sed: fix unlikely mkostemp-related overflow

* bootstrap.conf (gnulib_modules): Add mempcpy. * sed/utils.c (ck_mkstemp): Use mempcpy instead of sprintf, which doesn’t work with strings longer than INT_MAX.
author: Paul Eggert <eggert@cs.ucla.edu> 2022-12-18 19:27:02 -0800
committer: Paul Eggert <eggert@cs.ucla.edu> 2022-12-19 12:33:57 -0800
commit: 3ac95905f430b2549a69cd7c95c278dc626de12f (patch)
tree: 22c6469be1a5c62b80044b10c8e4364212e79259
parent: 03488eeea9cef99e2fa6c29d43b4befcc3e6ce40 (diff)
download: sed-3ac95905f430b2549a69cd7c95c278dc626de12f.tar.gz
2 files changed, 8 insertions, 2 deletions
diff --git a/bootstrap.conf b/bootstrap.conf
index 9753f53..d491028 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -44,6 +44,7 @@ mbrlen
 mbrtowc
 mbsinit
 memchr
+mempcpy
 memrchr
 minmax
 mkostemp
diff --git a/sed/utils.c b/sed/utils.c
index 03243c2..19d6554 100644
--- a/sed/utils.c
+++ b/sed/utils.c
@@ -185,8 +185,13 @@ FILE *
 ck_mkstemp (char **p_filename, const char *tmpdir,
             const char *base, const char *mode)
 {
-  char *template = xmalloc (strlen (tmpdir) + strlen (base) + 8);
-  sprintf (template, "%s/%sXXXXXX", tmpdir, base);
+  idx_t tmpdirlen = strlen (tmpdir), baselen = strlen (base);
+  char *template = xmalloc (tmpdirlen + baselen + 8);
+  char *basecopy = mempcpy (template, tmpdir, tmpdirlen);
+  *basecopy++ = '/';
+  char *suffix = mempcpy (basecopy, base, baselen);
+  memset (suffix, 'X', 6);
+  suffix[6] = '\0';
 
    /* The ownership might change, so omit some permissions at first
       so unauthorized users cannot nip in before the file is ready.
author	Paul Eggert <eggert@cs.ucla.edu>	2022-12-18 19:27:02 -0800
committer	Paul Eggert <eggert@cs.ucla.edu>	2022-12-19 12:33:57 -0800
commit	3ac95905f430b2549a69cd7c95c278dc626de12f (patch)
tree	22c6469be1a5c62b80044b10c8e4364212e79259
parent	03488eeea9cef99e2fa6c29d43b4befcc3e6ce40 (diff)
download	sed-3ac95905f430b2549a69cd7c95c278dc626de12f.tar.gz