From: Arran Cudbard-Bell Date: Fri, 9 Dec 2022 21:41:43 +0000 (-0600) Subject: Either clang 15 or whatever standard library is being used complains about it bitterly X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef773da876e096fe7646d8b425a79b5bb11a3a32;p=thirdparty%2Ffreeradius-server.git Either clang 15 or whatever standard library is being used complains about it bitterly --- diff --git a/scripts/build/dlopen.c b/scripts/build/dlopen.c index 3fd9766adcd..8a7da70a99f 100644 --- a/scripts/build/dlopen.c +++ b/scripts/build/dlopen.c @@ -679,7 +679,7 @@ static void ad_update_variable(char const *name, char *value) if (!expand) return; /* - * Because sprintf() is for weenies :) + * Because snprintf() is for weenies :) */ p = expand; memcpy(p, name, name_len); @@ -1083,6 +1083,7 @@ static char *run_cmd(char const *cmd, char *filename) { size_t len1, len2; char *str, *result; + size_t buflen = 8 + len1 + 1 + len2 + 2 + len2 + 7 + len2 + 15; len1 = strlen(cmd); len2 = strlen(filename); @@ -1091,10 +1092,10 @@ static char *run_cmd(char const *cmd, char *filename) * This is a lot more CPU time than running fork / exec / * waitpid ourselves. But it's less work for the programmer. :) */ - str = malloc(8 + len1 + 1 + len2 + 2 + len2 + 7 + len2 + 15); + str = malloc(buflen); if (!str) return NULL; - sprintf(str, "$(shell %s %s >%s.out 2>%s.err;echo $$?)", cmd, filename, filename, filename); + snprintf(str, buflen, "$(shell %s %s >%s.out 2>%s.err;echo $$?)", cmd, filename, filename, filename); /* * Expand it, running the shell. diff --git a/src/bin/dhcpclient.c b/src/bin/dhcpclient.c index 1ece6cd4650..e9e060e86fd 100644 --- a/src/bin/dhcpclient.c +++ b/src/bin/dhcpclient.c @@ -323,7 +323,7 @@ static fr_radius_packet_t *fr_dhcpv4_recv_raw_loop(int lsockfd, /* display offer(s) received */ if (nb_offer > 0 ) { int i; - + DEBUG("Received %d DHCP Offer(s):", nb_offer); for (i = 0; i < nb_reply; i++) { char server_addr_buf[INET6_ADDRSTRLEN]; @@ -445,7 +445,7 @@ static int send_with_pcap(fr_radius_packet_t **reply, fr_radius_packet_t *reques } fr_inet_ntoh(&request->socket.inet.src_ipaddr, ip, sizeof(ip)); - sprintf(pcap_filter, "udp and dst port %d", request->socket.inet.src_port); + snprintf(pcap_filter, sizeof(pcap_filter), "udp and dst port %d", request->socket.inet.src_port); if (fr_pcap_apply_filter(pcap, pcap_filter) < 0) { ERROR("Failing setting filter"); diff --git a/src/lib/server/log.c b/src/lib/server/log.c index 29cb0474444..3ec40347541 100644 --- a/src/lib/server/log.c +++ b/src/lib/server/log.c @@ -909,14 +909,14 @@ void log_request_hex(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, uint8_t const *data, size_t data_len) { size_t i, j, len; - char *p; char buffer[(0x10 * 3) + 1]; + char *p, *end = buffer + sizeof(buffer); for (i = 0; i < data_len; i += 0x10) { len = 0x10; if ((i + len) > data_len) len = data_len - i; - for (p = buffer, j = 0; j < len; j++, p += 3) sprintf(p, "%02x ", data[i + j]); + for (p = buffer, j = 0; j < len; j++, p += 3) snprintf(p, end - p, "%02x ", data[i + j]); log_request(type, lvl, request, file, line, "%04x: %s", (int)i, buffer); } } diff --git a/src/lib/tls/session.c b/src/lib/tls/session.c index 9adea9a9cce..e4c2f1fcf7d 100644 --- a/src/lib/tls/session.c +++ b/src/lib/tls/session.c @@ -619,7 +619,7 @@ static void session_msg_log(request_t *request, fr_tls_session_t *tls_session, u if (((size_t)tls_session->info.version >= NUM_ELEMENTS(tls_version_str)) || !tls_version_str[tls_session->info.version]) { - sprintf(unknown_version, "unknown_tls_version_0x%04x", tls_session->info.version); + snprintf(unknown_version, sizeof(unknown_version), "unknown_tls_version_0x%04x", tls_session->info.version); version = unknown_version; } else { version = tls_version_str[tls_session->info.version]; @@ -630,7 +630,8 @@ static void session_msg_log(request_t *request, fr_tls_session_t *tls_session, u */ if (((size_t)tls_session->info.content_type >= NUM_ELEMENTS(tls_content_type_str)) || !tls_content_type_str[tls_session->info.content_type]) { - sprintf(unknown_content_type, "unknown_content_type_0x%04x", tls_session->info.content_type); + snprintf(unknown_content_type, sizeof(unknown_content_type), + "unknown_content_type_0x%04x", tls_session->info.content_type); content_type = unknown_content_type; } else { content_type = tls_content_type_str[tls_session->info.content_type]; @@ -647,16 +648,16 @@ static void session_msg_log(request_t *request, fr_tls_session_t *tls_session, u break; default: - sprintf(unknown_alert_level, - "unknown_alert_level_0x%04x", tls_session->info.alert_level); + snprintf(unknown_alert_level, sizeof(unknown_alert_level), + "unknown_alert_level_0x%04x", tls_session->info.alert_level); str_details1 = unknown_alert_level; break; } if (((size_t)tls_session->info.alert_description >= NUM_ELEMENTS(tls_alert_description_str)) || !tls_alert_description_str[tls_session->info.alert_description]) { - sprintf(unknown_alert_description, - "unknown_alert_0x%04x", tls_session->info.alert_description); + snprintf(unknown_alert_description, sizeof(unknown_alert_description), + "unknown_alert_0x%04x", tls_session->info.alert_description); str_details2 = unknown_alert_description; } else { str_details2 = tls_alert_description_str[tls_session->info.alert_description]; @@ -674,8 +675,8 @@ static void session_msg_log(request_t *request, fr_tls_session_t *tls_session, u * and underlying type. */ if (!tls_handshake_type_str[tls_session->info.handshake_type]) { - sprintf(unknown_handshake_type, - "unknown_handshake_type_0x%02x", tls_session->info.handshake_type); + snprintf(unknown_handshake_type, sizeof(unknown_handshake_type), + "unknown_handshake_type_0x%02x", tls_session->info.handshake_type); str_details1 = unknown_handshake_type; } else { str_details1 = tls_handshake_type_str[tls_session->info.handshake_type]; diff --git a/src/lib/tls/version.c b/src/lib/tls/version.c index c7b3d723acc..224ebf66324 100644 --- a/src/lib/tls/version.c +++ b/src/lib/tls/version.c @@ -86,17 +86,17 @@ char const *fr_openssl_version_str_from_num(uint32_t v) { /* 2 (%s) + 1 (.) + 2 (%i) + 1 (.) + 2 (%i) + 1 (c) + 8 (%s) + \0 */ static char buffer[18]; - char *p = buffer; + char *p = buffer, *end = buffer + sizeof(buffer); /* * If OpenSSL major version is less than three * use the old version number layout. */ if (((v & 0xf0000000) >> 28) < 3) { - p += sprintf(p, "%u.%u.%u", - (0xf0000000 & v) >> 28, - (0x0ff00000 & v) >> 20, - (0x000ff000 & v) >> 12); + p += snprintf(p, end - p, "%u.%u.%u", + (0xf0000000 & v) >> 28, + (0x0ff00000 & v) >> 20, + (0x000ff000 & v) >> 12); if ((0x00000ff0 & v) >> 4) { *p++ = (char) (0x60 + ((0x00000ff0 & v) >> 4)); @@ -108,14 +108,14 @@ char const *fr_openssl_version_str_from_num(uint32_t v) * Development (0) */ if ((0x0000000f & v) == 0) { - strcpy(p, "dev"); + strlcpy(p, "dev", end - p); /* * Beta (1-14) */ } else if ((0x0000000f & v) <= 14) { - sprintf(p, "beta %u", 0x0000000f & v); + snprintf(p, end - p, "beta %u", 0x0000000f & v); } else { - strcpy(p, "release"); + strlcpy(p, "release", end - p); } return buffer; @@ -132,10 +132,10 @@ char const *fr_openssl_version_str_from_num(uint32_t v) * NN is the number from OPENSSL_VERSION_MINOR, in hexadecimal notation. * PP is the number from OPENSSL_VERSION_PATCH, in hexadecimal notation. */ - sprintf(buffer, "%u.%u.%u", - (0xf0000000 & v) >> 28, - (0x0ff00000 & v) >> 20, - (0x00000ff0 & v) >> 4); + snprintf(buffer, sizeof(buffer), "%u.%u.%u", + (0xf0000000 & v) >> 28, + (0x0ff00000 & v) >> 20, + (0x00000ff0 & v) >> 4); return buffer; } diff --git a/src/lib/util/acutest.h b/src/lib/util/acutest.h index eef4b365a29..69802f0ca55 100644 --- a/src/lib/util/acutest.h +++ b/src/lib/util/acutest.h @@ -873,8 +873,10 @@ acutest_dump_(bool always, const char* title, const void* addr, size_t size) static const size_t BYTES_PER_LINE = 16; size_t line_beg; size_t truncate = 0; + size_t buflen = (size * 3) + strlen(title) + 2; char* buffer; char* p; + char* end; if(acutest_verbose_level_ < 2) return; @@ -890,7 +892,8 @@ acutest_dump_(bool always, const char* title, const void* addr, size_t size) } /* Allocate space for log copy of dump */ - buffer = (char *)calloc((size * 3) + strlen(title) + 2, sizeof(char)); + buffer = (char *)calloc(buflen, sizeof(char)); + end = buffer + buflen; acutest_line_indent_(acutest_case_name_[0] ? 3 : 2); printf((title[strlen(title)-1] == ':') ? "%s\n" : "%s:\n", title); @@ -911,7 +914,7 @@ acutest_dump_(bool always, const char* title, const void* addr, size_t size) for(off = line_beg; off < line_end; off++) { if(off < size) { printf(" %02x", ((const unsigned char*)addr)[off]); - sprintf(p, " %02x", ((const unsigned char*)addr)[off]); + snprintf(p, end - p, " %02x", ((const unsigned char*)addr)[off]); p += 3; } else printf(" "); @@ -1271,7 +1274,7 @@ acutest_run_(const struct acutest_test_* test, int index, int master_index) case SIGSEGV: signame = "SIGSEGV"; break; case SIGILL: signame = "SIGILL"; break; case SIGTERM: signame = "SIGTERM"; break; - default: sprintf(tmp, "signal %d", WTERMSIG(exit_code)); signame = tmp; break; + default: snprintf(tmp, sizeof(tmp), "signal %d", WTERMSIG(exit_code)); signame = tmp; break; } acutest_error_("Test interrupted by %s.", signame); } else { @@ -1506,7 +1509,7 @@ acutest_cmdline_read_(const ACUTEST_CMDLINE_OPTION_* options, int argc, char** a if(opt->flags & (ACUTEST_CMDLINE_OPTFLAG_OPTIONALARG_ | ACUTEST_CMDLINE_OPTFLAG_REQUIREDARG_)) { ret = callback(opt->id, argv[i]+2+len+1); } else { - sprintf(auxbuf, "--%s", opt->longname); + snprintf(auxbuf, sizeof(auxbuf), "--%s", opt->longname); ret = callback(ACUTEST_CMDLINE_OPTID_BOGUSARG_, auxbuf); } break; diff --git a/src/lib/util/debug.c b/src/lib/util/debug.c index 270dc87f2e0..5f68ada62c7 100644 --- a/src/lib/util/debug.c +++ b/src/lib/util/debug.c @@ -1376,14 +1376,14 @@ void fr_fault_log(char const *msg, ...) void fr_fault_log_hex(uint8_t const *data, size_t data_len) { size_t i, j, len; - char *p; char buffer[(0x10 * 3) + 1]; + char *p, *end = buffer + sizeof(buffer); for (i = 0; i < data_len; i += 0x10) { len = 0x10; if ((i + len) > data_len) len = data_len - i; - for (p = buffer, j = 0; j < len; j++, p += 3) sprintf(p, "%02x ", data[i + j]); + for (p = buffer, j = 0; j < len; j++, p += 3) snprintf(p, end - p, "%02x ", data[i + j]); dprintf(fr_fault_log_fd, "%04x: %s\n", (int)i, buffer); } diff --git a/src/lib/util/log.c b/src/lib/util/log.c index 22ff0143313..feca02e5eba 100644 --- a/src/lib/util/log.c +++ b/src/lib/util/log.c @@ -814,8 +814,8 @@ void fr_log_hex(fr_log_t const *log, fr_log_type_t type, char const *file, int l uint8_t const *data, size_t data_len, char const *line_prefix_fmt, ...) { size_t i, j, len; - char *p; char buffer[(0x10 * 3) + 1]; + char *p, *end = buffer + sizeof(buffer); TALLOC_CTX *thread_log_pool = fr_log_pool_init(); char *line_prefix = NULL; @@ -831,7 +831,7 @@ void fr_log_hex(fr_log_t const *log, fr_log_type_t type, char const *file, int l len = 0x10; if ((i + len) > data_len) len = data_len - i; - for (p = buffer, j = 0; j < len; j++, p += 3) sprintf(p, "%02x ", data[i + j]); + for (p = buffer, j = 0; j < len; j++, p += 3) snprintf(p, end - p, "%02x ", data[i + j]); if (line_prefix_fmt) { fr_log(log, type, file, line, "%s%04x: %s", @@ -862,8 +862,8 @@ void fr_log_hex_marker(fr_log_t const *log, fr_log_type_t type, char const *file ssize_t marker_idx, char const *marker, char const *line_prefix_fmt, ...) { size_t i, j, len; - char *p; char buffer[(0x10 * 3) + 1]; + char *p, *end = buffer + sizeof(buffer); TALLOC_CTX *thread_log_pool = fr_log_pool_init(); char *line_prefix = NULL; @@ -884,7 +884,7 @@ void fr_log_hex_marker(fr_log_t const *log, fr_log_type_t type, char const *file len = 0x10; if ((i + len) > data_len) len = data_len - i; - for (p = buffer, j = 0; j < len; j++, p += 3) sprintf(p, "%02x ", data[i + j]); + for (p = buffer, j = 0; j < len; j++, p += 3) snprintf(p, end - p, "%02x ", data[i + j]); if (line_prefix_fmt) { fr_log(log, type, file, line, "%s%04x: %s", diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c index bb0bda1b323..3b0e8c86e7f 100644 --- a/src/modules/rlm_mschap/rlm_mschap.c +++ b/src/modules/rlm_mschap/rlm_mschap.c @@ -857,7 +857,7 @@ static int CC_HINT(nonnull (1, 2, 4, 5)) do_mschap_cpw(rlm_mschap_t const *inst, } /* now the password blobs */ - len = sprintf(buf, "new-nt-password-blob: "); + len = snprintf(buf, sizeof(buf), "new-nt-password-blob: "); fr_base16_encode(&FR_SBUFF_OUT(buf + len, sizeof(buf) - len), &FR_DBUFF_TMP(new_nt_password, 516)); buf[len+1032] = '\n'; buf[len+1033] = '\0'; @@ -867,7 +867,7 @@ static int CC_HINT(nonnull (1, 2, 4, 5)) do_mschap_cpw(rlm_mschap_t const *inst, goto ntlm_auth_err; } - len = sprintf(buf, "old-nt-hash-blob: "); + len = snprintf(buf, sizeof(buf), "old-nt-hash-blob: "); fr_base16_encode(&FR_SBUFF_OUT(buf + len, sizeof(buf) - len), &FR_DBUFF_TMP(old_nt_hash, NT_DIGEST_LENGTH)); buf[len+32] = '\n'; buf[len+33] = '\0'; @@ -881,12 +881,12 @@ static int CC_HINT(nonnull (1, 2, 4, 5)) do_mschap_cpw(rlm_mschap_t const *inst, * In current samba versions, failure to supply empty LM password/hash * blobs causes the change to fail. */ - len = sprintf(buf, "new-lm-password-blob: %01032i\n", 0); + len = snprintf(buf, sizeof(buf), "new-lm-password-blob: %01032i\n", 0); if (write_all(to_child, buf, len) != len) { REDEBUG("Failed to write dummy LM password to child"); goto ntlm_auth_err; } - len = sprintf(buf, "old-lm-hash-blob: %032i\n", 0); + len = snprintf(buf, sizeof(buf), "old-lm-hash-blob: %032i\n", 0); if (write_all(to_child, buf, len) != len) { REDEBUG("Failed to write dummy LM hash to child"); goto ntlm_auth_err; diff --git a/src/modules/rlm_rest/rest.c b/src/modules/rlm_rest/rest.c index 37f7884dccc..982de5ef1d0 100644 --- a/src/modules/rlm_rest/rest.c +++ b/src/modules/rlm_rest/rest.c @@ -355,14 +355,14 @@ static size_t rest_encode_post(void *out, size_t size, size_t nmemb, void *userd request_t *request = ctx->request; /* Used by RDEBUG */ fr_pair_t *vp; - char *p = out; /* Position in buffer */ - char *encoded = p; /* Position in buffer of last fully encoded attribute or value */ - char *escaped; /* Pointer to current URL escaped data */ - size_t len = 0; ssize_t slen; size_t freespace = (size * nmemb) - 1; + char *p = out; /* Position in buffer */ + char *encoded = p; /* Position in buffer of last fully encoded attribute or value */ + char *escaped; /* Pointer to current URL escaped data */ + /* Allow manual chunking */ if ((ctx->chunk) && (ctx->chunk <= freespace)) freespace = (ctx->chunk - 1); @@ -415,7 +415,7 @@ static size_t rest_encode_post(void *out, size_t size, size_t nmemb, void *userd return len; } - len = sprintf(p, "%s=", escaped); + len = snprintf(p, freespace, "%s=", escaped); curl_free(escaped); p += len; freespace -= len; diff --git a/src/modules/rlm_sql/drivers/rlm_sql_firebird/sql_fbapi.c b/src/modules/rlm_sql/drivers/rlm_sql_firebird/sql_fbapi.c index 50a19870718..27828e85c9a 100644 --- a/src/modules/rlm_sql/drivers/rlm_sql_firebird/sql_fbapi.c +++ b/src/modules/rlm_sql/drivers/rlm_sql_firebird/sql_fbapi.c @@ -219,8 +219,6 @@ void fb_store_row(rlm_sql_firebird_conn_t *conn) ISC_INT64 value = 0; short field_width = 0; short dscale = 0; - char *p; - p = conn->row[i]; switch (dtype) { case SQL_SHORT: @@ -250,26 +248,26 @@ void fb_store_row(rlm_sql_firebird_conn_t *conn) } if (value >= 0) { - sprintf(p, "%*lld.%0*lld", - field_width - 1 + dscale, - (ISC_INT64) value / tens, - -dscale, - (ISC_INT64) value % tens); + snprintf(conn->row[i], conn->row_sizes[i], "%*lld.%0*lld", + field_width - 1 + dscale, + (ISC_INT64) value / tens, + -dscale, + (ISC_INT64) value % tens); } else if ((value / tens) != 0) { - sprintf (p, "%*lld.%0*lld", - field_width - 1 + dscale, - (ISC_INT64) (value / tens), - -dscale, - (ISC_INT64) -(value % tens)); + snprintf(conn->row[i], conn->row_sizes[i], "%*lld.%0*lld", + field_width - 1 + dscale, + (ISC_INT64) (value / tens), + -dscale, + (ISC_INT64) -(value % tens)); } else { - sprintf(p, "%*s.%0*lld", field_width - 1 + dscale, - "-0", -dscale, (ISC_INT64) - (value % tens)); + snprintf(conn->row[i], conn->row_sizes[i], "%*s.%0*lld", field_width - 1 + dscale, + "-0", -dscale, (ISC_INT64) - (value % tens)); } } else if (dscale) { - sprintf(p, "%*lld%0*d", field_width, + snprintf(conn->row[i], conn->row_sizes[i], "%*lld%0*d", field_width, (ISC_INT64) value, dscale, 0); } else { - sprintf(p, "%*lld", field_width, + snprintf(conn->row[i], conn->row_sizes[i], "%*lld", field_width, (ISC_INT64) value); } } diff --git a/src/modules/rlm_sqlippool/rlm_sqlippool.c b/src/modules/rlm_sqlippool/rlm_sqlippool.c index 1faf12cd3a4..bc29b536f09 100644 --- a/src/modules/rlm_sqlippool/rlm_sqlippool.c +++ b/src/modules/rlm_sqlippool/rlm_sqlippool.c @@ -245,7 +245,7 @@ static int sqlippool_expand(char * out, int outlen, char const * fmt, } break; case 'J': /* lease duration */ - sprintf(tmp, "%u", data->lease_duration); + snprintf(tmp, sizeof(tmp), "%u", data->lease_duration); strlcpy(q, tmp, freespace); q += strlen(q); break;