diff options
author | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2018-02-25 12:23:55 +0000 |
---|---|---|
committer | ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> | 2018-02-25 12:23:55 +0000 |
commit | 25ba46be7b2732a4e1fb272208d15c12807fd0ae (patch) | |
tree | 8c1efbd9ec15032af4a8cb5b297cde782d390c89 | |
parent | 8b5302a0f37ce1018fecf398235b390777789127 (diff) | |
download | pcre-25ba46be7b2732a4e1fb272208d15c12807fd0ae.tar.gz |
A small fix to pcregrep to avoid compiler warnings for -Wformat-overflow=2.
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1727 2f5784b3-3f2a-0410-8824-cb99058d5e15
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | pcregrep.c | 20 |
2 files changed, 19 insertions, 3 deletions
@@ -49,6 +49,8 @@ containing multi-code-unit characters caused bad behaviour and possibly a crash. This issue was fixed for other kinds of repeat in release 8.37 by change 38, but repeating character classes were overlooked. +6. A small fix to pcregrep to avoid compiler warnings for -Wformat-overflow=2. + Version 8.41 05-July-2017 ------------------------- @@ -2527,7 +2527,14 @@ if ((popts & PO_FIXED_STRINGS) != 0) } } -sprintf(buffer, "%s%.*s%s", prefix[popts], patlen, ps, suffix[popts]); +if (snprintf(buffer, PATBUFSIZE, "%s%.*s%s", prefix[popts], patlen, ps, + suffix[popts]) > PATBUFSIZE) + { + fprintf(stderr, "pcregrep: Buffer overflow while compiling \"%s\"\n", + ps); + return FALSE; + } + p->compiled = pcre_compile(buffer, options, &error, &errptr, pcretables); if (p->compiled != NULL) return TRUE; @@ -2763,8 +2770,15 @@ for (i = 1; i < argc; i++) int arglen = (argequals == NULL || equals == NULL)? (int)strlen(arg) : (int)(argequals - arg); - sprintf(buff1, "%.*s", baselen, op->long_name); - sprintf(buff2, "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1); + if (snprintf(buff1, sizeof(buff1), "%.*s", baselen, op->long_name) > + (int)sizeof(buff1) || + snprintf(buff2, sizeof(buff2), "%s%.*s", buff1, + fulllen - baselen - 2, opbra + 1) > (int)sizeof(buff2)) + { + fprintf(stderr, "pcregrep: Buffer overflow when parsing %s option\n", + op->long_name); + pcregrep_exit(2); + } if (strncmp(arg, buff1, arglen) == 0 || strncmp(arg, buff2, arglen) == 0) |