more sprintf bashing. now the only ones left are in mime_parser

author Nathan Bryant <loanshark@uncensored.citadel.org>

Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)

committer Nathan Bryant <loanshark@uncensored.citadel.org>

Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)
author Nathan Bryant <loanshark@uncensored.citadel.org>
Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)
committer Nathan Bryant <loanshark@uncensored.citadel.org>
Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)
diff --git a/citadel/ChangeLog b/citadel/ChangeLog

index 114dc091d1d72780b666307c31be85a37b14b922..87fd837c5d7878c823ee0b3f4a2b9ef49cb543b0 100644 (file)
--- a/citadel/ChangeLog
+++ b/citadel/ChangeLog
@@ -1,4 +1,7 @@
   $Log$
+ Revision 590.141  2002/03/12 03:19:09  nbryant
+ more sprintf bashing. now the only ones left are in mime_parser
+
   Revision 590.140  2002/03/12 01:33:42  nbryant
    - pass -Wcast-qual to gcc
    - more sprintf bashing
@@ -3441,4 +3444,3 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
  
  Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
         * Initial CVS import 
-
diff --git a/citadel/user_ops.c b/citadel/user_ops.c

index 862ad30bdb14ee2f629d5101055aa155ea778af5..b5f6e8f20f32a83fb1bde925cbe6fd7d95059e18 100644 (file)
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -504,7 +504,8 @@ static int validpw(uid_t uid, const char *pass)
         }
  
         close(pipev[0]);
-       write(pipev[1], buf, sprintf(buf, "%lu\n", (unsigned long) uid));
+       write(pipev[1], buf,
+             snprintf(buf, sizeof buf, "%lu\n", (unsigned long) uid));
         write(pipev[1], pass, strlen(pass));
         write(pipev[1], "\n", 1);
         close(pipev[1]);
@@ -657,11 +658,11 @@ int purge_user(char pname[])
         cdb_delete(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  
         /* remove the user's bio file */
-       sprintf(filename, "./bio/%ld", usbuf.usernum);
+       snprintf(filename, sizeof filename, "./bio/%ld", usbuf.usernum);
         unlink(filename);
  
         /* remove the user's picture */
-       sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
+       snprintf(filename, sizeof filename, "./userpics/%ld.gif", usbuf.usernum);
         unlink(filename);
  
         return (0);
@@ -966,7 +967,7 @@ void cmd_slrp(char *new_ptr)
  
         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
         vbuf.v_lastseen = newlr;
-       sprintf(vbuf.v_seen, "*:%ld", newlr);
+       snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", newlr);
         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
  
         lputuser(&CC->usersupp);
@@ -1027,7 +1028,7 @@ void cmd_invt_kick(char *iuser, int op)
         lputuser(&USscratch);
  
         /* post a message in Aide> saying what we just did */
-       sprintf(bbb, "%s %s %s> by %s\n",
+       snprintf(bbb, sizeof bbb, "%s %s %s> by %s\n",
                 iuser,
                 ((op == 1) ? "invited to" : "kicked out of"),
                 CC->quickroom.QRname,
diff --git a/citadel/whobbs.c b/citadel/whobbs.c

index f22c8f0310a10458781659852b542cdbdc27c814..68573d1d4d7502a4e421e6e3dcb18b54bb83c6dd 100644 (file)
--- a/citadel/whobbs.c
+++ b/citadel/whobbs.c
@@ -18,7 +18,7 @@ void logoff(int code)
         exit(code);
         }
  
-void escapize(char buf[]) {
+static void escapize(char *buf, size_t n) {
         char hold[512];
         int i;
  
@@ -26,14 +26,16 @@ void escapize(char buf[]) {
         strcpy(buf, "");
  
         for (i=0; i<strlen(hold); ++i) {
+               size_t tmp = strlen(buf);
+
                 if (hold[i]=='<')
-                       sprintf(&buf[strlen(buf)], "&lt;");
+                       snprintf(&buf[tmp], n - tmp, "&lt;");
                 else if (hold[i]=='>')
-                       sprintf(&buf[strlen(buf)], "&gt;");
+                       snprintf(&buf[tmp], n - tmp, "&gt;");
                 else if (hold[i]==34)
-                       sprintf(&buf[strlen(buf)], "&quot;");
+                       snprintf(&buf[tmp], n - tmp, "&quot;");
                 else
-                       sprintf(&buf[strlen(buf)], "%c", hold[i]);
+                       snprintf(&buf[tmp], n - tmp, "%c", hold[i]);
         }
  }
  
@@ -125,7 +127,7 @@ int main(int argc, char **argv)
         while (serv_gets(buf), strcmp(buf,"000")) {
  
                 /* Escape some stuff if we're using www mode */
-               if (www) escapize(buf);
+               if (www) escapize(buf, sizeof buf);
  
                 s_pid = extract_int(buf,0);
                 extract(s_user,buf,1);
@@ -168,7 +170,7 @@ char *strerror(int e)
  {
         static char buf[32];
  
-       sprintf(buf,"errno = %d",e);
+       snprintf(buf, sizeof buf, "errno = %d",e);
         return(buf);
         }
  #endif
author	Nathan Bryant <loanshark@uncensored.citadel.org>
	Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)
committer	Nathan Bryant <loanshark@uncensored.citadel.org>
	Tue, 12 Mar 2002 03:19:10 +0000 (03:19 +0000)
citadel/ChangeLog		patch \| blob \| history
citadel/user_ops.c		patch \| blob \| history
citadel/whobbs.c		patch \| blob \| history