Commit 6b9297882e0106b5c0af53320673d6341b9bea91
1 parent
8be82776
Mark secure CRT warnings with comment
Put a specific comment marker next to every piece of code that MSVC gives warning 4996 for. This warning is generated for calls to functions that Microsoft considers insecure or deprecated. This change is in preparation for fixing all these cases even though none of them are actually incorrect or insecure as used in qpdf. The comment marker makes them easier to find so they can be fixed in subsequent commits.
Showing
17 changed files
with
33 additions
and
33 deletions
libqpdf/FileInputSource.cc
| ... | ... | @@ -16,7 +16,7 @@ FileInputSource::setFilename(char const* filename) |
| 16 | 16 | this->filename = filename; |
| 17 | 17 | this->close_file = true; |
| 18 | 18 | this->file = QUtil::fopen_wrapper(std::string("open ") + this->filename, |
| 19 | - fopen(this->filename.c_str(), "rb")); | |
| 19 | + fopen(this->filename.c_str(), "rb")); // XXXX | |
| 20 | 20 | } |
| 21 | 21 | |
| 22 | 22 | void | ... | ... |
libqpdf/MD5.cc
| ... | ... | @@ -330,7 +330,7 @@ void MD5::encodeFile(char const *filename, int up_to_size) |
| 330 | 330 | |
| 331 | 331 | FILE *file = QUtil::fopen_wrapper( |
| 332 | 332 | std::string("MD5: open ") + filename, |
| 333 | - fopen(filename, "rb")); | |
| 333 | + fopen(filename, "rb")); // XXXX | |
| 334 | 334 | |
| 335 | 335 | size_t len; |
| 336 | 336 | int so_far = 0; | ... | ... |
libqpdf/Pl_ASCIIHexDecoder.cc
| ... | ... | @@ -9,7 +9,7 @@ Pl_ASCIIHexDecoder::Pl_ASCIIHexDecoder(char const* identifier, Pipeline* next) : |
| 9 | 9 | pos(0), |
| 10 | 10 | eod(false) |
| 11 | 11 | { |
| 12 | - strcpy(this->inbuf, "00"); | |
| 12 | + strcpy(this->inbuf, "00"); // XXXX | |
| 13 | 13 | } |
| 14 | 14 | |
| 15 | 15 | Pl_ASCIIHexDecoder::~Pl_ASCIIHexDecoder() |
| ... | ... | @@ -98,7 +98,7 @@ Pl_ASCIIHexDecoder::flush() |
| 98 | 98 | getNext()->write(&ch, 1); |
| 99 | 99 | |
| 100 | 100 | this->pos = 0; |
| 101 | - strcpy(this->inbuf, "00"); | |
| 101 | + strcpy(this->inbuf, "00"); // XXXX | |
| 102 | 102 | } |
| 103 | 103 | |
| 104 | 104 | void | ... | ... |
libqpdf/Pl_StdioFile.cc
libqpdf/QPDFWriter.cc
| ... | ... | @@ -105,7 +105,7 @@ QPDFWriter::setOutputFilename(char const* filename) |
| 105 | 105 | { |
| 106 | 106 | QTC::TC("qpdf", "QPDFWriter write to file"); |
| 107 | 107 | f = QUtil::fopen_wrapper(std::string("open ") + filename, |
| 108 | - fopen(filename, "wb+")); | |
| 108 | + fopen(filename, "wb+")); // XXXX | |
| 109 | 109 | close_file = true; |
| 110 | 110 | } |
| 111 | 111 | setOutputFile(description, f, close_file); | ... | ... |
libqpdf/QPDF_String.cc
libqpdf/QTC.cc
| ... | ... | @@ -39,7 +39,7 @@ void QTC::TC(char const* const scope, char const* const ccase, int n) |
| 39 | 39 | |
| 40 | 40 | FILE* tc = |
| 41 | 41 | QUtil::fopen_wrapper("open test coverage file (" + filename + ")", |
| 42 | - fopen(filename.c_str(), "ab")); | |
| 42 | + fopen(filename.c_str(), "ab")); // XXXX | |
| 43 | 43 | fprintf(tc, "%s %d\n", ccase, n); |
| 44 | 44 | fclose(tc); |
| 45 | 45 | } | ... | ... |
libqpdf/QUtil.cc
| ... | ... | @@ -84,7 +84,7 @@ QUtil::unsigned_char_pointer(char const* str) |
| 84 | 84 | void |
| 85 | 85 | QUtil::throw_system_error(std::string const& description) |
| 86 | 86 | { |
| 87 | - throw std::runtime_error(description + ": " + strerror(errno)); | |
| 87 | + throw std::runtime_error(description + ": " + strerror(errno)); // XXXX | |
| 88 | 88 | } |
| 89 | 89 | |
| 90 | 90 | int |
| ... | ... | @@ -159,7 +159,7 @@ QUtil::hex_encode(std::string const& input) |
| 159 | 159 | buf[hex_size - 1] = '\0'; |
| 160 | 160 | for (unsigned int i = 0; i < input_size; ++i) |
| 161 | 161 | { |
| 162 | - sprintf(buf + i * 2, "%02x", static_cast<unsigned char>(input[i])); | |
| 162 | + sprintf(buf + i * 2, "%02x", static_cast<unsigned char>(input[i])); // XXXX | |
| 163 | 163 | } |
| 164 | 164 | return buf; |
| 165 | 165 | } | ... | ... |
libtests/aes.cc
| ... | ... | @@ -89,14 +89,14 @@ int main(int argc, char* argv[]) |
| 89 | 89 | unsigned int hexkeylen = strlen(hexkey); |
| 90 | 90 | unsigned int keylen = hexkeylen / 2; |
| 91 | 91 | |
| 92 | - FILE* infile = fopen(infilename, "rb"); | |
| 92 | + FILE* infile = fopen(infilename, "rb"); // XXXX | |
| 93 | 93 | if (infile == 0) |
| 94 | 94 | { |
| 95 | 95 | std::cerr << "can't open " << infilename << std::endl; |
| 96 | 96 | exit(2); |
| 97 | 97 | } |
| 98 | 98 | |
| 99 | - FILE* outfile = fopen(outfilename, "wb"); | |
| 99 | + FILE* outfile = fopen(outfilename, "wb"); // XXXX | |
| 100 | 100 | if (outfile == 0) |
| 101 | 101 | { |
| 102 | 102 | std::cerr << "can't open " << outfilename << std::endl; | ... | ... |
libtests/flate.cc
| ... | ... | @@ -10,10 +10,10 @@ |
| 10 | 10 | |
| 11 | 11 | FILE* safe_fopen(char const* filename, char const* mode) |
| 12 | 12 | { |
| 13 | - FILE* result = fopen(filename, mode); | |
| 13 | + FILE* result = fopen(filename, mode); // XXXX | |
| 14 | 14 | if (result == 0) |
| 15 | 15 | { |
| 16 | - std::cerr << "fopen " << filename << " failed: " << strerror(errno) | |
| 16 | + std::cerr << "fopen " << filename << " failed: " << strerror(errno) // XXXX | |
| 17 | 17 | << std::endl; |
| 18 | 18 | exit(2); |
| 19 | 19 | } | ... | ... |
libtests/lzw.cc
| ... | ... | @@ -27,9 +27,9 @@ int main(int argc, char* argv[]) |
| 27 | 27 | char* outfilename = argv[2]; |
| 28 | 28 | |
| 29 | 29 | FILE* infile = QUtil::fopen_wrapper("open input file", |
| 30 | - fopen(infilename, "rb")); | |
| 30 | + fopen(infilename, "rb")); // XXXX | |
| 31 | 31 | FILE* outfile = QUtil::fopen_wrapper("open output file", |
| 32 | - fopen(outfilename, "wb")); | |
| 32 | + fopen(outfilename, "wb")); // XXXX | |
| 33 | 33 | |
| 34 | 34 | Pl_StdioFile out("output", outfile); |
| 35 | 35 | Pl_LZWDecoder decode("decode", &out, early_code_change); | ... | ... |
libtests/md5.cc
libtests/png_filter.cc
| ... | ... | @@ -9,10 +9,10 @@ |
| 9 | 9 | |
| 10 | 10 | FILE* safe_fopen(char const* filename, char const* mode) |
| 11 | 11 | { |
| 12 | - FILE* result = fopen(filename, mode); | |
| 12 | + FILE* result = fopen(filename, mode); // XXXX | |
| 13 | 13 | if (result == 0) |
| 14 | 14 | { |
| 15 | - std::cerr << "fopen " << filename << " failed: " << strerror(errno) | |
| 15 | + std::cerr << "fopen " << filename << " failed: " << strerror(errno) // XXXX | |
| 16 | 16 | << std::endl; |
| 17 | 17 | exit(2); |
| 18 | 18 | } | ... | ... |
libtests/qutil.cc
| ... | ... | @@ -66,7 +66,7 @@ void fopen_wrapper_test() |
| 66 | 66 | { |
| 67 | 67 | std::cout << "before fopen" << std::endl; |
| 68 | 68 | f = QUtil::fopen_wrapper("fopen file", |
| 69 | - fopen("/this/file/does/not/exist", "r")); | |
| 69 | + fopen("/this/file/does/not/exist", "r")); // XXXX | |
| 70 | 70 | std::cout << "after fopen" << std::endl; |
| 71 | 71 | (void) fclose(f); |
| 72 | 72 | } |
| ... | ... | @@ -89,7 +89,7 @@ void getenv_test() |
| 89 | 89 | static void print_utf8(unsigned long val) |
| 90 | 90 | { |
| 91 | 91 | char t[20]; |
| 92 | - sprintf(t, "%lx", val); | |
| 92 | + sprintf(t, "%lx", val); // XXXX | |
| 93 | 93 | std::string result = QUtil::toUTF8(val); |
| 94 | 94 | std::cout << "0x" << t << " ->"; |
| 95 | 95 | if (val < 0xfffe) |
| ... | ... | @@ -105,7 +105,7 @@ static void print_utf8(unsigned long val) |
| 105 | 105 | iter != result.end(); ++iter) |
| 106 | 106 | { |
| 107 | 107 | char t[3]; |
| 108 | - sprintf(t, "%02x", static_cast<unsigned char>(*iter)); | |
| 108 | + sprintf(t, "%02x", static_cast<unsigned char>(*iter)); // XXXX | |
| 109 | 109 | std::cout << " " << t; |
| 110 | 110 | } |
| 111 | 111 | } | ... | ... |
libtests/rc4.cc
| ... | ... | @@ -22,7 +22,7 @@ int main(int argc, char* argv[]) |
| 22 | 22 | unsigned char* key = new unsigned char[keylen + 1]; |
| 23 | 23 | key[keylen] = '\0'; |
| 24 | 24 | |
| 25 | - FILE* infile = fopen(infilename, "rb"); | |
| 25 | + FILE* infile = fopen(infilename, "rb"); // XXXX | |
| 26 | 26 | if (infile == 0) |
| 27 | 27 | { |
| 28 | 28 | std::cerr << "can't open " << infilename << std::endl; |
| ... | ... | @@ -40,7 +40,7 @@ int main(int argc, char* argv[]) |
| 40 | 40 | key[i/2] = static_cast<unsigned char>(val); |
| 41 | 41 | } |
| 42 | 42 | |
| 43 | - FILE* outfile = fopen(outfilename, "wb"); | |
| 43 | + FILE* outfile = fopen(outfilename, "wb"); // XXXX | |
| 44 | 44 | if (outfile == 0) |
| 45 | 45 | { |
| 46 | 46 | std::cerr << "can't open " << outfilename << std::endl; | ... | ... |
qpdf/qpdf-ctest.c
| ... | ... | @@ -56,11 +56,11 @@ static void read_file_into_memory(char const* filename, |
| 56 | 56 | size_t bytes_read = 0; |
| 57 | 57 | size_t len = 0; |
| 58 | 58 | |
| 59 | - f = fopen(filename, "rb"); | |
| 59 | + f = fopen(filename, "rb"); /* XXXX */ | |
| 60 | 60 | if (f == NULL) |
| 61 | 61 | { |
| 62 | 62 | fprintf(stderr, "%s: unable to open %s: %s\n", |
| 63 | - whoami, filename, strerror(errno)); | |
| 63 | + whoami, filename, strerror(errno)); /* XXXX */ | |
| 64 | 64 | exit(2); |
| 65 | 65 | } |
| 66 | 66 | fseek(f, 0, SEEK_END); |
| ... | ... | @@ -364,11 +364,11 @@ static void test16(char const* infile, |
| 364 | 364 | qpdf_set_static_aes_IV(qpdf, QPDF_TRUE); |
| 365 | 365 | qpdf_set_stream_data_mode(qpdf, qpdf_s_uncompress); |
| 366 | 366 | qpdf_write(qpdf); |
| 367 | - f = fopen(outfile, "wb"); | |
| 367 | + f = fopen(outfile, "wb"); /* XXXX */ | |
| 368 | 368 | if (f == NULL) |
| 369 | 369 | { |
| 370 | 370 | fprintf(stderr, "%s: unable to open %s: %s\n", |
| 371 | - whoami, outfile, strerror(errno)); | |
| 371 | + whoami, outfile, strerror(errno)); /* XXXX */ | |
| 372 | 372 | exit(2); |
| 373 | 373 | } |
| 374 | 374 | buflen = qpdf_get_buffer_length(qpdf); | ... | ... |
qpdf/test_driver.cc
| ... | ... | @@ -166,7 +166,7 @@ void runtest(int n, char const* filename1, char const* arg2) |
| 166 | 166 | { |
| 167 | 167 | QTC::TC("qpdf", "exercise processFile(FILE*)"); |
| 168 | 168 | filep = QUtil::fopen_wrapper(std::string("open ") + filename1, |
| 169 | - fopen(filename1, "rb")); | |
| 169 | + fopen(filename1, "rb")); // XXXX | |
| 170 | 170 | pdf.processFile(filename1, filep, false); |
| 171 | 171 | } |
| 172 | 172 | } |
| ... | ... | @@ -174,7 +174,7 @@ void runtest(int n, char const* filename1, char const* arg2) |
| 174 | 174 | { |
| 175 | 175 | QTC::TC("qpdf", "exercise processMemoryFile"); |
| 176 | 176 | FILE* f = QUtil::fopen_wrapper(std::string("open ") + filename1, |
| 177 | - fopen(filename1, "rb")); | |
| 177 | + fopen(filename1, "rb")); // XXXX | |
| 178 | 178 | fseek(f, 0, SEEK_END); |
| 179 | 179 | size_t size = QUtil::tell(f); |
| 180 | 180 | fseek(f, 0, SEEK_SET); |
| ... | ... | @@ -719,7 +719,7 @@ void runtest(int n, char const* filename1, char const* arg2) |
| 719 | 719 | Buffer* b = w.getBuffer(); |
| 720 | 720 | std::string const filename = (i == 0 ? "a.pdf" : "b.pdf"); |
| 721 | 721 | FILE* f = QUtil::fopen_wrapper("open " + filename, |
| 722 | - fopen(filename.c_str(), "wb")); | |
| 722 | + fopen(filename.c_str(), "wb")); // XXXX | |
| 723 | 723 | fwrite(b->getBuffer(), b->getSize(), 1, f); |
| 724 | 724 | fclose(f); |
| 725 | 725 | delete b; |
| ... | ... | @@ -803,7 +803,7 @@ void runtest(int n, char const* filename1, char const* arg2) |
| 803 | 803 | |
| 804 | 804 | // Exercise writing to FILE* |
| 805 | 805 | FILE* out = QUtil::fopen_wrapper(std::string("open a.pdf"), |
| 806 | - fopen("a.pdf", "wb")); | |
| 806 | + fopen("a.pdf", "wb")); // XXXX | |
| 807 | 807 | QPDFWriter w(pdf, "FILE* a.pdf", out, true); |
| 808 | 808 | w.setStaticID(true); |
| 809 | 809 | w.setStreamDataMode(qpdf_s_preserve); |
| ... | ... | @@ -1184,7 +1184,7 @@ void runtest(int n, char const* filename1, char const* arg2) |
| 1184 | 1184 | w.write(); |
| 1185 | 1185 | PointerHolder<Buffer> b = p.getBuffer(); |
| 1186 | 1186 | FILE* f = QUtil::fopen_wrapper("open a.pdf", |
| 1187 | - fopen("a.pdf", "wb")); | |
| 1187 | + fopen("a.pdf", "wb")); // XXXX | |
| 1188 | 1188 | fwrite(b->getBuffer(), b->getSize(), 1, f); |
| 1189 | 1189 | fclose(f); |
| 1190 | 1190 | } | ... | ... |