diff options
| author | Kenneth R Westerback <krw@cvs.openbsd.org> | 2003-04-25 23:33:57 +0000 |
|---|---|---|
| committer | Kenneth R Westerback <krw@cvs.openbsd.org> | 2003-04-25 23:33:57 +0000 |
| commit | c2e06f21d8a516e6ce02ba2cf6127af291f5e370 (patch) | |
| tree | b95a6ac148084c7b8fadb313f7eb58bcbb2682fe /usr.bin/indent | |
| parent | 9aeb8c610f0f34fe1b446bc071b406a2119ee3a0 (diff) | |
sprintf -> snprintf and add a couple of size checks to ensure against
overflow.
ok tdeval@ deraadt@ dhartmei@
Diffstat (limited to 'usr.bin/indent')
| -rw-r--r-- | usr.bin/indent/indent.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/usr.bin/indent/indent.c b/usr.bin/indent/indent.c index 28b9b9f13bf..b4e48b859d0 100644 --- a/usr.bin/indent/indent.c +++ b/usr.bin/indent/indent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: indent.c,v 1.13 2002/11/29 20:15:43 deraadt Exp $ */ +/* $OpenBSD: indent.c,v 1.14 2003/04/25 23:33:56 krw Exp $ */ /* * Copyright (c) 1980, 1993 @@ -47,7 +47,7 @@ char copyright[] = #ifndef lint /*static char sccsid[] = "@(#)indent.c 5.17 (Berkeley) 6/7/93";*/ -static char rcsid[] = "$OpenBSD: indent.c,v 1.13 2002/11/29 20:15:43 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: indent.c,v 1.14 2003/04/25 23:33:56 krw Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -507,8 +507,10 @@ check_type: if (ps.in_decl && !ps.block_init) if (troff && !ps.dumped_decl_indent && !is_procname && ps.last_token == decl) { ps.dumped_decl_indent = 1; - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, (l_code - e_code) + 5, + "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); e_code += strlen(e_code); + CHECK_SIZE_CODE; } else { while ((e_code - s_code) < dec_ind) { @@ -577,9 +579,11 @@ check_type: *e_code++ = ' '; if (troff && !ps.dumped_decl_indent && ps.in_decl && !is_procname) { - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, (l_code - e_code) + 5, + "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); ps.dumped_decl_indent = 1; e_code += strlen(e_code); + CHECK_SIZE_CODE; } else { char *res = token; @@ -918,9 +922,11 @@ check_type: if (is_procname == 0 || !procnames_start_line) { if (!ps.block_init) { if (troff && !ps.dumped_decl_indent) { - sprintf(e_code, "\n.De %dp+\200p\n", dec_ind * 7); + snprintf(e_code, (l_code - e_code) + 5, + "\n.De %dp+\200p\n", dec_ind * 7); ps.dumped_decl_indent = 1; e_code += strlen(e_code); + CHECK_SIZE_CODE; } else while ((e_code - s_code) < dec_ind) { |