Replace sprintf with defensive snprintf

* dyn_load.c (GC_register_dynamic_libraries): Replace sprintf with snprintf add put traling '\0' to buffer to prevent buffer overrun; cast snprintf result to void (to suppress compiler warning). * cord/tests/cordtest.c (test_printf): Likewise. * os_dep.c (GC_print_callers): Likewise. * os_dep.c (GC_dirty_init): Likewise (if PROC_VDB). * dyn_load.c (GC_dyld_image_add, GC_dyld_image_remove): Put trailing '\0' to buffer and cast snprintf result to void (Darwin).
author: Ivan Maidanski <ivmai@mail.ru> 2012-07-20 14:23:10 +0400
committer: Ivan Maidanski <ivmai@mail.ru> 2012-07-20 14:23:10 +0400
commit: edfd8454687ee1ccb756b51c15483febab388b33 (patch)
tree: e006809a2b7c997e0d25a61971dba816277f966d /cord
parent: c640c6ff33df8821113214a3f9a948b4dfc019f2 (diff)
download: bdwgc-edfd8454687ee1ccb756b51c15483febab388b33.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/cord/tests/cordtest.c b/cord/tests/cordtest.c
index 86b7ce21..a089f80d 100644
--- a/cord/tests/cordtest.c
+++ b/cord/tests/cordtest.c
@@ -221,7 +221,9 @@ void test_printf(void)
     x = CORD_cat(x,x);
     if (CORD_sprintf(&result, "->%-120.78r!\n", x) != 124)
         ABORT("CORD_sprintf failed 3");
-    (void) sprintf(result2, "->%-120.78s!\n", CORD_to_char_star(x));
+    (void)snprintf(result2, sizeof(result2), "->%-120.78s!\n",
+                   CORD_to_char_star(x));
+    result2[sizeof(result2) - 1] = '\0';
     if (CORD_cmp(result, result2) != 0)ABORT("CORD_sprintf goofed 5");
 }
author	Ivan Maidanski <ivmai@mail.ru>	2012-07-20 14:23:10 +0400
committer	Ivan Maidanski <ivmai@mail.ru>	2012-07-20 14:23:10 +0400
commit	edfd8454687ee1ccb756b51c15483febab388b33 (patch)
tree	e006809a2b7c997e0d25a61971dba816277f966d /cord
parent	c640c6ff33df8821113214a3f9a948b4dfc019f2 (diff)
download	bdwgc-edfd8454687ee1ccb756b51c15483febab388b33.tar.gz