Fix possible buffer overflows.
authorDale Weiler <killfieldengine@gmail.com>
Sat, 13 Apr 2013 18:17:15 +0000 (18:17 +0000)
committerDale Weiler <killfieldengine@gmail.com>
Sat, 13 Apr 2013 18:17:15 +0000 (18:17 +0000)
Makefile
ftepp.c

index 6d4a0edfb3ccbe5b512a73ff3687492cec29c1d9..c72b237ffa3078951bce17351789c44070048e96 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -150,7 +150,6 @@ SPLINTFLAGS =            \
     -kepttrans           \
     -unqualifiedtrans    \
     +matchanyintegral    \
-    -bufferoverflowhigh  \
     +voidabstract        \
     -nullassign          \
     -unrecog             \
diff --git a/ftepp.c b/ftepp.c
index 6a5e9a1afa9917ef594ac7d2df190dd6bc574991..a1b5f07e9a446321966707dde62f08b068b9efa4 100644 (file)
--- a/ftepp.c
+++ b/ftepp.c
@@ -124,7 +124,7 @@ char *ftepp_predef_line(lex_file *context) {
 char *ftepp_predef_file(lex_file *context) {
     size_t  length = strlen(context->name) + 3; /* two quotes and a terminator */
     char   *value  = (char*)mem_a(length);
-    sprintf(value, "\"%s\"", context->name);
+    snprintf(value, length, "\"%s\"", context->name);
 
     return value;
 }
@@ -834,7 +834,7 @@ static bool ftepp_macro_expand(ftepp_t *ftepp, ppmacro *macro, macroparam *param
 
     if (resetline && !ftepp->in_macro) {
         char lineno[128];
-        sprintf(lineno, "\n#pragma line(%lu)\n", (unsigned long)(old_lexer->sline));
+        snprintf(lineno, 128, "\n#pragma line(%lu)\n", (unsigned long)(old_lexer->sline));
         ftepp_out(ftepp, lineno, false);
     }
 
@@ -1800,12 +1800,12 @@ bool ftepp_init()
         minor[2] = '"';
     } else if (OPTS_OPTION_U32(OPTION_STANDARD) == COMPILER_GMQCC) {
         ftepp_add_define(NULL, "__STD_GMQCC__");
-        sprintf(major, "\"%d\"", GMQCC_VERSION_MAJOR);
-        sprintf(minor, "\"%d\"", GMQCC_VERSION_MINOR);
+        snprintf(major, 32, "\"%d\"", GMQCC_VERSION_MAJOR);
+        snprintf(minor, 32, "\"%d\"", GMQCC_VERSION_MINOR);
     } else if (OPTS_OPTION_U32(OPTION_STANDARD) == COMPILER_QCCX) {
         ftepp_add_define(NULL, "__STD_QCCX__");
-        sprintf(major, "\"%d\"", GMQCC_VERSION_MAJOR);
-        sprintf(minor, "\"%d\"", GMQCC_VERSION_MINOR);
+        snprintf(major, 32, "\"%d\"", GMQCC_VERSION_MAJOR);
+        snprintf(minor, 32, "\"%d\"", GMQCC_VERSION_MINOR);
     } else if (OPTS_OPTION_U32(OPTION_STANDARD) == COMPILER_QCC) {
         ftepp_add_define(NULL, "__STD_QCC__");
         /* 1.0 */