summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>2018-02-25 12:23:55 +0000
committerph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>2018-02-25 12:23:55 +0000
commit25ba46be7b2732a4e1fb272208d15c12807fd0ae (patch)
tree8c1efbd9ec15032af4a8cb5b297cde782d390c89
parent8b5302a0f37ce1018fecf398235b390777789127 (diff)
downloadpcre-25ba46be7b2732a4e1fb272208d15c12807fd0ae.tar.gz
A small fix to pcregrep to avoid compiler warnings for -Wformat-overflow=2.
git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1727 2f5784b3-3f2a-0410-8824-cb99058d5e15
Diffstat
-rw-r--r--ChangeLog2
-rw-r--r--pcregrep.c20
2 files changed, 19 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 5d1a4d9..a8cf378 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -49,6 +49,8 @@ containing multi-code-unit characters caused bad behaviour and possibly a
crash. This issue was fixed for other kinds of repeat in release 8.37 by change
38, but repeating character classes were overlooked.
+6. A small fix to pcregrep to avoid compiler warnings for -Wformat-overflow=2.
+
Version 8.41 05-July-2017
-------------------------
diff --git a/pcregrep.c b/pcregrep.c
index 69ba85a..a406be9 100644
--- a/pcregrep.c
+++ b/pcregrep.c
@@ -2527,7 +2527,14 @@ if ((popts & PO_FIXED_STRINGS) != 0)
}
}
-sprintf(buffer, "%s%.*s%s", prefix[popts], patlen, ps, suffix[popts]);
+if (snprintf(buffer, PATBUFSIZE, "%s%.*s%s", prefix[popts], patlen, ps,
+ suffix[popts]) > PATBUFSIZE)
+ {
+ fprintf(stderr, "pcregrep: Buffer overflow while compiling \"%s\"\n",
+ ps);
+ return FALSE;
+ }
+
p->compiled = pcre_compile(buffer, options, &error, &errptr, pcretables);
if (p->compiled != NULL) return TRUE;
@@ -2763,8 +2770,15 @@ for (i = 1; i < argc; i++)
int arglen = (argequals == NULL || equals == NULL)?
(int)strlen(arg) : (int)(argequals - arg);
- sprintf(buff1, "%.*s", baselen, op->long_name);
- sprintf(buff2, "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1);
+ if (snprintf(buff1, sizeof(buff1), "%.*s", baselen, op->long_name) >
+ (int)sizeof(buff1) ||
+ snprintf(buff2, sizeof(buff2), "%s%.*s", buff1,
+ fulllen - baselen - 2, opbra + 1) > (int)sizeof(buff2))
+ {
+ fprintf(stderr, "pcregrep: Buffer overflow when parsing %s option\n",
+ op->long_name);
+ pcregrep_exit(2);
+ }
if (strncmp(arg, buff1, arglen) == 0 ||
strncmp(arg, buff2, arglen) == 0)
View Lorry Controller Status