diff options
author | steve <steve@FreeBSD.org> | 1998-06-14 16:03:40 +0000 |
---|---|---|
committer | steve <steve@FreeBSD.org> | 1998-06-14 16:03:40 +0000 |
commit | 32510ecfb57c6446146752faf7655c9506b81f55 (patch) | |
tree | bec354d9190fb622fb22d0d5c41d881534603f45 /usr.bin/more | |
parent | a90040b583bb2b134bd685c9f4b7ac1d187f26a6 (diff) | |
download | FreeBSD-src-32510ecfb57c6446146752faf7655c9506b81f55.zip FreeBSD-src-32510ecfb57c6446146752faf7655c9506b81f55.tar.gz |
sprintf -> snprintf to avoid potential buffer overflow.
PR: 6907
Submitted by: Archie Cobbs <archie@whistle.com>
Diffstat (limited to 'usr.bin/more')
-rw-r--r-- | usr.bin/more/ch.c | 4 | ||||
-rw-r--r-- | usr.bin/more/command.c | 20 | ||||
-rw-r--r-- | usr.bin/more/help.c | 2 | ||||
-rw-r--r-- | usr.bin/more/main.c | 6 | ||||
-rw-r--r-- | usr.bin/more/os.c | 12 | ||||
-rw-r--r-- | usr.bin/more/prim.c | 4 |
6 files changed, 27 insertions, 21 deletions
diff --git a/usr.bin/more/ch.c b/usr.bin/more/ch.c index 52e80d0..3e402cc 100644 --- a/usr.bin/more/ch.c +++ b/usr.bin/more/ch.c @@ -394,8 +394,8 @@ ch_init(want_nbufs, keep) * If we don't have ANY, then quit. * Otherwise, just report the error and return. */ - (void)sprintf(message, "cannot allocate %d buffers", - want_nbufs - nbufs); + (void)snprintf(message, sizeof(message), + "cannot allocate %d buffers", want_nbufs - nbufs); error(message); if (nbufs == 0) quit(); diff --git a/usr.bin/more/command.c b/usr.bin/more/command.c index 2b8d3a4..6d9e1c7 100644 --- a/usr.bin/more/command.c +++ b/usr.bin/more/command.c @@ -185,19 +185,21 @@ prompt() putstr(current_name); putstr(":"); if (!ispipe) { - (void)sprintf(pbuf, " file %d/%d", curr_ac + 1, ac); + (void)snprintf(pbuf, sizeof(pbuf), + " file %d/%d", curr_ac + 1, ac); putstr(pbuf); } if (linenums) { - (void)sprintf(pbuf, " line %d", currline(BOTTOM)); + (void)snprintf(pbuf, sizeof(pbuf), + " line %d", currline(BOTTOM)); putstr(pbuf); } if ((pos = position(BOTTOM)) != NULL_POSITION) { - (void)sprintf(pbuf, " byte %qd", pos); + (void)snprintf(pbuf, sizeof(pbuf), " byte %qd", pos); putstr(pbuf); if (!ispipe && (len = ch_length())) { - (void)sprintf(pbuf, "/%qd pct %qd%%", - len, ((100 * pos) / len)); + (void)snprintf(pbuf, sizeof(pbuf), + "/%qd pct %qd%%", len, ((100 * pos) / len)); putstr(pbuf); } } @@ -218,7 +220,8 @@ prompt() else if (!ispipe && (pos = position(BOTTOM)) != NULL_POSITION && (len = ch_length())) { - (void)sprintf(pbuf, " (%qd%%)", ((100 * pos) / len)); + (void)snprintf(pbuf, sizeof(pbuf), + " (%qd%%)", ((100 * pos) / len)); putstr(pbuf); } so_exit(); @@ -620,9 +623,10 @@ editfile() dolinenumber = 0; } if (dolinenumber && (c = currline(MIDDLE))) - (void)sprintf(buf, "%s +%d %s", editor, c, current_file); + (void)snprintf(buf, sizeof(buf), + "%s +%d %s", editor, c, current_file); else - (void)sprintf(buf, "%s %s", editor, current_file); + (void)snprintf(buf, sizeof(buf), "%s %s", editor, current_file); lsystem(buf); } diff --git a/usr.bin/more/help.c b/usr.bin/more/help.c index eeb3795..f7b964d 100644 --- a/usr.bin/more/help.c +++ b/usr.bin/more/help.c @@ -44,6 +44,6 @@ help() { char cmd[MAXPATHLEN + 20]; - (void)sprintf(cmd, "-more %s", _PATH_HELPFILE); + (void)snprintf(cmd, sizeof(cmd), "-more %s", _PATH_HELPFILE); lsystem(cmd); } diff --git a/usr.bin/more/main.c b/usr.bin/more/main.c index 3539aa3..6df9728 100644 --- a/usr.bin/more/main.c +++ b/usr.bin/more/main.c @@ -48,6 +48,7 @@ static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/7/93"; */ #include <sys/types.h> +#include <sys/param.h> #include <sys/file.h> #include <stdio.h> #include <stdlib.h> @@ -87,7 +88,7 @@ edit(filename) register char *m; off_t initial_pos, position(); static int didpipe; - char message[100], *p; + char message[MAXPATHLEN + 50], *p; char *rindex(), *strerror(), *save(), *bad_file(); initial_pos = NULL_POSITION; @@ -122,7 +123,8 @@ edit(filename) return(0); } else if ((f = open(filename, O_RDONLY, 0)) < 0) { - (void)sprintf(message, "%s: %s", filename, strerror(errno)); + (void)snprintf(message, sizeof(message), + "%s: %s", filename, strerror(errno)); error(message); free(filename); return(0); diff --git a/usr.bin/more/os.c b/usr.bin/more/os.c index 598b194..da22d0d 100644 --- a/usr.bin/more/os.c +++ b/usr.bin/more/os.c @@ -123,7 +123,8 @@ lsystem(cmd) cmd = shell; else { - (void)sprintf(cmdbuf, "%s -c \"%s\"", shell, cmd); + (void)snprintf(cmdbuf, sizeof(cmdbuf), + "%s -c \"%s\"", shell, cmd); cmd = cmdbuf; } } @@ -215,19 +216,17 @@ glob(filename) /* * Read the output of <echo filename>. */ - cmd = malloc((u_int)(strlen(filename)+8)); + (void)asprintf(&cmd, "echo \"%s\"", filename); if (cmd == NULL) return (filename); - (void)sprintf(cmd, "echo \"%s\"", filename); } else { /* * Read the output of <$SHELL -c "echo filename">. */ - cmd = malloc((u_int)(strlen(p)+12)); + (void)asprintf(&cmd, "%s -c \"echo %s\"", p, filename); if (cmd == NULL) return (filename); - (void)sprintf(cmd, "%s -c \"echo %s\"", p, filename); } if ((f = popen(cmd, "r")) == NULL) @@ -255,7 +254,8 @@ bad_file(filename, message, len) char *strcat(), *strerror(); if (stat(filename, &statbuf) < 0) { - (void)sprintf(message, "%s: %s", filename, strerror(errno)); + (void)snprintf(message, len, + "%s: %s", filename, strerror(errno)); return(message); } if ((statbuf.st_mode & S_IFMT) == S_IFDIR) { diff --git a/usr.bin/more/prim.c b/usr.bin/more/prim.c index adb17d1..1a571e6 100644 --- a/usr.bin/more/prim.c +++ b/usr.bin/more/prim.c @@ -374,8 +374,8 @@ jump_back(n) while ((c = ch_forw_get()) != '\n') if (c == EOI) { char message[40]; - (void)sprintf(message, "File has only %d lines", - nlines - 1); + (void)snprintf(message, sizeof(message), + "File has only %d lines", nlines - 1); error(message); return; } |