Stuart Henderson writes: > On 2012/12/04 22:38, Dennis Herrmann wrote: > > [03] "warning: sprintf() is often misused, please use snprintf()" > > We're not patching these in ports unless there's a serious > bug - feeding this type of fix upstream is usually the best course > of action....however > > > + static void send_curs(Vt *t) > > + { > > + char keyseq[16]; > > +- sprintf(keyseq, "\e[%d;%dR", (int)(t->curs_row - t->lines), > > t->curs_col); > > ++ printf(keyseq, "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); > > + vt_write(t, keyseq, strlen(keyseq)); > > + } > > + > > in this case the patch is bogus, the intent is to print to a string, > it should either be changed to snprintf with a size limit, (and check > the return code to avoid possibly not terminating the escape sequence > properly if the string does get truncated), or (as there is a finite > maximum length the %d can expand to) use a buffer large enough to > hold the longest possible output of the sprintf. >
I change the patch a little bit, I hope it looks better? + static void send_curs(Vt *t) + { + char keyseq[16]; +- sprintf(keyseq, "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); ++ snprintf(keyseq, sizeof(keyseq), "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); + vt_write(t, keyseq, strlen(keyseq)); + } /dhn
diff --git a/misc/dvtm/patches/patch-vt_c b/misc/dvtm/patches/patch-vt_c index 0fbc97d..a44aac7 100644 --- a/misc/dvtm/patches/patch-vt_c +++ b/misc/dvtm/patches/patch-vt_c @@ -16,7 +16,7 @@ { char keyseq[16]; - sprintf(keyseq, "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); -+ printf(keyseq, "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); ++ snprintf(keyseq, sizeof(keyseq), "\e[%d;%dR", (int)(t->curs_row - t->lines), t->curs_col); vt_write(t, keyseq, strlen(keyseq)); }
pgpn4O3wZaLPP.pgp
Description: PGP signature