From 33fad361335431a10700d80165bf51cf9203140b Mon Sep 17 00:00:00 2001 From: Peter Howkins Date: Thu, 23 Dec 2021 19:57:22 +0000 Subject: [PATCH] dtappbuilder: Resolve format-overflow issues --- cde/programs/dtappbuilder/src/ab/cgen_utils.c | 2 +- cde/programs/dtappbuilder/src/ab/projP_utils.c | 2 +- cde/programs/dtappbuilder/src/ab/proj_utils.c | 6 +++--- cde/programs/dtappbuilder/src/abmf/generate_code.c | 8 ++++---- cde/programs/dtappbuilder/src/abmf/stubs_c_file.c | 2 +- cde/programs/dtappbuilder/src/libABil/bil_lexer.c | 2 +- cde/programs/dtappbuilder/src/libABobj/obj_notify.c | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/cde/programs/dtappbuilder/src/ab/cgen_utils.c b/cde/programs/dtappbuilder/src/ab/cgen_utils.c index 5e477ecf2..2d6f58ce4 100644 --- a/cde/programs/dtappbuilder/src/ab/cgen_utils.c +++ b/cde/programs/dtappbuilder/src/ab/cgen_utils.c @@ -1204,7 +1204,7 @@ exec_run(void) { ABObj project= NULL; char executable_name[1024]; - char cmd[1024]; + char cmd[sizeof(executable_name) + 3]; STRING argv[5]; *executable_name = 0; *cmd = 0; diff --git a/cde/programs/dtappbuilder/src/ab/projP_utils.c b/cde/programs/dtappbuilder/src/ab/projP_utils.c index 6e12bd8c9..4c808cd33 100644 --- a/cde/programs/dtappbuilder/src/ab/projP_utils.c +++ b/cde/programs/dtappbuilder/src/ab/projP_utils.c @@ -371,7 +371,7 @@ projP_save_export_bil( } else /* An error occurred with stat */ { - sprintf(Buf, "%s: %s", new_filename, strerror(errno)); + snprintf(Buf, sizeof(Buf), "%s: %s", new_filename, strerror(errno)); util_printf_err(Buf); } XtUnmanageChild(AB_generic_chooser); diff --git a/cde/programs/dtappbuilder/src/ab/proj_utils.c b/cde/programs/dtappbuilder/src/ab/proj_utils.c index 5e185de92..026d1bac6 100644 --- a/cde/programs/dtappbuilder/src/ab/proj_utils.c +++ b/cde/programs/dtappbuilder/src/ab/proj_utils.c @@ -1492,7 +1492,7 @@ proj_save_exploded( else /* An error occurred with stat */ { obj_set_name(project, old_name); - sprintf(Buf, "%s: %s", mod_exp_file, strerror(errno)); + snprintf(Buf, sizeof(Buf), "%s: %s", mod_exp_file, strerror(errno)); util_printf_err(Buf); if (old_name != NULL) util_free(old_name); if (old_file != NULL) util_free(old_file); @@ -1558,7 +1558,7 @@ proj_save_exploded( if ((iRet = util_mkdir_hier(dir)) < 0) { obj_set_name(project, old_name); - sprintf(Buf, "%s: %s", dir, strerror(errno)); + snprintf(Buf, sizeof(Buf), "%s: %s", dir, strerror(errno)); util_printf_err(Buf); if (rel_path) util_free(rel_path); if (old_name != NULL) util_free(old_name); @@ -2135,7 +2135,7 @@ save_proj_as_bix( } else /* An error occurred with stat */ { - sprintf(Buf, "%s: %s", bix_file, strerror(errno)); + snprintf(Buf, sizeof(Buf), "%s: %s", bix_file, strerror(errno)); xm_buf = XmStringCreateLocalized(Buf); dtb_proj_error_msg_initialize(&dtb_proj_error_msg); (void)dtb_show_modal_message(dtb_get_toplevel_widget(), diff --git a/cde/programs/dtappbuilder/src/abmf/generate_code.c b/cde/programs/dtappbuilder/src/abmf/generate_code.c index d92eb60ba..1c4dd0ec7 100644 --- a/cde/programs/dtappbuilder/src/abmf/generate_code.c +++ b/cde/programs/dtappbuilder/src/abmf/generate_code.c @@ -563,7 +563,7 @@ write_module_files( strcpy(uiHeaderDefineName, abmfP_get_define_from_file_name(uiHeaderFileName)); sprintf(stubsFileName, "%s_stubs.c", obj_get_name(module)); - sprintf(stubsBakFileName, "%s.BAK", stubsFileName); + snprintf(stubsBakFileName, sizeof(stubsBakFileName), "%s.BAK", stubsFileName); /* * ***** WRITE UI HEADER FILE ***** @@ -733,7 +733,7 @@ write_module_files( if ((stubsCFileChanged) && (deltaFile != NULL)) { char deltaFileName[MAXPATHLEN]; - sprintf(deltaFileName, "%s.delta", stubsFileName); + snprintf(deltaFileName, sizeof(deltaFileName), "%s.delta", stubsFileName); replace_file(deltaFileName, deltaFile, TRUE); } @@ -799,9 +799,9 @@ write_project_files( sprintf(headerFileName, "%s.h", obj_get_name(project)); strcpy(headerDefineName, abmfP_get_define_from_file_name(headerFileName)); - sprintf(headerBakFileName, "%s.BAK", headerFileName); + snprintf(headerBakFileName, sizeof(headerBakFileName), "%s.BAK", headerFileName); sprintf(stubsFileName, "%s.c", obj_get_name(project)); - sprintf(stubsBakFileName, "%s.BAK", stubsFileName); + snprintf(stubsBakFileName, sizeof(stubsBakFileName), "%s.BAK", stubsFileName); /***** PROJECT HEADER FILE *****/ diff --git a/cde/programs/dtappbuilder/src/abmf/stubs_c_file.c b/cde/programs/dtappbuilder/src/abmf/stubs_c_file.c index 768f6a5ce..11ed489d3 100644 --- a/cde/programs/dtappbuilder/src/abmf/stubs_c_file.c +++ b/cde/programs/dtappbuilder/src/abmf/stubs_c_file.c @@ -1026,7 +1026,7 @@ abmfP_write_action_function( ABObj toObj = obj_get_to(action); ABObj module = NULL; char actionName[1024]; - char actionPrintf[1024]; + char actionPrintf[32 + sizeof(actionName)]; abmfP_gencode_enter_func(genCodeInfo); abmfP_ip_obj(genCodeInfo) = obj_get_to(action); diff --git a/cde/programs/dtappbuilder/src/libABil/bil_lexer.c b/cde/programs/dtappbuilder/src/libABil/bil_lexer.c index 2f031d6bc..8d78b98b6 100644 --- a/cde/programs/dtappbuilder/src/libABil/bil_lexer.c +++ b/cde/programs/dtappbuilder/src/libABil/bil_lexer.c @@ -381,7 +381,7 @@ yyerror(const char *message) CATGETS(ABIL_MESSAGE_CATD, ABIL_MESSAGE_SET, 37, ", near '%s'"), tokenText); } - sprintf(errMsg, "%s%s\n", message, tokenMsg); + snprintf(errMsg, sizeof(errMsg), "%s%s\n", message, tokenMsg); abil_print_custom_load_err(errMsg); } diff --git a/cde/programs/dtappbuilder/src/libABobj/obj_notify.c b/cde/programs/dtappbuilder/src/libABobj/obj_notify.c index 7540f2a19..13cd2682d 100644 --- a/cde/programs/dtappbuilder/src/libABobj/obj_notify.c +++ b/cde/programs/dtappbuilder/src/libABobj/obj_notify.c @@ -908,7 +908,7 @@ event_print(OBJ_EVENT *event, FILE *outFile, BOOL addNewline, STRING name) { ABObj obj= NULL; char eventName[1024]; - char eventParams[1024]; + char eventParams[1024 + 2]; char *eventParamsPtr= eventParams; char buf1[256]; char buf2[256];