dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve code security posture by replacing sprintf with a safer function.

Browse source
This commit is contained in:
Adam Ierymenko 2013-08-30 17:05:43 -04:00
parent 1a7e303f97
commit f3ad05347e
16 changed files with 75 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

20
node/Utils.cpp
View file

@ -464,7 +464,7 @@ std::string Utils::toRfc1123(uint64_t t64)
#else
gmtime_r(&utc,&t);
#endif
sprintf(buf,"%3s, %02d %3s %4d %02d:%02d:%02d GMT",DAY_NAMES[t.tm_wday],t.tm_mday,MONTH_NAMES[t.tm_mon],t.tm_year + 1900,t.tm_hour,t.tm_min,t.tm_sec);
Utils::snprintf(buf,sizeof(buf),"%3s, %02d %3s %4d %02d:%02d:%02d GMT",DAY_NAMES[t.tm_wday],t.tm_mday,MONTH_NAMES[t.tm_mon],t.tm_year + 1900,t.tm_hour,t.tm_min,t.tm_sec);
return std::string(buf);
}
@ -653,4 +653,22 @@ void Utils::stdsprintf(std::string &s,const char *fmt,...)
s.append(buf);
}
unsigned int Utils::snprintf(char *buf,unsigned int len,const char *fmt,...)
throw(std::length_error)
{
va_list ap;
va_start(ap,fmt);
int n = (int)vsnprintf(buf,len,fmt,ap);
va_end(ap);
if ((n >= (int)len)||(n < 0)) {
if (len)
buf[len - 1] = (char)0;
throw std::length_error("buf[] overflow in Utils::snprintf");
}
return (unsigned int)n;
}
} // namespace ZeroTier