convert trivial sprintf / strcpy calls to xsnprintf
We sometimes sprintf into fixed-size buffers when we know that the buffer is large enough to fit the input (either because it's a constant, or because it's numeric input that is bounded in size). Likewise with strcpy of constant strings. However, these sites make it hard to audit sprintf and strcpy calls for buffer overflows, as a reader has to cross-reference the size of the array with the input. Let's use xsnprintf instead, which communicates to a reader that we don't expect this to overflow (and catches the mistake in case we do). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jeff King
committed by
Junio C Hamano
Junio C Hamano
parent
db85a8a9c2
commit
5096d4909f
4
strbuf.c
4
strbuf.c
@ -245,8 +245,8 @@ void strbuf_add_commented_lines(struct strbuf *out, const char *buf, size_t size
|
||||
static char prefix2[2];
|
||||
|
||||
if (prefix1[0] != comment_line_char) {
|
||||
sprintf(prefix1, "%c ", comment_line_char);
|
||||
sprintf(prefix2, "%c", comment_line_char);
|
||||
xsnprintf(prefix1, sizeof(prefix1), "%c ", comment_line_char);
|
||||
xsnprintf(prefix2, sizeof(prefix2), "%c", comment_line_char);
|
||||
}
|
||||
add_lines(out, prefix1, prefix2, buf, size);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user