From 1eab9326969b3c56a233f4285bb716a3939a703f Mon Sep 17 00:00:00 2001
From: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
Date: Wed, 21 Aug 2019 16:53:37 +0800
Subject: Remove potential overflow risk & improve indent

The patch below does:
1) As d_name type may hold 255(NAME_MAX) characters at most,
   so I enlarge the array length to include the proper size.
   maxX and maxY are s32(int32) type(-2,147,483,648 ~ +2,147,483,647),
   which will cost 11 characters at most when writing to the arrary.
   Also silence the warning.
2) Replace sprintf with snprintf, a safer version;
3) Improve indent;
4) Remove debug sentence.

Bug-AGL: SPEC-2422

Change-Id: I6d83a92a3138decd2bc9b750b9659d581a9f1b6b
Signed-off-by: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
---
 tsutils/tsutils.c | 37 ++++++++++++++++++++-----------------
 1 file changed, 20 insertions(+), 17 deletions(-)

(limited to 'tsutils')

diff --git a/tsutils/tsutils.c b/tsutils/tsutils.c
index 79385d1..125e975 100644
--- a/tsutils/tsutils.c
+++ b/tsutils/tsutils.c
@@ -19,40 +19,41 @@
 #include <fcntl.h>
 #include <stdio.h>
 #include <string.h>
+#include <limits.h>
 
 #define LONG_BITS (sizeof(long) << 3)
 #define NUM_LONGS(bits) (((bits) + LONG_BITS - 1) / LONG_BITS)
 #define DEV_INPUT	"/dev/input"
+#define LENGTH_TSDEVNODE (NAME_MAX + 1 + sizeof(DEV_INPUT))
+#define LENGTH_TSINFO (LENGTH_TSDEVNODE + 2 + 11*2)
 
-char tsInfo[200];
+char tsInfo[LENGTH_TSINFO];
 
 static inline int testBit(long bit, const long *array) {
     return (array[bit / LONG_BITS] >> bit % LONG_BITS) & 1;
 }
 
 char* getTouchScreenInfo() {
-	DIR* dir;
+    DIR* dir;
     struct dirent* itemPtr;
     int fd;
     int isSingleTouch = 0, hasTouchScreen = 0;
     long absbits[NUM_LONGS(ABS_CNT)];
-    char tsDevNode[100];
+    char tsDevNode[LENGTH_TSDEVNODE];
     struct input_absinfo absInfo;
+    int maxX, maxY;
 
-	int maxX, maxY;
+    memset(tsDevNode, 0, sizeof(tsDevNode));
+    memset(tsInfo, 0, sizeof(tsInfo));
 
-	memset(tsDevNode, 0, sizeof(tsDevNode));
-	memset(tsInfo, 0, sizeof(tsInfo));
-
-	if ((dir = opendir(DEV_INPUT)) == NULL) {
+    if ((dir = opendir(DEV_INPUT)) == NULL) {
         printf("open %s failed.\n", DEV_INPUT);
         return NULL;
     }
 
-	while ((itemPtr = readdir(dir)) != NULL) {
-        //printf("name : %s---type : %d\n", itemPtr->d_name, itemPtr->d_type);
+    while ((itemPtr = readdir(dir)) != NULL) {
         if ((strstr(itemPtr->d_name, "event") != NULL) && (2 == itemPtr->d_type)) {
-            sprintf(tsDevNode, "%s/%s", DEV_INPUT, itemPtr->d_name);
+            snprintf(tsDevNode, sizeof(tsDevNode), "%s/%s", DEV_INPUT, itemPtr->d_name);
             fd = open(tsDevNode, O_RDONLY);
             if (fd < 0) {
                 printf("open %s failed.\n", tsDevNode);
@@ -81,15 +82,17 @@ char* getTouchScreenInfo() {
             }
 
             hasTouchScreen = 1;
-        	break;
+            break;
         }
     }
 
-	if (!hasTouchScreen) return NULL;
+    if (!hasTouchScreen) {
+        return NULL;
+    }
 
-	sprintf(tsInfo, "%s %d %d", tsDevNode, maxX, maxY);
+    snprintf(tsInfo, sizeof(tsInfo), "%s %d %d", tsDevNode, maxX, maxY);
 
-	close(fd);
-	closedir(dir);
-	return tsInfo;
+    close(fd);
+    closedir(dir);
+    return tsInfo;
 }
-- 
cgit 1.2.3-korg