fix: buffer over bug #113

Fixed buffer overflow error in MEMCHEK macro (snprintf). This was partly
caused by changes in 44ce8fd

Updated pybind11 to version 2.8.1

chore: using shared_ptr to hold simptr. Use simfree as custom deleter.

CMakeLists.txt

@@ -101,7 +101,6 @@ message(STATUS "Option to build documentation: ${OPTION_DOCS}")
 
 ####### Compiler flags ######################
 #
-# Must use a C++14 compatible compiler (gcc>=5.x).
 # NOTE: C++17 has parallel implmenetation of many STL algorithms. It would be
 # nice to use them. Most compilers support C++17 these days.
 #
@@ -153,21 +152,9 @@ if(OPTION_WARNING_AS_ERROR)
     CheckCompilerFlagAndAdd(-Wno-attributes)
 endif()
 
-# We need a c++14 support to build python bindings.
+# We need at least c++14 support to build python bindings.
 if(OPTION_PYTHON)
     set(CMAKE_CXX_STANDARD 14)
-    try_compile(COMPILER_SUPPORT_C14
-        ${CMAKE_BINARY_DIR}/_test_compiler
-        ${CMAKE_CURRENT_SOURCE_DIR}/cmake/test_compiler.cpp
-        OUTPUT_VARIABLE COMPILER_TEST_OUTPUT
-        )
-    if(NOT COMPILER_SUPPORT_C14)
-        message(STATUS "Failed to build test program: ${COMPILER_TEST_OUTPUT}")
-        message(FATAL_ERROR "Your compiler does not support C++14. "
-            "Please use a C++14 compliant compiler. "
-            "See https://en.cppreference.com/w/cpp/compiler_support/14 "
-            "for C++14 support among C++ compilers.")
-    endif()
 endif()
 
 

scripts/update_pybind11.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 git subtree pull --prefix source/pybind11 \
-    https://github.com/pybind/pybind11 master --squash
+    https://github.com/pybind/pybind11 v2.8 --squash

source/SmolEmulate/SmolEmulate.c

@@ -19,7 +19,7 @@
 
 #define CHECKS(A,...)		if(!(A)) {ErrorType=2;sprintf(ErrorString,__VA_ARGS__); goto failure;} else (void)0
 
-char ErrorString[256]="";
+char ErrorString[STRCHARLONG+STRCHAR]="";
 int ErrorType=0;
 FILE* gnu=NULL;
 

source/Smoldyn/smolbng.c

@@ -1330,14 +1330,17 @@ int bngrunBNGL2(bngptr bng,char *filename,char *outname) {
 	remove(outname);						// delete output file
 
 	snprintf(string,STRCHAR,"perl -v > %s",outname);	// test for perl
-	system(string);
+
+	int n = system(string);
+    UNUSED(n);
+
 	fptr=fopen(outname,"r");
 	if(!fptr) return 4;
 	remove(outname);
 
 	snprintf(string,STRCHAR,"perl %s %s %s",bng->bngss->BNG2path,filename,vflag?"":DEVNULL);
 	simLog(bng->bngss->sim,2," Running BNG2.pl on %s\n",filename);
-	system(string);							// generate network
+	n = system(string);							// generate network
 
 	fptr=fopen(outname,"r");		// check for output file
 	if(!fptr) return 3;					// output file was not written

source/Smoldyn/smolcmd.c

@@ -329,7 +329,8 @@ enum CMDcode cmdpause(simptr sim,cmdptr cmd,char *line2) {
 	if(line2 && !strcmp(line2,"cmdtype")) return CMDcontrol;
 	if(!sim->graphss || sim->graphss->graphics==0) {
 		fprintf(stderr,"Simulation paused at time %g.  Press enter to continue.",sim->time);
-		scanf("%c",&c);
+		int n = scanf("%c",&c);
+        UNUSED(n);
 		return CMDok; }
 	tflag=strchr(sim->flags,'t')?1:0;
 	SCMDCHECK(sim->graphss && sim->graphss->graphics!=0 && !tflag,"pause doesn't work without graphics");

source/Smoldyn/smoldyn.cpp

@@ -42,10 +42,11 @@ int main(int argc,char **argv) {
 		if(argc<=1) {
 			fprintf(stderr,"Welcome to Smoldyn version %s.\n\n",VERSION);
 			fprintf(stderr,"Enter name of configuration file: ");
-			fgets(root,STRCHAR,stdin);
+			char* _x=fgets(root,STRCHAR,stdin);
 			if(strchr(root,'\n')) *(strchr(root,'\n'))='\0';
 			fprintf(stderr,"Enter runtime flags (q=quiet, p=parameters only), or '-'=none: ");
-			fgets(flags,STRCHAR,stdin);
+			_x=fgets(flags,STRCHAR,stdin);
+            UNUSED(_x);
 			if(strchr(flags,'\n')) *(strchr(flags,'\n'))='\0'; }
 		if(argc>1) {
 			strncpy(root,argv[1],STRCHAR-1);
@@ -109,7 +110,7 @@ int main(int argc,char **argv) {
 				smolsimulategl(sim); }}
 		simfree(sim);
 		simfuncfree(); }
-	
+
 	catch (const char* errmsg) {
 		fprintf(stderr, "%s\n", errmsg);
 		exitCode = 1; }

source/Smoldyn/smoldyn.h

@@ -77,7 +77,7 @@ enum StructCond
 #ifndef __string2_h
 #define __string2_h
 
-#define STRCHAR 256
+#define STRCHAR 512
 #define STRCHARLONG 4000
 
 #endif

source/Smoldyn/smolsim.cpp

@@ -50,8 +50,8 @@ FILE *LogFile=NULL;
 // has to be bigger than ErrorString else compiler emits warning (for a good
 // reason).
 //
-char ErrorLineAndString[STRCHARLONG]="";
-char ErrorString[STRCHARLONG-STRCHAR-100]="";
+char ErrorLineAndString[STRCHARLONG+STRCHAR+100]="";
+char ErrorString[STRCHARLONG]="";
 
 int ErrorType=0;
 char SimFlags[STRCHAR]="";

source/libSteve/SimCommand.c

@@ -856,7 +856,8 @@ int scmdopenfiles(cmdssptr cmds,int overwrite) {
 					// When compiled for c++ binary.
 					char str2[STRCHAR];
 					fprintf(stderr,"Overwrite existing output file '%s' (y/n)? ",cmds->fname[fid]);
-					scanf("%s",str2);
+					int count = scanf("%s",str2);
+                    (void)count;
 					if(!(str2[0]=='y' || str2[0]=='Y')) return 1;
 #endif
 					}}

source/libSteve/SurfaceParam.c

@@ -13,6 +13,12 @@ files are unavailable */
 #include "math2.h"
 #include "random2.h"
 
+//
+// A macro to mark a variable unused. Supresses compiler warnings.
+//
+#define UNUSED(x)  (void)(x)
+
+
 
 /* Declarations for functions that are only used internally */
 double interpolate1D(double *xdata,double *ydata,int n,double x);
@@ -609,23 +615,26 @@ void xdfmaketableirrev(void) {
 	double *x,*xdfa,*xdfd,xlo,xhi,dx,flux1,flux2,slope1,slope2,intercept1,intercept2,probon,eps,xfitlo,xfithi;
 	int i,i2,n,ifitlo,ifithi,npon;
 	char ynmro[256],ynxdf[256];
+    int count=0;
 
 	fprintf(stderr,"Enter the number of position points for the concentration (e.g. 200): ");
-	scanf("%i",&n);
+	count=scanf("%i",&n);
 	if(iseven(n)) n++;
 	fprintf(stderr,"Enter low and high x values (e.g. -6 and 10): ");
-	scanf("%lf %lf",&xlo,&xhi);
+	count=scanf("%lf %lf",&xlo,&xhi);
 	fprintf(stderr,"Enter fit domain for x values (e.g. 3 and 7): ");
-	scanf("%lf %lf",&xfitlo,&xfithi);
+	count=scanf("%lf %lf",&xfitlo,&xfithi);
 	fprintf(stderr,"Enter epsilon (e.g. 0.0001): ");
-	scanf("%lf",&eps);
+	count=scanf("%lf",&eps);
 	fprintf(stderr,"Do you want machine readable output (y/n)? ");
-	scanf("%s",ynmro);
+	count=scanf("%s",ynmro);
 	if(ynmro[0]!='y') {
 		fprintf(stderr,"Do you want xdf output (y/n)? ");
-		scanf("%s",ynxdf); }
+		count=scanf("%s",ynxdf); }
 	else ynxdf[0]='n';
 
+    UNUSED(count);
+
 	x=(double*)calloc(n,sizeof(double));
 	xdfa=(double*)calloc(n,sizeof(double));
 	xdfd=(double*)calloc(n,sizeof(double));
@@ -683,18 +692,21 @@ void xdfmaketable(void) {
 	double eps,pon,kon,koff,poff,cs,*x,*xdfa,*xdfd,dx;
 	int i,i2,n,npon,npoff;
 	char yn[256];
+    int count=0;
 
 	fprintf(stderr,"\nFunction for calculating steady-state surface concentrations\n");
 	fprintf(stderr,"for various adsorption and desorption probabilities.\n\n");
 	fprintf(stderr,"Enter the number of position points for the concentration (e.g. 200): ");
-	scanf("%i",&n);
+	count=scanf("%i",&n);
 	if(n<10) {fprintf(stderr,"Value is too low.  Function stopped.\n");return; }
 	if(iseven(n)) n++;
 	fprintf(stderr,"Enter level of precision (e.g. 1e-4): ");
-	scanf("%lf",&eps);
+	count=scanf("%lf",&eps);
 	if(eps<=0) {fprintf(stderr,"Impossible precision.  Function stopped.\n");return; }
 	fprintf(stderr,"Do you want machine readable output (y/n)? ");
-	scanf("%s",yn);
+	count=scanf("%s",yn);
+
+    UNUSED(count);
 
 	x=(double*)calloc(n,sizeof(double));
 	xdfa=(double*)calloc(n,sizeof(double));
@@ -848,7 +860,7 @@ void xdfmaketable(void) {
 
 double experfcD(double x) {
 	double ans,xxinv;
-	
+
 	if(fabs(x)<20) ans=exp(x*x)*erfccD(x);
 	else {
 		xxinv=1.0/(x*x);

source/libSteve/parse.c

@@ -250,13 +250,13 @@ int Parse_CmdLineArg(int *argcptr,char **argv,ParseFilePtr pfp) {
 		replist=NULL;
 		ndefine=0;
 		maxdefine=0; }
-	
+
 	if(argcptr && *argcptr>0 && argv) {				// there are arguments for reading
 		argc=*argcptr;
 		argc2=argc/2;
 		if(!pfp && maxdefine-ndefine<argc2) {		// allocate space
 			newmax=ndefine+argc2;
-	
+
 			CHECK(newkeylist=(char **) calloc(newmax,sizeof(char*)));
 			for(i=0;i<newmax;i++) newkeylist[i]=NULL;
 			for(i=0;i<maxdefine;i++) newkeylist[i]=keylist[i];
@@ -294,9 +294,9 @@ int Parse_CmdLineArg(int *argcptr,char **argv,ParseFilePtr pfp) {
 				argc-=2;
 				i--; }
 		*argcptr=argc; }
-	
+
 	return 0;
-	
+
 failure:
 	return 1; }
 
@@ -461,10 +461,10 @@ int Parse_ReadLine(ParseFilePtr *pfpptr,char *word,char **line2ptr,char *erstr)
 		CHECKS(itct==1,"unable to read undefine key");
 		if(stringfind(pfp->defkey,pfp->ndef,str1)!=-1)
 			pfp->inifdef=1; }
-	
+
 	else if(!strcmp(word,"display_define")) {			// display_define
 		Parse_DisplayDefine(pfp); }
-		
+
 	else if(!strcmp(word,"else")) {								// else
 		pfp->inifdef=1; }
 

source/libSteve/rxnparam.c

@@ -923,6 +923,7 @@ void rdfmaketable() {
 	const double blob=0,bhib=1.0,bincb=0.1;					// b value low, high, increment for b<a
 	double *r,*rdfa,*rdfd,dr,s,b,flux,eps;
 	int i,n,done;
+    int count=0;
 	char mode,dir,string[256];
 
 	printf("Function for calculating radial diffusion functions (rdf) and reactive\n");
@@ -932,18 +933,18 @@ void rdfmaketable() {
 	printf("the binding radius, or (b) for other reversible reactions.  Enter this\n");
 	printf("mode in upper case for machine readable output.\n");
 	printf("Operation mode: ");
-	scanf("%s",string);
+	count=scanf("%s",string);
 	mode=string[0];
 	printf("Enter the number of radial points in the rdf (e.g. 200): ");
-	scanf("%i",&n);
+	count=scanf("%i",&n);
 	if(n<10) {
 		printf("Value is too low.  Function stopped.\n");return; }
 	printf("Enter level of precision (e.g. 1e-4): ");
-	scanf("%lf",&eps);
+	count=scanf("%lf",&eps);
 	if(eps<=0) {
 		printf("Impossible precision.  Function stopped.\n");return; }
 	printf("Enter u for increasing step lengths, d for decreasing: ");
-	scanf("%s",string);
+	count=scanf("%s",string);
 	dir=string[0];
 	if(dir=='d') {
 		s=slo;slo=shi;shi=s;
@@ -998,6 +999,7 @@ void rdfmaketable() {
 	free(r);
 	free(rdfa);
 	free(rdfd);
+    (void)count; // to keep compiler happy
 	return; }
 
 
@@ -1012,6 +1014,8 @@ void rdfmaketableprob() {
 	double *r,*rdfa,*rdfd,dr,s,b,prob,flux,eps;
 	int i,n,done,it,pindx;
 	char mode,dir,string[256];
+    int count=0;
+    (void)count;
 
 	printf("\nFunction for calculating radial diffusion functions (rdf) and reactive\n");
 	printf("fluxes for alternating reaction and diffusion steps.  This module\n");
@@ -1021,22 +1025,22 @@ void rdfmaketableprob() {
 	printf("inside the binding radius.  Enter this mode in upper case for machine\n");
 	printf("readable output.\n");
 	printf("Operation mode: ");
-	scanf("%s",string);
+	count=scanf("%s",string);
 	mode=string[0];
 	printf("Enter the number of radial points in the rdf (e.g. 200): ");
-	scanf("%i",&n);
+	count=scanf("%i",&n);
 	if(n<10) {
 		printf("Value is too low.  Function stopped.\n");return; }
 	printf("Enter level of precision (e.g. 1e-6): ");
-	scanf("%lf",&eps);
+	count=scanf("%lf",&eps);
 	if(eps<=0) {
 		printf("Impossible precision.  Function stopped.\n");return; }
 	if(mode=='b'||mode=='B') {
 		printf("Using decreasing step lengths because in mode b or B.\n");
 		dir='d'; }
 	else {
 		printf("Enter u for increasing step lengths, d for decreasing: ");
-		scanf("%s",string);
+		count=scanf("%s",string);
 		dir=string[0]; }
 	if(dir=='d') {
 		s=slo;slo=shi;shi=s;