Patch by J Sisson: sprintf -> snprintf

diff --git a/src/conf.c b/src/conf.c
index a66d9eedc1e0107d041f7a91a8fdcd8175d590fe..d85ff7c0eb20aef5613d3fc1661e8ed016fd264a 100644 (file)
--- a/src/conf.c
+++ b/src/conf.c
@@ -186,30 +186,31 @@ int getIntConf(param_t param)
 int Conf_getNextChannel(conf_channel_t *chdesc, int index)
 {
        config_setting_t *setting = NULL;
-       char configstr[64];
+       int maxconfig = 64, ret = 0;
+       char configstr[maxconfig];
        
-       sprintf(configstr, "channels.[%d].name", index);
+       ret = snprintf(configstr, maxconfig, "channels.[%d].name", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL)
+       if (ret >= maxconfig || ret < 0 || setting == NULL)
                return -1; /* Required */
        chdesc->name =  config_setting_get_string(setting);
        
-       sprintf(configstr, "channels.[%d].parent", index);
+       ret = snprintf(configstr, maxconfig, "channels.[%d].parent", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL)
+       if (ret >= maxconfig || ret < 0 || setting == NULL)
                return -1; /* Required */
        chdesc->parent = config_setting_get_string(setting);
        
-       sprintf(configstr, "channels.[%d].description", index);
+       ret = snprintf(configstr, maxconfig, "channels.[%d].description", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL) /* Optional */
+       if (ret >= maxconfig || ret < 0 || setting == NULL) /* Optional */
                chdesc->description = NULL;
        else
                chdesc->description = config_setting_get_string(setting);
        
-       sprintf(configstr, "channels.[%d].noenter", index);
+       ret = snprintf(configstr, maxconfig, "channels.[%d].noenter", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL) /* Optional */
+       if (ret >= maxconfig || ret < 0 || setting == NULL) /* Optional */
                chdesc->noenter = false;
        else
                chdesc->noenter = config_setting_get_bool(setting);
@@ -220,17 +221,18 @@ int Conf_getNextChannel(conf_channel_t *chdesc, int index)
 int Conf_getNextChannelLink(conf_channel_link_t *chlink, int index)
 {
        config_setting_t *setting = NULL;
-       char configstr[64];
+       int maxconfig = 64, ret = 0;
+       char configstr[maxconfig];
        
-       sprintf(configstr, "channel_links.[%d].source", index);
+       ret = snprintf(configstr, maxconfig, "channel_links.[%d].source", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL)
+       if (ret >= maxconfig || ret < 0 || setting == NULL)
                return -1;
        chlink->source = config_setting_get_string(setting);
 
-       sprintf(configstr, "channel_links.[%d].destination", index);
+       ret = snprintf(configstr, maxconfig, "channel_links.[%d].destination", index);
        setting = config_lookup(&configuration, configstr);
-       if (setting == NULL)
+       if (ret >= maxconfig || ret < 0 || setting == NULL)
                return -1;
        chlink->destination = config_setting_get_string(setting);
 

diff --git a/src/main.c b/src/main.c
index 8c5febd6fb742b291c3d7e1e32ea9ac816ae1dc4..863a7d4dacfd2ca8e54b35bd3414ef12c7e092ab 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -64,7 +64,7 @@ void lockfile(const char *pidfile)
        
        if (lfp < 0)
                Log_fatal("Cannot open PID-file %s for writing", pidfile);
-       sprintf(str,"%d\n", getpid());
+       snprintf(str,16,"%d\n", getpid());
        write(lfp, str, strlen(str)); /* record pid to lockfile */
        Log_info("PID-file: %s", pidfile);
 }

diff --git a/src/messagehandler.c b/src/messagehandler.c
index c2aa522dae820baed897b61d967f7775bc937619..4b6c39659dc75a75477b2ae8cf53d43c553a8f5b 100644 (file)
--- a/src/messagehandler.c
+++ b/src/messagehandler.c
@@ -140,7 +140,7 @@ void Mh_handle_message(client_t *client, message_t *msg)
 
                if (Client_count() >= getIntConf(MAX_CLIENTS)) {
                        char buf[64];
-                       sprintf(buf, "Server is full (max %d users)", getIntConf(MAX_CLIENTS));
+                       snprintf(buf, 64, "Server is full (max %d users)", getIntConf(MAX_CLIENTS));
                        sendServerReject(client, buf, MUMBLE_PROTO__REJECT__REJECT_TYPE__ServerFull);
                        goto disconnect;
                }