From a009d03a1abf73c8146c1696ce1100e62c3b9dbb Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Tue, 3 Oct 2017 14:54:19 +1100 Subject: [PATCH] 4748. [cleanup] Sprintf to snprintf coversions. [RT #46132] --- CHANGES | 2 ++ bin/dnssec/dnssec-signzone.c | 9 +++--- bin/named/server.c | 12 +++----- bin/named/statschannel.c | 4 +-- bin/tests/nsecify.c | 2 +- bin/tests/rwlock_test.c | 2 +- bin/tests/sock_test.c | 4 +-- lib/dns/dst_api.c | 5 +-- lib/dns/gssapictx.c | 8 +++-- lib/dns/private.c | 2 +- lib/dns/rdata.c | 2 +- lib/dns/rdata/any_255/tsig_250.c | 8 ++--- lib/dns/rdata/ch_3/a_1.c | 2 +- lib/dns/rdata/generic/afsdb_18.c | 2 +- lib/dns/rdata/generic/cert_37.c | 2 +- lib/dns/rdata/generic/csync_62.c | 4 +-- lib/dns/rdata/generic/ds_43.c | 6 ++-- lib/dns/rdata/generic/hip_55.c | 2 +- lib/dns/rdata/generic/ipseckey_45.c | 6 ++-- lib/dns/rdata/generic/key_25.c | 9 +++--- lib/dns/rdata/generic/keydata_65533.c | 9 +++--- lib/dns/rdata/generic/l32_105.c | 2 +- lib/dns/rdata/generic/l64_106.c | 12 ++++---- lib/dns/rdata/generic/loc_29.c | 44 ++++++++++++++++----------- lib/dns/rdata/generic/lp_107.c | 2 +- lib/dns/rdata/generic/mx_15.c | 2 +- lib/dns/rdata/generic/naptr_35.c | 4 +-- lib/dns/rdata/generic/nid_104.c | 12 ++++---- lib/dns/rdata/generic/nsec3_50.c | 6 ++-- lib/dns/rdata/generic/nsec3param_51.c | 6 ++-- lib/dns/rdata/generic/nxt_30.c | 3 +- lib/dns/rdata/generic/opt_41.c | 2 +- lib/dns/rdata/generic/rrsig_46.c | 12 ++++---- lib/dns/rdata/generic/rt_21.c | 2 +- lib/dns/rdata/generic/sig_24.c | 10 +++--- lib/dns/rdata/generic/sink_40.c | 2 +- lib/dns/rdata/generic/soa_6.c | 2 +- lib/dns/rdata/generic/sshfp_44.c | 4 +-- lib/dns/rdata/generic/tkey_249.c | 12 ++++---- lib/dns/rdata/generic/tlsa_52.c | 6 ++-- lib/dns/rdata/generic/uri_256.c | 4 +-- lib/dns/rdata/in_1/a6_38.c | 2 +- lib/dns/rdata/in_1/kx_36.c | 2 +- lib/dns/rdata/in_1/nsap_22.c | 2 +- lib/dns/rdata/in_1/px_26.c | 2 +- lib/dns/rdata/in_1/wks_11.c | 5 +-- lib/isc/httpd.c | 26 ++++++++++------ lib/isc/inet_ntop.c | 9 ++++-- lib/isc/log.c | 11 ++++--- lib/isc/mem.c | 2 +- lib/isc/task.c | 2 +- lib/isc/unix/ifiter_ioctl.c | 3 +- lib/isc/unix/socket.c | 2 +- lib/isc/win32/socket.c | 2 +- lib/isccfg/parser.c | 4 +-- 55 files changed, 179 insertions(+), 146 deletions(-) diff --git a/CHANGES b/CHANGES index 9d1d012223..268140e4b2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +4748. [cleanup] Sprintf to snprintf coversions. [RT #46132] + 4747. [func] Synthesis of responses from DNSSEC-verified records. Stage 3 - synthesize NODATA responses. [RT #40138] diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 54b19cd58c..82985f407d 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -2813,7 +2813,7 @@ writeset(const char *prefix, dns_rdatatype_t type) { if (filename == NULL) fatal("out of memory"); if (dsdir != NULL) - sprintf(filename, "%s/", dsdir); + snprintf(filename, filenamelen, "%s/", dsdir); else filename[0] = 0; strlcat(filename, prefix, filenamelen); @@ -3490,12 +3490,13 @@ main(int argc, char *argv[]) { origin = file; if (output == NULL) { + size_t size; free_output = ISC_TRUE; - output = isc_mem_allocate(mctx, - strlen(file) + strlen(".signed") + 1); + size = strlen(file) + strlen(".signed") + 1; + output = isc_mem_allocate(mctx, size); if (output == NULL) fatal("out of memory"); - sprintf(output, "%s.signed", file); + snprintf(output, size, "%s.signed", file); } if (inputformatstr != NULL) { diff --git a/bin/named/server.c b/bin/named/server.c index f16a05eac2..9a0ab4cc04 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -1790,8 +1790,8 @@ dns64_reverse(dns_view_t *view, isc_mem_t *mctx, isc_netaddr_t *na, unsigned int prefixlen, const char *server, const char *contact) { - char *cp; - char reverse[48+sizeof("ip6.arpa.")]; + char reverse[48+sizeof("ip6.arpa.")] = { 0 }; + char buf[sizeof("x.x.")]; const char *dns64_dbtype[4] = { "_dns64", "dns64", ".", "." }; const char *sep = ": view "; const char *viewname = view->name; @@ -1814,15 +1814,13 @@ dns64_reverse(dns_view_t *view, isc_mem_t *mctx, isc_netaddr_t *na, /* * Construct the reverse name of the zone. */ - cp = reverse; s6 = na->type.in6.s6_addr; while (prefixlen > 0) { prefixlen -= 8; - sprintf(cp, "%x.%x.", s6[prefixlen/8] & 0xf, - (s6[prefixlen/8] >> 4) & 0xf); - cp += 4; + snprintf(buf, sizeof(buf), "%x.%x.", s6[prefixlen/8] & 0xf, + (s6[prefixlen/8] >> 4) & 0xf); + strlcat(reverse, buf, sizeof(reverse)); } - strlcat(reverse, "ip6.arpa.", sizeof(reverse)); /* diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index 7a31f444e4..848d5e0e03 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -1270,8 +1270,8 @@ rdatasetstats_dump(dns_rdatastatstype_t type, isc_uint64_t val, void *arg) { case isc_statsformat_json: #ifdef HAVE_JSON zoneobj = (json_object *) dumparg->arg; - sprintf(buf, "%s%s%s", stale ? "#" : "", - nxrrset ? "!" : "", typestr); + snprintf(buf, sizeof(buf), "%s%s%s", + stale ? "#" : "", nxrrset ? "!" : "", typestr); obj = json_object_new_int64(val); if (obj == NULL) return; diff --git a/bin/tests/nsecify.c b/bin/tests/nsecify.c index ec30c21e6c..b420fe60c0 100644 --- a/bin/tests/nsecify.c +++ b/bin/tests/nsecify.c @@ -179,7 +179,7 @@ nsecify(char *filename) { len = strlen(filename); if (len + 4 + 1 > sizeof(newfilename)) fatal("filename too long"); - sprintf(newfilename, "%s.new", filename); + snprintf(newfilename, sizeof(newfilename), "%s.new", filename); result = dns_db_dump(db, NULL, newfilename); check_result(result, "dns_db_dump"); dns_db_detach(&db); diff --git a/bin/tests/rwlock_test.c b/bin/tests/rwlock_test.c index 44f33e7d57..781a8804cd 100644 --- a/bin/tests/rwlock_test.c +++ b/bin/tests/rwlock_test.c @@ -109,7 +109,7 @@ main(int argc, char *argv[]) { RUNTIME_CHECK(isc_rwlock_init(&lock, 5, 10) == ISC_R_SUCCESS); for (i = 0; i < nworkers; i++) { - sprintf(name, "%02u", i); + snprintf(name, sizeof(name), "%02u", i); dupname = strdup(name); RUNTIME_CHECK(dupname != NULL); if (i != 0 && i % 3 == 0) diff --git a/bin/tests/sock_test.c b/bin/tests/sock_test.c index 64a518c4c6..8463414c1c 100644 --- a/bin/tests/sock_test.c +++ b/bin/tests/sock_test.c @@ -102,8 +102,8 @@ my_recv(isc_task_t *task, isc_event_t *event) { */ if (strcmp(event->ev_arg, "so2") != 0) { region = dev->region; - sprintf(buf, "\r\nReceived: %.*s\r\n\r\n", - (int)dev->n, (char *)region.base); + snprintf(buf, sizeof(buf), "\r\nReceived: %.*s\r\n\r\n", + (int)dev->n, (char *)region.base); region.base = isc_mem_get(mctx, strlen(buf) + 1); if (region.base != NULL) { region.length = strlen(buf) + 1; diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 107215ff51..76212bf5aa 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -1878,8 +1878,9 @@ buildfilename(dns_name_t *name, dns_keytag_t id, len = 1 + 3 + 1 + 5 + strlen(suffix) + 1; if (isc_buffer_availablelength(out) < len) return (ISC_R_NOSPACE); - sprintf((char *) isc_buffer_used(out), "+%03d+%05d%s", alg, id, - suffix); + snprintf((char *) isc_buffer_used(out), + (int)isc_buffer_availablelength(out), + "+%03d+%05d%s", alg, id, suffix); isc_buffer_add(out, len); return (ISC_R_SUCCESS); diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index d2fe9de23c..b15d3db1de 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -695,10 +695,14 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, */ const char *old = getenv("KRB5_KTNAME"); if (old == NULL || strcmp(old, gssapi_keytab) != 0) { - char *kt = malloc(strlen(gssapi_keytab) + 13); + size_t size; + char *kt; + + size = strlen(gssapi_keytab) + 13; + kt = malloc(size); if (kt == NULL) return (ISC_R_NOMEMORY); - sprintf(kt, "KRB5_KTNAME=%s", gssapi_keytab); + snprintf(kt, size, "KRB5_KTNAME=%s", gssapi_keytab); if (putenv(kt) != 0) return (ISC_R_NOMEMORY); } diff --git a/lib/dns/private.c b/lib/dns/private.c index 02e0280b4b..a305d8a22b 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -351,7 +351,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putstr(buf, "Signing with "); dns_secalg_format(alg, algbuf, sizeof(algbuf)); - sprintf(keybuf, "key %d/%s", keyid, algbuf); + snprintf(keybuf, sizeof(keybuf), "key %d/%s", keyid, algbuf); isc_buffer_putstr(buf, keybuf); } else return (ISC_R_NOTFOUND); diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index f1c86e2dbf..27b959ea01 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -522,7 +522,7 @@ typemap_totext(isc_region_t *sr, dns_rdata_textctx_t *tctx, RETERR(dns_rdatatype_totext(t, target)); } else { char buf[sizeof("TYPE65535")]; - sprintf(buf, "TYPE%u", t); + snprintf(buf, sizeof(buf), "TYPE%u", t); RETERR(str_totext(buf, target)); } } diff --git a/lib/dns/rdata/any_255/tsig_250.c b/lib/dns/rdata/any_255/tsig_250.c index 96bae4bb34..30a0cff42f 100644 --- a/lib/dns/rdata/any_255/tsig_250.c +++ b/lib/dns/rdata/any_255/tsig_250.c @@ -174,7 +174,7 @@ totext_any_tsig(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -182,7 +182,7 @@ totext_any_tsig(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u", n); + snprintf(buf, sizeof(buf), "%u", n); RETERR(str_totext(buf, target)); /* @@ -210,7 +210,7 @@ totext_any_tsig(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -225,7 +225,7 @@ totext_any_tsig(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, " %u ", n); + snprintf(buf, sizeof(buf), " %u ", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/ch_3/a_1.c b/lib/dns/rdata/ch_3/a_1.c index b56d711cac..1f2a0b5af2 100644 --- a/lib/dns/rdata/ch_3/a_1.c +++ b/lib/dns/rdata/ch_3/a_1.c @@ -80,7 +80,7 @@ totext_ch_a(ARGS_TOTEXT) { sub = name_prefix(&name, tctx->origin, &prefix); RETERR(dns_name_totext(&prefix, sub, target)); - sprintf(buf, "%o", addr); /* note octal */ + snprintf(buf, sizeof(buf), "%o", addr); /* note octal */ RETERR(str_totext(" ", target)); return (str_totext(buf, target)); } diff --git a/lib/dns/rdata/generic/afsdb_18.c b/lib/dns/rdata/generic/afsdb_18.c index ae13042c6f..66ee99d646 100644 --- a/lib/dns/rdata/generic/afsdb_18.c +++ b/lib/dns/rdata/generic/afsdb_18.c @@ -77,7 +77,7 @@ totext_afsdb(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u ", num); + snprintf(buf, sizeof(buf), "%u ", num); RETERR(str_totext(buf, target)); dns_name_fromregion(&name, ®ion); sub = name_prefix(&name, tctx->origin, &prefix); diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index 3b01ce2f26..b7743b9cba 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -85,7 +85,7 @@ totext_cert(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/csync_62.c b/lib/dns/rdata/generic/csync_62.c index 66a21bb691..324c4c16e5 100644 --- a/lib/dns/rdata/generic/csync_62.c +++ b/lib/dns/rdata/generic/csync_62.c @@ -56,14 +56,14 @@ totext_csync(ARGS_TOTEXT) { num = uint32_fromregion(&sr); isc_region_consume(&sr, 4); - sprintf(buf, "%lu", num); + snprintf(buf, sizeof(buf), "%lu", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); num = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu", num); + snprintf(buf, sizeof(buf), "%lu", num); RETERR(str_totext(buf, target)); return (typemap_totext(&sr, NULL, target)); diff --git a/lib/dns/rdata/generic/ds_43.c b/lib/dns/rdata/generic/ds_43.c index 58d5410f99..a7acebceea 100644 --- a/lib/dns/rdata/generic/ds_43.c +++ b/lib/dns/rdata/generic/ds_43.c @@ -111,7 +111,7 @@ generic_totext_ds(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -119,7 +119,7 @@ generic_totext_ds(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -127,7 +127,7 @@ generic_totext_ds(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u", n); + snprintf(buf, sizeof(buf), "%u", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/hip_55.c b/lib/dns/rdata/generic/hip_55.c index 034deb584a..4f1689327c 100644 --- a/lib/dns/rdata/generic/hip_55.c +++ b/lib/dns/rdata/generic/hip_55.c @@ -140,7 +140,7 @@ totext_hip(ARGS_TOTEXT) { /* * Algorithm */ - sprintf(buf, "%u ", algorithm); + snprintf(buf, sizeof(buf), "%u ", algorithm); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 5a9eeab899..5ea3ae18cd 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -134,7 +134,7 @@ totext_ipseckey(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint8_fromregion(®ion); isc_region_consume(®ion, 1); - sprintf(buf, "%u ", num); + snprintf(buf, sizeof(buf), "%u ", num); RETERR(str_totext(buf, target)); /* @@ -142,7 +142,7 @@ totext_ipseckey(ARGS_TOTEXT) { */ gateway = uint8_fromregion(®ion); isc_region_consume(®ion, 1); - sprintf(buf, "%u ", gateway); + snprintf(buf, sizeof(buf), "%u ", gateway); RETERR(str_totext(buf, target)); /* @@ -150,7 +150,7 @@ totext_ipseckey(ARGS_TOTEXT) { */ num = uint8_fromregion(®ion); isc_region_consume(®ion, 1); - sprintf(buf, "%u ", num); + snprintf(buf, sizeof(buf), "%u ", num); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 97275e01d0..c63b303ac2 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -85,7 +85,7 @@ generic_totext_key(ARGS_TOTEXT) { /* flags */ flags = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u", flags); + snprintf(buf, sizeof(buf), "%u", flags); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); if ((flags & DNS_KEYFLAG_KSK) != 0) { @@ -98,14 +98,14 @@ generic_totext_key(ARGS_TOTEXT) { /* protocol */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); /* algorithm */ algorithm = sr.base[0]; - sprintf(buf, "%u", algorithm); + snprintf(buf, sizeof(buf), "%u", algorithm); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); @@ -161,7 +161,8 @@ generic_totext_key(ARGS_TOTEXT) { RETERR(str_totext(algbuf, target)); RETERR(str_totext(" ; key id = ", target)); dns_rdata_toregion(rdata, &tmpr); - sprintf(buf, "%u", dst_region_computeid(&tmpr, algorithm)); + snprintf(buf, sizeof(buf), "%u", + dst_region_computeid(&tmpr, algorithm)); RETERR(str_totext(buf, target)); } return (ISC_R_SUCCESS); diff --git a/lib/dns/rdata/generic/keydata_65533.c b/lib/dns/rdata/generic/keydata_65533.c index 60933047d4..6ddf289033 100644 --- a/lib/dns/rdata/generic/keydata_65533.c +++ b/lib/dns/rdata/generic/keydata_65533.c @@ -122,7 +122,7 @@ totext_keydata(ARGS_TOTEXT) { /* flags */ flags = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u", flags); + snprintf(buf, sizeof(buf), "%u", flags); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); if ((flags & DNS_KEYFLAG_KSK) != 0) { @@ -134,14 +134,14 @@ totext_keydata(ARGS_TOTEXT) { keyinfo = "ZSK"; /* protocol */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); /* algorithm */ algorithm = sr.base[0]; - sprintf(buf, "%u", algorithm); + snprintf(buf, sizeof(buf), "%u", algorithm); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); @@ -184,7 +184,8 @@ totext_keydata(ARGS_TOTEXT) { dns_rdata_toregion(rdata, &tmpr); /* Skip over refresh, addhd, and removehd */ isc_region_consume(&tmpr, 12); - sprintf(buf, "%u", dst_region_computeid(&tmpr, algorithm)); + snprintf(buf, sizeof(buf), "%u", + dst_region_computeid(&tmpr, algorithm)); RETERR(str_totext(buf, target)); if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) { diff --git a/lib/dns/rdata/generic/l32_105.c b/lib/dns/rdata/generic/l32_105.c index 4f77c93d24..e68ab4fa2a 100644 --- a/lib/dns/rdata/generic/l32_105.c +++ b/lib/dns/rdata/generic/l32_105.c @@ -62,7 +62,7 @@ totext_l32(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/l64_106.c b/lib/dns/rdata/generic/l64_106.c index 6b4f4c70b3..07cc204ab0 100644 --- a/lib/dns/rdata/generic/l64_106.c +++ b/lib/dns/rdata/generic/l64_106.c @@ -56,16 +56,16 @@ totext_l64(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); - sprintf(buf, "%x:%x:%x:%x", - region.base[0]<<8 | region.base[1], - region.base[2]<<8 | region.base[3], - region.base[4]<<8 | region.base[5], - region.base[6]<<8 | region.base[7]); + snprintf(buf, sizeof(buf), "%x:%x:%x:%x", + region.base[0]<<8 | region.base[1], + region.base[2]<<8 | region.base[3], + region.base[4]<<8 | region.base[5], + region.base[6]<<8 | region.base[7]); return (str_totext(buf, target)); } diff --git a/lib/dns/rdata/generic/loc_29.c b/lib/dns/rdata/generic/loc_29.c index 7ac98272c0..e2ac0a2332 100644 --- a/lib/dns/rdata/generic/loc_29.c +++ b/lib/dns/rdata/generic/loc_29.c @@ -478,22 +478,31 @@ totext_loc(ARGS_TOTEXT) { size = sr.base[1]; INSIST((size&0x0f) < 10 && (size>>4) < 10); - if ((size&0x0f)> 1) - sprintf(sbuf, "%lum", (size>>4) * poweroften[(size&0x0f)-2]); - else - sprintf(sbuf, "0.%02lum", (size>>4) * poweroften[(size&0x0f)]); + if ((size&0x0f)> 1) { + snprintf(sbuf, sizeof(sbuf), + "%lum", (size>>4) * poweroften[(size&0x0f)-2]); + } else { + snprintf(sbuf, sizeof(sbuf), + "0.%02lum", (size>>4) * poweroften[(size&0x0f)]); + } hp = sr.base[2]; INSIST((hp&0x0f) < 10 && (hp>>4) < 10); - if ((hp&0x0f)> 1) - sprintf(hbuf, "%lum", (hp>>4) * poweroften[(hp&0x0f)-2]); - else - sprintf(hbuf, "0.%02lum", (hp>>4) * poweroften[(hp&0x0f)]); + if ((hp&0x0f)> 1) { + snprintf(hbuf, sizeof(hbuf), + "%lum", (hp>>4) * poweroften[(hp&0x0f)-2]); + } else { + snprintf(hbuf, sizeof(hbuf), + "0.%02lum", (hp>>4) * poweroften[(hp&0x0f)]); + } vp = sr.base[3]; INSIST((vp&0x0f) < 10 && (vp>>4) < 10); - if ((vp&0x0f)> 1) - sprintf(vbuf, "%lum", (vp>>4) * poweroften[(vp&0x0f)-2]); - else - sprintf(vbuf, "0.%02lum", (vp>>4) * poweroften[(vp&0x0f)]); + if ((vp&0x0f)> 1) { + snprintf(vbuf, sizeof(vbuf), + "%lum", (vp>>4) * poweroften[(vp&0x0f)-2]); + } else { + snprintf(vbuf, sizeof(vbuf), + "0.%02lum", (vp>>4) * poweroften[(vp&0x0f)]); + } isc_region_consume(&sr, 4); latitude = uint32_fromregion(&sr); @@ -542,11 +551,12 @@ totext_loc(ARGS_TOTEXT) { altitude -= 10000000; } - sprintf(buf, "%d %d %d.%03d %s %d %d %d.%03d %s %s%ld.%02ldm %s %s %s", - d1, m1, s1, fs1, north ? "N" : "S", - d2, m2, s2, fs2, east ? "E" : "W", - below ? "-" : "", altitude/100, altitude % 100, - sbuf, hbuf, vbuf); + snprintf(buf, sizeof(buf), + "%d %d %d.%03d %s %d %d %d.%03d %s %s%ld.%02ldm %s %s %s", + d1, m1, s1, fs1, north ? "N" : "S", + d2, m2, s2, fs2, east ? "E" : "W", + below ? "-" : "", altitude/100, altitude % 100, + sbuf, hbuf, vbuf); return (str_totext(buf, target)); } diff --git a/lib/dns/rdata/generic/lp_107.c b/lib/dns/rdata/generic/lp_107.c index e417ffa177..2e6772ad1b 100644 --- a/lib/dns/rdata/generic/lp_107.c +++ b/lib/dns/rdata/generic/lp_107.c @@ -61,7 +61,7 @@ totext_lp(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/mx_15.c b/lib/dns/rdata/generic/mx_15.c index 61b0ae1984..ceafb58f52 100644 --- a/lib/dns/rdata/generic/mx_15.c +++ b/lib/dns/rdata/generic/mx_15.c @@ -101,7 +101,7 @@ totext_mx(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/naptr_35.c b/lib/dns/rdata/generic/naptr_35.c index e062702a95..d5c77bd380 100644 --- a/lib/dns/rdata/generic/naptr_35.c +++ b/lib/dns/rdata/generic/naptr_35.c @@ -200,7 +200,7 @@ totext_naptr(ARGS_TOTEXT) { */ num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -209,7 +209,7 @@ totext_naptr(ARGS_TOTEXT) { */ num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/nid_104.c b/lib/dns/rdata/generic/nid_104.c index 188e9ee746..0c8ca306e9 100644 --- a/lib/dns/rdata/generic/nid_104.c +++ b/lib/dns/rdata/generic/nid_104.c @@ -56,16 +56,16 @@ totext_nid(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); - sprintf(buf, "%x:%x:%x:%x", - region.base[0]<<8 | region.base[1], - region.base[2]<<8 | region.base[3], - region.base[4]<<8 | region.base[5], - region.base[6]<<8 | region.base[7]); + snprintf(buf, sizeof(buf), "%x:%x:%x:%x", + region.base[0]<<8 | region.base[1], + region.base[2]<<8 | region.base[3], + region.base[4]<<8 | region.base[5], + region.base[6]<<8 | region.base[7]); return (str_totext(buf, target)); } diff --git a/lib/dns/rdata/generic/nsec3_50.c b/lib/dns/rdata/generic/nsec3_50.c index 87065e0ad3..8d9d5e94b0 100644 --- a/lib/dns/rdata/generic/nsec3_50.c +++ b/lib/dns/rdata/generic/nsec3_50.c @@ -115,19 +115,19 @@ totext_nsec3(ARGS_TOTEXT) { /* Hash */ hash = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", hash); + snprintf(buf, sizeof(buf), "%u ", hash); RETERR(str_totext(buf, target)); /* Flags */ flags = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", flags); + snprintf(buf, sizeof(buf), "%u ", flags); RETERR(str_totext(buf, target)); /* Iterations */ iterations = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", iterations); + snprintf(buf, sizeof(buf), "%u ", iterations); RETERR(str_totext(buf, target)); /* Salt */ diff --git a/lib/dns/rdata/generic/nsec3param_51.c b/lib/dns/rdata/generic/nsec3param_51.c index 1c283affbf..8fe5839bc0 100644 --- a/lib/dns/rdata/generic/nsec3param_51.c +++ b/lib/dns/rdata/generic/nsec3param_51.c @@ -109,13 +109,13 @@ totext_nsec3param(ARGS_TOTEXT) { iterations = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%u ", hash); + snprintf(buf, sizeof(buf), "%u ", hash); RETERR(str_totext(buf, target)); - sprintf(buf, "%u ", flags); + snprintf(buf, sizeof(buf), "%u ", flags); RETERR(str_totext(buf, target)); - sprintf(buf, "%u ", iterations); + snprintf(buf, sizeof(buf), "%u ", iterations); RETERR(str_totext(buf, target)); j = uint8_fromregion(&sr); diff --git a/lib/dns/rdata/generic/nxt_30.c b/lib/dns/rdata/generic/nxt_30.c index 69412bc539..540c872680 100644 --- a/lib/dns/rdata/generic/nxt_30.c +++ b/lib/dns/rdata/generic/nxt_30.c @@ -109,7 +109,8 @@ totext_nxt(ARGS_TOTEXT) { target)); } else { char buf[sizeof("65535")]; - sprintf(buf, "%u", t); + snprintf(buf, sizeof(buf), + "%u", t); RETERR(str_totext(buf, target)); } diff --git a/lib/dns/rdata/generic/opt_41.c b/lib/dns/rdata/generic/opt_41.c index 48d36ef7d1..71e7be2d3d 100644 --- a/lib/dns/rdata/generic/opt_41.c +++ b/lib/dns/rdata/generic/opt_41.c @@ -56,7 +56,7 @@ totext_opt(ARGS_TOTEXT) { isc_region_consume(&r, 2); length = uint16_fromregion(&r); isc_region_consume(&r, 2); - sprintf(buf, "%u %u", option, length); + snprintf(buf, sizeof(buf), "%u %u", option, length); RETERR(str_totext(buf, target)); INSIST(r.length >= length); if (length > 0) { diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c index a8920c0b7a..b147f86621 100644 --- a/lib/dns/rdata/generic/rrsig_46.c +++ b/lib/dns/rdata/generic/rrsig_46.c @@ -145,7 +145,7 @@ fromtext_rrsig(ARGS_FROMTEXT) { static inline isc_result_t totext_rrsig(ARGS_TOTEXT) { isc_region_t sr; - char buf[sizeof("4294967295")]; + char buf[sizeof("4294967295")]; /* Also TYPE65000. */ dns_rdatatype_t covered; unsigned long ttl; unsigned long when; @@ -170,7 +170,7 @@ totext_rrsig(ARGS_TOTEXT) { if (dns_rdatatype_isknown(covered) && covered != 0) { RETERR(dns_rdatatype_totext(covered, target)); } else { - sprintf(buf, "TYPE%u", covered); + snprintf(buf, sizeof(buf), "TYPE%u", covered); RETERR(str_totext(buf, target)); } RETERR(str_totext(" ", target)); @@ -178,7 +178,7 @@ totext_rrsig(ARGS_TOTEXT) { /* * Algorithm. */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -186,7 +186,7 @@ totext_rrsig(ARGS_TOTEXT) { /* * Labels. */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -196,7 +196,7 @@ totext_rrsig(ARGS_TOTEXT) { */ ttl = uint32_fromregion(&sr); isc_region_consume(&sr, 4); - sprintf(buf, "%lu", ttl); + snprintf(buf, sizeof(buf), "%lu", ttl); RETERR(str_totext(buf, target)); if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) @@ -224,7 +224,7 @@ totext_rrsig(ARGS_TOTEXT) { */ foot = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu", foot); + snprintf(buf, sizeof(buf), "%lu", foot); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/rt_21.c b/lib/dns/rdata/generic/rt_21.c index 34d28cd60a..47b80a4a3d 100644 --- a/lib/dns/rdata/generic/rt_21.c +++ b/lib/dns/rdata/generic/rt_21.c @@ -72,7 +72,7 @@ totext_rt(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); dns_name_fromregion(&name, ®ion); diff --git a/lib/dns/rdata/generic/sig_24.c b/lib/dns/rdata/generic/sig_24.c index 699210614a..968de07dfd 100644 --- a/lib/dns/rdata/generic/sig_24.c +++ b/lib/dns/rdata/generic/sig_24.c @@ -146,7 +146,7 @@ totext_sig(ARGS_TOTEXT) { if (dns_rdatatype_isknown(covered) && covered != 0) { RETERR(dns_rdatatype_totext(covered, target)); } else { - sprintf(buf, "%u", covered); + snprintf(buf, sizeof(buf), "%u", covered); RETERR(str_totext(buf, target)); } RETERR(str_totext(" ", target)); @@ -154,7 +154,7 @@ totext_sig(ARGS_TOTEXT) { /* * Algorithm. */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -162,7 +162,7 @@ totext_sig(ARGS_TOTEXT) { /* * Labels. */ - sprintf(buf, "%u", sr.base[0]); + snprintf(buf, sizeof(buf), "%u", sr.base[0]); isc_region_consume(&sr, 1); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -172,7 +172,7 @@ totext_sig(ARGS_TOTEXT) { */ ttl = uint32_fromregion(&sr); isc_region_consume(&sr, 4); - sprintf(buf, "%lu", ttl); + snprintf(buf, sizeof(buf), "%lu", ttl); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); @@ -200,7 +200,7 @@ totext_sig(ARGS_TOTEXT) { */ foot = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu", foot); + snprintf(buf, sizeof(buf), "%lu", foot); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/generic/sink_40.c b/lib/dns/rdata/generic/sink_40.c index 0ab8cd6dc8..ce61a1ff16 100644 --- a/lib/dns/rdata/generic/sink_40.c +++ b/lib/dns/rdata/generic/sink_40.c @@ -67,7 +67,7 @@ totext_sink(ARGS_TOTEXT) { isc_region_consume(&sr, 1); subcoding = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u %u %u", meaning, coding, subcoding); + snprintf(buf, sizeof(buf), "%u %u %u", meaning, coding, subcoding); RETERR(str_totext(buf, target)); if (sr.length == 0U) diff --git a/lib/dns/rdata/generic/soa_6.c b/lib/dns/rdata/generic/soa_6.c index 3a0221e262..ef73e5d2fa 100644 --- a/lib/dns/rdata/generic/soa_6.c +++ b/lib/dns/rdata/generic/soa_6.c @@ -128,7 +128,7 @@ totext_soa(ARGS_TOTEXT) { unsigned long num; num = uint32_fromregion(&dregion); isc_region_consume(&dregion, 4); - sprintf(buf, comm ? "%-10lu ; " : "%lu", num); + snprintf(buf, sizeof(buf), comm ? "%-10lu ; " : "%lu", num); RETERR(str_totext(buf, target)); if (comm) { RETERR(str_totext(soa_fieldnames[i], target)); diff --git a/lib/dns/rdata/generic/sshfp_44.c b/lib/dns/rdata/generic/sshfp_44.c index 06de11db54..2a54785522 100644 --- a/lib/dns/rdata/generic/sshfp_44.c +++ b/lib/dns/rdata/generic/sshfp_44.c @@ -69,7 +69,7 @@ totext_sshfp(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -77,7 +77,7 @@ totext_sshfp(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u", n); + snprintf(buf, sizeof(buf), "%u", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/tkey_249.c b/lib/dns/rdata/generic/tkey_249.c index cbe9b2a666..7510aaf3cc 100644 --- a/lib/dns/rdata/generic/tkey_249.c +++ b/lib/dns/rdata/generic/tkey_249.c @@ -145,7 +145,7 @@ totext_tkey(ARGS_TOTEXT) { */ n = uint32_fromregion(&sr); isc_region_consume(&sr, 4); - sprintf(buf, "%lu ", n); + snprintf(buf, sizeof(buf), "%lu ", n); RETERR(str_totext(buf, target)); /* @@ -153,7 +153,7 @@ totext_tkey(ARGS_TOTEXT) { */ n = uint32_fromregion(&sr); isc_region_consume(&sr, 4); - sprintf(buf, "%lu ", n); + snprintf(buf, sizeof(buf), "%lu ", n); RETERR(str_totext(buf, target)); /* @@ -161,7 +161,7 @@ totext_tkey(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu ", n); + snprintf(buf, sizeof(buf), "%lu ", n); RETERR(str_totext(buf, target)); /* @@ -172,7 +172,7 @@ totext_tkey(ARGS_TOTEXT) { if (dns_tsigrcode_totext((dns_rcode_t)n, target) == ISC_R_SUCCESS) RETERR(str_totext(" ", target)); else { - sprintf(buf, "%lu ", n); + snprintf(buf, sizeof(buf), "%lu ", n); RETERR(str_totext(buf, target)); } @@ -181,7 +181,7 @@ totext_tkey(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu", n); + snprintf(buf, sizeof(buf), "%lu", n); RETERR(str_totext(buf, target)); /* @@ -209,7 +209,7 @@ totext_tkey(ARGS_TOTEXT) { */ n = uint16_fromregion(&sr); isc_region_consume(&sr, 2); - sprintf(buf, "%lu", n); + snprintf(buf, sizeof(buf), "%lu", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/tlsa_52.c b/lib/dns/rdata/generic/tlsa_52.c index e2d9fa0f06..a9e80ffbac 100644 --- a/lib/dns/rdata/generic/tlsa_52.c +++ b/lib/dns/rdata/generic/tlsa_52.c @@ -73,7 +73,7 @@ generic_totext_tlsa(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -81,7 +81,7 @@ generic_totext_tlsa(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u ", n); + snprintf(buf, sizeof(buf), "%u ", n); RETERR(str_totext(buf, target)); /* @@ -89,7 +89,7 @@ generic_totext_tlsa(ARGS_TOTEXT) { */ n = uint8_fromregion(&sr); isc_region_consume(&sr, 1); - sprintf(buf, "%u", n); + snprintf(buf, sizeof(buf), "%u", n); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/generic/uri_256.c b/lib/dns/rdata/generic/uri_256.c index 9443c2a590..6d706f41db 100644 --- a/lib/dns/rdata/generic/uri_256.c +++ b/lib/dns/rdata/generic/uri_256.c @@ -72,7 +72,7 @@ totext_uri(ARGS_TOTEXT) { */ priority = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u ", priority); + snprintf(buf, sizeof(buf), "%u ", priority); RETERR(str_totext(buf, target)); /* @@ -80,7 +80,7 @@ totext_uri(ARGS_TOTEXT) { */ weight = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u ", weight); + snprintf(buf, sizeof(buf), "%u ", weight); RETERR(str_totext(buf, target)); /* diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c index b1902d722c..5b05e0c996 100644 --- a/lib/dns/rdata/in_1/a6_38.c +++ b/lib/dns/rdata/in_1/a6_38.c @@ -107,7 +107,7 @@ totext_in_a6(ARGS_TOTEXT) { prefixlen = sr.base[0]; INSIST(prefixlen <= 128); isc_region_consume(&sr, 1); - sprintf(buf, "%u", prefixlen); + snprintf(buf, sizeof(buf), "%u", prefixlen); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/in_1/kx_36.c b/lib/dns/rdata/in_1/kx_36.c index 19fb0b101f..f10b6da4c1 100644 --- a/lib/dns/rdata/in_1/kx_36.c +++ b/lib/dns/rdata/in_1/kx_36.c @@ -65,7 +65,7 @@ totext_in_kx(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/in_1/nsap_22.c b/lib/dns/rdata/in_1/nsap_22.c index 36db1c3e03..364ee81531 100644 --- a/lib/dns/rdata/in_1/nsap_22.c +++ b/lib/dns/rdata/in_1/nsap_22.c @@ -80,7 +80,7 @@ totext_in_nsap(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); RETERR(str_totext("0x", target)); while (region.length != 0) { - sprintf(buf, "%02x", region.base[0]); + snprintf(buf, sizeof(buf), "%02x", region.base[0]); isc_region_consume(®ion, 1); RETERR(str_totext(buf, target)); } diff --git a/lib/dns/rdata/in_1/px_26.c b/lib/dns/rdata/in_1/px_26.c index 2e9a8ea198..5f1da7c2f5 100644 --- a/lib/dns/rdata/in_1/px_26.c +++ b/lib/dns/rdata/in_1/px_26.c @@ -84,7 +84,7 @@ totext_in_px(ARGS_TOTEXT) { dns_rdata_toregion(rdata, ®ion); num = uint16_fromregion(®ion); isc_region_consume(®ion, 2); - sprintf(buf, "%u", num); + snprintf(buf, sizeof(buf), "%u", num); RETERR(str_totext(buf, target)); RETERR(str_totext(" ", target)); diff --git a/lib/dns/rdata/in_1/wks_11.c b/lib/dns/rdata/in_1/wks_11.c index 5141c9f89a..5f10e6d34e 100644 --- a/lib/dns/rdata/in_1/wks_11.c +++ b/lib/dns/rdata/in_1/wks_11.c @@ -199,7 +199,7 @@ totext_in_wks(ARGS_TOTEXT) { isc_region_consume(&sr, 4); proto = uint8_fromregion(&sr); - sprintf(buf, "%u", proto); + snprintf(buf, sizeof(buf), "%u", proto); RETERR(str_totext(" ", target)); RETERR(str_totext(buf, target)); isc_region_consume(&sr, 1); @@ -209,7 +209,8 @@ totext_in_wks(ARGS_TOTEXT) { if (sr.base[i] != 0) for (j = 0; j < 8; j++) if ((sr.base[i] & (0x80 >> j)) != 0) { - sprintf(buf, "%u", i * 8 + j); + snprintf(buf, sizeof(buf), + "%u", i * 8 + j); RETERR(str_totext(" ", target)); RETERR(str_totext(buf, target)); } diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index b82d41613f..224d5c9a98 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -1046,8 +1046,10 @@ isc_httpd_response(isc_httpd_t *httpd) { return (result); } - sprintf(isc_buffer_used(&httpd->headerbuffer), "%s %03u %s\r\n", - httpd->protocol, httpd->retcode, httpd->retmsg); + snprintf(isc_buffer_used(&httpd->headerbuffer), + (int)isc_buffer_availablelength(&httpd->headerbuffer), + "%s %03u %s\r\n", httpd->protocol, httpd->retcode, + httpd->retmsg); isc_buffer_add(&httpd->headerbuffer, needlen); return (ISC_R_SUCCESS); @@ -1072,11 +1074,13 @@ isc_httpd_addheader(isc_httpd_t *httpd, const char *name, } if (val != NULL) - sprintf(isc_buffer_used(&httpd->headerbuffer), - "%s: %s\r\n", name, val); + snprintf(isc_buffer_used(&httpd->headerbuffer), + isc_buffer_availablelength(&httpd->headerbuffer), + "%s: %s\r\n", name, val); else - sprintf(isc_buffer_used(&httpd->headerbuffer), - "%s\r\n", name); + snprintf(isc_buffer_used(&httpd->headerbuffer), + isc_buffer_availablelength(&httpd->headerbuffer), + "%s\r\n", name); isc_buffer_add(&httpd->headerbuffer, needlen); @@ -1093,7 +1097,8 @@ isc_httpd_endheaders(isc_httpd_t *httpd) { return (result); } - sprintf(isc_buffer_used(&httpd->headerbuffer), "\r\n"); + snprintf(isc_buffer_used(&httpd->headerbuffer), + isc_buffer_availablelength(&httpd->headerbuffer), "\r\n"); isc_buffer_add(&httpd->headerbuffer, 2); return (ISC_R_SUCCESS); @@ -1105,7 +1110,7 @@ isc_httpd_addheaderuint(isc_httpd_t *httpd, const char *name, int val) { unsigned int needlen; char buf[sizeof "18446744073709551616"]; - sprintf(buf, "%d", val); + snprintf(buf, sizeof(buf), "%d", val); needlen = strlen(name); /* name itself */ needlen += 2 + strlen(buf); /* : and val */ @@ -1117,8 +1122,9 @@ isc_httpd_addheaderuint(isc_httpd_t *httpd, const char *name, int val) { return (result); } - sprintf(isc_buffer_used(&httpd->headerbuffer), - "%s: %s\r\n", name, buf); + snprintf(isc_buffer_used(&httpd->headerbuffer), + isc_buffer_availablelength(&httpd->headerbuffer), + "%s: %s\r\n", name, buf); isc_buffer_add(&httpd->headerbuffer, needlen); diff --git a/lib/isc/inet_ntop.c b/lib/isc/inet_ntop.c index 50ee21bcba..64ad577e0b 100644 --- a/lib/isc/inet_ntop.c +++ b/lib/isc/inet_ntop.c @@ -81,9 +81,11 @@ inet_ntop4(const unsigned char *src, char *dst, size_t size) { static const char *fmt = "%u.%u.%u.%u"; char tmp[sizeof("255.255.255.255")]; + int n; - if ((size_t)sprintf(tmp, fmt, src[0], src[1], src[2], src[3]) >= size) - { + + n = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]); + if (n < 0 || (size_t)n >= size) { errno = ENOSPC; return (NULL); } @@ -170,7 +172,8 @@ inet_ntop6(const unsigned char *src, char *dst, size_t size) tp += strlen(tp); break; } - tp += sprintf(tp, "%x", words[i]); + INSIST((tp - tmp) < sizeof(tmp)); + tp += snprintf(tp, sizeof(tmp) - (tp - tmp), "%x", words[i]); } /* Was it a trailing run of 0x00's? */ if (best.base != -1 && (best.base + best.len) == diff --git a/lib/isc/log.c b/lib/isc/log.c index 0f0363c4ce..9aca630cc1 100644 --- a/lib/isc/log.c +++ b/lib/isc/log.c @@ -1738,6 +1738,7 @@ isc_log_doit(isc_log_t *lctx, isc_logcategory_t *category, isc_logmessage_t *message, *next; isc_time_t oldest; isc_interval_t interval; + size_t size; isc_interval_set(&interval, lcfg->duplicate_interval, 0); @@ -1811,16 +1812,18 @@ isc_log_doit(isc_log_t *lctx, isc_logcategory_t *category, * It wasn't in the duplicate interval, * so add it to the message list. */ - message = isc_mem_get(lctx->mctx, - sizeof(isc_logmessage_t) + - strlen(lctx->buffer) + 1); + size = sizeof(isc_logmessage_t) + + strlen(lctx->buffer) + 1; + message = isc_mem_get(lctx->mctx, size); if (message != NULL) { /* * Put the text immediately after * the struct. The strcpy is safe. */ message->text = (char *)(message + 1); - strcpy(message->text, lctx->buffer); + size -= sizeof(isc_logmessage_t); + strlcpy(message->text, lctx->buffer, + size); TIME_NOW(&message->time); diff --git a/lib/isc/mem.c b/lib/isc/mem.c index 9d421b86c5..901545d552 100644 --- a/lib/isc/mem.c +++ b/lib/isc/mem.c @@ -2593,7 +2593,7 @@ json_renderctx(isc__mem_t *ctx, summarystat_t *summary, json_object *array) { ctxobj = json_object_new_object(); CHECKMEM(ctxobj); - sprintf(buf, "%p", ctx); + snprintf(buf, sizeof(buf), "%p", ctx); obj = json_object_new_string(buf); CHECKMEM(obj); json_object_object_add(ctxobj, "id", obj); diff --git a/lib/isc/task.c b/lib/isc/task.c index 7d2857f228..e534d732ed 100644 --- a/lib/isc/task.c +++ b/lib/isc/task.c @@ -1983,7 +1983,7 @@ isc_taskmgr_renderjson(isc_taskmgr_t *mgr0, json_object *tasks) { CHECKMEM(taskobj); json_object_array_add(array, taskobj); - sprintf(buf, "%p", task); + snprintf(buf, sizeof(buf), "%p", task); obj = json_object_new_string(buf); CHECKMEM(obj); json_object_object_add(taskobj, "id", obj); diff --git a/lib/isc/unix/ifiter_ioctl.c b/lib/isc/unix/ifiter_ioctl.c index 5b32bcc9bc..78c91858b3 100644 --- a/lib/isc/unix/ifiter_ioctl.c +++ b/lib/isc/unix/ifiter_ioctl.c @@ -402,7 +402,8 @@ internal_current_clusteralias(isc_interfaceiter_t *iter) { memset(&iter->current, 0, sizeof(iter->current)); iter->current.af = iter->clua_sa.sa_family; memset(iter->current.name, 0, sizeof(iter->current.name)); - sprintf(iter->current.name, "clua%d", ci.aliasid); + snprintf(iter->current.name, sizeof(iter->current.name), + "clua%d", ci.aliasid); iter->current.flags = INTERFACE_F_UP; get_inaddr(&iter->current.address, &ci.addr); get_inaddr(&iter->current.netmask, &ci.netmask); diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index 4299c20d0a..5062c38584 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -6766,7 +6766,7 @@ isc_socketmgr_renderjson(isc_socketmgr_t *mgr0, json_object *stats) { LOCK(&sock->lock); - sprintf(buf, "%p", sock); + snprintf(buf, sizeof(buf), "%p", sock); obj = json_object_new_string(buf); CHECKMEM(obj); json_object_object_add(entry, "id", obj); diff --git a/lib/isc/win32/socket.c b/lib/isc/win32/socket.c index bbdc6c1303..456873d5f7 100644 --- a/lib/isc/win32/socket.c +++ b/lib/isc/win32/socket.c @@ -4151,7 +4151,7 @@ isc_socketmgr_renderjson(isc_socketmgr_t *mgr, json_object *stats) { LOCK(&sock->lock); - sprintf(buf, "%p", sock); + snprintf(buf, sizeof(buf), "%p", sock); obj = json_object_new_string(buf); CHECKMEM(obj); json_object_object_add(entry, "id", obj); diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 1eb407f77b..1871046cd3 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -2913,8 +2913,8 @@ parser_complain(cfg_parser_t *pctx, isc_boolean_t is_warning, len = vsnprintf(message, sizeof(message), format, args); #define ELIPSIS " ... " if (len >= sizeof(message)) { - strcpy(message + sizeof(message) - sizeof(ELIPSIS) - 1, - ELIPSIS); + message[sizeof(message) - sizeof(ELIPSIS)] = 0; + strlcat(message, ELIPSIS, sizeof(message)); } if ((flags & (CFG_LOG_NEAR|CFG_LOG_BEFORE|CFG_LOG_NOPREP)) != 0) {