From c4bfc0dcbdeb18563c579643cce0fe1fb07abad0 Mon Sep 17 00:00:00 2001
From: Jim Schaff <schaff.jim@gmail.com>
Date: Thu, 8 Feb 2024 21:28:31 -0500
Subject: [PATCH] fix sprintf overflows, missing return values and type
 warnings in NFSim

---
 NFsim_v1.11/VCell/src/VCellNFSim.cpp          | 12 ++++---
 NFsim_v1.11/src/NFcore/NFcore.hh              | 12 +++----
 .../src/NFfunction/muParser/muParserBase.cpp  |  2 +-
 .../src/NFfunction/muParser/muParserBase.h    |  4 +--
 .../src/NFfunction/muParser/muParserToken.h   |  2 +-
 .../muParser/muParserTokenReader.cpp          |  4 +--
 .../transformations/transformationSet.cpp     |  1 +
 NFsim_v1.11/src/NFscheduler/Scheduler.cpp     | 36 ++++++-------------
 NFsim_v1.11/src/nauty24/nauty.c               |  3 +-
 9 files changed, 33 insertions(+), 43 deletions(-)

diff --git a/NFsim_v1.11/VCell/src/VCellNFSim.cpp b/NFsim_v1.11/VCell/src/VCellNFSim.cpp
index 6562606c0..d1807a563 100644
--- a/NFsim_v1.11/VCell/src/VCellNFSim.cpp
+++ b/NFsim_v1.11/VCell/src/VCellNFSim.cpp
@@ -23,7 +23,7 @@ namespace {
 	bool startupMessaging(int argc, char **argv, vcell::JMSHolder & holder);
 	int nfsimExit(int returnCode, const std::string& errorMsg);
 	void printUsage();
-	int parseInteger(const char * input);
+	int parseTaskId(const char * input);
 	const int unsetTaskId = -1;
 	inline void noop( ) {}
 	/**
@@ -102,9 +102,9 @@ void printUsage() {
 			<< std::endl;
 }
 
-int parseInteger(const char * input) {
-	if (input != 0) {
-		const int eos = strlen(input);
+int parseTaskId(const char * input) {
+	if (input != nullptr) {
+		const size_t eos = strlen(input);
 		for (int i = 0; i < eos; i++) {
 			const char c = input[i];
 			if ((c < '0') || (c > '9')) {
@@ -114,6 +114,8 @@ int parseInteger(const char * input) {
 		}
 		return atoi(input);
 	}
+    // should never reach this code
+    return unsetTaskId;
 }
 /*
  # JMS_Paramters
@@ -166,7 +168,7 @@ bool startupMessaging(int argc, char **argv, vcell::JMSHolder & holder)  {
 		const int penultimate = argc - 1;
 		for (int i = 0; i < penultimate; i++) {
 			if (strcmp(argv[i], "-tid") == 0) {
-				taskId = parseInteger(argv[i + 1]);
+				taskId = parseTaskId(argv[i + 1]);
 			}
 			if (strcmp(argv[i], "-xml") == 0) {
 				inputFilename = argv[i + 1];
diff --git a/NFsim_v1.11/src/NFcore/NFcore.hh b/NFsim_v1.11/src/NFcore/NFcore.hh
index 5108d972e..cf5de0618 100644
--- a/NFsim_v1.11/src/NFcore/NFcore.hh
+++ b/NFsim_v1.11/src/NFcore/NFcore.hh
@@ -282,14 +282,14 @@ namespace NFcore
 
 			void setUniversalTraversalLimit(int utl);
 
-			bool isUsingVCellCompartments() { return useVCellCompartments; };
-			bool setUsingVCellCompartments( bool val ) { useVCellCompartments = val; };
+			bool isUsingVCellCompartments() const { return useVCellCompartments; };
+			void setUsingVCellCompartments( bool val ) { useVCellCompartments = val; };
 
-			bool hasVCellAnchors() { return this->bHasVCellAnchors; };
-			bool setVCellAnchors( bool val ) { this->bHasVCellAnchors = val; };
+			bool hasVCellAnchors() const { return this->bHasVCellAnchors; };
+			void setVCellAnchors( bool val ) { this->bHasVCellAnchors = val; };
 
-			bool isCheckingProductMaching() { return this->bCheckingProductMatching; };
-			bool setCheckingProductMaching( bool val ) { this->bCheckingProductMatching = val; };
+			bool isCheckingProductMaching() const { return this->bCheckingProductMatching; };
+			void setCheckingProductMaching( bool val ) { this->bCheckingProductMatching = val; };
 
 			void setEvaluateComplexScopedLocalFunctions( bool val ) { evaluateComplexScopedLocalFunctions = val; };
 			bool getEvaluateComplexScopedLocalFunctions( ) const { return evaluateComplexScopedLocalFunctions; };
diff --git a/NFsim_v1.11/src/NFfunction/muParser/muParserBase.cpp b/NFsim_v1.11/src/NFfunction/muParser/muParserBase.cpp
index 5db154684..0ea56541e 100644
--- a/NFsim_v1.11/src/NFfunction/muParser/muParserBase.cpp
+++ b/NFsim_v1.11/src/NFfunction/muParser/muParserBase.cpp
@@ -48,7 +48,7 @@ namespace mu
       When defining custom binary operators with #AddOprt(...) make sure not to choose 
       names conflicting with these definitions. 
   */
-  char_type* ParserBase::c_DefaultOprt[] = 
+  const char_type* ParserBase::c_DefaultOprt[] =
   { 
     _T("<="), _T(">="),  _T("!="), 
     _T("=="), _T("<"),   _T(">"), 
diff --git a/NFsim_v1.11/src/NFfunction/muParser/muParserBase.h b/NFsim_v1.11/src/NFfunction/muParser/muParserBase.h
index ae7f56270..e4f6b7cac 100644
--- a/NFsim_v1.11/src/NFfunction/muParser/muParserBase.h
+++ b/NFsim_v1.11/src/NFfunction/muParser/muParserBase.h
@@ -194,7 +194,7 @@ friend class ParserTokenReader;
     virtual void InitConst() = 0;
     virtual void InitOprt() = 0; 
 
-    static char_type *c_DefaultOprt[]; 
+    static const char_type *c_DefaultOprt[];
 
  private:
 
@@ -244,7 +244,7 @@ friend class ParserTokenReader;
     mutable stringbuf_type  m_vStringBuf; ///< String buffer, used for storing string function arguments
     stringbuf_type  m_vStringVarBuf;
 
-    std::auto_ptr<token_reader_type> m_pTokenReader; ///< Managed pointer to the token reader object.
+    std::unique_ptr<token_reader_type> m_pTokenReader; ///< Managed pointer to the token reader object.
 
     funmap_type  m_FunDef;        ///< Map of function names and pointers.
     funmap_type  m_PostOprtDef;   ///< Postfix operator callbacks
diff --git a/NFsim_v1.11/src/NFfunction/muParser/muParserToken.h b/NFsim_v1.11/src/NFfunction/muParser/muParserToken.h
index bf0ca9754..f5fe14c06 100644
--- a/NFsim_v1.11/src/NFfunction/muParser/muParserToken.h
+++ b/NFsim_v1.11/src/NFfunction/muParser/muParserToken.h
@@ -78,7 +78,7 @@ namespace mu
       TString m_strTok;   ///< Token string
       TString m_strVal;   ///< Value for string variables
       value_type m_fVal;
-      std::auto_ptr<ParserCallback> m_pCallback;
+      std::unique_ptr<ParserCallback> m_pCallback;
 
   public:
 
diff --git a/NFsim_v1.11/src/NFfunction/muParser/muParserTokenReader.cpp b/NFsim_v1.11/src/NFfunction/muParser/muParserTokenReader.cpp
index 1b42621e3..92cbade30 100644
--- a/NFsim_v1.11/src/NFfunction/muParser/muParserTokenReader.cpp
+++ b/NFsim_v1.11/src/NFfunction/muParser/muParserTokenReader.cpp
@@ -145,7 +145,7 @@ namespace mu
   */
   ParserTokenReader* ParserTokenReader::Clone(ParserBase *a_pParent) const
   {
-    std::auto_ptr<ParserTokenReader> ptr(new ParserTokenReader(*this));
+    std::unique_ptr<ParserTokenReader> ptr(new ParserTokenReader(*this));
     ptr->SetParent(a_pParent);
     return ptr.release();
   }
@@ -807,7 +807,7 @@ namespace mu
 		m_pParser->m_vStringBuf.push_back(strTok); // Store string in internal buffer
     a_Tok.SetString(strTok, m_pParser->m_vStringBuf.size());
 
-    m_iPos += (int)strTok.length() + 2 + (int)iSkip;  // +2 wg Anführungszeichen; +iSkip für entfernte escape zeichen
+    m_iPos += (int)strTok.length() + 2 + (int)iSkip;  // +2 wg Anfï¿½hrungszeichen; +iSkip fï¿½r entfernte escape zeichen
     m_iSynFlags = m_iSynFlags = noANY ^ ( noARG_SEP | noBC | noOPT | noEND );
 
     return true;
diff --git a/NFsim_v1.11/src/NFreactions/transformations/transformationSet.cpp b/NFsim_v1.11/src/NFreactions/transformations/transformationSet.cpp
index ee6de8db7..f787168bc 100644
--- a/NFsim_v1.11/src/NFreactions/transformations/transformationSet.cpp
+++ b/NFsim_v1.11/src/NFreactions/transformations/transformationSet.cpp
@@ -124,6 +124,7 @@ TransformationSet::getTemplateMolecule( unsigned int reactantIndex ) const
 	{
 		return addmol[reactantIndex-n_reactants];
 	}
+    return nullptr;
 }
 
 
diff --git a/NFsim_v1.11/src/NFscheduler/Scheduler.cpp b/NFsim_v1.11/src/NFscheduler/Scheduler.cpp
index 208fec135..a8e1fefdd 100644
--- a/NFsim_v1.11/src/NFscheduler/Scheduler.cpp
+++ b/NFsim_v1.11/src/NFscheduler/Scheduler.cpp
@@ -268,20 +268,6 @@ void findandreplace(string &source, string find, string replace) {
 	}
 }
 
-const char* itoa(int inNum) {
-	stringstream strout;
-	strout << inNum;
-	strout.flush();
-	return strout.str().data();
-}
-
-const char* dtoa(double inNum) {
-	stringstream strout;
-	strout << inNum;
-	strout.flush();
-	return strout.str().data();
-}
-
 // MPI communication routines
 void send_to_slave(int slave, int tag, int datalen, char *data) {
 	msg.src = MASTER;
@@ -333,25 +319,25 @@ void recv_from_master() {
 #endif
 }
 
-void job2str(job& j, char* p) {
-	sprintf(p, "%s,", j.filename.c_str());	p += strlen(p);	
-	sprintf(p, "%d,", j.processors);	    p += strlen(p);
+void job2str(job &j, char *p, size_t buf_size) {
+	snprintf(p, buf_size, "%s,", j.filename.c_str());	buf_size -= strlen(p); p += strlen(p);
+	snprintf(p, buf_size, "%d,", j.processors);	  buf_size -= strlen(p); p += strlen(p);
 
 	int argc = j.argument.size();
-	sprintf(p, "%d,", argc); p += strlen(p);
+	snprintf(p, buf_size, "%d,", argc);  buf_size -= strlen(p); p += strlen(p);
 	if (argc > 0) {
 	for (int i = 0; i < argc; ++i) {
-		sprintf(p, "%s,",  j.argument[i].c_str()); p += strlen(p);
-		sprintf(p, "%s,",  j.argval[i].c_str()); p += strlen(p);
+		snprintf(p, buf_size, "%s,",  j.argument[i].c_str()); buf_size -= strlen(p); p += strlen(p);
+		snprintf(p, buf_size, "%s,",  j.argval[i].c_str()); buf_size -= strlen(p); p += strlen(p);
 	}
 	}
 
 	int n = j.parameters.size();
-	sprintf(p, "%d,", n); p += strlen(p);
+	snprintf(p, buf_size, "%d,", n); buf_size -= strlen(p); p += strlen(p);
 	if (n > 0) {
 	for (int i = 0; i < n; ++i) {
-		sprintf(p, "%s,",  j.parameters[i].c_str()); p += strlen(p);
-		sprintf(p, "%lg,", j.values[i]); p += strlen(p);
+		snprintf(p, buf_size, "%s,",  j.parameters[i].c_str()); buf_size -= strlen(p); p += strlen(p);
+		snprintf(p, buf_size, "%lg,", j.values[i]); buf_size -= strlen(p); p += strlen(p);
 	}
 	}
 }
@@ -533,7 +519,7 @@ void DynamicParallel (map<string, string> argMap,int rank,int size) {
 				if (!done) {
 					printf("master: assigning work #%d to slave #%d \n", jcount, msg.src);
 					char str[MSG_DATA_SIZE];
-					job2str(jnow, str);
+                    job2str(jnow, str, MSG_DATA_SIZE);
 					slave_assignment[msg.src] = pjob;
 					send_to_slave(msg.src, cmd_job, strlen(str)+1, str);
 				} else {
@@ -577,7 +563,7 @@ void DynamicParallel (map<string, string> argMap,int rank,int size) {
 			slave_work(rank, jnow);
 
 			for (int i = 0; i < slave_filenames.size(); ++i) {
-				sprintf(str, "%d,%s", slave_buffers[i].length()+1, slave_filenames[i].c_str());
+				snprintf(str, sizeof(str), "%zu,%s", slave_buffers[i].length()+1, slave_filenames[i].c_str());
 				send_to_master(rank, rpt_pre_data, strlen(str)+1, str);
 				recv_from_master();
 				if (msg.tag != cmd_pre_data_ack) perr("Error: expecting cmd_pre_data_ack");
diff --git a/NFsim_v1.11/src/nauty24/nauty.c b/NFsim_v1.11/src/nauty24/nauty.c
index 26adcdfe0..1047a1029 100644
--- a/NFsim_v1.11/src/nauty24/nauty.c
+++ b/NFsim_v1.11/src/nauty24/nauty.c
@@ -881,7 +881,7 @@ processnode(int *lab, int *ptn, int level, int numcells)
                                    (*dispatch.isautom)(g,workperm,digraph,M,n))
                     code = 1;
             }
-            if (code == 0)
+            if (code == 0) {
                 if (getcanon)
                 {
                     sr = 0;
@@ -910,6 +910,7 @@ processnode(int *lab, int *ptn, int level, int numcells)
                 }
                 else
                     code = 4;
+            }
         }
 
         if (code != 0 && level > stats->maxlevel) stats->maxlevel = level;