moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00
Code Issues Releases Wiki Activity

Replaced all uses of sprintf() with the safer snprintf(). It is just a

Browse Source 
precaution to prevent mistakes to lead to buffer overflows.
This commit is contained in:
Daniel Stenberg 2004-06-24 11:54:11 +00:00
parent 5e34f3dc01
commit feb2dd2835
13 changed files with 490 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/base64.c
View File

@ -160,18 +160,18 @@ size_t Curl_base64_encode(const char *inp, size_t insize, char **outptr)
switch(inputparts) {
case 1: /* only one byte read */
sprintf(output, "%c%c==",
snprintf(output, 5, "%c%c==",
table64[obuf[0]],
table64[obuf[1]]);
break;
case 2: /* two bytes read */
sprintf(output, "%c%c%c=",
snprintf(output, 5, "%c%c%c=",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]]);
break;
default:
sprintf(output, "%c%c%c%c",
snprintf(output, 5, "%c%c%c%c",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]],

2
lib/escape.c
View File

@ -68,7 +68,7 @@ char *curl_escape(const char *string, int length)
ns = testing_ptr;
}
}
sprintf(&ns[strindex], "%%%02X", in);
snprintf(&ns[strindex], 4, "%%%02X", in);
strindex+=3;
}

7
lib/file.c
View File

@ -300,13 +300,14 @@ CURLcode Curl_file(struct connectdata *conn)
date. */
if(conn->bits.no_body && data->set.include_header && fstated) {
CURLcode result;
sprintf(buf, "Content-Length: %" FORMAT_OFF_T "\r\n", expected_size);
snprintf(buf, sizeof(data->state.buffer),
"Content-Length: %" FORMAT_OFF_T "\r\n", expected_size);
result = Curl_client_write(data, CLIENTWRITE_BOTH, buf, 0);
if(result)
return result;
sprintf(buf, "Accept-ranges: bytes\r\n");
result = Curl_client_write(data, CLIENTWRITE_BOTH, buf, 0);
result = Curl_client_write(data, CLIENTWRITE_BOTH,
"Accept-ranges: bytes\r\n", 0);
if(result)
return result;

2
lib/formdata.c
View File

@ -846,7 +846,7 @@ static CURLcode AddFormDataf(struct FormData **formp,
char s[4096];
va_list ap;
va_start(ap, fmt);
vsprintf(s, fmt, ap);
vsnprintf(s, sizeof(s), fmt, ap);
va_end(ap);
return AddFormData(formp, FORM_DATA, s, 0, size);

9
lib/ftp.c
View File

@ -932,7 +932,8 @@ CURLcode ftp_getfiletime(struct connectdata *conn, char *file)
&year, &month, &day, &hour, &minute, &second)) {
/* we have a time, reformat it */
time_t secs=time(NULL);
sprintf(buf, "%04d%02d%02d %02d:%02d:%02d GMT",
snprintf(buf, sizeof(conn->data->state.buffer),
"%04d%02d%02d %02d:%02d:%02d GMT",
year, month, day, hour, minute, second);
/* now, convert this into a time() value: */
conn->data->info.filetime = curl_getdate(buf, &secs);
@ -1506,7 +1507,8 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
return CURLE_FTP_WEIRD_227_FORMAT;
}
sprintf(newhost, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
snprintf(newhost, sizeof(newhost),
"%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
newhostp = newhost;
newport = (port[0]<<8) + port[1];
}
@ -2161,7 +2163,8 @@ CURLcode ftp_perform(struct connectdata *conn,
result = ftp_getsize(conn, ftp->file, &filesize);
if(CURLE_OK == result) {
sprintf(buf, "Content-Length: %" FORMAT_OFF_T "\r\n", filesize);
snprintf(buf, sizeof(data->state.buffer),
"Content-Length: %" FORMAT_OFF_T "\r\n", filesize);
result = Curl_client_write(data, CLIENTWRITE_BOTH, buf, 0);
if(result)
return result;

27
lib/hostip.c
View File

@ -228,24 +228,10 @@ static int _num_chars(int i)
* the DNS caching.
*/
static char *
create_hostcache_id(char *server, int port, size_t *entry_len)
create_hostcache_id(char *server, int port)
{
char *id = NULL;
/* Get the length of the new entry id */
*entry_len = strlen(server) + /* Hostname length */
1 + /* ':' seperator */
_num_chars(port); /* number of characters the port will take up */
/* Allocate the new entry id */
id = malloc(*entry_len + 1); /* 1 extra for the zero terminator */
if (!id)
return NULL;
/* Create the new entry */
sprintf(id, "%s:%d", server, port);
return id; /* return pointer to the string */
/* create and return the new allocated entry */
return aprintf("%s:%d", server, port);
}
struct hostcache_prune_data {
@ -349,10 +335,11 @@ Curl_cache_addr(struct SessionHandle *data,
time_t now;
/* Create an entry id, based upon the hostname and port */
entry_id = create_hostcache_id(hostname, port, &entry_len);
entry_id = create_hostcache_id(hostname, port);
/* If we can't create the entry id, fail */
if (!entry_id)
return NULL;
entry_len = strlen(entry_id);
/* Create a new cache entry */
dns = (struct Curl_dns_entry *) malloc(sizeof(struct Curl_dns_entry));
@ -430,11 +417,13 @@ int Curl_resolv(struct connectdata *conn,
#endif
/* Create an entry id, based upon the hostname and port */
entry_id = create_hostcache_id(hostname, port, &entry_len);
entry_id = create_hostcache_id(hostname, port);
/* If we can't create the entry id, fail */
if (!entry_id)
return CURLRESOLV_ERROR;
entry_len = strlen(entry_id);
if(data->share)
Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);

2
lib/http_digest.c
View File

@ -201,7 +201,7 @@ static void md5_to_ascii(unsigned char *source, /* 16 bytes */
{
int i;
for(i=0; i<16; i++)
sprintf((char *)&dest[i*2], "%02x", source[i]);
snprintf((char *)&dest[i*2], 3, "%02x", source[i]);
}
CURLcode Curl_output_digest(struct connectdata *conn,

8
lib/http_negotiate.c
View File

@ -28,7 +28,7 @@
#endif
#ifndef CURL_DISABLE_HTTP
/* -- WIN32 approved -- */
/* -- WIN32 approved -- */
#include <stdio.h>
#include <string.h>
#include <stdarg.h>
@ -73,7 +73,8 @@ get_gss_name(struct connectdata *conn, gss_name_t *server)
token.length = strlen(service) + 1 + strlen(conn->host.name) + 1;
if (token.length + 1 > sizeof(name))
return EMSGSIZE;
sprintf(name, "%s@%s", service, conn->host.name);
snprintf(name, sizeof(name), "%s@%s", service, conn->host.name);
token.value = (void *) name;
major_status = gss_import_name(&minor_status,
@ -103,7 +104,8 @@ log_gss_error(struct connectdata *conn, OM_uint32 error_status, char *prefix)
&msg_ctx,
&status_string);
if (sizeof(buf) > len + status_string.length + 1) {
sprintf(buf + len, ": %s", (char*) status_string.value);
snprintf(buf + len, sizeof(buf) - len,
": %s", (char*) status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);

5
lib/inet_ntop.c
View File

@ -24,6 +24,9 @@
#include <string.h>
#include <errno.h>
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
#include "inet_ntop.h"
#if defined(HAVE_INET_NTOA_R) && !defined(HAVE_INET_NTOA_R_DECL)
@ -152,7 +155,7 @@ static const char *inet_ntop6 (const u_char *src, char *dst, size_t size)
tp += strlen(tp);
break;
}
tp += sprintf (tp, "%lx", words[i]);
tp += snprintf(tp, 4, "%lx", words[i]);
}
/* Was it a trailing run of 0x00's?

25
lib/mprintf.c
View File

@ -734,17 +734,16 @@ static int dprintf_formatf(
#endif
{
signed_num = (long) num;
is_neg = signed_num < 0;
num = is_neg ? (- signed_num) : signed_num;
}
goto number;
unsigned_number:;
unsigned_number:
/* Unsigned number of base BASE. */
is_neg = 0;
number:;
number:
/* Number of base BASE. */
{
char *workend = &work[sizeof(work) - 1];
@ -896,6 +895,8 @@ static int dprintf_formatf(
{
char formatbuf[32]="%";
char *fptr;
size_t left = sizeof(formatbuf)-strlen(formatbuf);
int len;
width = -1;
if (p->flags & FLAGS_WIDTH)
@ -922,21 +923,27 @@ static int dprintf_formatf(
if(width >= 0) {
/* RECURSIVE USAGE */
fptr += curl_msprintf(fptr, "%ld", width);
len = curl_msnprintf(fptr, left, "%ld", width);
fptr += len;
left -= len;
}
if(prec >= 0) {
/* RECURSIVE USAGE */
fptr += curl_msprintf(fptr, ".%ld", prec);
len = curl_msnprintf(fptr, left, ".%ld", prec);
fptr += len;
left -= len;
}
if (p->flags & FLAGS_LONG)
strcat(fptr, "l");
*fptr++ = 'l';
if (p->flags & FLAGS_FLOATE)
strcat(fptr, p->flags&FLAGS_UPPER?"E":"e");
*fptr++ = p->flags&FLAGS_UPPER ? 'E':'e';
else if (p->flags & FLAGS_FLOATG)
strcat(fptr, (p->flags & FLAGS_UPPER) ? "G" : "g");
*fptr++ = p->flags & FLAGS_UPPER ? 'G' : 'g';
else
strcat(fptr, "f");
*fptr++ = 'f';
*fptr = 0; /* and a final zero termination */
/* NOTE NOTE NOTE!! Not all sprintf() implementations returns number
of output characters */

27
lib/progress.c
View File

@ -51,20 +51,21 @@ static void time2str(char *r, long t)
if(h <= 99) {
long m = (t-(h*3600))/60;
long s = (t-(h*3600)-(m*60));
sprintf(r, "%2ld:%02ld:%02ld",h,m,s);
snprintf(r, 9, "%2ld:%02ld:%02ld",h,m,s);
}
else {
/* this equals to more than 99 hours, switch to a more suitable output
format to fit within the limits. */
if(h/24 <= 999)
sprintf(r, "%3ldd %02ldh", h/24, h-(h/24)*24);
snprintf(r, 9, "%3ldd %02ldh", h/24, h-(h/24)*24);
else
sprintf(r, "%7ldd", h/24);
snprintf(r, 9, "%7ldd", h/24);
}
}
/* The point of this function would be to return a string of the input data,
but never longer than 5 columns. Add suffix k, M, G when suitable... */
but never longer than 5 columns (+ one zero byte).
Add suffix k, M, G when suitable... */
static char *max5data(curl_off_t bytes, char *max5)
{
#define ONE_KILOBYTE 1024
@ -74,38 +75,38 @@ static char *max5data(curl_off_t bytes, char *max5)
#define ONE_PETABYTE ((curl_off_t)1024* ONE_TERRABYTE)
if(bytes < 100000) {
sprintf(max5, "%5" FORMAT_OFF_T, bytes);
snprintf(max5, 6, "%5" FORMAT_OFF_T, bytes);
}
else if(bytes < (10000*ONE_KILOBYTE)) {
sprintf(max5, "%4" FORMAT_OFF_T "k", (curl_off_t)(bytes/ONE_KILOBYTE));
snprintf(max5, 6, "%4" FORMAT_OFF_T "k", (curl_off_t)(bytes/ONE_KILOBYTE));
}
else if(bytes < (100*ONE_MEGABYTE)) {
/* 'XX.XM' is good as long as we're less than 100 megs */
sprintf(max5, "%2d.%0dM",
snprintf(max5, 6, "%2d.%0dM",
(int)(bytes/ONE_MEGABYTE),
(int)(bytes%ONE_MEGABYTE)/(ONE_MEGABYTE/10) );
}
#if SIZEOF_CURL_OFF_T > 4
else if(bytes < ( (curl_off_t)10000*ONE_MEGABYTE))
/* 'XXXXM' is good until we're at 10000MB or above */
sprintf(max5, "%4" FORMAT_OFF_T "M", (curl_off_t)(bytes/ONE_MEGABYTE));
snprintf(max5, 6, "%4" FORMAT_OFF_T "M", (curl_off_t)(bytes/ONE_MEGABYTE));
else if(bytes < (curl_off_t)100*ONE_GIGABYTE)
/* 10000 MB - 100 GB, we show it as XX.XG */
sprintf(max5, "%2d.%0dG",
snprintf(max5, 6, "%2d.%0dG",
(int)(bytes/ONE_GIGABYTE),
(int)(bytes%ONE_GIGABYTE)/(ONE_GIGABYTE/10) );
else if(bytes < (curl_off_t)10000 * ONE_GIGABYTE)
/* up to 10000GB, display without decimal: XXXXG */
sprintf(max5, "%4dG", (int)(bytes/ONE_GIGABYTE));
snprintf(max5, 6, "%4dG", (int)(bytes/ONE_GIGABYTE));
else if(bytes < (curl_off_t)10000 * ONE_TERRABYTE)
/* up to 10000TB, display without decimal: XXXXT */
sprintf(max5, "%4dT", (int)(bytes/ONE_TERRABYTE));
snprintf(max5, 6, "%4dT", (int)(bytes/ONE_TERRABYTE));
else {
/* up to 10000PB, display without decimal: XXXXP */
sprintf(max5, "%4dP", (int)(bytes/ONE_PETABYTE));
snprintf(max5, 6, "%4dP", (int)(bytes/ONE_PETABYTE));
/* 16384 petabytes (16 exabytes) is maximum a 64 bit number can hold,
but this type is signed so 8192PB will be max.*/
@ -113,7 +114,7 @@ static char *max5data(curl_off_t bytes, char *max5)
#else
else
sprintf(max5, "%4" FORMAT_OFF_T "M", (curl_off_t)(bytes/ONE_MEGABYTE));
snprintf(max5, 6, "%4" FORMAT_OFF_T "M", (curl_off_t)(bytes/ONE_MEGABYTE));
#endif
return max5;

2
lib/ssluse.c
View File

@ -1056,7 +1056,7 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
msg_type = *(char*)buf;
msg_name = ssl_msg_type(ssl_ver, msg_type);
txt_len = 1 + sprintf(ssl_buf, "SSLv%c, %s%s (%d):\n",
txt_len = 1 + snprintf(ssl_buf, sizeof(ssl_buf), "SSLv%c, %s%s (%d):\n",
ver, tls_rt_name, msg_name, msg_type);
Curl_debug(data, CURLINFO_TEXT, ssl_buf, txt_len, NULL);

48
lib/version.c
View File

@ -29,6 +29,9 @@
#include <curl/curl.h>
#include "urldata.h"
#define _MPRINTF_REPLACE /* use the internal *printf() functions */
#include <curl/mprintf.h>
#ifdef USE_ARES
#include <ares_version.h>
#endif
@ -38,7 +41,7 @@
#endif
#ifdef USE_SSLEAY
static void getssl_version(char *ptr, long *num)
static int getssl_version(char *ptr, size_t left, long *num)
{
#if (SSLEAY_VERSION_NUMBER >= 0x905000)
@ -60,7 +63,7 @@ static void getssl_version(char *ptr, long *num)
sub[0]='\0';
}
sprintf(ptr, " OpenSSL/%lx.%lx.%lx%s",
return snprintf(ptr, left, " OpenSSL/%lx.%lx.%lx%s",
(ssleay_value>>28)&0xf,
(ssleay_value>>20)&0xff,
(ssleay_value>>12)&0xff,
@ -70,7 +73,7 @@ static void getssl_version(char *ptr, long *num)
#else
*num = SSLEAY_VERSION_NUMBER;
#if (SSLEAY_VERSION_NUMBER >= 0x900000)
sprintf(ptr, " OpenSSL/%lx.%lx.%lx",
return snprintf(ptr, left, " OpenSSL/%lx.%lx.%lx",
(SSLEAY_VERSION_NUMBER>>28)&0xff,
(SSLEAY_VERSION_NUMBER>>20)&0xff,
(SSLEAY_VERSION_NUMBER>>12)&0xf);
@ -84,7 +87,7 @@ static void getssl_version(char *ptr, long *num)
else
sub[0]='\0';
sprintf(ptr, " SSL/%x.%x.%x%s",
return snprintf(ptr, left, " SSL/%x.%x.%x%s",
(SSLEAY_VERSION_NUMBER>>12)&0xff,
(SSLEAY_VERSION_NUMBER>>8)&0xf,
(SSLEAY_VERSION_NUMBER>>4)&0xf, sub);
@ -99,42 +102,37 @@ char *curl_version(void)
{
static char version[200];
char *ptr=version;
int len;
size_t left = sizeof(version);
strcpy(ptr, LIBCURL_NAME "/" LIBCURL_VERSION );
ptr=strchr(ptr, '\0');
left -= strlen(ptr);
#ifdef USE_SSLEAY
{
long num;
getssl_version(ptr, &num);
ptr=strchr(version, '\0');
len = getssl_version(ptr, left, &num);
left -= len;
ptr += len;
}
#endif
#ifdef HAVE_KRB4
sprintf(ptr, " krb4");
ptr += strlen(ptr);
#endif
#ifdef ENABLE_IPV6
sprintf(ptr, " ipv6");
ptr += strlen(ptr);
#endif
#ifdef HAVE_LIBZ
sprintf(ptr, " zlib/%s", zlibVersion());
ptr += strlen(ptr);
#endif
#ifdef HAVE_GSSAPI
sprintf(ptr, " GSS");
ptr += strlen(ptr);
len = snprintf(ptr, left, " zlib/%s", zlibVersion());
left -= len;
ptr += len;
#endif
#ifdef USE_ARES
/* this function is only present in c-ares, not in the original ares */
sprintf(ptr, " c-ares/%s", ares_version(NULL));
ptr += strlen(ptr);
len = snprintf(ptr, left, " c-ares/%s", ares_version(NULL));
left -= len;
ptr += len;
#endif
#ifdef USE_LIBIDN
if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
sprintf(ptr, " libidn/%s", stringprep_check_version(NULL));
ptr += strlen(ptr);
len = snprintf(ptr, left, " libidn/%s", stringprep_check_version(NULL));
left -= len;
ptr += len;
}
#endif
@ -226,7 +224,7 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
#ifdef USE_SSLEAY
static char ssl_buffer[80];
long num;
getssl_version(ssl_buffer, &num);
getssl_version(ssl_buffer, sizeof(ssl_buffer), &num);
version_info.ssl_version = ssl_buffer;
version_info.ssl_version_num = num;