[compiler-rt] [compiler-rt] [code-quality] replaced insecure function calls in _initializeAvailabilityCheck (PR #98659)

via llvm-commits llvm-commits at lists.llvm.org
Fri Jul 12 09:32:33 PDT 2024 

https://github.com/gbMattN created https://github.com/llvm/llvm-project/pull/98659

Replacing the insecure functions with their more secure versions as recommended in issue 64611 (https://github.com/llvm/llvm-project/issues/64611)

>From fa2fa6f305538a4c6744913d76f11b622a7a0b8f Mon Sep 17 00:00:00 2001
From: Matthew Nagy <gbmatt at tiger-linux2.domain.snsys.com>
Date: Fri, 12 Jul 2024 16:29:51 +0000
Subject: [PATCH] [compiler-rt] [code-quality] replaced insecure function calls
 in _initializeAvailabilityCheck

---
 compiler-rt/lib/builtins/os_version_check.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/compiler-rt/lib/builtins/os_version_check.c b/compiler-rt/lib/builtins/os_version_check.c
index 01fae834ab219..50c9fee4f8c55 100644
--- a/compiler-rt/lib/builtins/os_version_check.c
+++ b/compiler-rt/lib/builtins/os_version_check.c
@@ -171,8 +171,9 @@ static void _initializeAvailabilityCheck(bool LoadPlist) {
   strcat(FullPath, PListPath);
   PListPath = FullPath;
 #endif
-  FILE *PropertyList = fopen(PListPath, "r");
-  if (!PropertyList)
+  FILE *PropertyList;
+  errno_t FileOpenResult = fopen_s(PropertyList, PListPath, "r");
+  if (FileOpenResult != 0)
     return;
 
   // Dynamically allocated stuff.
@@ -186,7 +187,7 @@ static void _initializeAvailabilityCheck(bool LoadPlist) {
     goto Fail;
   rewind(PropertyList);
 
-  PListBuf = malloc((size_t)PListFileSize);
+  PListBuf = calloc((size_t)PListFileSize, 1);
   if (!PListBuf)
     goto Fail;
 
@@ -224,7 +225,7 @@ static void _initializeAvailabilityCheck(bool LoadPlist) {
   if (!(*CFStringGetCStringFunc)((CFStringRef)OpaqueValue, VersionStr,
                                  sizeof(VersionStr), CF_STRING_ENCODING_UTF8))
     goto Fail;
-  sscanf(VersionStr, "%d.%d.%d", &GlobalMajor, &GlobalMinor, &GlobalSubminor);
+  sscanf_s(VersionStr, "%d.%d.%d", &GlobalMajor, &GlobalMinor, &GlobalSubminor);
 
 Fail:
   if (PListRef)

More information about the llvm-commits mailing list