks_t Web; - char URL[Cns_MAX_BYTES_URL+1]; + char URL[Cns_MAX_LENGTH_WWW+1]; /***** Get parameter with the type of web / social network *****/ Par_GetParToText ("Web",UnsignedStr,10); @@ -403,7 +403,7 @@ static void Net_GetMyWebsAndSocialNetsFromForm (void) Web = (Net_WebsAndSocialNetworks_t) UnsignedNum; /***** Get URL *****/ - Par_GetParToText ("URL",URL,Cns_MAX_BYTES_URL); + Par_GetParToText ("URL",URL,Cns_MAX_LENGTH_WWW); if (URL[0]) { /***** Insert or replace web / social network *****/ diff --git a/swad_nickname.c b/swad_nickname.c index 4a72b8ae..814d96b4 100644 --- a/swad_nickname.c +++ b/swad_nickname.c @@ -396,7 +396,8 @@ void Nck_UpdateNick (void) { // Now we know the new nickname is not already in database and is diffent to the current one Nck_UpdateMyNick (NewNicknameWithoutArroba); - strcpy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba); + Str_Copy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba, + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); sprintf (Gbl.Message,Txt_Your_nickname_X_has_been_registered_successfully, NewNicknameWithoutArroba); diff --git a/swad_notice.c b/swad_notice.c index 9a55b395..3a7dea44 100644 --- a/swad_notice.c +++ b/swad_notice.c @@ -743,12 +743,14 @@ static void Not_DrawANotice (Not_Listing_t TypeNoticesListing, /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, - long NotCod,unsigned MaxChars,bool GetContent) +void Not_GetSummaryAndContentNotice (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long NotCod, + unsigned MaxChars,bool GetContent) { char Query[512]; MYSQL_RES *mysql_res; MYSQL_ROW row; + size_t Length; SummaryStr[0] = '\0'; // Return nothing on error @@ -765,16 +767,17 @@ void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, row = mysql_fetch_row (mysql_res); /***** Copy summary *****/ - strcpy (SummaryStr,row[0]); + Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT); if (MaxChars) Str_LimitLengthHTMLStr (SummaryStr,MaxChars); /***** Copy content *****/ if (GetContent) { - if ((*ContentStr = (char *) malloc (strlen (row[0])+1)) == NULL) + Length = strlen (row[0]); + if ((*ContentStr = (char *) malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Error allocating memory for notification content."); - strcpy (*ContentStr,row[0]); + Str_Copy (*ContentStr,row[0],Length); } } mysql_free_result (mysql_res); diff --git a/swad_notice.h b/swad_notice.h index 764fad44..826bd789 100644 --- a/swad_notice.h +++ b/swad_notice.h @@ -68,8 +68,9 @@ void Not_RemoveNotice (void); void Not_GetNotCodToHighlight (void); void Not_ShowNotices (Not_Listing_t TypeNoticesListing); -void Not_GetSummaryAndContentNotice (char *SummaryStr,char **ContentStr, - long NotCod,unsigned MaxChars,bool GetContent); +void Not_GetSummaryAndContentNotice (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long NotCod, + unsigned MaxChars,bool GetContent); unsigned Not_GetNumNotices (Sco_Scope_t Scope,Not_Status_t Status,unsigned *NumNotif); unsigned Not_GetNumNoticesDeleted (Sco_Scope_t Scope,unsigned *NumNotif); diff --git a/swad_parameter.c b/swad_parameter.c index 35292534..af63ca7b 100644 --- a/swad_parameter.c +++ b/swad_parameter.c @@ -70,14 +70,17 @@ static bool Par_CheckIsParamCanBeUsedInGETMethod (const char *ParamName); /*** Read all parameters passed to this CGI and store for later processing ***/ /*****************************************************************************/ +#define Par_MAX_LENGTH_METHOD (256 - 1) +#define Par_MAX_LENGTH_CONTENT_TYPE (256 - 1) + bool Par_GetQueryString (void) { - char Method[256]; - char ContentType[512]; - char UnsignedLongStr[10+1]; + char Method[Par_MAX_LENGTH_METHOD + 1]; + char ContentType[Par_MAX_LENGTH_CONTENT_TYPE + 1]; + char UnsignedLongStr[10 + 1]; unsigned long UnsignedLong; - strcpy (Method,getenv ("REQUEST_METHOD")); + Str_Copy (Method,getenv ("REQUEST_METHOD"),Par_MAX_LENGTH_METHOD); if (!strcmp (Method,"GET")) { @@ -93,7 +96,8 @@ bool Par_GetQueryString (void) return false; /* Copy query string from environment variable */ - strcpy (Gbl.Params.QueryString,getenv ("QUERY_STRING")); + Str_Copy (Gbl.Params.QueryString,getenv ("QUERY_STRING"), + Gbl.Params.ContentLength); } else { @@ -101,7 +105,7 @@ bool Par_GetQueryString (void) /* Get content length */ if (getenv ("CONTENT_LENGTH")) { - strcpy (UnsignedLongStr,getenv ("CONTENT_LENGTH")); + Str_Copy (UnsignedLongStr,getenv ("CONTENT_LENGTH"),10); if (sscanf (UnsignedLongStr,"%lu",&UnsignedLong) != 1) return false; Gbl.Params.ContentLength = (size_t) UnsignedLong; @@ -115,7 +119,7 @@ bool Par_GetQueryString (void) if (getenv ("CONTENT_TYPE") == NULL) return false; - strcpy (ContentType,getenv ("CONTENT_TYPE")); + Str_Copy (ContentType,getenv ("CONTENT_TYPE"),Par_MAX_LENGTH_CONTENT_TYPE); if (!strncmp (ContentType,"multipart/form-data",strlen ("multipart/form-data"))) { @@ -679,7 +683,8 @@ void Par_GetMainParameters (void) { /* Set another user's nickname */ Str_RemoveLeadingArrobas (Nickname); - strcpy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname); // without arroba + Str_Copy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname, // without arroba + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); // This user's code is used to go to public profile // and to refresh old publishings in user's timeline @@ -694,7 +699,8 @@ void Par_GetMainParameters (void) { /* Set another user's nickname */ Str_RemoveLeadingArrobas (Nickname); - strcpy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname); // without arroba + Str_Copy (Gbl.Usrs.Other.UsrDat.Nickname,Nickname, // without arroba + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); // This user's code is used to go to public agenda // If user does not exist ==> UsrCod = -1 diff --git a/swad_password.c b/swad_password.c index 2d1324d3..0197b185 100644 --- a/swad_password.c +++ b/swad_password.c @@ -117,7 +117,8 @@ bool Pwd_CheckPendingPassword (void) { /* Get encrypted pending password */ row = mysql_fetch_row (mysql_res); - strcpy (Gbl.Usrs.Me.PendingPassword,row[0]); + Str_Copy (Gbl.Usrs.Me.PendingPassword,row[0], + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); } else Gbl.Usrs.Me.PendingPassword[0] = '\0'; @@ -136,7 +137,7 @@ bool Pwd_CheckPendingPassword (void) void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) { - char Query[128+Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; + char Query[128 + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; /***** Update my current password in database *****/ sprintf (Query,"UPDATE usr_data SET Password='%s'" @@ -146,7 +147,8 @@ void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) DB_QueryUPDATE (Query,"can not update your password"); /***** Update my current password *****/ - strcpy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword); + Str_Copy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); } /*****************************************************************************/ @@ -177,7 +179,8 @@ void Pwd_ActChgMyPwd1 (void) /***** Check if I have written twice the same password *****/ if (strcmp (NewPlainPassword[0],NewPlainPassword[1])) // Passwords don't match - strcpy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password); + Str_Copy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password, + Lay_MAX_BYTES_ALERT); else { Str_ChangeFormat (Str_FROM_FORM,Str_TO_TEXT, @@ -185,16 +188,19 @@ void Pwd_ActChgMyPwd1 (void) Cry_EncryptSHA512Base64 (NewPlainPassword[0],NewEncryptedPassword); if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Me.UsrDat.UsrCod)) // New password is good? { - strcpy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword); + Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); Ses_UpdateSessionDataInDB (); Enr_UpdateUsrData (&Gbl.Usrs.Me.UsrDat); - strcpy (Gbl.Message,Txt_Your_password_has_been_changed_successfully); + Str_Copy (Gbl.Message,Txt_Your_password_has_been_changed_successfully, + Lay_MAX_BYTES_ALERT); Gbl.Usrs.Error = false; } } } else - strcpy (Gbl.Message,Txt_You_have_not_entered_your_password_correctly); + Str_Copy (Gbl.Message,Txt_You_have_not_entered_your_password_correctly, + Lay_MAX_BYTES_ALERT); } void Pwd_ActChgMyPwd2 (void) @@ -324,7 +330,8 @@ void Pwd_ChkIdLoginAndSendNewPwd (void) ID_ReallocateListIDs (&Gbl.Usrs.Me.UsrDat,1); // User has typed a user's ID - strcpy (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID,Gbl.Usrs.Me.UsrIdLogin); + Str_Copy (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID,Gbl.Usrs.Me.UsrIdLogin, + ID_MAX_LENGTH_USR_ID); Str_ConvertToUpperText (Gbl.Usrs.Me.UsrDat.IDs.List[0].ID); /* Get users' codes for this ID */ @@ -494,7 +501,8 @@ void Pwd_UpdateOtherPwd1 (void) if (strcmp (NewPlainPassword[0],NewPlainPassword[1])) // Paswords don't match - strcpy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password); + Str_Copy (Gbl.Message,Txt_You_have_not_written_twice_the_same_new_password, + Lay_MAX_BYTES_ALERT); else { Str_ChangeFormat (Str_FROM_FORM,Str_TO_TEXT, @@ -503,7 +511,8 @@ void Pwd_UpdateOtherPwd1 (void) if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Other.UsrDat.UsrCod)) // Good password { /* Update other user's data */ - strcpy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword); + Str_Copy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); Enr_UpdateUsrData (&Gbl.Usrs.Other.UsrDat); sprintf (Gbl.Message,Txt_The_X_password_has_been_changed_successfully, @@ -513,10 +522,12 @@ void Pwd_UpdateOtherPwd1 (void) } } else - strcpy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_); + Str_Copy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_, + Lay_MAX_BYTES_ALERT); } else // User not found - strcpy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_); + Str_Copy (Gbl.Message,Txt_User_not_found_or_you_do_not_have_permission_, + Lay_MAX_BYTES_ALERT); } void Pwd_UpdateOtherPwd2 (void) @@ -552,7 +563,8 @@ bool Pwd_SlowCheckIfPasswordIsGood (const char *PlainPassword, /***** Check if password is found in user's ID, first name or surnames of anybody *****/ if (Pwd_CheckIfPasswdIsUsrIDorName (PlainPassword)) // PlainPassword is a user's ID, name or surname { - strcpy (Gbl.Message,Txt_The_password_is_too_trivial_); + Str_Copy (Gbl.Message,Txt_The_password_is_too_trivial_, + Lay_MAX_BYTES_ALERT); return false; } @@ -560,7 +572,8 @@ bool Pwd_SlowCheckIfPasswordIsGood (const char *PlainPassword, if (Pwd_GetNumOtherUsrsWhoUseThisPassword (EncryptedPassword,UsrCod) > Pwd_MAX_OTHER_USERS_USING_THE_SAME_PASSWORD) { - strcpy (Gbl.Message,Txt_The_password_is_too_trivial_); + Str_Copy (Gbl.Message,Txt_The_password_is_too_trivial_, + Lay_MAX_BYTES_ALERT); return false; } @@ -637,7 +650,8 @@ bool Pwd_FastCheckIfPasswordSeemsGood (const char *PlainPassword) /***** Check spaces in password *****/ if (strchr (PlainPassword,(int) ' ') != NULL) // PlainPassword with spaces { - strcpy (Gbl.Message,Txt_The_password_can_not_contain_spaces); + Str_Copy (Gbl.Message,Txt_The_password_can_not_contain_spaces, + Lay_MAX_BYTES_ALERT); return false; } @@ -649,7 +663,8 @@ bool Pwd_FastCheckIfPasswordSeemsGood (const char *PlainPassword) ItsANumber = false; if (ItsANumber) { - strcpy (Gbl.Message,Txt_The_password_can_not_consist_only_of_digits); + Str_Copy (Gbl.Message,Txt_The_password_can_not_consist_only_of_digits, + Lay_MAX_BYTES_ALERT); return false; } diff --git a/swad_photo.c b/swad_photo.c index be632e43..d2a185c6 100644 --- a/swad_photo.c +++ b/swad_photo.c @@ -1117,7 +1117,8 @@ void Pho_UpdatePhotoName (struct UsrData *UsrDat) unlink (PathPublPhoto); // Remove public link /***** Update photo name in user's data *****/ - strcpy (UsrDat->Photo,Gbl.UniqueNameEncrypted); + Str_Copy (UsrDat->Photo,Gbl.UniqueNameEncrypted, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); } /*****************************************************************************/ @@ -1129,8 +1130,8 @@ void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, bool FormUnique) { extern struct Act_Actions Act_Actions[Act_NUM_ACTIONS]; - char FullName [3*(Usr_MAX_BYTES_NAME+1)]; - char ShortName[3*(Usr_MAX_BYTES_NAME+1)]; + char FullName [Usr_MAX_BYTES_FULL_NAME + 1]; + char ShortName[Usr_MAX_BYTES_FULL_NAME + 1]; char Surnames [Usr_MAX_BYTES_SURNAMES + 1]; bool PhotoExists; bool PutLinkToPublicProfile = !Gbl.Form.Inside && // Only if not inside another form @@ -1156,14 +1157,14 @@ void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, } /***** Hidden div to pass user's name to Javascript *****/ - strcpy (FullName,UsrDat->FullName); + Str_Copy (FullName,UsrDat->FullName,Usr_MAX_BYTES_FULL_NAME); if (PutZoomCode) { - strcpy (ShortName,UsrDat->FirstName); + Str_Copy (ShortName,UsrDat->FirstName,Usr_MAX_BYTES_FULL_NAME); Str_LimitLengthHTMLStr (ShortName,23); Surnames[0] = '\0'; if (UsrDat->Surname1[0]) - strcpy (Surnames,UsrDat->Surname1); + Str_Copy (Surnames,UsrDat->Surname1,Usr_MAX_BYTES_SURNAMES); if (UsrDat->Surname2[0]) { strcat (Surnames," "); @@ -1898,6 +1899,7 @@ static void Pho_PutLinkToPrintViewOfDegreeStatsParams (void) /*************** Put a link to calculate the stats of degrees ****************/ /*****************************************************************************/ +#define Pho_MAX_LENGTH_ESTIMATED_TIME (64 - 1) static void Pho_PutLinkToCalculateDegreeStats (void) { extern const char *The_ClassFormBold[The_NUM_THEMES]; @@ -1909,7 +1911,7 @@ static void Pho_PutLinkToCalculateDegreeStats (void) unsigned NumDeg; struct Degree Deg; long EstimatedTimeToComputeAvgPhotoInMicroseconds; - char StrEstimatedTimeToComputeAvgPhoto[64]; + char StrEstimatedTimeToComputeAvgPhoto[Pho_MAX_LENGTH_ESTIMATED_TIME + 1]; if ((Deg.DegCod = Pho_GetDegWithAvgPhotoLeastRecentlyUpdated ()) > 0) { @@ -1945,7 +1947,8 @@ static void Pho_PutLinkToCalculateDegreeStats (void) /* Get time to compute average photo of this degree */ EstimatedTimeToComputeAvgPhotoInMicroseconds = Pho_GetTimeToComputeAvgPhoto (Degs.Lst[NumDeg].DegCod); if (EstimatedTimeToComputeAvgPhotoInMicroseconds == -1L) - strcpy (StrEstimatedTimeToComputeAvgPhoto,Txt_unknown_TIME); + Str_Copy (StrEstimatedTimeToComputeAvgPhoto,Txt_unknown_TIME, + Pho_MAX_LENGTH_ESTIMATED_TIME); else Sta_WriteTime (StrEstimatedTimeToComputeAvgPhoto,EstimatedTimeToComputeAvgPhotoInMicroseconds); diff --git a/swad_place.c b/swad_place.c index 63597669..2ab5f237 100644 --- a/swad_place.c +++ b/swad_place.c @@ -302,10 +302,10 @@ void Plc_GetListPlaces (void) Lay_ShowErrorAndExit ("Wrong code of place."); /* Get the short name of the place (row[1]) */ - strcpy (Plc->ShrtName,row[1]); + Str_Copy (Plc->ShrtName,row[1],Plc_MAX_LENGTH_PLACE_SHRT_NAME); /* Get the full name of the place (row[2]) */ - strcpy (Plc->FullName,row[2]); + Str_Copy (Plc->FullName,row[2],Plc_MAX_LENGTH_PLACE_FULL_NAME); /* Get number of centres in this place (row[3]) */ if (sscanf (row[3],"%u",&Plc->NumCtrs) != 1) @@ -651,7 +651,7 @@ static void Plc_RenamePlace (Cns_ShrtOrFullName_t ShrtOrFullName) } /***** Show the form again *****/ - strcpy (CurrentPlcName,NewPlcName); + Str_Copy (CurrentPlcName,NewPlcName,MaxLength); Plc_EditPlaces (); } diff --git a/swad_place.h b/swad_place.h index 67f6c529..982f9266 100644 --- a/swad_place.h +++ b/swad_place.h @@ -38,8 +38,8 @@ struct Place { long PlcCod; long InsCod; - char ShrtName[Plc_MAX_LENGTH_PLACE_SHRT_NAME+1]; - char FullName[Plc_MAX_LENGTH_PLACE_FULL_NAME+1]; + char ShrtName[Plc_MAX_LENGTH_PLACE_SHRT_NAME + 1]; + char FullName[Plc_MAX_LENGTH_PLACE_FULL_NAME + 1]; unsigned NumCtrs; }; diff --git a/swad_plugin.c b/swad_plugin.c index 5b99b1c0..a696b90e 100644 --- a/swad_plugin.c +++ b/swad_plugin.c @@ -569,7 +569,7 @@ void Plg_RenamePlugin (void) } /***** Show the form again *****/ - strcpy (Plg->Name,NewPlgName); + Str_Copy (Plg->Name,NewPlgName,Plg_MAX_LENGTH_PLUGIN_NAME); Plg_EditPlugins (); } @@ -629,7 +629,7 @@ void Plg_ChangePlgDescription (void) } /***** Show the form again *****/ - strcpy (Plg->Description,NewDescription); + Str_Copy (Plg->Description,NewDescription,Plg_MAX_LENGTH_PLUGIN_DESCRIPTION); Plg_EditPlugins (); } @@ -672,7 +672,7 @@ void Plg_ChangePlgLogo (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_logo_empty); /***** Show the form again *****/ - strcpy (Plg->Logo,NewLogo); + Str_Copy (Plg->Logo,NewLogo,Plg_MAX_LENGTH_PLUGIN_LOGO); Plg_EditPlugins (); } @@ -715,7 +715,7 @@ void Plg_ChangePlgAppKey (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_logo_empty); // TODO!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! /***** Show the form again *****/ - strcpy (Plg->AppKey,NewAppKey); + Str_Copy (Plg->AppKey,NewAppKey,Plg_MAX_LENGTH_PLUGIN_APP_KEY); Plg_EditPlugins (); } @@ -758,7 +758,7 @@ void Plg_ChangePlgURL (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_URL_empty); /***** Show the form again *****/ - strcpy (Plg->URL,NewURL); + Str_Copy (Plg->URL,NewURL,Cns_MAX_LENGTH_WWW); Plg_EditPlugins (); } @@ -801,7 +801,7 @@ void Plg_ChangePlgIP (void) Lay_ShowAlert (Lay_WARNING,Txt_You_can_not_leave_the_IP_address_empty); /***** Show the form again *****/ - strcpy (Plg->IP,NewIP); + Str_Copy (Plg->IP,NewIP,Cns_MAX_LENGTH_IP); Plg_EditPlugins (); } diff --git a/swad_plugin.h b/swad_plugin.h index 7dc5e91c..bc80dea3 100644 --- a/swad_plugin.h +++ b/swad_plugin.h @@ -43,12 +43,12 @@ struct Plugin { long PlgCod; - char Name[Plg_MAX_LENGTH_PLUGIN_NAME+1]; - char Description[Plg_MAX_LENGTH_PLUGIN_DESCRIPTION+1]; - char Logo[Plg_MAX_LENGTH_PLUGIN_LOGO+1]; - char AppKey[Plg_MAX_LENGTH_PLUGIN_APP_KEY+1]; - char URL[Cns_MAX_LENGTH_WWW+1]; - char IP[Cns_MAX_LENGTH_IP+1]; + char Name[Plg_MAX_LENGTH_PLUGIN_NAME + 1]; + char Description[Plg_MAX_LENGTH_PLUGIN_DESCRIPTION + 1]; + char Logo[Plg_MAX_LENGTH_PLUGIN_LOGO + 1]; + char AppKey[Plg_MAX_LENGTH_PLUGIN_APP_KEY + 1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; + char IP[Cns_MAX_LENGTH_IP + 1]; }; /*****************************************************************************/ diff --git a/swad_profile.c b/swad_profile.c index 993a97a2..175a286c 100644 --- a/swad_profile.c +++ b/swad_profile.c @@ -1027,14 +1027,18 @@ static void Prf_ResetUsrFigures (struct UsrFigures *UsrFigures) /***** Get number of messages sent by a user and store in user's figures *****/ /*****************************************************************************/ +#define Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME (64 - 1) + static void Prf_CreateUsrFigures (long UsrCod,const struct UsrFigures *UsrFigures, bool CreatingMyOwnAccount) { - char Query[512]; - char SubQueryFirstClickTime[64]; + char Query[512 + Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME]; + char SubQueryFirstClickTime[Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME + 1]; if (CreatingMyOwnAccount) - strcpy (SubQueryFirstClickTime,"NOW()"); // This is the first click + // This is the first click + Str_Copy (SubQueryFirstClickTime,"NOW()", + Prf_MAX_LENGTH_SUBQUERY_FIRST_CLICK_TIME); else sprintf (SubQueryFirstClickTime,"FROM_UNIXTIME('%ld')", (long) UsrFigures->FirstClickTimeUTC); // 0 ==> unknown first click time or user never logged diff --git a/swad_record.c b/swad_record.c index 9817ab90..ede63427 100644 --- a/swad_record.c +++ b/swad_record.c @@ -71,7 +71,8 @@ extern struct Globals Gbl; /*****************************************************************************/ static void Rec_WriteHeadingRecordFields (void); -static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility); +static void Rec_GetFieldByCod (long FieldCod,char Name[Rec_MAX_LENGTH_NAME_FIELD+1], + unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility); static void Rec_ShowRecordOneStdCrs (void); static void Rec_ListRecordsStds (Rec_SharedRecordViewType_t ShaTypeOfView, @@ -680,7 +681,8 @@ void Rec_RemoveFieldFromDB (void) /************** Get the data of a field of records from its code *************/ /*****************************************************************************/ -static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility) +static void Rec_GetFieldByCod (long FieldCod,char Name[Rec_MAX_LENGTH_NAME_FIELD + 1], + unsigned *NumLines,Rec_VisibilityRecordFields_t *Visibility) { char Query[512]; MYSQL_RES *mysql_res; @@ -701,7 +703,7 @@ static void Rec_GetFieldByCod (long FieldCod,char *Name,unsigned *NumLines,Rec_V row = mysql_fetch_row (mysql_res); /* Name of the field */ - strcpy (Name,row[0]); + Str_Copy (Name,row[0],Rec_MAX_LENGTH_NAME_FIELD); /* Number of lines of the field (row[1]) */ *NumLines = Rec_ConvertToNumLinesField (row[1]); @@ -798,7 +800,8 @@ void Rec_RenameField (void) } /***** Show the form again *****/ - strcpy (Gbl.CurrentCrs.Records.Field.Name,NewFieldName); + Str_Copy (Gbl.CurrentCrs.Records.Field.Name,NewFieldName, + Rec_MAX_LENGTH_NAME_FIELD); Rec_ReqEditRecordFields (); } @@ -1582,7 +1585,7 @@ static void Rec_ShowCrsRecord (Rec_CourseRecordViewType_t TypeOfView, bool ShowField; bool ThisFieldHasText; bool ICanEdit; - char Text[Cns_MAX_BYTES_TEXT+1]; + char Text[Cns_MAX_BYTES_TEXT + 1]; if (Gbl.Usrs.Me.LoggedRole == Rol_STUDENT) // I am a student { @@ -1719,7 +1722,7 @@ static void Rec_ShowCrsRecord (Rec_CourseRecordViewType_t TypeOfView, { if (ThisFieldHasText) { - strcpy (Text,row[0]); + Str_Copy (Text,row[0],Cns_MAX_BYTES_TEXT); Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML, Text,Cns_MAX_BYTES_TEXT,false); fprintf (Gbl.F.Out,"%s",Text); diff --git a/swad_record.h b/swad_record.h index 294aaec4..debb6d7b 100644 --- a/swad_record.h +++ b/swad_record.h @@ -89,7 +89,7 @@ typedef enum struct RecordField { long FieldCod; // FieldCode - char Name[Rec_MAX_LENGTH_NAME_FIELD+1]; // Field name + char Name[Rec_MAX_LENGTH_NAME_FIELD + 1]; // Field name unsigned NumLines; // Number of rows of form used to edit the filed (always >= 2) Rec_VisibilityRecordFields_t Visibility; // Hidden, visible or editable by students? char *Text; // Filed text diff --git a/swad_session.c b/swad_session.c index 9458adad..7f9e5f8c 100644 --- a/swad_session.c +++ b/swad_session.c @@ -80,7 +80,7 @@ void Ses_GetNumSessions (void) void Ses_CreateSession (void) { /***** Create a unique name for the session *****/ - strcpy (Gbl.Session.Id,Gbl.UniqueNameEncrypted); + Str_Copy (Gbl.Session.Id,Gbl.UniqueNameEncrypted,Ses_LENGTH_SESSION_ID); /***** Check that session is not open *****/ if (Ses_CheckIfSessionExists (Gbl.Session.Id)) @@ -283,7 +283,8 @@ bool Ses_GetSessionData (void) Gbl.Session.UsrCod = Str_ConvertStrCodToLongCod (row[0]); /***** Get password (row[1]) *****/ - strcpy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1]); + Str_Copy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1], + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); /***** Get logged user type (row[2]) *****/ if (sscanf (row[2],"%u",&Gbl.Usrs.Me.RoleFromSession) != 1) diff --git a/swad_social.c b/swad_social.c index b925c0db..1186a77e 100644 --- a/swad_social.c +++ b/swad_social.c @@ -487,6 +487,8 @@ void Soc_MarkMyNotifAsSeen (void) /*****************************************************************************/ // Query must have space for at least 1024 chars +#define Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS (256 - 1) + static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, char *Query) @@ -494,7 +496,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl char SubQueryPublishers[128]; char SubQueryRangeBottom[128]; char SubQueryRangeTop[128]; - char SubQueryAlreadyExists[256]; + char SubQueryAlreadyExists[Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS + 1]; struct { long Top; @@ -569,12 +571,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl { case Soc_GET_ONLY_NEW_PUBS: case Soc_GET_RECENT_TIMELINE: - strcpy (SubQueryAlreadyExists," AND NotCod NOT IN" - " (SELECT NotCod FROM not_codes)"); + Str_Copy (SubQueryAlreadyExists, + " AND NotCod NOT IN" + " (SELECT NotCod FROM not_codes)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; case Soc_GET_ONLY_OLD_PUBS: - strcpy (SubQueryAlreadyExists," AND NotCod NOT IN" - " (SELECT NotCod FROM current_timeline)"); + Str_Copy (SubQueryAlreadyExists, + " AND NotCod NOT IN" + " (SELECT NotCod FROM current_timeline)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; } break; @@ -583,12 +589,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl { case Soc_GET_ONLY_NEW_PUBS: case Soc_GET_RECENT_TIMELINE: - strcpy (SubQueryAlreadyExists," AND social_pubs.NotCod NOT IN" - " (SELECT NotCod FROM not_codes)"); + Str_Copy (SubQueryAlreadyExists, + " AND social_pubs.NotCod NOT IN" + " (SELECT NotCod FROM not_codes)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; case Soc_GET_ONLY_OLD_PUBS: - strcpy (SubQueryAlreadyExists," AND social_pubs.NotCod NOT IN" - " (SELECT NotCod FROM current_timeline)"); + Str_Copy (SubQueryAlreadyExists, + " AND social_pubs.NotCod NOT IN" + " (SELECT NotCod FROM current_timeline)", + Soc_MAX_LENGTH_SUBQUERY_ALREADY_EXISTS); break; } break; @@ -1953,8 +1963,8 @@ static void Soc_PutFormToWriteNewPost (void) { extern const char *Txt_New_SOCIAL_post; bool ShowPhoto; - char PhotoURL[PATH_MAX+1]; - char FullName[(Usr_MAX_BYTES_NAME + 1) * 3]; + char PhotoURL[PATH_MAX + 1]; + char FullName[Usr_MAX_BYTES_FULL_NAME + 2]; /***** Start list *****/ fprintf (Gbl.F.Out,"
    " @@ -1972,7 +1982,7 @@ static void Soc_PutFormToWriteNewPost (void) fprintf (Gbl.F.Out,"
    "); /* Write author's full name and nickname */ - strcpy (FullName,Gbl.Usrs.Me.UsrDat.FullName); + Str_Copy (FullName,Gbl.Usrs.Me.UsrDat.FullName,Usr_MAX_BYTES_FULL_NAME); Str_LimitLengthHTMLStr (FullName,16); fprintf (Gbl.F.Out,"
    " "%s" @@ -2541,7 +2551,8 @@ static void Soc_PutDisabledIconShare (unsigned NumShared) if (NumShared) sprintf (Gbl.Title,Txt_SOCIAL_NOTE_Shared_by_X_USERS,NumShared); else - strcpy (Gbl.Title,Txt_SOCIAL_NOTE_Not_shared_by_anyone); + Str_Copy (Gbl.Title,Txt_SOCIAL_NOTE_Not_shared_by_anyone, + Lay_MAX_BYTES_TITLE); /***** Disabled icon to share *****/ fprintf (Gbl.F.Out,"
    " @@ -2565,7 +2576,8 @@ static void Soc_PutDisabledIconFav (unsigned NumFavs) if (NumFavs) sprintf (Gbl.Title,Txt_SOCIAL_NOTE_Favourited_by_X_USERS,NumFavs); else - strcpy (Gbl.Title,Txt_SOCIAL_NOTE_Not_favourited_by_anyone); + Str_Copy (Gbl.Title,Txt_SOCIAL_NOTE_Not_favourited_by_anyone, + Lay_MAX_BYTES_TITLE); /***** Disabled icon to mark as favourite *****/ fprintf (Gbl.F.Out,"
    " @@ -4633,7 +4645,8 @@ static void Soc_AddNotesJustRetrievedToTimelineThisSession (void) /******************* Get notification of a new social post *******************/ /*****************************************************************************/ -void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCod, +void Soc_GetNotifSocialPublishing (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long PubCod, unsigned MaxChars,bool GetContent) { char Query[256]; @@ -4642,6 +4655,7 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo struct SocialPublishing SocPub; struct SocialNote SocNot; char Content[Cns_MAX_BYTES_LONG_TEXT+1]; + size_t Length; bool ContentCopied = false; /***** Return nothing on error *****/ @@ -4695,15 +4709,18 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo /***** Copy content string *****/ if (GetContent) - if ((*ContentStr = (char *) malloc (strlen (Content)+1)) != NULL) + { + Length = strlen (Content); + if ((*ContentStr = (char *) malloc (Length + 1)) != NULL) { - strcpy (*ContentStr,Content); + Str_Copy (*ContentStr,Content,Length); ContentCopied = true; } + } /***** Copy summary string *****/ Str_LimitLengthHTMLStr (Content,MaxChars); - strcpy (SummaryStr,Content); + Str_Copy (SummaryStr,Content,Cns_MAX_BYTES_TEXT); } else Soc_GetNoteSummary (&SocNot,SummaryStr,Soc_MAX_BYTES_SUMMARY); @@ -4728,15 +4745,18 @@ void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCo /***** Copy content string *****/ if (GetContent) - if ((*ContentStr = (char *) malloc (strlen (Content)+1)) != NULL) + { + Length = strlen (Content); + if ((*ContentStr = (char *) malloc (Length + 1)) != NULL) { - strcpy (*ContentStr,Content); + Str_Copy (*ContentStr,Content,Length); ContentCopied = true; } + } /***** Copy summary string *****/ Str_LimitLengthHTMLStr (Content,MaxChars); - strcpy (SummaryStr,Content); + Str_Copy (SummaryStr,Content,Cns_MAX_BYTES_TEXT); break; } diff --git a/swad_social.h b/swad_social.h index aa443cd1..2b5a2c07 100644 --- a/swad_social.h +++ b/swad_social.h @@ -165,7 +165,8 @@ void Soc_RemoveUsrSocialContent (long UsrCod); void Soc_ClearOldTimelinesDB (void); -void Soc_GetNotifSocialPublishing (char *SummaryStr,char **ContentStr,long PubCod, +void Soc_GetNotifSocialPublishing (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long PubCod, unsigned MaxChars,bool GetContent); #endif diff --git a/swad_statistic.c b/swad_statistic.c index 209768fe..a98c91b4 100644 --- a/swad_statistic.c +++ b/swad_statistic.c @@ -804,7 +804,9 @@ void Sta_SeeCrsAccesses (void) /******************** Compute and show access statistics ********************/ /*****************************************************************************/ -#define MAX_LENGTH_QUERY_ACCESS (1024 + (10+ID_MAX_LENGTH_USR_ID)*5000) +#define Sta_MAX_LENGTH_QUERY_ACCESS (1024 + (10+ID_MAX_LENGTH_USR_ID)*5000) + +#define Sta_MAX_LENGTH_COUNT_TYPE (256 - 1) static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) { @@ -816,7 +818,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) extern const char *Txt_List_of_detailed_clicks; extern const char *Txt_STAT_TYPE_COUNT_CAPS[Sta_NUM_COUNT_TYPES]; extern const char *Txt_Time_zone_used_in_the_calculation_of_these_statistics; - char Query[MAX_LENGTH_QUERY_ACCESS+1]; + char Query[Sta_MAX_LENGTH_QUERY_ACCESS+1]; char QueryAux[512]; long LengthQuery; MYSQL_RES *mysql_res; @@ -830,7 +832,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) unsigned NumUsr = 0; const char *Ptr; char StrRole[256]; - char StrQueryCountType[256]; + char StrQueryCountType[Sta_MAX_LENGTH_COUNT_TYPE + 1]; unsigned NumDays; bool ICanQueryWholeRange; @@ -980,7 +982,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) switch (Gbl.Stat.CountType) { case Sta_TOTAL_CLICKS: - strcpy (StrQueryCountType,"COUNT(*)"); + Str_Copy (StrQueryCountType,"COUNT(*)",Sta_MAX_LENGTH_COUNT_TYPE); break; case Sta_DISTINCT_USRS: sprintf (StrQueryCountType,"COUNT(DISTINCT(%s.UsrCod))",LogTable); @@ -1253,7 +1255,7 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) if (UsrDat.UsrCod > 0) { LengthQuery = LengthQuery + 25 + 10 + 1; - if (LengthQuery > MAX_LENGTH_QUERY_ACCESS - 128) + if (LengthQuery > Sta_MAX_LENGTH_QUERY_ACCESS - 128) Lay_ShowErrorAndExit ("Query is too large."); sprintf (QueryAux, NumUsr ? " OR %s.UsrCod='%ld'" : @@ -5425,17 +5427,17 @@ static void Sta_WriteStatsExpTreesTableHead (void) static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char *NameOfFileZones) { - char StrNumCrss[10+1]; - char StrNumGrps[10+1]; - char StrNumUsrs[10+1]; - char StrNumFoldersPerCrs[10+1]; - char StrNumFoldersPerUsr[10+1]; - char StrNumFilesPerCrs[10+1]; - char StrNumFilesPerUsr[10+1]; + char StrNumCrss[10 + 1]; + char StrNumGrps[10 + 1]; + char StrNumUsrs[10 + 1]; + char StrNumFoldersPerCrs[10 + 1]; + char StrNumFoldersPerUsr[10 + 1]; + char StrNumFilesPerCrs[10 + 1]; + char StrNumFilesPerUsr[10 + 1]; struct Sta_SizeOfFileZones SizeOfFileZones; - char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; - char FileSizePerCrsStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; - char FileSizePerUsrStr[Fil_MAX_BYTES_FILE_SIZE_STRING]; + char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; + char FileSizePerCrsStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; + char FileSizePerUsrStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]; char *Class = (FileZone == Brw_UNKNOWN) ? "DAT_N_LINE_TOP" : "DAT"; @@ -5445,10 +5447,10 @@ static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char if (SizeOfFileZones.NumCrss == -1) { - strcpy (StrNumCrss ,"-"); - strcpy (StrNumFoldersPerCrs,"-"); - strcpy (StrNumFilesPerCrs ,"-"); - strcpy (FileSizePerCrsStr ,"-"); + Str_Copy (StrNumCrss ,"-",10); + Str_Copy (StrNumFoldersPerCrs,"-",10); + Str_Copy (StrNumFilesPerCrs ,"-",10); + Str_Copy (FileSizePerCrsStr ,"-",Fil_MAX_BYTES_FILE_SIZE_STRING); } else { @@ -5468,16 +5470,16 @@ static void Sta_WriteRowStatsFileBrowsers (Brw_FileBrowser_t FileZone,const char } if (SizeOfFileZones.NumGrps == -1) - strcpy (StrNumGrps,"-"); + Str_Copy (StrNumGrps,"-",10); else sprintf (StrNumGrps,"%d",SizeOfFileZones.NumGrps); if (SizeOfFileZones.NumUsrs == -1) { - strcpy (StrNumUsrs ,"-"); - strcpy (StrNumFoldersPerUsr,"-"); - strcpy (StrNumFilesPerUsr ,"-"); - strcpy (FileSizePerUsrStr ,"-"); + Str_Copy (StrNumUsrs ,"-",10); + Str_Copy (StrNumFoldersPerUsr,"-",10); + Str_Copy (StrNumFilesPerUsr ,"-",10); + Str_Copy (FileSizePerUsrStr ,"-",Fil_MAX_BYTES_FILE_SIZE_STRING); } else { diff --git a/swad_string.c b/swad_string.c index 8897eda1..12e1fad1 100644 --- a/swad_string.c +++ b/swad_string.c @@ -316,7 +316,7 @@ void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScre Anchor1NickLength = strlen (Anchor1Nick); if ((Links[NumLinks].Anchor1Nick = (char *) malloc (Anchor1NickLength + 1)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to insert link."); - strcpy (Links[NumLinks].Anchor1Nick,Anchor1Nick); + Str_Copy (Links[NumLinks].Anchor1Nick,Anchor1Nick,Anchor1NickLength); Links[NumLinks].Anchor1NickLength = Anchor1NickLength; /* Store second part of anchor */ @@ -329,7 +329,7 @@ void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScre Anchor2NickLength = strlen (Anchor2Nick); if ((Links[NumLinks].Anchor2Nick = (char *) malloc (Anchor2NickLength + 1)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to insert link."); - strcpy (Links[NumLinks].Anchor2Nick,Anchor2Nick); + Str_Copy (Links[NumLinks].Anchor2Nick,Anchor2Nick,Anchor2NickLength); Links[NumLinks].Anchor2NickLength = Anchor2NickLength; AnchorNickTotalLength = Anchor1NickLength + Anchor2NickLength + Anchor3NickLength; @@ -954,6 +954,8 @@ For example the string "Nueva++de+San+Ant%F3n" "Nueva de San Antón" if ChangeTo == Str_TO_HTML "Nueva de San Antón" if ChangeTo == Str_TO_TEXT */ +#define Str_MAX_LENGTH_SPECIAL_CHAR (256 - 1) + void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, char *Str,size_t MaxLengthStr,bool RemoveLeadingAndTrailingSpaces) { @@ -970,7 +972,7 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, unsigned NumPrintableCharsFromReturn = 0; // To substitute tabs for spaces bool IsSpecialChar = false; bool ThereIsSpaceChar = true; // Indicates if the character before was a space. Set to true to respect the initial spaces. - char StrSpecialChar[256]; + char StrSpecialChar[Str_MAX_LENGTH_SPECIAL_CHAR + 1]; /* if (Gbl.Usrs.Me.LoggedRole == Rol_ROLE_SYS_ADM) @@ -1110,27 +1112,44 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, NumPrintableCharsFromReturn += NumSpacesTab; } else - strcpy (StrSpecialChar,"\t"); + { + StrSpecialChar[0] = '\t'; + StrSpecialChar[1] = '\0'; + } ThereIsSpaceChar = true; break; case 0x0A: /* \n */ - strcpy (StrSpecialChar, - ChangeTo == Str_TO_RIGOROUS_HTML ? "
    " : - Str_LF); + if (ChangeTo == Str_TO_RIGOROUS_HTML) + Str_Copy (StrSpecialChar,"
    ", + Str_MAX_LENGTH_SPECIAL_CHAR); + else + { + StrSpecialChar[0] = Str_LF[0]; + StrSpecialChar[1] = '\0'; + } NumPrintableCharsFromReturn = 0; ThereIsSpaceChar = true; break; case 0x0D: /* "%0D" --> "" */ - strcpy (StrSpecialChar, - ChangeTo == Str_TO_RIGOROUS_HTML ? "" : - Str_CR); + if (ChangeTo == Str_TO_RIGOROUS_HTML) + StrSpecialChar[0] = '\0'; + else + { + StrSpecialChar[0] = Str_CR[0]; + StrSpecialChar[1] = '\0'; + } NumPrintableCharsFromReturn = 0; ThereIsSpaceChar = true; break; case 0x20: /* Space */ - strcpy (StrSpecialChar, - (ChangeTo == Str_TO_RIGOROUS_HTML && ThereIsSpaceChar) ? " " : - " "); + if (ChangeTo == Str_TO_RIGOROUS_HTML && ThereIsSpaceChar) + Str_Copy (StrSpecialChar," ", + Str_MAX_LENGTH_SPECIAL_CHAR); + else + { + StrSpecialChar[0] = ' '; + StrSpecialChar[1] = '\0'; + } NumPrintableCharsFromReturn++; ThereIsSpaceChar = true; break; @@ -1147,12 +1166,14 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, ThereIsSpaceChar = false; break; case 0x23: /* "%23" --> "#" */ - strcpy (StrSpecialChar,"#"); + StrSpecialChar[0] = '#'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x26: /* "%26" --> "&" (&) */ - strcpy (StrSpecialChar,"&"); + StrSpecialChar[0] = '&'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; @@ -1169,48 +1190,62 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, ThereIsSpaceChar = false; break; case 0x2C: /* "%2C" --> "," */ - strcpy (StrSpecialChar,","); + StrSpecialChar[0] = ','; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x2F: /* "%2F" --> "/" */ - strcpy (StrSpecialChar,"/"); + StrSpecialChar[0] = '/'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x3A: /* "%3A" --> ":" */ - strcpy (StrSpecialChar,":"); + StrSpecialChar[0] = ':'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x3B: /* "%3B" --> ";" */ - strcpy (StrSpecialChar,";"); + StrSpecialChar[0] = ';'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x3C: /* "%3C" --> "<" (<) */ if (ChangeTo == Str_TO_MARKDOWN) - strcpy (StrSpecialChar,"<"); + { + StrSpecialChar[0] = '<'; + StrSpecialChar[1] = '\0'; + } else - strcpy (StrSpecialChar,"<"); // "<" is stored as HTML code to avoid problems when displaying it + Str_Copy (StrSpecialChar,"<", // "<" is stored as HTML code to avoid problems when displaying it + Str_MAX_LENGTH_SPECIAL_CHAR); NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x3E: /* "%3E" --> ">" (>) */ if (ChangeTo == Str_TO_MARKDOWN) - strcpy (StrSpecialChar,">"); + { + StrSpecialChar[0] = '>'; + StrSpecialChar[1] = '\0'; + } else - strcpy (StrSpecialChar,">"); // ">" is stored as HTML code to avoid problems when displaying it + Str_Copy (StrSpecialChar,">", // ">" is stored as HTML code to avoid problems when displaying it + Str_MAX_LENGTH_SPECIAL_CHAR); NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x3F: /* "%3F" --> "?" */ - strcpy (StrSpecialChar,"?"); + StrSpecialChar[0] = '?'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0x40: /* "%40" --> "@" */ - strcpy (StrSpecialChar,"@"); + StrSpecialChar[0] = '@'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; @@ -1222,77 +1257,92 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, StrSpecialChar[2] = '\0'; // End of string } else - strcpy (StrSpecialChar,"\"); // "\" is stored as HTML code to avoid problems when displaying it + Str_Copy (StrSpecialChar,"\", // "\" is stored as HTML code to avoid problems when displaying it + Str_MAX_LENGTH_SPECIAL_CHAR); NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xC1: /* "%C1" --> "Á" */ - strcpy (StrSpecialChar,"Á"); + StrSpecialChar[0] = 'Á'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xC9: /* "%C9" --> "É" */ - strcpy (StrSpecialChar,"É"); + StrSpecialChar[0] = 'É'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xCD: /* "%CD" --> "Í" */ - strcpy (StrSpecialChar,"Í"); + StrSpecialChar[0] = 'Í'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xD3: /* "%D3" --> "Ó" */ - strcpy (StrSpecialChar,"Ó"); + StrSpecialChar[0] = 'Ó'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xDA: /* "%DA" --> "Ú" */ - strcpy (StrSpecialChar,"Ú"); + StrSpecialChar[0] = 'Ú'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xD1: /* "%D1" --> "Ñ" */ - strcpy (StrSpecialChar,"Ñ"); + StrSpecialChar[0] = 'Ñ'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xC7: /* "%C7" --> "Ç" */ - strcpy (StrSpecialChar,"Ç"); + StrSpecialChar[0] = 'Ç'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xE1: /* "%E1" --> "á" */ - strcpy (StrSpecialChar,"á"); + StrSpecialChar[0] = 'á'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xE9: /* "%E9" --> "é" */ - strcpy (StrSpecialChar,"é"); + StrSpecialChar[0] = 'é'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xED: /* "%ED" --> "í" */ - strcpy (StrSpecialChar,"í"); + StrSpecialChar[0] = 'í'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xF3: /* "%F3" --> "ó" */ - strcpy (StrSpecialChar,"ó"); + StrSpecialChar[0] = 'ó'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xFA: /* "%FA" --> "ú" */ - strcpy (StrSpecialChar,"ú"); + StrSpecialChar[0] = 'ú'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xF1: /* "%F1" --> "ñ" */ - strcpy (StrSpecialChar,"ñ"); + StrSpecialChar[0] = 'ñ'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; case 0xE7: /* "%E7" --> "ç" */ - strcpy (StrSpecialChar,"ç"); + StrSpecialChar[0] = 'ç'; + StrSpecialChar[1] = '\0'; NumPrintableCharsFromReturn++; ThereIsSpaceChar = false; break; diff --git a/swad_survey.c b/swad_survey.c index 0858f27f..eb4e35f6 100644 --- a/swad_survey.c +++ b/swad_survey.c @@ -111,7 +111,7 @@ static void Svy_PutParams (void); static void Svy_SetAllowedAndHiddenScopes (unsigned *ScopesAllowed, unsigned *HiddenAllowed); -static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt); +static void Svy_GetSurveyTxtFromDB (long SvyCod,char Txt[Cns_MAX_BYTES_TEXT + 1]); static void Svy_PutParamSvyCod (long SvyCod); static long Svy_GetParamSvyCod (void); @@ -426,7 +426,7 @@ static void Svy_ShowOneSurvey (long SvyCod,struct SurveyQuestion *SvyQst, extern const char *Txt_View_survey_results; static unsigned UniqueId = 0; struct Survey Svy; - char Txt[Cns_MAX_BYTES_TEXT+1]; + char Txt[Cns_MAX_BYTES_TEXT + 1]; /***** Start frame *****/ if (ShowOnlyThisSvyComplete) @@ -690,8 +690,8 @@ static void Svy_WriteAuthor (struct Survey *Svy) "PHOTO15x20",Pho_ZOOM,false); /***** Write name *****/ - strcpy (FirstName,UsrDat.FirstName); - strcpy (Surnames,UsrDat.Surname1); + Str_Copy (FirstName,UsrDat.FirstName,Usr_MAX_BYTES_NAME); + Str_Copy (Surnames,UsrDat.Surname1,Usr_MAX_BYTES_SURNAMES); if (UsrDat.Surname2[0]) { strcat (Surnames," "); @@ -1247,7 +1247,7 @@ void Svy_GetDataOfSurveyByCod (struct Survey *Svy) Svy->Status.Open = (row[8][0] == '1'); /* Get the title of the survey (row[9]) */ - strcpy (Svy->Title,row[9]); + Str_Copy (Svy->Title,row[9],Svy_MAX_LENGTH_SURVEY_TITLE); /* Get number of questions and number of users who have already answer this survey */ Svy->NumQsts = Svy_GetNumQstsSvy (Svy->SvyCod); @@ -1411,7 +1411,7 @@ void Svy_FreeListSurveys (void) /********************** Get survey text from database ************************/ /*****************************************************************************/ -static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt) +static void Svy_GetSurveyTxtFromDB (long SvyCod,char Txt[Cns_MAX_BYTES_TEXT + 1]) { char Query[512]; MYSQL_RES *mysql_res; @@ -1427,7 +1427,7 @@ static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt) { /* Get info text */ row = mysql_fetch_row (mysql_res); - strcpy (Txt,row[0]); + Str_Copy (Txt,row[0],Cns_MAX_BYTES_TEXT); } else Txt[0] = '\0'; @@ -1444,11 +1444,13 @@ static void Svy_GetSurveyTxtFromDB (long SvyCod,char *Txt) /*****************************************************************************/ // This function may be called inside a web service, so don't report error -void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent) +void Svy_GetNotifSurvey (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent) { char Query[512]; MYSQL_RES *mysql_res; MYSQL_ROW row; + size_t Length; SummaryStr[0] = '\0'; // Return nothing on error @@ -1465,16 +1467,17 @@ void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned row = mysql_fetch_row (mysql_res); /***** Get summary *****/ - strcpy (SummaryStr,row[0]); + Str_Copy (SummaryStr,row[0],Cns_MAX_BYTES_TEXT); if (MaxChars) Str_LimitLengthHTMLStr (SummaryStr,MaxChars); /***** Get content *****/ if (GetContent) { - if ((*ContentStr = (char *) malloc (512+Cns_MAX_BYTES_TEXT)) == NULL) + Length = strlen (row[1]); + if ((*ContentStr = (char *) malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Error allocating memory for notification content."); - strcpy (*ContentStr,row[1]); + Str_Copy (*ContentStr,row[1],Length); } } mysql_free_result (mysql_res); @@ -3371,16 +3374,16 @@ static void Svy_PutButtonToCreateNewQuestion (void) static void Svy_WriteQstStem (const char *Stem) { - unsigned long LengthHeading; char *HeadingRigorousHTML; + size_t Length; /* Convert the stem, that is in HTML, to rigorous HTML */ - LengthHeading = strlen (Stem) * Str_MAX_LENGTH_SPEC_CHAR_HTML; - if ((HeadingRigorousHTML = malloc (LengthHeading+1)) == NULL) + Length = strlen (Stem) * Str_MAX_LENGTH_SPEC_CHAR_HTML; + if ((HeadingRigorousHTML = malloc (Length + 1)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store stem of question."); - strcpy (HeadingRigorousHTML,Stem); + Str_Copy (HeadingRigorousHTML,Stem,Length); Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML, - HeadingRigorousHTML,LengthHeading,false); + HeadingRigorousHTML,Length,false); /* Write the stem */ fprintf (Gbl.F.Out,"%s",HeadingRigorousHTML); @@ -3420,10 +3423,10 @@ static void Svy_WriteAnswersOfAQst (struct Survey *Svy,struct SurveyQuestion *Sv Lay_ShowErrorAndExit ("Error when getting number of users who have marked an answer."); /* Convert the answer (row[2]), that is in HTML, to rigorous HTML */ - AnsLength = strlen (row[2]) * Str_MAX_LENGTH_SPEC_CHAR_HTML; - if ((Answer = malloc (AnsLength+1)) == NULL) + AnsLength = strlen (row[2]); + if ((Answer = malloc (AnsLength + 1)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store answer."); - strcpy (Answer,row[2]); + Str_Copy (Answer,row[2],AnsLength); Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML, Answer,AnsLength,false); diff --git a/swad_survey.h b/swad_survey.h index eafac453..c2083b45 100644 --- a/swad_survey.h +++ b/swad_survey.h @@ -33,7 +33,7 @@ /************************** Public types and constants ***********************/ /*****************************************************************************/ -#define Svy_MAX_LENGTH_SURVEY_TITLE 255 +#define Svy_MAX_LENGTH_SURVEY_TITLE (256 - 1) #define Svy_NUM_DATES 2 typedef enum @@ -49,7 +49,7 @@ struct Survey long Cod; // Country, institution, centre, degree or course code unsigned Roles; // Example: if survey can be made by students and teachers, Roles == (1 << Rol_ROLE_STUDENT) | (1 << Rol_ROLE_TEACHER) long UsrCod; - char Title[Svy_MAX_LENGTH_SURVEY_TITLE+1]; + char Title[Svy_MAX_LENGTH_SURVEY_TITLE + 1]; time_t TimeUTC[Svy_NUM_DATES]; unsigned NumQsts; // Number of questions in the survey unsigned NumUsrs; // Number of distinct users who have already answered the survey @@ -87,7 +87,8 @@ void Svy_GetListSurveys (void); void Svy_GetDataOfSurveyByCod (struct Survey *Svy); void Svy_GetDataOfSurveyByFolder (struct Survey *Svy); void Svy_FreeListSurveys (void); -void Svy_GetNotifSurvey (char *SummaryStr,char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent); +void Svy_GetNotifSurvey (char SummaryStr[Cns_MAX_BYTES_TEXT + 1], + char **ContentStr,long SvyCod,unsigned MaxChars,bool GetContent); void Svy_AskRemSurvey (void); void Svy_RemoveSurvey (void); void Svy_AskResetSurvey (void); diff --git a/swad_test.c b/swad_test.c index 9ee33ee3..1cb0abab 100644 --- a/swad_test.c +++ b/swad_test.c @@ -1738,7 +1738,7 @@ static void Tst_ShowFormEditTags (void) fprintf (Gbl.F.Out,"", - Tst_MAX_TAG_LENGTH,row[1],Gbl.Form.Id); + Tst_MAX_LENGTH_TAG,row[1],Gbl.Form.Id); Act_FormEnd (); fprintf (Gbl.F.Out,"" ""); @@ -3697,7 +3697,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res, { unsigned NumOpt; MYSQL_ROW row; - char TextAnsUsr[Tst_MAX_SIZE_ANSWERS_ONE_QST],TextAnsOK[Tst_MAX_SIZE_ANSWERS_ONE_QST]; + char TextAnsUsr[Tst_MAX_SIZE_ANSWERS_ONE_QST + 1]; + char TextAnsOK[Tst_MAX_SIZE_ANSWERS_ONE_QST + 1]; bool Correct = false; /* row[ 0] AnsInd @@ -3755,7 +3756,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res, if (Gbl.Test.StrAnswersOneQst[NumQst][0]) // If user has answered the question { /* Filter the user answer */ - strcpy (TextAnsUsr,Gbl.Test.StrAnswersOneQst[NumQst]); + Str_Copy (TextAnsUsr,Gbl.Test.StrAnswersOneQst[NumQst], + Tst_MAX_SIZE_ANSWERS_ONE_QST); /* In order to compare student answer to stored answer, the text answers are stored avoiding two or more consecurive spaces */ @@ -3768,7 +3770,8 @@ static void Tst_WriteTextAnsAssessTest (unsigned NumQst,MYSQL_RES *mysql_res, NumOpt++) { /* Filter this correct answer */ - strcpy (TextAnsOK,Gbl.Test.Answer.Options[NumOpt].Text); + Str_Copy (TextAnsOK,Gbl.Test.Answer.Options[NumOpt].Text, + Tst_MAX_SIZE_ANSWERS_ONE_QST); Str_ConvertToComparable (TextAnsOK); /* Check is user answer is correct */ @@ -4561,7 +4564,7 @@ static void Tst_PutFormEditOneQst (char *Stem,char *Feedback) " class=\"TAG_TXT\" maxlength=\"%u\" value=\"%s\"" " onchange=\"changeSelTag('%u')\" />" "", - NumTag,NumTag,Tst_MAX_TAG_LENGTH,Gbl.Test.Tags.Txt[NumTag],NumTag); + NumTag,NumTag,Tst_MAX_LENGTH_TAG,Gbl.Test.Tags.Txt[NumTag],NumTag); fprintf (Gbl.F.Out,""); } @@ -5748,13 +5751,13 @@ static long Tst_GetTagCodFromTagTxt (const char *TagTxt) row = mysql_fetch_row (mysql_res); if ((TagCod = Str_ConvertStrCodToLongCod (row[0])) < 0) { - strcpy (Gbl.Message,"Wrong code of tag."); + Str_Copy (Gbl.Message,"Wrong code of tag.",Lay_MAX_BYTES_ALERT); Error = true; } } else if (NumRows > 1) { - strcpy (Gbl.Message,"Duplicated tag."); + Str_Copy (Gbl.Message,"Duplicated tag.",Lay_MAX_BYTES_ALERT); Error = true; } diff --git a/swad_test.h b/swad_test.h index da9fe610..ae8f8e07 100644 --- a/swad_test.h +++ b/swad_test.h @@ -35,8 +35,8 @@ #define Tst_MAX_QUESTIONS_PER_TEST 100 // Absolute maximum number of questions in a test #define Tst_MAX_TAGS_PER_QUESTION 5 -#define Tst_MAX_TAG_LENGTH 255 -#define Tst_MAX_BYTES_TAG (Tst_MAX_TAG_LENGTH*Str_MAX_CHARACTER) +#define Tst_MAX_LENGTH_TAG (256 -1) +#define Tst_MAX_BYTES_TAG (Tst_MAX_LENGTH_TAG*Str_MAX_CHARACTER) #define Tst_MAX_OPTIONS_PER_QUESTION 10 #define Tst_MAX_SIZE_INDEXES_ONE_QST (Tst_MAX_OPTIONS_PER_QUESTION*(10+1)) #define Tst_MAX_SIZE_ANSWERS_ONE_QST (Tst_MAX_OPTIONS_PER_QUESTION*(10+1)) diff --git a/swad_timetable.c b/swad_timetable.c index a4270ad8..4d3d723d 100644 --- a/swad_timetable.c +++ b/swad_timetable.c @@ -99,8 +99,8 @@ struct TimeTableColumn TT_HourType_t HourType; TT_ClassType_t ClassType; unsigned Duration; - char Place[TT_MAX_BYTES_PLACE+1]; - char Group[TT_MAX_BYTES_GROUP+1]; + char Place[TT_MAX_BYTES_PLACE + 1]; + char Group[TT_MAX_BYTES_GROUP + 1]; }; struct { @@ -742,11 +742,13 @@ static void TT_CreatTimeTableFromDB (long UsrCod) TimeTable[Day][Hour].Columns[FirstFreeColumn].CrsCod = (Gbl.TimeTable.Type == TT_MY_TIMETABLE ? Str_ConvertStrCodToLongCod (row[7]) : Gbl.CurrentCrs.Crs.CrsCod); - strcpy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Group,row[5]); + Str_Copy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Group, + row[5],TT_MAX_BYTES_GROUP); TimeTable[Day][Hour].Columns[FirstFreeColumn].GrpCod = GrpCod; // no break; case TT_TUTOR_TIMETABLE: - strcpy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Place,row[3]); + Str_Copy (TimeTable[Day][Hour].Columns[FirstFreeColumn].Place, + row[3],TT_MAX_BYTES_PLACE); break; } @@ -795,8 +797,10 @@ static void TT_ModifTimeTable (void) TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].HourType = TT_FIRST_HOUR; TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].ClassType = Gbl.TimeTable.ClassType; TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Duration = Gbl.TimeTable.Duration; - strcpy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Group,Gbl.TimeTable.Group); - strcpy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Place,Gbl.TimeTable.Place); + Str_Copy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Group, + Gbl.TimeTable.Group,TT_MAX_BYTES_GROUP); + Str_Copy (TimeTable[Gbl.TimeTable.Day][Gbl.TimeTable.Hour].Columns[Gbl.TimeTable.Column].Place, + Gbl.TimeTable.Place,TT_MAX_BYTES_PLACE); } } diff --git a/swad_timetable.h b/swad_timetable.h index de70972c..1421dc63 100644 --- a/swad_timetable.h +++ b/swad_timetable.h @@ -33,8 +33,8 @@ /************************* Public constants and types ************************/ /*****************************************************************************/ -#define TT_MAX_BYTES_PLACE 127 -#define TT_MAX_BYTES_GROUP 255 +#define TT_MAX_BYTES_PLACE (128 - 1) +#define TT_MAX_BYTES_GROUP (256 - 1) #define TT_NUM_TIMETABLE_TYPES 3 typedef enum diff --git a/swad_user.c b/swad_user.c index 0e963d20..d87525ce 100644 --- a/swad_user.c +++ b/swad_user.c @@ -458,13 +458,13 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat) Ico_IconSet_t IconSet; Txt_Language_t Lan; unsigned UnsignedNum; - char StrBirthday[4+1+2+1+2+1]; /***** Get user's data from database *****/ sprintf (Query,"SELECT EncryptedUsrCod,Password,Surname1,Surname2,FirstName,Sex," "Theme,IconSet,Language,FirstDayOfWeek,Photo,PhotoVisibility,ProfileVisibility," "CtyCod,InsCtyCod,InsCod,DptCod,CtrCod,Office,OfficePhone," - "LocalAddress,LocalPhone,FamilyAddress,FamilyPhone,OriginPlace,Birthday,Comments," + "LocalAddress,LocalPhone,FamilyAddress,FamilyPhone,OriginPlace," + "DATE_FORMAT(Birthday,'%%Y%%m%%d'),Comments," "Menu,SideCols,NotifNtfEvents,EmailNtfEvents" " FROM usr_data WHERE UsrCod='%ld'", UsrDat->UsrCod); @@ -558,9 +558,8 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat) Str_Copy (UsrDat->FamilyAddress,row[22],Cns_MAX_BYTES_STRING); Str_Copy (UsrDat->FamilyPhone ,row[23],Usr_MAX_BYTES_PHONE); Str_Copy (UsrDat->OriginPlace ,row[24],Cns_MAX_BYTES_STRING); - strcpy (StrBirthday, - row[25] ? row[25] : - "0000-00-00"); + + Dat_GetDateFromYYYYMMDD (&(UsrDat->Birthday),row[25]); Usr_GetUsrCommentsFromString (row[26] ? row[26] : "", @@ -597,11 +596,6 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat) /* Create full name using FirstName, Surname1 and Surname2 */ Usr_BuildFullName (UsrDat); - if (sscanf (StrBirthday,"%u-%u-%u", - &(UsrDat->Birthday.Year), - &(UsrDat->Birthday.Month), - &(UsrDat->Birthday.Day)) != 3) - Lay_ShowErrorAndExit ("Wrong date."); Dat_ConvDateToDateStr (&(UsrDat->Birthday),UsrDat->StrBirthday); /***** Free structure that stores the query result *****/ @@ -707,7 +701,7 @@ static Usr_Sex_t Usr_GetSexFromStr (const char *Str) void Usr_BuildFullName (struct UsrData *UsrDat) { - strcpy (UsrDat->FullName,UsrDat->FirstName); + Str_Copy (UsrDat->FullName,UsrDat->FirstName,Usr_MAX_BYTES_FULL_NAME); if (UsrDat->Surname1[0]) { strcat (UsrDat->FullName," "); @@ -730,8 +724,8 @@ void Usr_RestrictLengthAndWriteName (const struct UsrData *UsrDat,unsigned MaxCh char Surnames[Usr_MAX_BYTES_SURNAMES + 1]; /***** Restrict length of firstname and surnames *****/ - strcpy (FirstName,UsrDat->FirstName); - strcpy (Surnames,UsrDat->Surname1); + Str_Copy (FirstName,UsrDat->FirstName,Usr_MAX_BYTES_NAME); + Str_Copy (Surnames,UsrDat->Surname1,Usr_MAX_BYTES_SURNAMES); if (UsrDat->Surname2[0]) { strcat (Surnames," "); @@ -1993,12 +1987,12 @@ void Usr_WelcomeUsr (void) /*****************************************************************************/ void Usr_CreateBirthdayStrDB (const struct UsrData *UsrDat, - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]) + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]) { if (UsrDat->Birthday.Year == 0 || UsrDat->Birthday.Month == 0 || UsrDat->Birthday.Day == 0) - strcpy (BirthdayStrDB,"NULL"); + Str_Copy (BirthdayStrDB,"NULL",Usr_BIRTHDAY_STR_DB_LENGTH); else sprintf (BirthdayStrDB,"'%04u-%02u-%02u'", UsrDat->Birthday.Year, @@ -2107,7 +2101,7 @@ void Usr_WriteLoggedUsrHead (void) /* Name */ if (Gbl.Usrs.Me.UsrDat.FullName[0]) { - strcpy (UsrName,Gbl.Usrs.Me.UsrDat.FirstName); + Str_Copy (UsrName,Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME); Str_LimitLengthHTMLStr (UsrName,12); fprintf (Gbl.F.Out,"%s",UsrName); } @@ -2958,13 +2952,15 @@ static void Usr_InsertMyLastData (void) /*********** Write a row of a table with the main data of a user *************/ /*****************************************************************************/ +#define Usr_MAX_LENGTH_BG_COLOR (16 - 1) + void Usr_WriteRowUsrMainData (unsigned NumUsr,struct UsrData *UsrDat, bool PutCheckBoxToSelectUsr) { extern const char *Txt_Enrollment_confirmed; extern const char *Txt_Enrollment_not_confirmed; - char BgColor[16]; - char PhotoURL[PATH_MAX+1]; + char BgColor[Usr_MAX_LENGTH_BG_COLOR + 1]; + char PhotoURL[PATH_MAX + 1]; bool ShowPhoto; bool UsrIsTheMsgSender = PutCheckBoxToSelectUsr && (UsrDat->UsrCod == Gbl.Usrs.Other.UsrDat.UsrCod); @@ -2976,7 +2972,7 @@ void Usr_WriteRowUsrMainData (unsigned NumUsr,struct UsrData *UsrDat, /***** Checkbox to select user *****/ // Two colors are used alternatively to better distinguish the rows if (UsrIsTheMsgSender) - strcpy (BgColor,"LIGHT_GREEN"); + Str_Copy (BgColor,"LIGHT_GREEN",Usr_MAX_LENGTH_BG_COLOR); else sprintf (BgColor,"COLOR%u",Gbl.RowEvenOdd); @@ -3156,7 +3152,7 @@ static void Usr_WriteRowStdAllData (struct UsrData *UsrDat,char *GroupNames) unsigned NumGrpTyp,NumField; MYSQL_RES *mysql_res; MYSQL_ROW row; - char Text[Cns_MAX_BYTES_TEXT+1]; + char Text[Cns_MAX_BYTES_TEXT + 1]; struct Instit Ins; bool ShowData = (Gbl.Usrs.Me.LoggedRole == Rol_TEACHER && UsrDat->Accepted) || Gbl.Usrs.Me.LoggedRole >= Rol_DEG_ADM; @@ -3246,7 +3242,7 @@ static void Usr_WriteRowStdAllData (struct UsrData *UsrDat,char *GroupNames) if (Rec_GetFieldFromCrsRecord (UsrDat->UsrCod,Gbl.CurrentCrs.Records.LstFields.Lst[NumField].FieldCod,&mysql_res)) { row = mysql_fetch_row (mysql_res); - strcpy (Text,row[0]); + Str_Copy (Text,row[0],Cns_MAX_BYTES_TEXT); Str_ChangeFormat (Str_FROM_HTML,Str_TO_RIGOROUS_HTML, Text,Cns_MAX_BYTES_TEXT,false); // Se convierte of HTML a HTML respetuoso } @@ -4780,12 +4776,14 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop void Usr_CopyBasicUsrDataFromList (struct UsrData *UsrDat,const struct UsrInList *UsrInList) { UsrDat->UsrCod = UsrInList->UsrCod; - strcpy (UsrDat->EncryptedUsrCod,UsrInList->EncryptedUsrCod); - strcpy (UsrDat->Surname1 ,UsrInList->Surname1); - strcpy (UsrDat->Surname2 ,UsrInList->Surname2); - strcpy (UsrDat->FirstName ,UsrInList->FirstName); + Str_Copy (UsrDat->EncryptedUsrCod,UsrInList->EncryptedUsrCod, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); + Str_Copy (UsrDat->Surname1 ,UsrInList->Surname1 ,Usr_MAX_BYTES_NAME); + Str_Copy (UsrDat->Surname2 ,UsrInList->Surname2 ,Usr_MAX_BYTES_NAME); + Str_Copy (UsrDat->FirstName,UsrInList->FirstName,Usr_MAX_BYTES_NAME); UsrDat->Sex = UsrInList->Sex; - strcpy (UsrDat->Photo ,UsrInList->Photo); + Str_Copy (UsrDat->Photo,UsrInList->Photo, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); UsrDat->PhotoVisibility = UsrInList->PhotoVisibility; UsrDat->InsCod = UsrInList->InsCod; UsrDat->RoleInCurrentCrsDB = UsrInList->RoleInCurrentCrsDB; @@ -5120,7 +5118,8 @@ bool Usr_GetListMsgRecipientsWrittenExplicitelyBySender (bool WriteErrorMsgs) if (LengthSelectedUsrsCods == 0) // First user in list { if (strlen (UsrDat.EncryptedUsrCod) < Usr_MAX_BYTES_LIST_ENCRYPTED_USR_CODS) - strcpy (Gbl.Usrs.Select.All,UsrDat.EncryptedUsrCod); // Add first user + Str_Copy (Gbl.Usrs.Select.All,UsrDat.EncryptedUsrCod, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); // Add first user } else // Not first user in list { diff --git a/swad_user.h b/swad_user.h index 3757a915..c313db2e 100644 --- a/swad_user.h +++ b/swad_user.h @@ -62,10 +62,11 @@ #define Usr_MAX_BYTES_SURNAMES (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME) // Surname1 +' '+ Surname2 -#define Usr_MAX_BYTES_FULL_NAME (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME + 1 + 1 + Usr_MAX_BYTES_NAME) - // Surname1 +' '+ Surname2 +','+' '+ FirstName +#define Usr_MAX_BYTES_FULL_NAME (Usr_MAX_BYTES_NAME + 1 + Usr_MAX_BYTES_NAME + 6 + Usr_MAX_BYTES_NAME) + // Surname1 +' '+ Surname2 + ','+' ' + FirstName + // Surname1 +' '+ Surname2 + '
    ' + FirstName -#define Usr_BIRTHDAY_STR_DB_LENGTH (1+4+1+2+1+2+1) // "'%04u-%02u-%02u'" +#define Usr_BIRTHDAY_STR_DB_LENGTH (4+1+2+1+2) // "'%04u-%02u-%02u'" #define Usr_MAX_LENGTH_PHONE 16 #define Usr_MAX_BYTES_PHONE 16 @@ -292,7 +293,7 @@ void Usr_WriteFormLogin (Act_Action_t NextAction,void (*FuncParams) ()); void Usr_WelcomeUsr (void); void Usr_CreateBirthdayStrDB (const struct UsrData *UsrDat, - char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH+1]); + char BirthdayStrDB[Usr_BIRTHDAY_STR_DB_LENGTH + 1]); void Usr_PutFormLogIn (void); void Usr_WriteLoggedUsrHead (void); diff --git a/swad_web_service.c b/swad_web_service.c index d11548c1..f158c978 100644 --- a/swad_web_service.c +++ b/swad_web_service.c @@ -204,10 +204,11 @@ Svc_Role_t Svc_RolRole_to_SvcRole[Rol_NUM_ROLES] = static int Svc_GetPlgCodFromAppKey (const char *appKey); static int Svc_CheckIdSession (const char *IdSession); -static int Svc_CheckWSKey (char *WSKey); +static int Svc_CheckWSKey (char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]); static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod); -static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey); +static int Svc_GenerateNewWSKey (long UsrCod, + char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]); static int Svc_RemoveOldWSKeys (void); static int Svc_GetCurrentDegCodFromCurrentCrsCod (void); static bool Svc_GetSomeUsrDataFromUsrCod (struct UsrData *UsrDat,long CrsCod); @@ -370,7 +371,7 @@ static int Svc_CheckIdSession (const char *IdSession) /************** Check if a web service key exists in database ****************/ /*****************************************************************************/ -static int Svc_CheckWSKey (char *WSKey) +static int Svc_CheckWSKey (char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]) { char Query[512]; MYSQL_RES *mysql_res; @@ -441,7 +442,8 @@ static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod) /***** Generate a key used in subsequents calls to other web services ********/ /*****************************************************************************/ -static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey) +static int Svc_GenerateNewWSKey (long UsrCod, + char WSKey[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]) { int ReturnCode; char Query[512]; @@ -451,7 +453,8 @@ static int Svc_GenerateNewWSKey (long UsrCod,char *WSKey) return ReturnCode; /***** Create a unique name for the key *****/ - strcpy (WSKey,Gbl.UniqueNameEncrypted); + Str_Copy (WSKey,Gbl.UniqueNameEncrypted, + Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); /***** Check that key does not exist in database *****/ sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'", @@ -558,10 +561,7 @@ static bool Svc_GetSomeUsrDataFromUsrCod (struct UsrData *UsrDat,long CrsCod) Str_Copy (UsrDat->Photo,row[3],Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); /* Get user's brithday */ - if (row[4]) - Str_Copy (UsrDat->Birthday.YYYYMMDD,row[4],Dat_LENGTH_YYYYMMDD); - else - strcpy (UsrDat->Birthday.YYYYMMDD,"00000000"); + Dat_GetDateFromYYYYMMDD (&(UsrDat->Birthday),row[4]); /* Free structure that stores the query result */ DB_FreeMySQLResult (&mysql_res); @@ -674,7 +674,8 @@ int swad__createAccount (struct soap *soap, Gbl.Usrs.Me.UsrDat.IDs.List = NULL; /***** Set password to the password typed by the user *****/ - strcpy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword); + Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); /***** User does not exist in the platform, so create him/her! *****/ Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat, @@ -682,13 +683,14 @@ int swad__createAccount (struct soap *soap, /***** Save nickname *****/ Nck_UpdateMyNick (NewNicknameWithoutArroba); - strcpy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba); + Str_Copy (Gbl.Usrs.Me.UsrDat.Nickname,NewNicknameWithoutArroba, + Nck_MAX_LENGTH_NICKNAME_WITHOUT_ARROBA); /***** Save email *****/ if (Mai_UpdateEmailInDB (&Gbl.Usrs.Me.UsrDat,userEmail)) { /* Email updated sucessfully */ - strcpy (Gbl.Usrs.Me.UsrDat.Email,userEmail); + Str_Copy (Gbl.Usrs.Me.UsrDat.Email,userEmail,Usr_MAX_BYTES_USR_EMAIL); Gbl.Usrs.Me.UsrDat.EmailConfirmed = false; } @@ -766,7 +768,7 @@ int swad__loginByUserPasswordKey (struct soap *soap, MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumRows; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; bool UsrFound; /***** Initializations *****/ @@ -780,7 +782,7 @@ int swad__loginByUserPasswordKey (struct soap *soap, loginByUserPasswordKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); loginByUserPasswordKeyOut->userSurname1 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); loginByUserPasswordKeyOut->userSurname2 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); - loginByUserPasswordKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + loginByUserPasswordKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); loginByUserPasswordKeyOut->userBirthday = (char *) soap_malloc (Gbl.soap,Dat_LENGTH_YYYYMMDD + 1); /***** Default values returned on error *****/ @@ -885,7 +887,7 @@ int swad__loginByUserPasswordKey (struct soap *soap, Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME); Pho_BuildLinkToPhoto (&Gbl.Usrs.Me.UsrDat,PhotoURL); - Str_Copy (loginByUserPasswordKeyOut->userPhoto,PhotoURL,Cns_MAX_BYTES_URL); + Str_Copy (loginByUserPasswordKeyOut->userPhoto,PhotoURL,Cns_MAX_LENGTH_WWW); Str_Copy (loginByUserPasswordKeyOut->userBirthday, Gbl.Usrs.Me.UsrDat.Birthday.YYYYMMDD,Dat_LENGTH_YYYYMMDD); @@ -925,7 +927,7 @@ int swad__loginBySessionKey (struct soap *soap, MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumRows; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; bool UsrFound; /***** Initializations *****/ @@ -939,7 +941,7 @@ int swad__loginBySessionKey (struct soap *soap, loginBySessionKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); loginBySessionKeyOut->userSurname1 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); loginBySessionKeyOut->userSurname2 = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_NAME + 1); - loginBySessionKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + loginBySessionKeyOut->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); loginBySessionKeyOut->userBirthday = (char *) soap_malloc (Gbl.soap,Dat_LENGTH_YYYYMMDD + 1); loginBySessionKeyOut->degreeName = (char *) soap_malloc (Gbl.soap,Deg_MAX_LENGTH_DEGREE_FULL_NAME + 1); loginBySessionKeyOut->courseName = (char *) soap_malloc (Gbl.soap,Crs_MAX_LENGTH_COURSE_FULL_NAME + 1); @@ -1033,7 +1035,7 @@ int swad__loginBySessionKey (struct soap *soap, Gbl.Usrs.Me.UsrDat.FirstName,Usr_MAX_BYTES_NAME); Pho_BuildLinkToPhoto (&Gbl.Usrs.Me.UsrDat,PhotoURL); - Str_Copy (loginBySessionKeyOut->userPhoto,PhotoURL,Cns_MAX_BYTES_URL); + Str_Copy (loginBySessionKeyOut->userPhoto,PhotoURL,Cns_MAX_LENGTH_WWW); Str_Copy (loginBySessionKeyOut->userBirthday, Gbl.Usrs.Me.UsrDat.Birthday.YYYYMMDD,Dat_LENGTH_YYYYMMDD); @@ -1238,6 +1240,7 @@ int swad__getCourseInfo (struct soap *soap, { int ReturnCode; Inf_InfoType_t InfoType; + size_t Length; Inf_InfoSrc_t InfoSrc; bool MustBeRead; int Result = SOAP_OK; @@ -1306,8 +1309,9 @@ int swad__getCourseInfo (struct soap *soap, "Unknown requested info type"); Gbl.CurrentCrs.Info.Type = InfoType; Inf_GetAndCheckInfoSrcFromDB (Gbl.CurrentCrs.Crs.CrsCod,Gbl.CurrentCrs.Info.Type,&InfoSrc,&MustBeRead); - getCourseInfo->infoSrc = (char *) soap_malloc (Gbl.soap,strlen (NamesInWSForInfoSrc[InfoSrc]) + 1); - strcpy (getCourseInfo->infoSrc,NamesInWSForInfoSrc[InfoSrc]); + Length = strlen (NamesInWSForInfoSrc[InfoSrc]); + getCourseInfo->infoSrc = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (getCourseInfo->infoSrc,NamesInWSForInfoSrc[InfoSrc],Length); /***** Set paths *****/ Hie_InitHierarchy (); @@ -1337,7 +1341,7 @@ int swad__getCourseInfo (struct soap *soap, Result = Inf_WritePageIntoHTMLBuffer (&(getCourseInfo->infoTxt)); break; case Inf_INFO_SRC_URL: // Link to a web page - getCourseInfo->infoTxt = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + getCourseInfo->infoTxt = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); Inf_WriteURLIntoTxtBuffer (getCourseInfo->infoTxt); break; } @@ -1984,40 +1988,47 @@ int swad__sendMyGroups (struct soap *soap, static void Svc_CopyUsrData (struct swad__user *Usr,struct UsrData *UsrDat,bool UsrIDIsVisible) { - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; const char *FirstID; + size_t Length; /* Copy user's code */ Usr->userCode = UsrDat->UsrCod; /* Copy user's nickname */ - Usr->userNickname = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Nickname) + 1); - strcpy (Usr->userNickname,UsrDat->Nickname); + Length = strlen (UsrDat->Nickname); + Usr->userNickname = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userNickname,UsrDat->Nickname,Length); /* Copy user's first ID */ if (UsrIDIsVisible && UsrDat->IDs.List) FirstID = UsrDat->IDs.List[0].ID; else // Hide user's ID FirstID = "********"; - Usr->userID = (char *) soap_malloc (Gbl.soap,strlen (FirstID) + 1); - strcpy (Usr->userID,FirstID); + Length = strlen (FirstID); + Usr->userID = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userID,FirstID,Length); /* Copy user's surname1 */ - Usr->userSurname1 = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Surname1) + 1); - strcpy (Usr->userSurname1,UsrDat->Surname1); + Length = strlen (UsrDat->Surname1); + Usr->userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userSurname1,UsrDat->Surname1,Length); /* Copy user's surname2 */ - Usr->userSurname2 = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->Surname2) + 1); - strcpy (Usr->userSurname2,UsrDat->Surname2); + Length = strlen (UsrDat->Surname2); + Usr->userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userSurname2,UsrDat->Surname2,Length); /* Copy user's first name */ - Usr->userFirstname = (char *) soap_malloc (Gbl.soap,strlen (UsrDat->FirstName) + 1); - strcpy (Usr->userFirstname,UsrDat->FirstName); + Length = strlen (UsrDat->FirstName); + Usr->userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userFirstname,UsrDat->FirstName,Length); /* User's photo URL */ Pho_BuildLinkToPhoto (UsrDat,PhotoURL); - Usr->userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); - strcpy (Usr->userPhoto,PhotoURL); + Length = strlen (PhotoURL); + Usr->userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (Usr->userPhoto,PhotoURL,Length); } /*****************************************************************************/ @@ -2034,7 +2045,7 @@ int swad__getAttendanceEvents (struct soap *soap, MYSQL_ROW row; int NumAttEvent; long AttCod; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; long StartTime; long EndTime; size_t Length; @@ -2111,24 +2122,24 @@ int swad__getAttendanceEvents (struct soap *soap, { Length = strlen (Gbl.Usrs.Other.UsrDat.Surname1); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1, - Gbl.Usrs.Other.UsrDat.Surname1); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname1, + Gbl.Usrs.Other.UsrDat.Surname1,Length); Length = strlen (Gbl.Usrs.Other.UsrDat.Surname2); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2, - Gbl.Usrs.Other.UsrDat.Surname2); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userSurname2, + Gbl.Usrs.Other.UsrDat.Surname2,Length); Length = strlen (Gbl.Usrs.Other.UsrDat.FirstName); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname, - Gbl.Usrs.Other.UsrDat.FirstName); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userFirstname, + Gbl.Usrs.Other.UsrDat.FirstName,Length); Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL); Length = strlen (PhotoURL); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto, - PhotoURL); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].userPhoto, + PhotoURL,Length); } else { @@ -2157,14 +2168,14 @@ int swad__getAttendanceEvents (struct soap *soap, /* Get title of the event (row[6]) */ Length = strlen (row[6]); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title, - row[6]); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].title, + row[6],Length); /* Get Txt (row[7]) */ Length = strlen (row[7]); getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text, - row[7]); + Str_Copy (getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].text, + row[7],Length); /* Get list of groups for this attendance event */ Svc_GetListGrpsInAttendanceEventFromDB (AttCod,&(getAttendanceEventsOut->eventsArray.__ptr[NumAttEvent].groups)); @@ -2450,7 +2461,7 @@ int swad__getAttendanceUsers (struct soap *soap, MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumRow,NumRows; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; size_t Length; /***** Initializations *****/ @@ -2552,13 +2563,15 @@ int swad__getAttendanceUsers (struct soap *soap, { Length = strlen (Gbl.Usrs.Other.UsrDat.Nickname); getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname,Gbl.Usrs.Other.UsrDat.Nickname); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userNickname, + Gbl.Usrs.Other.UsrDat.Nickname,Length); if (Gbl.Usrs.Other.UsrDat.IDs.Num) { Length = strlen (Gbl.Usrs.Other.UsrDat.IDs.List[0].ID); // TODO: What user's ID? getAttendanceUsersOut->usersArray.__ptr[NumRow].userID = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userID,Gbl.Usrs.Other.UsrDat.IDs.List[0].ID); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userID, + Gbl.Usrs.Other.UsrDat.IDs.List[0].ID,Length); } else { @@ -2568,20 +2581,24 @@ int swad__getAttendanceUsers (struct soap *soap, Length = strlen (Gbl.Usrs.Other.UsrDat.Surname1); getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1 = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1,Gbl.Usrs.Other.UsrDat.Surname1); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname1, + Gbl.Usrs.Other.UsrDat.Surname1,Length); Length = strlen (Gbl.Usrs.Other.UsrDat.Surname2); getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2 = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2,Gbl.Usrs.Other.UsrDat.Surname2); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userSurname2, + Gbl.Usrs.Other.UsrDat.Surname2,Length); Length = strlen (Gbl.Usrs.Other.UsrDat.FirstName); getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname,Gbl.Usrs.Other.UsrDat.FirstName); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userFirstname, + Gbl.Usrs.Other.UsrDat.FirstName,Length); Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL); Length = strlen (PhotoURL); getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto = (char *) soap_malloc (Gbl.soap,Length + 1); - strcpy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto,PhotoURL); + Str_Copy (getAttendanceUsersOut->usersArray.__ptr[NumRow].userPhoto, + PhotoURL,Length); } else { @@ -2749,7 +2766,7 @@ int swad__getNotifications (struct soap *soap, long NtfCod; Ntf_NotifyEvent_t NotifyEvent; long EventTime; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; struct Instit Ins; struct Centre Ctr; struct Degree Deg; @@ -2759,6 +2776,7 @@ int swad__getNotifications (struct soap *soap, char SummaryStr[Cns_MAX_BYTES_TEXT + 1]; char *ContentStr; Ntf_Status_t Status; + size_t Length; /***** Initializations *****/ Gbl.soap = soap; @@ -2848,9 +2866,9 @@ int swad__getNotifications (struct soap *soap, Gbl.Usrs.Other.UsrDat.FirstName,Usr_MAX_BYTES_NAME); Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL); - getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].userPhoto, - PhotoURL,Cns_MAX_BYTES_URL); + PhotoURL,Cns_MAX_LENGTH_WWW); } else { @@ -2905,7 +2923,8 @@ int swad__getNotifications (struct soap *soap, sprintf (getNotificationsOut->notificationsArray.__ptr[NumNotif].location,"%s: %s", Txt_Institution,Ins.ShrtName); else - strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].location,"-"); + Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].location, + "-",Ntf_MAX_LENGTH_NOTIFY_LOCATION); /* Get status (row[9]) */ if (sscanf (row[9],"%u",&Status) != 1) @@ -2918,8 +2937,10 @@ int swad__getNotifications (struct soap *soap, Cod,Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod, Cfg_MAX_CHARS_NOTIF_SUMMARY_WEB_SERVICE,true); - getNotificationsOut->notificationsArray.__ptr[NumNotif].summary = (char *) soap_malloc (Gbl.soap,strlen (SummaryStr)+1); - strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].summary,SummaryStr); + Length = strlen (SummaryStr); + getNotificationsOut->notificationsArray.__ptr[NumNotif].summary = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].summary, + SummaryStr,Length); if (ContentStr == NULL) { @@ -2928,8 +2949,10 @@ int swad__getNotifications (struct soap *soap, } else { - getNotificationsOut->notificationsArray.__ptr[NumNotif].content = (char *) soap_malloc (Gbl.soap,strlen (ContentStr)+1); - strcpy (getNotificationsOut->notificationsArray.__ptr[NumNotif].content,ContentStr); + Length = strlen (ContentStr); + getNotificationsOut->notificationsArray.__ptr[NumNotif].content = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (getNotificationsOut->notificationsArray.__ptr[NumNotif].content, + ContentStr,Length); /* Free memory used by content string */ free ((void *) ContentStr); @@ -4365,7 +4388,7 @@ static bool Svc_WriteRowFileBrowser (unsigned Level,Brw_FileType_t FileType,cons extern const char *Txt_NEW_LINE; extern const char *Txt_LICENSES[Brw_NUM_LICENSES]; struct FileMetadata FileMetadata; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; /***** Is this row hidden or visible? *****/ if (Gbl.FileBrowser.Type == Brw_SHOW_DOCUM_CRS || @@ -4441,8 +4464,8 @@ int swad__getFile (struct soap *soap, extern const char *Txt_LICENSES[Brw_NUM_LICENSES]; int ReturnCode; struct FileMetadata FileMetadata; - char URL[Cns_MAX_BYTES_URL + 1]; - char PhotoURL[Cns_MAX_BYTES_URL + 1]; + char URL[Cns_MAX_LENGTH_WWW + 1]; + char PhotoURL[Cns_MAX_LENGTH_WWW + 1]; /***** Initializations *****/ Gbl.soap = soap; @@ -4450,10 +4473,10 @@ int swad__getFile (struct soap *soap, /***** Allocate space for strings *****/ getFileOut->fileName = (char *) soap_malloc (Gbl.soap,NAME_MAX + 1); - getFileOut->URL = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + getFileOut->URL = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); getFileOut->license = (char *) soap_malloc (Gbl.soap,Brw_MAX_LENGTH_LICENSE + 1); getFileOut->publisherName = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_FULL_NAME + 1); - getFileOut->publisherPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_BYTES_URL + 1); + getFileOut->publisherPhoto = (char *) soap_malloc (Gbl.soap,Cns_MAX_LENGTH_WWW + 1); /***** Default values returned on error *****/ getFileOut->fileName[0] = '\0'; @@ -4561,7 +4584,7 @@ int swad__getFile (struct soap *soap, /***** Copy data into output structure *****/ Str_Copy (getFileOut->fileName,FileMetadata.FilFolLnkName,NAME_MAX); - Str_Copy (getFileOut->URL,URL,Cns_MAX_BYTES_URL); + Str_Copy (getFileOut->URL,URL,Cns_MAX_LENGTH_WWW); getFileOut->size = (int) FileMetadata.Size; @@ -4579,7 +4602,7 @@ int swad__getFile (struct soap *soap, Usr_MAX_BYTES_FULL_NAME); Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL); - Str_Copy (getFileOut->publisherPhoto,PhotoURL,Cns_MAX_BYTES_URL); + Str_Copy (getFileOut->publisherPhoto,PhotoURL,Cns_MAX_LENGTH_WWW); } return SOAP_OK; @@ -4597,6 +4620,7 @@ int swad__getMarks (struct soap *soap, struct FileMetadata FileMetadata; char SummaryStr[NAME_MAX+1]; // Really not used char *ContentStr; + size_t Length; /***** Initializations *****/ Gbl.soap = soap; @@ -4664,10 +4688,9 @@ int swad__getMarks (struct soap *soap, 0,true); if (ContentStr != NULL) { - getMarksOut->content = (char *) soap_malloc (Gbl.soap,strlen (ContentStr)+1); - - strcpy (getMarksOut->content,ContentStr); - + Length = strlen (ContentStr); + getMarksOut->content = (char *) soap_malloc (Gbl.soap,Length + 1); + Str_Copy (getMarksOut->content,ContentStr,Length); free ((void *) ContentStr); ContentStr = NULL; } diff --git a/swad_zip.c b/swad_zip.c index 211a28ec..23f39168 100644 --- a/swad_zip.c +++ b/swad_zip.c @@ -29,7 +29,7 @@ #include // For errno #include // For PATH_MAX #include // For system... -#include // For strcpy... +#include // For string functions... #include // For mkdir... #include // For mkdir... #include // For chdir... @@ -272,7 +272,7 @@ static void ZIP_CreateTmpDirForCompression (void) Fil_RemoveOldTmpFiles (PathZipPriv,Cfg_TIME_TO_DELETE_BROWSER_ZIP_FILES,false); /***** Create a new temporary directory *****/ - strcpy (Gbl.FileBrowser.ZIP.TmpDir,Gbl.UniqueNameEncrypted); + Str_Copy (Gbl.FileBrowser.ZIP.TmpDir,Gbl.UniqueNameEncrypted,NAME_MAX); sprintf (PathDirTmp,"%s/%s",PathZipPriv,Gbl.FileBrowser.ZIP.TmpDir); if (mkdir (PathDirTmp,(mode_t) 0xFFF)) Lay_ShowErrorAndExit ("Can not create temporary folder for compression."); @@ -283,14 +283,14 @@ static void ZIP_CreateTmpDirForCompression (void) /**************** in the temporary directory of compression ******************/ /*****************************************************************************/ +#define ZIP_MAX_LENGTH_FULL_NAME_AND_ID (Usr_MAX_BYTES_FULL_NAME + 1 + ID_MAX_LENGTH_USR_ID + 10) + static void ZIP_CreateDirCompressionUsr (struct UsrData *UsrDat) { - char FullNameAndUsrID[(Usr_MAX_BYTES_NAME + 1)*3+ - ID_MAX_LENGTH_USR_ID+1+ - 10+1]; - char PathFolderUsrInsideCrs[PATH_MAX+1]; - char LinkTmpUsr[PATH_MAX+1]; - char Link[PATH_MAX+1]; + char FullNameAndUsrID[ZIP_MAX_LENGTH_FULL_NAME_AND_ID + 1]; + char PathFolderUsrInsideCrs[PATH_MAX + 1]; + char LinkTmpUsr[PATH_MAX + 1]; + char Link[PATH_MAX + 1]; unsigned NumTry; bool Success; @@ -298,7 +298,7 @@ static void ZIP_CreateDirCompressionUsr (struct UsrData *UsrDat) with a name that identifies the owner of the assignments and works *****/ /* Create link name for this user */ - strcpy (FullNameAndUsrID,UsrDat->Surname1); + Str_Copy (FullNameAndUsrID,UsrDat->Surname1,ZIP_MAX_LENGTH_FULL_NAME_AND_ID); if (UsrDat->Surname1[0] && UsrDat->Surname2[0]) strcat (FullNameAndUsrID,"_"); // Separation between surname 1 and surname 2