moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 20:15:03 -05:00
Code Issues Releases Wiki Activity

converted sprintf() to snprintf() to reduce risk

Browse Source
This commit is contained in:
Daniel Stenberg 2006-03-28 07:51:59 +00:00
parent f17d9bba14
commit 97b466d409
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/urlglob.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -397,6 +397,8 @@ char *glob_next_url(URLGlob *glob)
char *lit; char *lit;
size_t i; size_t i;
size_t j; size_t j;
size_t buflen = glob->urllen+1;
size_t len;
if (!glob->beenhere) if (!glob->beenhere)
glob->beenhere = 1; glob->beenhere = 1;
@ -441,23 +443,29 @@ char *glob_next_url(URLGlob *glob)
for (j = 0; j < glob->size; ++j) { for (j = 0; j < glob->size; ++j) {
if (!(j&1)) { /* every other term (j even) is a literal */ if (!(j&1)) { /* every other term (j even) is a literal */
lit = glob->literal[j/2]; lit = glob->literal[j/2];
strcpy(buf, lit); len = snprintf(buf, buflen, "%s", lit);
buf += strlen(lit); buf += len;
buflen -= len;
} }
else { /* the rest (i odd) are patterns */ else { /* the rest (i odd) are patterns */
pat = &glob->pattern[j/2]; pat = &glob->pattern[j/2];
switch(pat->type) { switch(pat->type) {
case UPTSet: case UPTSet:
strcpy(buf, pat->content.Set.elements[pat->content.Set.ptr_s]); len = strlen(pat->content.Set.elements[pat->content.Set.ptr_s]);
buf += strlen(pat->content.Set.elements[pat->content.Set.ptr_s]); snprintf(buf, buflen, "%s",
pat->content.Set.elements[pat->content.Set.ptr_s]);
buf += len;
buflen -= len;
break; break;
case UPTCharRange: case UPTCharRange:
*buf++ = pat->content.CharRange.ptr_c; *buf++ = pat->content.CharRange.ptr_c;
break; break;
case UPTNumRange: case UPTNumRange:
sprintf(buf, "%0*d", len = snprintf(buf, buflen, "%0*d",
pat->content.NumRange.padlength, pat->content.NumRange.ptr_n); pat->content.NumRange.padlength,
buf += strlen(buf); /* make no sprint() return code assumptions */ pat->content.NumRange.ptr_n);
buf += len;
buflen -= len;
break; break;
default: default:
printf("internal error: invalid pattern type (%d)\n", (int)pat->type); printf("internal error: invalid pattern type (%d)\n", (int)pat->type);
@ -508,9 +516,9 @@ char *glob_match_url(char *filename, URLGlob *glob)
appendlen=1; appendlen=1;
break; break;
case UPTNumRange: case UPTNumRange:
sprintf(numbuf, "%0*d", snprintf(numbuf, sizeof(numbuf), "%0*d",
pat.content.NumRange.padlength, pat.content.NumRange.padlength,
pat.content.NumRange.ptr_n); pat.content.NumRange.ptr_n);
appendthis = numbuf; appendthis = numbuf;
appendlen = strlen(numbuf); appendlen = strlen(numbuf);
break; break;