aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@oracle.com>2013-02-16 10:42:23 -0800
committerUlrich Sibiller <uli42@gmx.de>2016-10-19 21:40:26 +0200
commitd31b81c1010b4259bb0caafdbd82483fabda787d (patch)
treecf22b086ce9a085a1bfd76db3433271964cc1628
parentd43f4c3980cb76f39167e18b20ccec23182ed582 (diff)
downloadnx-libs-d31b81c1010b4259bb0caafdbd82483fabda787d.tar.gz
nx-libs-d31b81c1010b4259bb0caafdbd82483fabda787d.tar.bz2
nx-libs-d31b81c1010b4259bb0caafdbd82483fabda787d.zip
Convert more sprintf calls to snprintf
You could analyze most of these and quickly recognize that there was no chance of buffer overflow already, but why make everyone spend time doing that when we can just make it obviously safe? Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
-rw-r--r--nx-X11/lib/X11/ErrDes.c9
-rw-r--r--nx-X11/lib/X11/GetDflt.c2
-rw-r--r--nx-X11/lib/X11/KeysymStr.c2
-rw-r--r--nx-X11/lib/X11/XlibInt.c8
4 files changed, 11 insertions, 10 deletions
diff --git a/nx-X11/lib/X11/ErrDes.c b/nx-X11/lib/X11/ErrDes.c
index ac13b480b..f13e3dce4 100644
--- a/nx-X11/lib/X11/ErrDes.c
+++ b/nx-X11/lib/X11/ErrDes.c
@@ -109,7 +109,7 @@ XGetErrorText(
if (nbytes == 0) return 0;
if (code <= BadImplementation && code > 0) {
- sprintf(buf, "%d", code);
+ snprintf(buf, sizeof(buf), "%d", code);
(void) XGetErrorDatabaseText(dpy, "XProtoError", buf,
_XErrorList + _XErrorOffsets[code],
buffer, nbytes);
@@ -125,11 +125,12 @@ XGetErrorText(
bext = ext;
}
if (!buffer[0] && bext) {
- sprintf(buf, "%s.%d", bext->name, code - bext->codes.first_error);
+ snprintf(buf, sizeof(buf), "%s.%d",
+ bext->name, code - bext->codes.first_error);
(void) XGetErrorDatabaseText(dpy, "XProtoError", buf, "", buffer, nbytes);
}
if (!buffer[0])
- sprintf(buffer, "%d", code);
+ snprintf(buffer, nbytes, "%d", code);
return 0;
}
@@ -190,7 +191,7 @@ XGetErrorDatabaseText(
else
tptr = Xmalloc (tlen);
if (tptr) {
- sprintf(tptr, "%s.%s", name, type);
+ snprintf(tptr, tlen, "%s.%s", name, type);
XrmGetResource(db, tptr, "ErrorType.ErrorNumber",
&type_str, &result);
if (tptr != temp)
diff --git a/nx-X11/lib/X11/GetDflt.c b/nx-X11/lib/X11/GetDflt.c
index 749893c7e..f2098dff3 100644
--- a/nx-X11/lib/X11/GetDflt.c
+++ b/nx-X11/lib/X11/GetDflt.c
@@ -87,7 +87,7 @@ GetHomeDir(
len2 = strlen (ptr2);
}
if ((len1 + len2 + 1) < len)
- sprintf (dest, "%s%s", ptr1, (ptr2) ? ptr2 : "");
+ snprintf (dest, len, "%s%s", ptr1, (ptr2) ? ptr2 : "");
else
*dest = '\0';
#else
diff --git a/nx-X11/lib/X11/KeysymStr.c b/nx-X11/lib/X11/KeysymStr.c
index 797cf53bd..ba6c8450a 100644
--- a/nx-X11/lib/X11/KeysymStr.c
+++ b/nx-X11/lib/X11/KeysymStr.c
@@ -107,7 +107,7 @@ char *XKeysymToString(KeySym ks)
XrmQuark empty = NULLQUARK;
GRNData data;
- sprintf(buf, "%lX", ks);
+ snprintf(buf, sizeof(buf), "%lX", ks);
resval.addr = (XPointer)buf;
resval.size = strlen(buf) + 1;
data.name = (char *)NULL;
diff --git a/nx-X11/lib/X11/XlibInt.c b/nx-X11/lib/X11/XlibInt.c
index 2d84c626d..1ecbaaa4f 100644
--- a/nx-X11/lib/X11/XlibInt.c
+++ b/nx-X11/lib/X11/XlibInt.c
@@ -3521,7 +3521,7 @@ static int _XPrintDefaultError(
mesg, BUFSIZ);
(void) fprintf(fp, mesg, event->request_code);
if (event->request_code < 128) {
- sprintf(number, "%d", event->request_code);
+ snprintf(number, sizeof(number), "%d", event->request_code);
XGetErrorDatabaseText(dpy, "XRequest", number, "", buffer, BUFSIZ);
} else {
for (ext = dpy->ext_procs;
@@ -3541,7 +3541,7 @@ static int _XPrintDefaultError(
fputs(" ", fp);
(void) fprintf(fp, mesg, event->minor_code);
if (ext) {
- sprintf(mesg, "%s.%d", ext->name, event->minor_code);
+ snprintf(mesg, sizeof(mesg), "%s.%d", ext->name, event->minor_code);
XGetErrorDatabaseText(dpy, "XRequest", mesg, "", buffer, BUFSIZ);
(void) fprintf(fp, " (%s)", buffer);
}
@@ -3564,8 +3564,8 @@ static int _XPrintDefaultError(
bext = ext;
}
if (bext)
- sprintf(buffer, "%s.%d", bext->name,
- event->error_code - bext->codes.first_error);
+ snprintf(buffer, sizeof(buffer), "%s.%d", bext->name,
+ event->error_code - bext->codes.first_error);
else
strcpy(buffer, "Value");
XGetErrorDatabaseText(dpy, mtype, buffer, "", mesg, BUFSIZ);