diff options
| author |   krw <krw@openbsd.org> | 2003-04-25 23:33:56 +0000 |
|---|---|---|
| committer | krw <krw@openbsd.org> | 2003-04-25 23:33:56 +0000 |
| commit | b704c923113470921d65a64e9ee468e3fd4219d2 (patch) | |
| tree | c72933190848fb2d1b250fa113357b63d198d261 | |
| parent | fix comment (diff) | |
| download | wireguard-openbsd-b704c923113470921d65a64e9ee468e3fd4219d2.tar.xz wireguard-openbsd-b704c923113470921d65a64e9ee468e3fd4219d2.zip | |
sprintf -> snprintf and add a couple of size checks to ensure against
overflow.
ok tdeval@ deraadt@ dhartmei@
| -rw-r--r-- | usr.bin/indent/indent.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/usr.bin/indent/indent.c b/usr.bin/indent/indent.c index 28b9b9f13bf..b4e48b859d0 100644 --- a/usr.bin/indent/indent.c +++ b/usr.bin/indent/indent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: indent.c,v 1.13 2002/11/29 20:15:43 deraadt Exp $ */ +/* $OpenBSD: indent.c,v 1.14 2003/04/25 23:33:56 krw Exp $ */ /* * Copyright (c) 1980, 1993 @@ -47,7 +47,7 @@ char copyright[] = #ifndef lint /*static char sccsid[] = "@(#)indent.c 5.17 (Berkeley) 6/7/93";*/ -static char rcsid[] = "$OpenBSD: indent.c,v 1.13 2002/11/29 20:15:43 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: indent.c,v 1.14 2003/04/25 23:33:56 krw Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -507,8 +507,10 @@ check_type: if (ps.in_decl && !ps.block_init) if (troff && !ps.dumped_decl_indent && !is_procname && ps.last_token == decl) { ps.dumped_decl_indent = 1; - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, (l_code - e_code) + 5, + "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); e_code += strlen(e_code); + CHECK_SIZE_CODE; } else { while ((e_code - s_code) < dec_ind) { @@ -577,9 +579,11 @@ check_type: *e_code++ = ' '; if (troff && !ps.dumped_decl_indent && ps.in_decl && !is_procname) { - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, (l_code - e_code) + 5, + "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); ps.dumped_decl_indent = 1; e_code += strlen(e_code); + CHECK_SIZE_CODE; } else { char *res = token; @@ -918,9 +922,11 @@ check_type: if (is_procname == 0 || !procnames_start_line) { if (!ps.block_init) { if (troff && !ps.dumped_decl_indent) { - sprintf(e_code, "\n.De %dp+\200p\n", dec_ind * 7); + snprintf(e_code, (l_code - e_code) + 5, + "\n.De %dp+\200p\n", dec_ind * 7); ps.dumped_decl_indent = 1; e_code += strlen(e_code); + CHECK_SIZE_CODE; } else while ((e_code - s_code) < dec_ind) { |