String safety (#1548)

* Array size UB fixes

* Fix ShieldD

* Remove (almost) all unsafe strcpy calls

Bunch of macros. C arrays are easy enough and just need a different call. For various cases where a char* is passed around bare, I've made a TEXT_SPAN macro that can store a length too for bounds checking.

* Move crash handling in safe string operations to separate TU

* strcat safe version

* sprintf made safe too

* Fix compile
This commit is contained in:
Pieter-Jan Briers
2026-05-24 18:43:00 +02:00
committed by GitHub
parent af162bbd0a
commit a6376368ee
100 changed files with 781 additions and 546 deletions
+1 -1
View File
@@ -183,7 +183,7 @@ bool Z2SoundMgr::startSound(JAISoundID soundID, JAISoundHandle* handle, const JG
return streamMgr_.startSound(soundID, handle, posPtr);
default:
char error[64];
sprintf(error, "Unknown Sound-Type id :%08x\n", (u32)soundID);
SAFE_SPRINTF(error, "Unknown Sound-Type id :%08x\n", (u32)soundID);
JUT_WARN(277, "%s", error);
}