From eea87f149871d5b3020862c6c8cc276e297a4d06 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 27 Jul 2001 17:24:21 +0000 Subject: Use snprintf to avoid potential overflows; zen-parse@gmx.net --- gnu/usr.bin/groff/pic/pic.y | 31 +++++++++---------------------- 1 file changed, 9 insertions(+), 22 deletions(-) (limited to 'gnu/usr.bin/groff/pic/pic.y') diff --git a/gnu/usr.bin/groff/pic/pic.y b/gnu/usr.bin/groff/pic/pic.y index 6c7f4ae0b5a..4d5a35440d3 100644 --- a/gnu/usr.bin/groff/pic/pic.y +++ b/gnu/usr.bin/groff/pic/pic.y @@ -30,11 +30,14 @@ extern void do_for(char *var, double from, double to, int by_is_multiplicative, double by, char *body); extern void do_lookahead(); -#undef fmod -#undef rand - +#ifndef HAVE_FMOD extern "C" { double fmod(double, double); +} +#endif + +#undef rand +extern "C" { int rand(); } @@ -1733,23 +1736,7 @@ char *format_number(const char *form, double n) { if (form == 0) form = "%g"; - else { - // this is a fairly feeble attempt at validation of the format - int nspecs = 0; - for (const char *p = form; *p != '\0'; p++) - if (*p == '%') { - if (p[1] == '%') - p++; - else - nspecs++; - } - if (nspecs > 1) { - lex_error("bad format `%1'", form); - return strsave(form); - } - } - sprintf(sprintf_buf, form, n); - return strsave(sprintf_buf); + return do_sprintf(form, &n, 1); } char *do_sprintf(const char *form, const double *v, int nv) @@ -1771,7 +1758,7 @@ char *do_sprintf(const char *form, const double *v, int nv) if (*form == '%') { one_format += *form++; one_format += '\0'; - sprintf(sprintf_buf, one_format.contents()); + snprintf(sprintf_buf, sizeof(sprintf_buf), one_format.contents()); } else { if (i >= nv) { @@ -1782,7 +1769,7 @@ char *do_sprintf(const char *form, const double *v, int nv) } one_format += *form++; one_format += '\0'; - sprintf(sprintf_buf, one_format.contents(), v[i++]); + snprintf(sprintf_buf, sizeof(sprintf_buf), one_format.contents(), v[i++]); } one_format.clear(); result += sprintf_buf; -- cgit v1.2.3