From: Jeroen van der Heijden <jeroen@transceptor.technology>
Date: Thu, 21 Feb 2019 08:53:49 +0000 (+0100)
Subject: few more snprintf fixes
X-Git-Tag: archive/raspbian/2.0.44-1+rpi1~1^2~3^2~6^2~21
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/success//%22http:/www.example.com/cgi/success/?a=commitdiff_plain;h=d9560c624eebc9b3b090fb6945869c68302aa2bb;p=siridb-server.git

few more snprintf fixes
---

diff --git a/src/argparse/argparse.c b/src/argparse/argparse.c
index 3b9dcd55..ad8b1064 100644
--- a/src/argparse/argparse.c
+++ b/src/argparse/argparse.c
@@ -156,6 +156,7 @@ void argparse_parse(argparse_parser_t *parser, int argc, char *argv[])
         }
         if (rc)
         {
+            buffer[ARGPARSE_ERR_SIZE - 1] = '\0';
             print_error(parser, buffer, bname);
             quit(parser, EXIT_FAILURE);
         }
@@ -287,7 +288,7 @@ static void print_usage(argparse_parser_t * parser, const char * bname)
             }
             break;
         }
-
+        buffer[ARGPARSE_HELP_SIZE - 1] = '\0';
         line_size += strlen(buffer);
         if (line_size > HELP_WIDTH)
         {
@@ -373,6 +374,7 @@ static void print_help(argparse_parser_t * parser, const char * bname)
             }
             break;
         }
+        buffer[ARGPARSE_HELP_SIZE - 1] = '\0';
         line_size = strlen(buffer);
         if (line_size > 24)
         {
diff --git a/src/procinfo/procinfo.c b/src/procinfo/procinfo.c
index e5a832db..2fd23b29 100644
--- a/src/procinfo/procinfo.c
+++ b/src/procinfo/procinfo.c
@@ -175,7 +175,14 @@ long int procinfo_open_files(const char * path, int include_fd)
     {
         if (entry->d_type == DT_REG || entry->d_type == DT_LNK)
         {
-            snprintf(buffer, XPATH_MAX, "/proc/self/fd/%s", entry->d_name);
+            if (snprintf(
+                    buffer,
+                    XPATH_MAX,
+                    "/proc/self/fd/%s",
+                    entry->d_name) >= XPATH_MAX)
+            {
+                buffer[XPATH_MAX-1] = '\0';
+            }
             if (realpath(buffer, buf) == NULL)
             {
                 continue;
diff --git a/src/qpack/qpack.c b/src/qpack/qpack.c
index 3495c741..038e488b 100644
--- a/src/qpack/qpack.c
+++ b/src/qpack/qpack.c
@@ -362,7 +362,10 @@ int qp_add_fmt(qp_packer_t * packer, const char * fmt, ...)
     va_list args;
     char buffer[QPACK_MAX_FMT_SIZE];
     va_start(args, fmt);
-    vsnprintf(buffer, QPACK_MAX_FMT_SIZE, fmt, args);
+    if (vsnprintf(buffer, QPACK_MAX_FMT_SIZE, fmt, args) >= QPACK_MAX_FMT_SIZE)
+    {
+        buffer[QPACK_MAX_FMT_SIZE-1] = '\0';
+    }
     va_end(args);
     return qp_add_string(packer, buffer);
 }
diff --git a/src/siri/db/db.c b/src/siri/db/db.c
index c995ecce..f87d346e 100644
--- a/src/siri/db/db.c
+++ b/src/siri/db/db.c
@@ -85,8 +85,9 @@ int8_t siridb_get_idle_percentage(siridb_t * siridb)
 int siridb_is_db_path(const char * dbpath)
 {
     char buffer[XPATH_MAX];
+    buffer[XPATH_MAX-1] = '\0';
     snprintf(buffer,
-            XPATH_MAX,
+            XPATH_MAX-1,
             "%sdatabase.conf",
             dbpath);
     if (!xpath_file_exist(buffer))
@@ -94,7 +95,7 @@ int siridb_is_db_path(const char * dbpath)
         return 0;  /* false */
     }
     snprintf(buffer,
-            XPATH_MAX,
+            XPATH_MAX-1,
             "%sdatabase.dat",
             dbpath);
     if (!xpath_file_exist(buffer))
@@ -600,8 +601,9 @@ int siridb_open_files(siridb_t * siridb)
 int siridb_save(siridb_t * siridb)
 {
     char buffer[XPATH_MAX];
+    buffer[XPATH_MAX-1] = '\0';
     snprintf(buffer,
-            XPATH_MAX,
+            XPATH_MAX-1,
             "%sdatabase.dat",
             siridb->dbpath);
 
@@ -876,9 +878,9 @@ static siridb_t * siridb__from_dat(const char * dbpath)
     char err_msg[512];
     qp_unpacker_t * unpacker;
     char buffer[XPATH_MAX];
-
+    buffer[XPATH_MAX-1] = '\0';
     snprintf(buffer,
-                XPATH_MAX,
+                XPATH_MAX-1,
                 "%sdatabase.dat",
                 dbpath);
 
@@ -918,8 +920,9 @@ static int siridb__read_conf(siridb_t * siridb)
     cfgparser_t * cfgparser;
     cfgparser_option_t * option = NULL;
     siridb_buffer_t * buffer = siridb->buffer;
+    buf[XPATH_MAX-1] = '\0';
     snprintf(buf,
-            XPATH_MAX,
+            XPATH_MAX-1,
             "%sdatabase.conf",
             siridb->dbpath);
 
diff --git a/src/siri/net/tcp.c b/src/siri/net/tcp.c
index e3d5ea00..dd3c5fe6 100644
--- a/src/siri/net/tcp.c
+++ b/src/siri/net/tcp.c
@@ -49,9 +49,8 @@ char * sirinet_tcp_name(uv_tcp_t * client)
                     &((struct sockaddr_in *) &name)->sin_addr,
                     addr,
                     sizeof(addr));
-            snprintf(
+            sprintf(
                     buffer,
-                    TCP_NAME_BUF_SZ,
                     "%s:%d",
                     addr,
                     ntohs(((struct sockaddr_in *) &name)->sin_port));
@@ -66,9 +65,8 @@ char * sirinet_tcp_name(uv_tcp_t * client)
                     &((struct sockaddr_in6 *) &name)->sin6_addr,
                     addr,
                     sizeof(addr));
-            snprintf(
+            sprintf(
                     buffer,
-                    TCP_NAME_BUF_SZ,
                     "[%s]:%d",
                     addr,
                     ntohs(((struct sockaddr_in6 *) &name)->sin6_port));
diff --git a/src/xpath/xpath.c b/src/xpath/xpath.c
index 8e1eb23e..5c78be04 100644
--- a/src/xpath/xpath.c
+++ b/src/xpath/xpath.c
@@ -134,7 +134,7 @@ int xpath_rmdir(const char * path)
             buf = tmp;
         }
 
-        snprintf(buf, len, "%s%s%s", path, slash, p->d_name);
+        sprintf(buf, "%s%s%s", path, slash, p->d_name);
 
         if (xpath_is_dir(buf) ? xpath_rmdir(buf) : unlink(buf))
             goto stop;