src/hg/lib/jksql.c 07236560bae97afc34102ff2ae4a19ea74e7a049

07236560bae97afc34102ff2ae4a19ea74e7a049
angie
  Wed Jun 8 17:00:49 2016 -0700
Replacing some str* functions with safe* functions so that if there is buffer overflow, we'll errAbort instead of carrying on with unterminated strings.  An undetected overflow in sqlQuickQuery caused strange behavior downstream.  refs #17327 note-101

diff --git src/hg/lib/jksql.c src/hg/lib/jksql.c
index 87854db..fd2aa5f 100644
--- src/hg/lib/jksql.c
+++ src/hg/lib/jksql.c
@@ -1915,38 +1915,38 @@
 #else
 boolean doDisableKeys = FALSE;
 #endif
 
 /* determine if tab file can be accessed directly by the database, or send
  * over the network */
 bool sqlNeverLocal = cfgOptionBooleanDefault("db.neverLocal", 0);
 if (((options & SQL_TAB_FILE_ON_SERVER) && !sqlIsRemote(conn)) | sqlNeverLocal)
     {
     /* tab file on server requiries full path */
     strcpy(tabPath, "");
     if (path[0] != '/')
         {
         if (getcwd(tabPath, sizeof(tabPath)) == NULL)
 	    errAbort("sqlLoadTableFile: getcwd failed");
-        strcat(tabPath, "/");
+        safecat(tabPath, sizeof(tabPath), "/");
         }
-    strcat(tabPath, path);
+    safecat(tabPath, sizeof(tabPath), path);
     localOpt = "";
     }
 else
     {
-    strcpy(tabPath, path);
+    safecpy(tabPath, sizeof(tabPath), path);
     localOpt = "LOCAL";
     }
 
 /* optimize for concurrent to others to access the table. */
 if (options & SQL_TAB_FILE_CONCURRENT)
     concurrentOpt = "CONCURRENT";
 else
     {
     concurrentOpt = "";
     if (doDisableKeys)
         {
         /* disable update of indexes during load. Inompatible with concurrent,
          * since enable keys locks other's out. */
         sqlSafef(query, sizeof(query), "ALTER TABLE %s DISABLE KEYS", table);
         sqlUpdate(conn, query);
@@ -2165,31 +2165,31 @@
 
 char *sqlQuickQuery(struct sqlConnection *sc, char *query, char *buf, int bufSize)
 /* Does query and returns first field in first row.  Meant
  * for cases where you are just looking up one small thing.
  * Returns NULL if query comes up empty. */
 {
 struct sqlResult *sr;
 char **row;
 char *ret = NULL;
 
 if ((sr = sqlGetResult(sc, query)) == NULL)
     return NULL;
 row = sqlNextRow(sr);
 if (row != NULL && row[0] != NULL)
     {
-    strncpy(buf, row[0], bufSize);
+    safecpy(buf, bufSize, row[0]);
     ret = buf;
     }
 sqlFreeResult(&sr);
 return ret;
 }
 
 char *sqlNeedQuickQuery(struct sqlConnection *sc, char *query,
 	char *buf, int bufSize)
 /* Does query and returns first field in first row.  Meant
  * for cases where you are just looking up one small thing.
  * Prints error message and aborts if query comes up empty. */
 {
 char *s = sqlQuickQuery(sc, query, buf, bufSize);
 if (s == NULL)
     errAbort("query not found: %s", query);