diff --git a/ldgm/src/tanner.cpp b/ldgm/src/tanner.cpp index ad29f64d3..2e3a23e58 100644 --- a/ldgm/src/tanner.cpp +++ b/ldgm/src/tanner.cpp @@ -40,6 +40,9 @@ Node::Node(Tanner_graph * /* tanner */, Node::Node_type t, char *d) { Node::~Node() { } +#if 0 +// unused and seems quite suspicious (but since it is not called, it is unclear +// what contents of pointer d is int Node::setDataPtr(char *d) { if ( d != 0 ) { @@ -48,6 +51,7 @@ int Node::setDataPtr(char *d) { } else return 1; } +#endif /*----------------------------------------------------------------------------- diff --git a/ldgm/src/tanner.h b/ldgm/src/tanner.h index b30178ca2..d70d79e97 100644 --- a/ldgm/src/tanner.h +++ b/ldgm/src/tanner.h @@ -56,7 +56,7 @@ class Node /* ==================== MUTATORS ======================================= */ - int setDataPtr(char *d); + //int setDataPtr(char *d); void setType(Node_type t) { type = t; } diff --git a/src/control_socket.cpp b/src/control_socket.cpp index a41314faf..334bffb66 100644 --- a/src/control_socket.cpp +++ b/src/control_socket.cpp @@ -3,7 +3,7 @@ * @author Martin Pulec */ /* - * Copyright (c) 2013-2021 CESNET, z. s. p. o. + * Copyright (c) 2013-2023 CESNET, z. s. p. o. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -701,7 +701,7 @@ static void process_messages(struct control_state *s) uint16_t port = socket_get_recv_port(s->socket_fd); if (port) { char port_str[6]; - sprintf(port_str, "%hu", port); + snprintf(port_str, sizeof port_str, "%hu", port); r = new_response(RESPONSE_OK, port_str); } else { r = new_response(RESPONSE_INT_SERV_ERR, "get_recv_port"); diff --git a/src/debug.cpp b/src/debug.cpp index 1906df8cf..328d93bad 100644 --- a/src/debug.cpp +++ b/src/debug.cpp @@ -104,17 +104,18 @@ int log_vprintf(int level, const char *format, va_list ap) const auto& style = get_log_output().get_level_style(level); buf.append(style); - buf.append(size, '\0'); + buf.append(size + 1, '\0'); va_copy(aq, ap); - if (vsprintf(buf.data() + style.length(), format, ap) != size) { + if (vsnprintf(buf.data() + style.length(), size + 1, format, ap) != size) { va_end(aq); return 0; } va_end(aq); + auto & str = buf.get(); + str.resize(str.size() - 1); // drop '\0' written by vsnprintf if (get_log_output().is_interactive()) { - auto & str = buf.get(); if (str.at(str.size() - 1) == '\n') { // put TERM_RESET before '\n' str.erase(str.size() - 1); buf.append(TERM_RESET "\n"); @@ -177,12 +178,12 @@ void debug_dump(const void *lp, int len) while (start < len) { /* start line with pointer position key */ p = (const char *)lp + start; - sprintf(Buff, "%p: ", p); + snprintf(Buff, sizeof Buff, "%p: ", p); /* display each character as hex value */ for (i = start, j = 0; j < 16; p++, i++, j++) { if (i < len) { - sprintf(tmpBuf, "%02X ", ((int)(*p) & 0xFF)); + snprintf(tmpBuf, sizeof tmpBuf, "%02X ", ((int)(*p) & 0xFF)); strcat(Buff, tmpBuf); } else strcat(Buff, " "); @@ -196,9 +197,9 @@ void debug_dump(const void *lp, int len) for (i = start, j = 0, p = (const char *)lp + start; (i < len && j < 16); p++, i++, j++) { if (((*p) >= ' ') && ((*p) <= '~')) /* test displayable */ - sprintf(tmpBuf, "%c", *p); + snprintf(tmpBuf, sizeof tmpBuf, "%c", *p); else - sprintf(tmpBuf, "%c", '.'); + snprintf(tmpBuf, sizeof tmpBuf, "%c", '.'); strcat(Buff, tmpBuf); if (j == 7) /* space between groups of 8 */ strcat(Buff, " "); diff --git a/src/hd-rum-translator/hd-rum-translator.cpp b/src/hd-rum-translator/hd-rum-translator.cpp index 46e891121..c5631899e 100644 --- a/src/hd-rum-translator/hd-rum-translator.cpp +++ b/src/hd-rum-translator/hd-rum-translator.cpp @@ -86,10 +86,11 @@ struct item; #define REPLICA_MAGIC 0xd2ff3323 static char *get_replica_mod_name(const char *addr, uint16_t tx_port){ - char *name = (char *) malloc(strlen(addr) + 2 /* [ ] for IPv6 addr */ + 5 /* port */ + 1 /* '\0' */); + const size_t len = strlen(addr) + 2 /* [ ] for IPv6 addr */ + 5 /* port */ + 1 /* '\0' */; + char *name = (char *) malloc(len); bool is_ipv6 = strchr(addr, ':') != NULL; bool add_bracket = is_ipv6 && addr[0] != '['; - sprintf(name, "%s%s%s:%" PRIu16, add_bracket ? "[" : "", addr, add_bracket ? "]" : "", tx_port); + snprintf(name, len, "%s%s%s:%" PRIu16, add_bracket ? "[" : "", addr, add_bracket ? "]" : "", tx_port); return name; } diff --git a/src/keyboard_control.cpp b/src/keyboard_control.cpp index cb679fd2d..b14e30128 100644 --- a/src/keyboard_control.cpp +++ b/src/keyboard_control.cpp @@ -5,7 +5,7 @@ * With code taken from Olivier Mehani (set_tio()). */ /* - * Copyright (c) 2015-2021 CESNET, z. s. p. o. + * Copyright (c) 2015-2023 CESNET, z. s. p. o. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -951,7 +951,7 @@ void keyboard_control::impl::msg_received() { void keycontrol_send_key(struct module *root, int64_t key) { struct msg_universal *m = (struct msg_universal *) new_message(sizeof(struct msg_universal)); - sprintf(m->text, "press %" PRId64, key); + snprintf(m->text, sizeof m->text, "press %" PRId64, key); struct response *r = send_message_sync(root, "keycontrol", (struct message *) m, 100, SEND_MESSAGE_FLAG_QUIET | SEND_MESSAGE_FLAG_NO_STORE); if (response_get_status(r) != RESPONSE_OK) { log_msg(LOG_LEVEL_ERROR, MOD_NAME "Cannot set key to keycontrol (error %d)!\n", response_get_status(r)); @@ -977,7 +977,7 @@ bool keycontrol_register_key(struct module *receiver_mod, int64_t key, const cha if (description == nullptr) { description = message; } - sprintf(m->text, "map #%" PRId64 " %s %s#%s", key, receiver_path, message, description); + snprintf(m->text, sizeof m->text, "map #%" PRId64 " %s %s#%s", key, receiver_path, message, description); struct response *r = send_message_sync(get_root_module(receiver_mod), "keycontrol", (struct message *) m, 100, SEND_MESSAGE_FLAG_QUIET | SEND_MESSAGE_FLAG_NO_STORE); if (response_get_status(r) != RESPONSE_OK) { log_msg(LOG_LEVEL_ERROR, MOD_NAME "Cannot register keyboard control (error %d)!\n", response_get_status(r)); diff --git a/src/utils/color_out.cpp b/src/utils/color_out.cpp index c08464b3a..18e13fe18 100644 --- a/src/utils/color_out.cpp +++ b/src/utils/color_out.cpp @@ -3,7 +3,7 @@ * @author Martin Pulec */ /* - * Copyright (c) 2018-2021 CESNET, z. s. p. o. + * Copyright (c) 2018-2023 CESNET, z. s. p. o. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -203,9 +203,9 @@ int color_printf(const char *format, ...) { // format the string auto buf = get_log_output().get_buffer(); - buf.append(size, '\0'); + buf.append(size + 1, '\0'); va_start(ap, format); - size = vsprintf(buf.data(), format, ap); + size = vsnprintf(buf.data(), size + 1, format, ap); va_end(ap); if (!color_stdout) { diff --git a/src/video_capture/import.cpp b/src/video_capture/import.cpp index adf6ecf5a..a4dea8282 100644 --- a/src/video_capture/import.cpp +++ b/src/video_capture/import.cpp @@ -411,8 +411,9 @@ try { while ((suffix = strtok_r(NULL, ":", &save_ptr)) != NULL) { if (suffix[0] == '\\') { // MSW path assert(strlen(s->directory) == 1); // c:\something -> should be 'c' - char *tmp = (char *) malloc(2 + strlen(suffix) + 1); - sprintf(tmp, "%c:%s", s->directory[0], suffix); + const size_t len = 2 + strlen(suffix) + 1; + char *tmp = (char *) malloc(len); + snprintf(tmp, len, "%c:%s", s->directory[0], suffix); free(s->directory); s->directory = tmp; } else if (strcmp(suffix, "loop") == 0) { @@ -826,7 +827,7 @@ static void *video_reader_callback(void *arg) char name[1048]; char tile_idx[3] = ""; if (data->tile_count > 1) { - sprintf(tile_idx, "%c%d", data->tile_delim, i); + snprintf(tile_idx, sizeof tile_idx, "%c%d", data->tile_delim, i); } snprintf(name, sizeof(name), "%s%s.%s", data->file_name_prefix, tile_idx, diff --git a/src/video_display/gl.cpp b/src/video_display/gl.cpp index adcaed3f2..a5741d01f 100644 --- a/src/video_display/gl.cpp +++ b/src/video_display/gl.cpp @@ -666,7 +666,7 @@ static void * display_gl_init(struct module *parent, const char *fmt, unsigned i continue; } char msg[18]; - sprintf(msg, "%" PRIx64, i.first); + snprintf(msg, sizeof msg, "%" PRIx64, i.first); keycontrol_register_key(&s->mod, i.first, msg, i.second.data()); }