dtprintinfo: Coverity (memory corruption, moderate)

diff --git a/cde/programs/dtprintinfo/UI/DtPrinterIcon.C b/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
index b2a978574950980c0d71e7ef464d9dbaf01ebf17..fa46a08801d7e667089ca227298bff46f5181fa8 100644 (file)
--- a/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
+++ b/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
@@ -36,6 +36,7 @@
 #include <fcntl.h>
 #include <unistd.h> // This is for the getuid function
 #include <stdlib.h> // This is for the getenv function
+#include <sys/param.h>
 #include <pwd.h>
 
 #include "dtprintinfomsg.h"
@@ -257,25 +258,25 @@ DtPrinterContainer *DtPrinterIcon::CreateContainer()
 
 char *DtPrinterIcon::CreateActionFile()
 {
-   static char filename[300];
+   static char filename[MAXPATHLEN + 1];
    FILE *fp;
    struct stat statbuff;
    boolean create_file;
 
-   char *buf = new char[300];
+   char *buf = new char[MAXPATHLEN + 1];
    char *lang = getenv("LANG");
    if (!(lang && *lang))
       lang = "C";
 
    if (app_mode == INITIALIZE_PRINTERS || app_mode == CONFIG_PRINTERS)
     {
-      sprintf(filename, "/etc/dt/appconfig/types/%s", lang);
+      snprintf(filename, MAXPATHLEN, "/etc/dt/appconfig/types/%s", lang);
       if (stat(filename, &statbuff) < 0)
        {
-         sprintf(buf, "mkdir -p %s", filename);
+         snprintf(buf, MAXPATHLEN, "/bin/mkdir -p %s", filename);
          system(buf);
        }
-      sprintf(filename, "/etc/dt/appconfig/types/%s/%s.dt", lang,
+      snprintf(filename, MAXPATHLEN, "/etc/dt/appconfig/types/%s/%s.dt", lang,
              queue->Name());
       if (stat(filename, &statbuff) < 0 || statbuff.st_size == 0)
          create_file = true;
@@ -284,13 +285,13 @@ char *DtPrinterIcon::CreateActionFile()
     }
    else
     {
-      sprintf(buf, "%s/.dt/types/%s.dt", homeDir, queue->Name());
+      snprintf(buf, MAXPATHLEN, "%s/.dt/types/%s.dt", homeDir, queue->Name());
       if (stat(buf, &statbuff) < 0 || statbuff.st_size == 0)
        {
-         sprintf(buf, "/etc/dt/appconfig/types/%s/%s.dt", lang, queue->Name());
+         snprintf(buf, MAXPATHLEN, "/etc/dt/appconfig/types/%s/%s.dt", lang, queue->Name());
          if (stat(buf, &statbuff) >= 0 && statbuff.st_size > 0)
          {
-            sprintf(buf, "cp /etc/dt/appconfig/types/%s/%s.dt %s/.dt/types",
+            snprintf(buf, MAXPATHLEN, "/bin/cp /etc/dt/appconfig/types/%s/%s.dt %s/.dt/types",
                    lang, queue->Name(), homeDir);
            system(buf);
            create_file = false;
@@ -300,7 +301,7 @@ char *DtPrinterIcon::CreateActionFile()
        }
       else
          create_file = false;
-      sprintf(filename, "%s/.dt/types/%s.dt", homeDir, queue->Name());
+      snprintf(filename, MAXPATHLEN, "%s/.dt/types/%s.dt", homeDir, queue->Name());
     }
    if (create_file)
     {

diff --git a/cde/programs/dtprintinfo/objects/BaseObj.C b/cde/programs/dtprintinfo/objects/BaseObj.C
index 9bcbebd4ddc2ce5317dc006c06e3bd53d80a7dc6..13d62420e45a000ca19edb1303a078a11e776d14 100644 (file)
--- a/cde/programs/dtprintinfo/objects/BaseObj.C
+++ b/cde/programs/dtprintinfo/objects/BaseObj.C
@@ -417,7 +417,7 @@ boolean BaseObj::SendAction(Action *action,
     {
       _lastActionStatus = -1;
       int len = strlen("'%s' is not an action of %s") +
-               strlen(ObjectClassName()) + strlen(action->ReferenceName);
+               strlen(ObjectClassName()) + strlen(action->ReferenceName) + 1;
       _lastActionOutput = new char [len];
       sprintf(_lastActionOutput, "'%s' is not an action of %s", 
              ObjectClassName(), action->ReferenceName);