From: Jon Trulson <jon@radscan.com>
Date: Sat, 27 Dec 2014 00:17:06 +0000 (-0700)
Subject: dtprintinfo: Coverity (memory corruption, moderate)
X-Git-Tag: 2.2.3~69
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a5c7512782303750c723c4921d45fa5d18693599;p=oweals%2Fcde.git

dtprintinfo: Coverity (memory corruption, moderate)
---

diff --git a/cde/programs/dtprintinfo/UI/DtPrinterIcon.C b/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
index b2a97857..fa46a088 100644
--- a/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
+++ b/cde/programs/dtprintinfo/UI/DtPrinterIcon.C
@@ -36,6 +36,7 @@
 #include <fcntl.h>
 #include <unistd.h> // This is for the getuid function
 #include <stdlib.h> // This is for the getenv function
+#include <sys/param.h>
 #include <pwd.h>
 
 #include "dtprintinfomsg.h"
@@ -257,25 +258,25 @@ DtPrinterContainer *DtPrinterIcon::CreateContainer()
 
 char *DtPrinterIcon::CreateActionFile()
 {
-   static char filename[300];
+   static char filename[MAXPATHLEN + 1];
    FILE *fp;
    struct stat statbuff;
    boolean create_file;
 
-   char *buf = new char[300];
+   char *buf = new char[MAXPATHLEN + 1];
    char *lang = getenv("LANG");
    if (!(lang && *lang))
       lang = "C";
 
    if (app_mode == INITIALIZE_PRINTERS || app_mode == CONFIG_PRINTERS)
     {
-      sprintf(filename, "/etc/dt/appconfig/types/%s", lang);
+      snprintf(filename, MAXPATHLEN, "/etc/dt/appconfig/types/%s", lang);
       if (stat(filename, &statbuff) < 0)
        {
-         sprintf(buf, "mkdir -p %s", filename);
+         snprintf(buf, MAXPATHLEN, "/bin/mkdir -p %s", filename);
          system(buf);
        }
-      sprintf(filename, "/etc/dt/appconfig/types/%s/%s.dt", lang,
+      snprintf(filename, MAXPATHLEN, "/etc/dt/appconfig/types/%s/%s.dt", lang,
 	      queue->Name());
       if (stat(filename, &statbuff) < 0 || statbuff.st_size == 0)
          create_file = true;
@@ -284,13 +285,13 @@ char *DtPrinterIcon::CreateActionFile()
     }
    else
     {
-      sprintf(buf, "%s/.dt/types/%s.dt", homeDir, queue->Name());
+      snprintf(buf, MAXPATHLEN, "%s/.dt/types/%s.dt", homeDir, queue->Name());
       if (stat(buf, &statbuff) < 0 || statbuff.st_size == 0)
        {
-         sprintf(buf, "/etc/dt/appconfig/types/%s/%s.dt", lang, queue->Name());
+         snprintf(buf, MAXPATHLEN, "/etc/dt/appconfig/types/%s/%s.dt", lang, queue->Name());
          if (stat(buf, &statbuff) >= 0 && statbuff.st_size > 0)
 	  {
-            sprintf(buf, "cp /etc/dt/appconfig/types/%s/%s.dt %s/.dt/types",
+            snprintf(buf, MAXPATHLEN, "/bin/cp /etc/dt/appconfig/types/%s/%s.dt %s/.dt/types",
 		    lang, queue->Name(), homeDir);
 	    system(buf);
 	    create_file = false;
@@ -300,7 +301,7 @@ char *DtPrinterIcon::CreateActionFile()
        }
       else
          create_file = false;
-      sprintf(filename, "%s/.dt/types/%s.dt", homeDir, queue->Name());
+      snprintf(filename, MAXPATHLEN, "%s/.dt/types/%s.dt", homeDir, queue->Name());
     }
    if (create_file)
     {
diff --git a/cde/programs/dtprintinfo/objects/BaseObj.C b/cde/programs/dtprintinfo/objects/BaseObj.C
index 9bcbebd4..13d62420 100644
--- a/cde/programs/dtprintinfo/objects/BaseObj.C
+++ b/cde/programs/dtprintinfo/objects/BaseObj.C
@@ -417,7 +417,7 @@ boolean BaseObj::SendAction(Action *action,
     {
       _lastActionStatus = -1;
       int len = strlen("'%s' is not an action of %s") +
-		strlen(ObjectClassName()) + strlen(action->ReferenceName);
+		strlen(ObjectClassName()) + strlen(action->ReferenceName) + 1;
       _lastActionOutput = new char [len];
       sprintf(_lastActionOutput, "'%s' is not an action of %s", 
 	      ObjectClassName(), action->ReferenceName);