From bb217976847b3311fdfddc603ae37709cf8a32a5 Mon Sep 17 00:00:00 2001 From: Marc Balmer Date: Thu, 9 Aug 2012 07:08:05 +0200 Subject: [PATCH] Use a more robust idiom When converting sprintf() to snprintf() don't use the idiom char foo[BUFSIZ]; snprintf(foo, BUFSIZ, ....); but char foo[BUFSIZ]; snprintf(foo, sizeo foo, ....); because this will automatically catch situations where the size of foo is later changed, e.g. like foo[BUFSIZ + 8]; Fix another use of sprintf. --- cde/programs/dtaction/Main.c | 2 +- cde/programs/dtterm/util/logger.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cde/programs/dtaction/Main.c b/cde/programs/dtaction/Main.c index 13f2d24f..b06a9f99 100644 --- a/cde/programs/dtaction/Main.c +++ b/cde/programs/dtaction/Main.c @@ -898,7 +898,7 @@ GetUserPrompt( void ) XmString cancelLabel; XmString okLabel; - snprintf(prompt, BUFSIZ, (GETMESSAGE(1,5, "Enter password for user %s:")), + snprintf(prompt, sizeof prompt, (GETMESSAGE(1,5, "Enter password for user %s:")), appArgs.user); xmString = XmStringCreateLocalized(prompt); xmString2 =XmStringCreateLocalized(GETMESSAGE(1,6, "Action Invoker - Password")); diff --git a/cde/programs/dtterm/util/logger.c b/cde/programs/dtterm/util/logger.c index e7b43eee..0f51669d 100644 --- a/cde/programs/dtterm/util/logger.c +++ b/cde/programs/dtterm/util/logger.c @@ -146,7 +146,7 @@ logStartStop(char *progName, int logfd, int start) /* remove the trailing '\n'... */ tstring[strlen(tstring) - 1] = '\0'; - (void) sprintf(buffer, "%s: %s %s\n", + (void) snprintf(buffer, sizeof buffer, "%s: %s %s\n", (savedProgName && *savedProgName) ? savedProgName : "logger", start ? "starting" : "terminating", tstring); -- 2.25.1