* source/pp/hbpp.c
* source/vm/cmdarg.c
* source/vm/memvars.c
* source/rtl/dates.c
* source/rtl/fstemp.c
* source/rtl/gtchrmap.c
* source/rtl/gtcrs/gtcrs.c
* source/rtl/gtpca/gtpca.c
* source/rtl/gtstd/gtstd.c
* source/rdd/dbf1.c
* source/rdd/dbfntx/dbfntx1.c
* contrib/hbct/disk.c
* contrib/hbfbird/firebird.c
* contrib/hbw32/w32_ole.c
* contrib/xhb/hboutdbg.c
* contrib/examples/pp/hbppcore.c
* strncpy() -> hb_strncpy()
* strncat() -> hb_strncat()
! In most of these places the terminating zero
was not explicitly set by the caller before.
* contrib/hbnf/getenvrn.c
* contrib/hbw32/dllcall.c
* contrib/hbw32/w32_ole.c
* contrib/hbwhat32/_wincdlg.c
* contrib/hbwhat32/_windll.c
* contrib/hbwhat32/_winmain.c
* contrib/hbziparch/hbzipnew.cpp
! strcpy() -> hb_strncpy()
! strcat() -> hb_strncat()
; TOFIX1: There are still two strcpy()s left in SQL_SPRINTF().
Xavi, could you pls take a look at it?
; TOFIX2: There are still a few strcpy()s in hbwince.c and
dbgentry.c.
* source/pp/hbpp.c
* source/rtl/gtcrs/gtcrs.c
* source/rtl/gtpca/gtpca.c
* source/rtl/gtstd/gtstd.c
* contrib/hbfbird/firebird.c
* contrib/hbwhat32/_wincdlg.c
* contrib/hbwhat32/_windll.c
! Fixed wrong buffer sizes (or no buffer limits) in some
string copy operations (potential buffer overruns).
* contrib/hbnf/getenvrn.c
! Fixed bad leak in FT_GETE() on Win32 systems.
* source/rtl/fstemp.c
! hb_fsTempName(): Fixed potential buffer overrun by one byte.
* Minor formatting.
* source/rtl/fstemp.c
* source/rtl/hbffind.c
* contrib/xhb/hboutdbg.c
* Using sizeof() instead of explicit size in string copy operations.
; TODO: There is a lot more to fix like this.
; Przemek, could you double check these changes pls?
I can send you the .diff if it helps.
23221548b4