From d00b208df92061f0049bfcd993ab1f92dc8aa2cb Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Sat, 23 Nov 2013 22:44:06 -0800 Subject: Convert sprintf calls to asprintf or snprintf Signed-off-by: Alan Coopersmith --- save.c | 17 ++++++----------- smproxy.c | 23 ++++++++++++++--------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/save.c b/save.c index 5d6b4ce..267f806 100644 --- a/save.c +++ b/save.c @@ -361,7 +361,7 @@ unique_filename(char *path, char *prefix, int *pFd) char tempFile[PATH_MAX]; char *tmp; - sprintf (tempFile, "%s/%sXXXXXX", path, prefix); + snprintf (tempFile, sizeof(tempFile), "%s/%sXXXXXX", path, prefix); tmp = (char *) mktemp (tempFile); if (tmp) { @@ -373,17 +373,12 @@ unique_filename(char *path, char *prefix, int *pFd) return (NULL); # endif /* HAVE_MKTEMP */ #else /* HAVE_MKSTEMP */ - char tempFile[PATH_MAX]; - char *ptr; + char *tempFile; - sprintf (tempFile, "%s/%sXXXXXX", path, prefix); - ptr = (char *)malloc(strlen(tempFile) + 1); - if (ptr != NULL) - { - strcpy(ptr, tempFile); - *pFd = mkstemp(ptr); - } - return ptr; + if (asprintf (&tempFile, "%s/%sXXXXXX", path, prefix) == -1) + return NULL; + *pFd = mkstemp(tempFile); + return tempFile; #endif /* HAVE_MKSTEMP */ } diff --git a/smproxy.c b/smproxy.c index 17316b5..7c59f16 100644 --- a/smproxy.c +++ b/smproxy.c @@ -221,12 +221,12 @@ CheckFullyQuantifiedName(char *name, int *newstring) } else { - int bytes = strlen (name) + strlen (firstDot + 1) + 2; char *newptr; - newptr = (char *) malloc (bytes); - sprintf (newptr, "%s.%s", name, firstDot + 1); - + if (asprintf (&newptr, "%s.%s", name, firstDot + 1) == -1) { + *newstring = 0; + return NULL; + } *newstring = 1; return (newptr); } @@ -255,7 +255,7 @@ FinishSaveYourself(WinInfo *winInfo, Bool has_WM_SAVEYOURSELF) prop1val.value = (SmPointer) winInfo->wm_command[0]; prop1val.length = strlen (winInfo->wm_command[0]); - sprintf (userId, "%ld", (long)getuid()); + snprintf (userId, sizeof(userId), "%ld", (long)getuid()); prop2.name = SmUserID; prop2.type = SmARRAY8; prop2.num_vals = 1; @@ -265,7 +265,8 @@ FinishSaveYourself(WinInfo *winInfo, Bool has_WM_SAVEYOURSELF) fullyQuantifiedName = CheckFullyQuantifiedName ( (char *) winInfo->wm_client_machine.value, &newstring); - sprintf (restartService, "rstart-rsh/%s", fullyQuantifiedName); + snprintf (restartService, sizeof(restartService), + "rstart-rsh/%s", fullyQuantifiedName); if (newstring) free (fullyQuantifiedName); @@ -882,7 +883,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer clientData) Bool success = True; SmProp prop1, prop2, prop3, *props[3]; SmPropValue prop1val, prop2val, prop3val; - char discardCommand[80]; + char *discardCommand; int numVals, i; static int first_time = 1; @@ -898,7 +899,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer clientData) prop1val.value = Argv[0]; prop1val.length = strlen (Argv[0]); - sprintf (userId, "%ld", (long)getuid()); + snprintf (userId, sizeof(userId), "%ld", (long)getuid()); prop2.name = SmUserID; prop2.type = SmARRAY8; prop2.num_vals = 1; @@ -971,7 +972,10 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer clientData) prop1.num_vals = numVals; - sprintf (discardCommand, "rm %s", filename); + if (asprintf (&discardCommand, "rm %s", filename) == -1) { + success = False; + goto finishUp; + } prop2.name = SmDiscardCommand; prop2.type = SmARRAY8; prop2.num_vals = 1; @@ -984,6 +988,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer clientData) SmcSetProperties (smcConn, 2, props); free ((char *) prop1.vals); + free (discardCommand); finishUp: -- cgit v1.2.3