From: Willy Tarreau Date: Mon, 14 Apr 2014 16:05:41 +0000 (+0200) Subject: BUILD/MINOR: ssl: remove one call to sprintf() X-Git-Tag: v1.5-dev23~47 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b75d692ca6cc61a99e355203c21eaf2e39b3c3cd;p=thirdparty%2Fhaproxy.git BUILD/MINOR: ssl: remove one call to sprintf() Lukas reported another OpenBSD complaint about this use of sprintf() that I missed : src/ssl_sock.o(.text+0x2a79): In function `bind_parse_crt': src/ssl_sock.c:3015: warning: sprintf() is often misused, please use snprintf() This one was even easier to handle. Note that some of these calls could be simplified by checking the snprintf output size instead of doing the preliminary size computation. --- diff --git a/src/ssl_sock.c b/src/ssl_sock.c index f7c50c5684..525c7b557a 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -3104,6 +3104,7 @@ static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err) { char path[MAXPATHLEN]; + if (!*args[cur_arg + 1]) { memprintf(err, "'%s' : missing certificate location", args[cur_arg]); return ERR_ALERT | ERR_FATAL; @@ -3114,7 +3115,7 @@ static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bin memprintf(err, "'%s' : path too long", args[cur_arg]); return ERR_ALERT | ERR_FATAL; } - sprintf(path, "%s/%s", global.crt_base, args[cur_arg + 1]); + snprintf(path, sizeof(path), "%s/%s", global.crt_base, args[cur_arg + 1]); if (ssl_sock_load_cert(path, conf, px, err) > 0) return ERR_ALERT | ERR_FATAL;