diff options
| author | Ed Beroset <beroset@mindspring.com> | 2004-12-15 17:07:03 +0000 |
|---|---|---|
| committer | Ed Beroset <beroset@mindspring.com> | 2004-12-15 17:07:03 +0000 |
| commit | 19f927ac642f2ef69d2e971639a4678409b2b9d4 (patch) | |
| tree | f4781d4a89803df5a46554deb98e12222c90c843 | |
| parent | ec2e10cfea0c3421f88fdcd7b87e926212abbf50 (diff) | |
| download | nasm-19f927ac642f2ef69d2e971639a4678409b2b9d4.tar.gz | |
cleaned up most but not all sprintf() and vsprintf() calls to avoid
vulnerability to buffer overflow exploits.
| -rw-r--r-- | preproc.c | 16 |
1 files changed, 8 insertions, 8 deletions
@@ -1055,7 +1055,7 @@ detoken(Token * tlist, int expand_locals) char *p, *q = t->text + 2; q += strspn(q, "$"); - sprintf(buffer, "..@%lu.", ctx->number); + snprintf(buffer, sizeof(buffer), "..@%lu.", ctx->number); p = nasm_strcat(buffer, q); nasm_free(t->text); t->text = p; @@ -1973,7 +1973,7 @@ do_directive(Token * tline) free_tlist(tt); /* Now define the macro for the argument */ - sprintf(directive, "%%define %s (%s+%d)", arg, StackPointer, + snprintf(directive, sizeof(directive), "%%define %s (%s+%d)", arg, StackPointer, offset); do_directive(tokenise(directive)); offset += size; @@ -2070,13 +2070,13 @@ do_directive(Token * tline) free_tlist(tt); /* Now define the macro for the argument */ - sprintf(directive, "%%define %s (%s-%d)", local, StackPointer, + snprintf(directive, sizeof(directive), "%%define %s (%s-%d)", local, StackPointer, offset); do_directive(tokenise(directive)); offset += size; /* Now define the assign to setup the enter_c macro correctly */ - sprintf(directive, "%%assign %%$localsize %%$localsize+%d", + snprintf(directive, sizeof(directive), "%%assign %%$localsize %%$localsize+%d", size); do_directive(tokenise(directive)); @@ -3201,12 +3201,12 @@ expand_mmac_params(Token * tline) */ case '0': type = TOK_NUMBER; - sprintf(tmpbuf, "%d", mac->nparam); + snprintf(tmpbuf, sizeof(tmpbuf), "%d", mac->nparam); text = nasm_strdup(tmpbuf); break; case '%': type = TOK_ID; - sprintf(tmpbuf, "..@%lu.", mac->unique); + snprintf(tmpbuf, sizeof(tmpbuf), "..@%lu.", mac->unique); text = nasm_strcat(tmpbuf, t->text + 2); break; case '-': @@ -4086,7 +4086,7 @@ error(int severity, const char *fmt, ...) return; va_start(arg, fmt); - vsnprintf(buff, 1024, fmt, arg); + vsnprintf(buff, sizeof(buff), fmt, arg); va_end(arg); if (istk && istk->mstk && istk->mstk->name) @@ -4549,7 +4549,7 @@ static void make_tok_num(Token * tok, long val) { char numbuf[20]; - sprintf(numbuf, "%ld", val); + snprintf(numbuf, sizeof(numbuf), "%ld", val); tok->text = nasm_strdup(numbuf); tok->type = TOK_NUMBER; } |