diff --git a/CHANGES b/CHANGES index bb714be460..57f3859074 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +1458. [cleanup] sprintf() -> snprintf(). + 1457. [port] Provide strlcat() and strlcpy() for platforms without them. diff --git a/lib/dns/byaddr.c b/lib/dns/byaddr.c index 6d2319b605..da97b9a98f 100644 --- a/lib/dns/byaddr.c +++ b/lib/dns/byaddr.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: byaddr.c,v 1.32 2002/08/27 04:53:42 marka Exp $ */ +/* $Id: byaddr.c,v 1.33 2003/04/11 07:25:24 marka Exp $ */ #include @@ -98,11 +98,12 @@ dns_byaddr_createptrname2(isc_netaddr_t *address, unsigned int options, bytes = (unsigned char *)(&address->type); if (address->family == AF_INET) { - (void)sprintf(textname, "%u.%u.%u.%u.in-addr.arpa.", - (bytes[3] & 0xff), - (bytes[2] & 0xff), - (bytes[1] & 0xff), - (bytes[0] & 0xff)); + (void)snprintf(textname, sizeof(textname), + "%u.%u.%u.%u.in-addr.arpa.", + (bytes[3] & 0xff), + (bytes[2] & 0xff), + (bytes[1] & 0xff), + (bytes[0] & 0xff)); } else if (address->family == AF_INET6) { cp = textname; for (i = 15; i >= 0; i--) { diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index fb9133fae9..79977cc970 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: masterdump.c,v 1.66 2003/01/22 06:37:04 marka Exp $ */ +/* $Id: masterdump.c,v 1.67 2003/04/11 07:25:24 marka Exp $ */ #include @@ -375,7 +375,8 @@ rdataset_totext(dns_rdataset_t *rdataset, unsigned int length; INDENT_TO(ttl_column); - length = sprintf(ttlbuf, "%u", rdataset->ttl); + length = snprintf(ttlbuf, sizeof(ttlbuf), "%u", + rdataset->ttl); INSIST(length <= sizeof(ttlbuf)); isc_buffer_availableregion(target, &r); if (r.length < length) diff --git a/lib/dns/message.c b/lib/dns/message.c index dfaa505d18..8b6be17f65 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.216 2003/01/24 04:25:53 marka Exp $ */ +/* $Id: message.c,v 1.217 2003/04/11 07:25:25 marka Exp $ */ /*** *** Imports @@ -3023,7 +3023,7 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, ", status: "); ADD_STRING(target, rcodetext[msg->rcode]); ADD_STRING(target, ", id: "); - sprintf(buf, "%6u", msg->id); + snprintf(buf, sizeof(buf), "%6u", msg->id); ADD_STRING(target, buf); ADD_STRING(target, "\n;; flags: "); if ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) @@ -3045,24 +3045,28 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, } else { ADD_STRING(target, "; ZONE: "); } - sprintf(buf, "%1u", msg->counts[DNS_SECTION_QUESTION]); + snprintf(buf, sizeof(buf), "%1u", + msg->counts[DNS_SECTION_QUESTION]); ADD_STRING(target, buf); if (msg->opcode != dns_opcode_update) { ADD_STRING(target, ", ANSWER: "); } else { ADD_STRING(target, ", PREREQ: "); } - sprintf(buf, "%1u", msg->counts[DNS_SECTION_ANSWER]); + snprintf(buf, sizeof(buf), "%1u", + msg->counts[DNS_SECTION_ANSWER]); ADD_STRING(target, buf); if (msg->opcode != dns_opcode_update) { ADD_STRING(target, ", AUTHORITY: "); } else { ADD_STRING(target, ", UPDATE: "); } - sprintf(buf, "%1u", msg->counts[DNS_SECTION_AUTHORITY]); + snprintf(buf, sizeof(buf), "%1u", + msg->counts[DNS_SECTION_AUTHORITY]); ADD_STRING(target, buf); ADD_STRING(target, ", ADDITIONAL: "); - sprintf(buf, "%1u", msg->counts[DNS_SECTION_ADDITIONAL]); + snprintf(buf, sizeof buf, "%1u", + msg->counts[DNS_SECTION_ADDITIONAL]); ADD_STRING(target, buf); ADD_STRING(target, "\n"); } diff --git a/lib/dns/name.c b/lib/dns/name.c index d186034d76..86a6c45224 100644 --- a/lib/dns/name.c +++ b/lib/dns/name.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.c,v 1.138 2003/01/08 04:42:22 marka Exp $ */ +/* $Id: name.c,v 1.139 2003/04/11 07:25:25 marka Exp $ */ #include @@ -1221,10 +1221,12 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, trem--; nlen--; } else { + char buf[5]; if (trem < 4) return (ISC_R_NOSPACE); - sprintf(tdata, "\\%03u", - c); + snprintf(buf, sizeof(buf), + "\\%03u", c); + memcpy(tdata, buf, 4); tdata += 4; trem -= 4; ndata++; diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index e3108d8cd2..d2c9c2cd74 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdata.c,v 1.173 2003/01/18 02:40:59 marka Exp $ */ +/* $Id: rdata.c,v 1.174 2003/04/11 07:25:25 marka Exp $ */ #include #include @@ -782,11 +782,11 @@ rdata_totext(dns_rdata_t *rdata, dns_rdata_textctx_t *tctx, TOTEXTSWITCH if (use_default) { - sprintf(buf, "\\# "); + strlcpy(buf, "\\# ", sizeof(buf)); result = str_totext(buf, target); dns_rdata_toregion(rdata, &sr); INSIST(sr.length < 65536); - sprintf(buf, "%u", sr.length); + snprintf(buf, sizeof(buf), "%u", sr.length); result = str_totext(buf, target); if (sr.length != 0 && result == ISC_R_SUCCESS) { if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) @@ -1037,7 +1037,7 @@ dns_mnemonic_totext(unsigned int value, isc_buffer_t *target, } i++; } - sprintf(buf, "%u", value); + snprintf(buf, sizeof buf, "%u", value); return (str_totext(buf, target)); } @@ -1122,7 +1122,7 @@ dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t *target) { case dns_rdataclass_reserved0: return (str_totext("RESERVED0", target)); default: - sprintf(buf, "CLASS%u", rdclass); + snprintf(buf, sizeof(buf), "CLASS%u", rdclass); return (str_totext(buf, target)); } } @@ -1197,7 +1197,7 @@ dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target) { char buf[sizeof("TYPE65536")]; if (type > 255) { - sprintf(buf, "TYPE%u", type); + snprintf(buf, sizeof buf, "TYPE%u", type); return (str_totext(buf, target)); } @@ -1377,7 +1377,7 @@ txt_totext(isc_region_t *source, isc_buffer_t *target) { if (*sp < 0x20 || *sp >= 0x7f) { if (tl < 4) return (ISC_R_NOSPACE); - sprintf(tp, "\\%03u", *sp++); + snprintf(tp, 5, "\\%03u", *sp++); tp += 4; tl -= 4; continue; @@ -1936,7 +1936,7 @@ btoa_totext(unsigned char *inbuf, int inbuflen, isc_buffer_t *target) { * Put byte count and checksum information at end of buffer, * delimited by 'x' */ - sprintf(buf, "x %d %x %x %x", inbuflen, Ceor, Csum, Crot); + snprintf(buf, sizeof(buf), "x %d %x %x %x", inbuflen, Ceor, Csum, Crot); return (str_totext(buf, target)); } diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index f626503dfd..4e92ec1d22 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.262 2003/02/26 22:54:28 marka Exp $ */ +/* $Id: resolver.c,v 1.263 2003/04/11 07:25:25 marka Exp $ */ #include @@ -5295,7 +5295,7 @@ dns_resolver_create(dns_view_t *view, DESTROYLOCK(&res->buckets[i].lock); goto cleanup_buckets; } - sprintf(name, "res%u", i); + snprintf(name, sizeof(name), "res%u", i); isc_task_setname(res->buckets[i].task, name, res); ISC_LIST_INIT(res->buckets[i].fctxs); res->buckets[i].exiting = ISC_FALSE; diff --git a/lib/dns/time.c b/lib/dns/time.c index a6306f02b9..d6d93cc184 100644 --- a/lib/dns/time.c +++ b/lib/dns/time.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: time.c,v 1.22 2002/11/12 19:50:51 marka Exp $ */ +/* $Id: time.c,v 1.23 2003/04/11 07:25:27 marka Exp $ */ #include @@ -74,10 +74,10 @@ dns_time64_totext(isc_int64_t t, isc_buffer_t *target) { tm.tm_min++; } tm.tm_sec = (int)t; - /* yy mm dd HH MM SS */ - sprintf(buf, "%04d%02d%02d%02d%02d%02d", - tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, - tm.tm_hour, tm.tm_min, tm.tm_sec); + /* yyyy mm dd HH MM SS */ + snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d%02d", + tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, + tm.tm_hour, tm.tm_min, tm.tm_sec); isc_buffer_availableregion(target, ®ion); l = strlen(buf); diff --git a/lib/isc/lex.c b/lib/isc/lex.c index 1a83b981e9..b8ea8ac1e6 100644 --- a/lib/isc/lex.c +++ b/lib/isc/lex.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: lex.c,v 1.75 2002/03/11 05:38:27 marka Exp $ */ +/* $Id: lex.c,v 1.76 2003/04/11 07:25:27 marka Exp $ */ #include @@ -251,8 +251,7 @@ isc_lex_openstream(isc_lex_t *lex, FILE *stream) { REQUIRE(VALID_LEX(lex)); - /* This is safe. */ - sprintf(name, "stream-%p", stream); + snprintf(name, sizeof(name), "stream-%p", stream); return (new_source(lex, ISC_TRUE, ISC_FALSE, stream, name)); } @@ -267,8 +266,7 @@ isc_lex_openbuffer(isc_lex_t *lex, isc_buffer_t *buffer) { REQUIRE(VALID_LEX(lex)); - /* This is safe. */ - sprintf(name, "buffer-%p", buffer); + snprintf(name, sizeof(name), "buffer-%p", buffer); return (new_source(lex, ISC_FALSE, ISC_FALSE, buffer, name)); } diff --git a/lib/isc/log.c b/lib/isc/log.c index 539e1867c0..f0aecaa722 100644 --- a/lib/isc/log.c +++ b/lib/isc/log.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: log.c,v 1.80 2002/11/29 01:42:18 marka Exp $ */ +/* $Id: log.c,v 1.81 2003/04/11 07:25:28 marka Exp $ */ /* Principal Authors: DCL */ @@ -1492,18 +1492,19 @@ isc_log_doit(isc_log_t *lctx, isc_logcategory_t *category, if ((channel->flags & ISC_LOG_PRINTLEVEL) != 0 && level_string[0] == '\0') { if (level < ISC_LOG_CRITICAL) - sprintf(level_string, - isc_msgcat_get(isc_msgcat, - ISC_MSGSET_LOG, - ISC_MSG_LEVEL, - "level %d: "), - level); + snprintf(level_string, sizeof(level_string), + isc_msgcat_get(isc_msgcat, + ISC_MSGSET_LOG, + ISC_MSG_LEVEL, + "level %d: "), + level); else if (level > ISC_LOG_DYNAMIC) - sprintf(level_string, "%s %d: ", - log_level_strings[0], level); + snprintf(level_string, sizeof(level_string), + "%s %d: ", log_level_strings[0], + level); else - sprintf(level_string, "%s: ", - log_level_strings[-level]); + snprintf(level_string, sizeof(level_string), + "%s: ", log_level_strings[-level]); } /* diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c index 55837d1e22..89754059bb 100644 --- a/lib/isc/sockaddr.c +++ b/lib/isc/sockaddr.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sockaddr.c,v 1.55 2002/10/24 03:52:33 marka Exp $ */ +/* $Id: sockaddr.c,v 1.56 2003/04/11 07:25:28 marka Exp $ */ #include @@ -120,10 +120,10 @@ isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { */ switch (sockaddr->type.sa.sa_family) { case AF_INET: - sprintf(pbuf, "%u", ntohs(sockaddr->type.sin.sin_port)); + snprintf(pbuf, sizeof(pbuf), "%u", ntohs(sockaddr->type.sin.sin_port)); break; case AF_INET6: - sprintf(pbuf, "%u", ntohs(sockaddr->type.sin6.sin6_port)); + snprintf(pbuf, sizeof(pbuf), "%u", ntohs(sockaddr->type.sin6.sin6_port)); break; default: return (ISC_R_FAILURE); diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index 26b51c4f67..5ddc4c7459 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -16,7 +16,7 @@ * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: cc.c,v 1.6 2002/03/15 04:54:58 marka Exp $ */ +/* $Id: cc.c,v 1.7 2003/04/11 07:25:28 marka Exp $ */ #include @@ -647,7 +647,7 @@ isccc_cc_defineuint32(isccc_sexpr_t *alist, const char *key, isc_uint32_t i) size_t len; isccc_region_t r; - sprintf(b, "%u", i); + snprintf(b, sizeof(b), "%u", i); len = strlen(b); r.rstart = (unsigned char *)b; r.rend = (unsigned char *)b + len; @@ -792,7 +792,7 @@ isccc_cc_checkdup(isccc_symtab_t *symtab, isccc_sexpr_t *message, key = malloc(len); if (key == NULL) return (ISC_R_NOMEMORY); - sprintf(key, "%s;%s;%s;%s", _frm, _to, _ser, _tim); + snprintf(key, len, "%s;%s;%s;%s", _frm, _to, _ser, _tim); value.as_uinteger = now; result = isccc_symtab_define(symtab, key, ISCCC_SYMTYPE_CCDUP, value, isccc_symexists_reject); diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 5e4b9e9c50..905838047a 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: parser.c,v 1.106 2003/04/10 02:16:11 marka Exp $ */ +/* $Id: parser.c,v 1.107 2003/04/11 07:25:28 marka Exp $ */ #include @@ -645,7 +645,8 @@ cfg_obj_asuint64(cfg_obj_t *obj) { void cfg_print_uint64(cfg_printer_t *pctx, cfg_obj_t *obj) { char buf[32]; - sprintf(buf, "%" ISC_PRINT_QUADFORMAT "u", obj->value.uint64); + snprintf(buf, sizeof(buf), "%" ISC_PRINT_QUADFORMAT "u", + obj->value.uint64); cfg_print_cstr(pctx, buf); } @@ -2101,13 +2102,16 @@ parser_complain(cfg_parser_t *pctx, isc_boolean_t is_warning, static char message[2048]; int level = ISC_LOG_ERROR; const char *prep = ""; + size_t len; if (is_warning) level = ISC_LOG_WARNING; - sprintf(where, "%s:%u: ", current_file(pctx), pctx->line); + snprintf(where, sizeof(where), "%s:%u: ", + current_file(pctx), pctx->line); - if ((unsigned int)vsprintf(message, format, args) >= sizeof(message)) + len = vsnprintf(message, sizeof(message), format, args); + if (len >= sizeof(message)) FATAL_ERROR(__FILE__, __LINE__, "error message would overflow"); diff --git a/lib/lwres/getnameinfo.c b/lib/lwres/getnameinfo.c index 42daf8d8be..473fcf3ca5 100644 --- a/lib/lwres/getnameinfo.c +++ b/lib/lwres/getnameinfo.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: getnameinfo.c,v 1.30 2001/07/10 18:25:43 gson Exp $ */ +/* $Id: getnameinfo.c,v 1.31 2003/04/11 07:25:29 marka Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -172,7 +172,7 @@ lwres_getnameinfo(const struct sockaddr *sa, size_t salen, char *host, */ } else if ((flags & NI_NUMERICSERV) != 0 || (sp = getservbyport(port, proto)) == NULL) { - sprintf(numserv, "%d", ntohs(port)); + snprintf(numserv, sizeof(numserv), "%d", ntohs(port)); if ((strlen(numserv) + 1) > servlen) ERR(ENI_MEMORY); strcpy(serv, numserv); diff --git a/lib/lwres/lwinetntop.c b/lib/lwres/lwinetntop.c index 3281a36e6b..6c73f79f58 100644 --- a/lib/lwres/lwinetntop.c +++ b/lib/lwres/lwinetntop.c @@ -17,7 +17,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char rcsid[] = - "$Id: lwinetntop.c,v 1.10 2001/11/27 01:56:32 gson Exp $"; + "$Id: lwinetntop.c,v 1.11 2003/04/11 07:25:30 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -83,9 +83,10 @@ static const char * inet_ntop4(const unsigned char *src, char *dst, size_t size) { static const char fmt[] = "%u.%u.%u.%u"; char tmp[sizeof("255.255.255.255")]; + size_t len; - if ((size_t)sprintf(tmp, fmt, src[0], src[1], src[2], src[3]) >= size) - { + len = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]); + if (len >= size) { errno = ENOSPC; return (NULL); } @@ -170,7 +171,7 @@ inet_ntop6(const unsigned char *src, char *dst, size_t size) { tp += strlen(tp); break; } - tp += sprintf(tp, "%x", words[i]); + tp += sprintf(tp, "%x", words[i]); /* XXX */ } /* Was it a trailing run of 0x00's? */ if (best.base != -1 && (best.base + best.len) == diff --git a/lib/tests/t_api.c b/lib/tests/t_api.c index ea6a4deb23..f68eaffe9f 100644 --- a/lib/tests/t_api.c +++ b/lib/tests/t_api.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: t_api.c,v 1.49 2002/08/27 04:53:43 marka Exp $ */ +/* $Id: t_api.c,v 1.50 2003/04/11 07:25:31 marka Exp $ */ #include @@ -253,7 +253,7 @@ main(int argc, char **argv) { * Output start stanza to journal. */ - sprintf(T_buf, "%s:", argv[0]); + snprintf(T_buf, sizeof(T_buf), "%s:", argv[0]); len = strlen(T_buf); (void) t_getdate(T_buf + len, T_BIGBUF - len); t_putinfo("S", T_buf); @@ -334,7 +334,7 @@ main(int argc, char **argv) { ++tnum; } - sprintf(T_buf, "%s:", argv[0]); + snprintf(T_buf, sizeof(T_buf), "%s:", argv[0]); len = strlen(T_buf); (void) t_getdate(T_buf + len, T_BIGBUF - len); t_putinfo("E", T_buf); @@ -353,7 +353,7 @@ t_assert(const char *component, int anum, int class, const char *what, ...) { * Format text to a buffer. */ va_start(args, what); - (void)vsprintf(T_buf, what, args); + (void)vsnprintf(T_buf, sizeof(T_buf), what, args); va_end(args); (void)t_putinfo("A", T_buf); @@ -365,7 +365,7 @@ t_info(const char *format, ...) { va_list args; va_start(args, format); - (void) vsprintf(T_buf, format, args); + (void) vsnprintf(T_buf, sizeof(T_buf), format, args); va_end(args); (void) t_putinfo("I", T_buf); }