diff options
author | Michael R Sweet <michael.r.sweet@gmail.com> | 2020-10-17 22:55:54 -0400 |
---|---|---|
committer | Michael R Sweet <michael.r.sweet@gmail.com> | 2020-10-17 22:55:54 -0400 |
commit | fbcea2903fa618036823ad044aa541d0abfe242b (patch) | |
tree | e11a06f09c2a011ac2efe7e1455c08c29ace286b /cgi-bin | |
parent | 8b5777b6f62d91a21f31c7458a64ad51b0c06aba (diff) |
Eliminate a bunch of sprintf usage (all looked safe, but I'm puzzled why these
were still there - I did a sweep many years ago...)
Diffstat (limited to 'cgi-bin')
-rw-r--r-- | cgi-bin/admin.c | 4 | ||||
-rw-r--r-- | cgi-bin/classes.c | 6 | ||||
-rw-r--r-- | cgi-bin/ipp-var.c | 10 | ||||
-rw-r--r-- | cgi-bin/printers.c | 6 | ||||
-rw-r--r-- | cgi-bin/template.c | 8 |
5 files changed, 17 insertions, 17 deletions
diff --git a/cgi-bin/admin.c b/cgi-bin/admin.c index 1683f987b..c6489389f 100644 --- a/cgi-bin/admin.c +++ b/cgi-bin/admin.c @@ -208,7 +208,7 @@ main(void) * bytes left in the array... */ - sprintf(ptr, "%%%02X", *url & 255); + snprintf(ptr, sizeof(encoded) - (size_t)(ptr - encoded), "%%%02X", *url & 255); ptr += 3; } else @@ -871,7 +871,7 @@ do_am_printer(http_t *http, /* I - HTTP connection */ break; else { - sprintf(baudrate, "%d", baudrates[i]); + snprintf(baudrate, sizeof(baudrate), "%d", baudrates[i]); cgiSetArray("BAUDRATES", i, baudrate); } diff --git a/cgi-bin/classes.c b/cgi-bin/classes.c index 78ef08e22..718604ab2 100644 --- a/cgi-bin/classes.c +++ b/cgi-bin/classes.c @@ -362,7 +362,7 @@ show_all_classes(http_t *http, /* I - Connection to server */ if (first < 0) first = 0; - sprintf(val, "%d", count); + snprintf(val, sizeof(val), "%d", count); cgiSetVariable("TOTAL", val); for (i = 0, pclass = (ipp_attribute_t *)cupsArrayIndex(classes, first); @@ -378,13 +378,13 @@ show_all_classes(http_t *http, /* I - Connection to server */ if (first > 0) { - sprintf(val, "%d", first - CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first - CUPS_PAGE_MAX); cgiSetVariable("PREV", val); } if ((first + CUPS_PAGE_MAX) < count) { - sprintf(val, "%d", first + CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first + CUPS_PAGE_MAX); cgiSetVariable("NEXT", val); } diff --git a/cgi-bin/ipp-var.c b/cgi-bin/ipp-var.c index 8c5a5616d..443f920a5 100644 --- a/cgi-bin/ipp-var.c +++ b/cgi-bin/ipp-var.c @@ -224,7 +224,7 @@ cgiGetIPPObjects(ipp_t *response, /* I - IPP response */ char buf[255]; /* Number buffer */ - sprintf(buf, "%d", attr->values[i].integer); + snprintf(buf, sizeof(buf), "%d", attr->values[i].integer); if (cgiDoSearch(search, buf)) add = 1; @@ -291,7 +291,7 @@ cgiMoveJobs(http_t *http, /* I - Connection to server */ char temp[255]; /* Temporary string */ - sprintf(temp, "%d", job_id); + snprintf(temp, sizeof(temp), "%d", job_id); cgiSetVariable("JOB_ID", temp); } @@ -1441,7 +1441,7 @@ cgiShowJobs(http_t *http, /* I - Connection to server */ cgiSetVariable("SECTION", section); - sprintf(val, "%d", count); + snprintf(val, sizeof(val), "%d", count); cgiSetVariable("TOTAL", val); if (which_jobs) @@ -1469,13 +1469,13 @@ cgiShowJobs(http_t *http, /* I - Connection to server */ if (first > 0) { - sprintf(val, "%d", first - CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first - CUPS_PAGE_MAX); cgiSetVariable("PREV", val); } if ((first + CUPS_PAGE_MAX) < count) { - sprintf(val, "%d", first + CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first + CUPS_PAGE_MAX); cgiSetVariable("NEXT", val); } diff --git a/cgi-bin/printers.c b/cgi-bin/printers.c index bbc153e3b..2a33b6832 100644 --- a/cgi-bin/printers.c +++ b/cgi-bin/printers.c @@ -379,7 +379,7 @@ show_all_printers(http_t *http, /* I - Connection to server */ if (first < 0) first = 0; - sprintf(val, "%d", count); + snprintf(val, sizeof(val), "%d", count); cgiSetVariable("TOTAL", val); for (i = 0, printer = (ipp_attribute_t *)cupsArrayIndex(printers, first); @@ -395,13 +395,13 @@ show_all_printers(http_t *http, /* I - Connection to server */ if (first > 0) { - sprintf(val, "%d", first - CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first - CUPS_PAGE_MAX); cgiSetVariable("PREV", val); } if ((first + CUPS_PAGE_MAX) < count) { - sprintf(val, "%d", first + CUPS_PAGE_MAX); + snprintf(val, sizeof(val), "%d", first + CUPS_PAGE_MAX); cgiSetVariable("NEXT", val); } diff --git a/cgi-bin/template.c b/cgi-bin/template.c index 1972b4ae2..0b785b2f6 100644 --- a/cgi-bin/template.c +++ b/cgi-bin/template.c @@ -307,9 +307,9 @@ cgi_copy(FILE *out, /* I - Output file */ */ if (name[1]) - sprintf(outval, "%d", cgiGetSize(name + 1)); + snprintf(outval, sizeof(outval), "%d", cgiGetSize(name + 1)); else - sprintf(outval, "%d", element + 1); + snprintf(outval, sizeof(outval), "%d", element + 1); outptr = outval; } @@ -457,7 +457,7 @@ cgi_copy(FILE *out, /* I - Output file */ continue; else if (ch == '#') { - sprintf(s, "%d", element + 1); + snprintf(s, sizeof(compare) - (size_t)(s - compare), "%d", element + 1); s += strlen(s); } else if (ch == '{') @@ -473,7 +473,7 @@ cgi_copy(FILE *out, /* I - Output file */ *innerptr = '\0'; if (innername[0] == '#') - sprintf(s, "%d", cgiGetSize(innername + 1)); + snprintf(s, sizeof(compare) - (size_t)(s - compare), "%d", cgiGetSize(innername + 1)); else if ((innerptr = strrchr(innername, '-')) != NULL && isdigit(innerptr[1] & 255)) { |