Source: nn Version: 6.7.3-14 Severity: normal Tags: patch Dear Maintainer,
>From eb427ff8dcae00b9bcf0a171cc0ee92271a1174c Mon Sep 17 00:00:00 2001 >From: Bjarni Ingi Gislason <bjarn...@rhi.hi.is> >Date: Tue, 2 Mar 2021 03:04:11 +0000 >Subject: [PATCH] newsrc.c: use "snprintf()"; use "unsigned char" for > "isspace()", add a file name to the output of function "prt_unread()" Use "snprintf()" instead of "sprintf()". Cast an integer to "unsigned char" in the function "isspace()". Add the file name to an output text ("No News ..."), and don't clear the display before it in the function "prt_unread()". Signed-off-by: Bjarni Ingi Gislason <bjarn...@rhi.hi.is> --- newsrc.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/newsrc.c b/newsrc.c index 155bdd5..2a4ad94 100644 --- a/newsrc.c +++ b/newsrc.c @@ -186,14 +186,14 @@ dump_newsrc(void) return; if (first && keep_rc_backup) { - sprintf(bak, "%s%s", newsrc_file, bak_suffix); + snprintf(bak, FILENAME, "%s%s", newsrc_file, bak_suffix); if (dump_file(bak, DM_ORIG_NEWSRC)) nn_exitmsg(1, "Cannot backup %s", newsrc_file); first = 0; } if (dump_file(newsrc_file, DM_NEWSRC)) { char temp[FILENAME]; - sprintf(temp, "%s/newsrc-%d", tmp_directory, process_id); + snprintf(temp, FILENAME, "%s/newsrc-%d", tmp_directory, process_id); if (dump_file(temp, DM_NEWSRC)) nn_exitmsg(1, "Cannot update %s -- restore %s file!!!", newsrc_file, bak_suffix); @@ -215,7 +215,7 @@ dump_select(void) return; if (first && keep_rc_backup) { - sprintf(bak, "%s%s", sel_path, bak_suffix); + snprintf(bak, FILENAME, "%s%s", sel_path, bak_suffix); dump_file(bak, DM_ORIG_SELECT); first = 0; } @@ -369,7 +369,7 @@ visit_rc_file(void) if (who_am_i != I_AM_NN) nn_exitmsg(1, "A release 6.3 rc file exists. Run nn to upgrade"); - sprintf(bak, "%s/upgrade_rc", lib_directory); + snprintf(bak, FILENAME, "%s/upgrade_rc", lib_directory); if ((newsrc_age = file_exist(newsrc_file, (char *) NULL)) == 0) { display_file("adm.upgrade1", CLEAR_DISPLAY); @@ -410,7 +410,7 @@ visit_rc_file(void) } } if (rc == NULL) { - sprintf(bak, "%s%s", newsrc_file, bak_suffix ? bak_suffix : ".bak"); + snprintf(bak, FILENAME, "%s%s", newsrc_file, bak_suffix ? bak_suffix : ".bak"); if ((rc = open_file(bak, OPEN_READ))) { int ans; time_t rc_mtime; @@ -451,7 +451,7 @@ visit_rc_file(void) gh = NULL; subscr = 0; for (bp = rcbuf; ((c = *bp)); bp++) { - if (isspace(c)) + if (isspace((unsigned char) c)) break; /* not a valid line */ if (c == RC_UNSUBSCR || c == RC_SUBSCR) { @@ -539,7 +539,7 @@ new_user: continue; } } - sprintf(buf, "%s:\n", gh->group_name); + snprintf(buf, FILENAME, "%s:\n", gh->group_name); /* to avoid fooling the LAST mechanism, we must fake */ /* that the group was also in the original .newsrc */ @@ -1204,11 +1204,11 @@ add_to_newsrc(group_header * gh) rc_seq_tail->newsrc_seq = gh; rc_seq_tail = gh; if (gh->last_db_article > 0) - sprintf(rcbuf, "%s: %s%ld\n", gh->group_name, + snprintf(rcbuf, RC_LINE_MAX, "%s: %s%ld\n", gh->group_name, gh->last_db_article > 1 ? "1-" : "", (long) gh->last_db_article); else - sprintf(rcbuf, "%s:\n", gh->group_name); + snprintf(rcbuf, RC_LINE_MAX, "%s:\n", gh->group_name); gh->newsrc_line = copy_str(rcbuf); dump_newsrc(); } @@ -1334,8 +1334,8 @@ void prt_unread(register char *format) { if (format == NULL) { - clrdisp(); - tprintf("No News (is good news)\n"); +/* clrdisp(); */ + tprintf("No News (is good news) (in %s)\n", __FILE__); return; } while (*format) { @@ -1683,7 +1683,7 @@ do_goback(void) article_number count, total; int groups, y; - sprintf(back_act, "%s/active.%d", db_directory, goback_days); + snprintf(back_act, FILENAME, "%s/active.%d", db_directory, goback_days); if ((ba = open_file(back_act, OPEN_READ)) == NULL) { fprintf(stderr, "Cannot go back %d days\n", goback_days); nn_exit(1); -- 2.30.1 -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.9-1 (SMP w/2 CPU threads) Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- debconf information excluded -- Bjarni I. Gislason