Re: Fixes for string functions

Re: Fixes for string functions

[Eric McDonald]

Hi Erik,    

>    * From: Erik Sigra <sigra at home dot se>
>    * To: xconq7 at sources dot redhat dot com
>    * Date: Sun, 10 Aug 2003 22:08:29 +0200
>    * Subject: Fixes for string functions

> Here are some fixes for string functions that seem important:

I finally got around to applying your patch now that we support 
snprintf and vsnprintf in Xconq. Thanks for submitting it.

Eric

Re: Fixes for string functions

[Jim Kingdon]

> However, I am not sure whether vsnprintf(3) enjoys universal support
> on the various target platforms. Unlike vsprintf(3), vsnprintf does
> not conform to the ANSI C (C89) standard

vsnprintf is in C99.  See
http://www.opengroup.org/onlinepubs/007904975/functions/vfprintf.html
for a standard.

But you are right, it isn't in C89.  At least so far, I've avoided
assuming it for xconq purposes.

Re: Fixes for string functions

[Hans Ronne]

>  However, I am not sure whether vsnprintf(3) enjoys universal support

I worried about the same thing, so I used strncat and strncpy instead when
I fixed the buffer overflow in make_default_player_spec that was reported
by Steve Kemp.

>  Also, in the case where you are dealing with the 300 byte line buffer,
>maybe we should either redefine it as being BUFSIZE (255 bytes) in length,
>or define a LINEBUFSIZE macro, so that we are not hardcoding a literal all
>over the place.

I presume there is a reason why Stan didn't use BUFSIZE here. Extra space
needed for something?

>  And even with this fix, we are not entirely out of danger, because the
>buffer that strcat appends the line buffer to may not be large enough.

strncat can handle that. See the make_default_player_spec fix.

Hans

Re: Fixes for string functions

[Eric McDonald]

On Sun, 10 Aug 2003, Erik Sigra wrote:

> Here are some fixes for string functions that seem important:

Hi Erik,

  I agree with your fixes in principle.

  However, I am not sure whether vsnprintf(3) enjoys universal support on
the various target platforms. Unlike vsprintf(3), vsnprintf does not
conform to the ANSI C (C89) standard; it was introduced from the BSD
family, and not all SysV platforms may support it (not to mention non-Unix
platforms). I did a grep of the C source in the kernel subdirectory, and
did not turn up any other places where this function is used. But maybe I
am just nitpicking....

  Also, in the case where you are dealing with the 300 byte line buffer,
maybe we should either redefine it as being BUFSIZE (255 bytes) in length,
or define a LINEBUFSIZE macro, so that we are not hardcoding a literal all
over the place.

  And even with this fix, we are not entirely out of danger, because the
buffer that strcat appends the line buffer to may not be large enough.

  Regards,
    Eric

Fixes for string functions

[Erik Sigra]

[-- Attachment #1: Type: text/plain, Size: 62 bytes --]

Here are some fixes for string functions that seem important:

[-- Attachment #2: util.c.diff --]
[-- Type: text/x-diff, Size: 1794 bytes --]

Index: kernel/util.c
===================================================================
RCS file: /cvs/xconq/xconq/kernel/util.c,v
retrieving revision 1.26
diff -u -3 -p -r1.26 util.c
--- kernel/util.c	16 Jun 2003 23:07:47 -0000	1.26
+++ kernel/util.c	10 Aug 2003 20:01:57 -0000
@@ -367,7 +367,7 @@ tprintf(char *buf, char *str, ...)
     char line[300];
 
     va_start(ap, str);
-    vsprintf(line, str, ap);
+    vsnprintf(line, 300, str, ap);
     strcat(buf, line);
     va_end(ap);
 }
@@ -381,7 +381,7 @@ tnprintf(char *buf, int n, char *str, ..
 
     if (n1 > 0) {
 	va_start(ap, str);
-	vsprintf(line, str, ap);
+	vsnprintf(line, 300, str, ap);
 	strncat(buf, line, n1);
 	va_end(ap);
     }
@@ -392,7 +392,7 @@ vtprintf(char *buf, char *str, va_list a
 {
     char line[300];
 
-    vsprintf(line, str, ap);
+    vsnprintf(line, 300, str, ap);
     strcat(buf, line);
 }
 
@@ -812,7 +812,7 @@ init_error(char *str, ...)
     va_list ap;
 
     va_start(ap, str);
-    vsprintf(buf, str, ap);
+    vsnprintf(buf, BUFSIZE, str, ap);
     va_end(ap);
 
     Dprintf("INIT ERROR %s INIT ERROR\n", buf);
@@ -828,7 +828,7 @@ init_warning(char *str, ...)
     va_list ap;
 
     va_start(ap, str);
-    vsprintf(buf, str, ap);
+    vsnprintf(buf, BUFSIZE, str, ap);
     va_end(ap);
 
     Dprintf("INIT WARNING %s INIT WARNING\n", buf);
@@ -848,7 +848,7 @@ run_error(char *str, ...)
     va_list ap;
 
     va_start(ap, str);
-    vsprintf(buf, str, ap);
+    vsnprintf(buf, BUFSIZE, str, ap);
     va_end(ap);
 
     Dprintf("RUN ERROR %s RUN ERROR\n", buf);
@@ -867,7 +867,7 @@ run_warning(char *str, ...)
     va_list ap;
 
     va_start(ap, str);
-    vsprintf(buf, str, ap);
+    vsnprintf(buf, BUFSIZE, str, ap);
     va_end(ap);
 
     Dprintf("RUN WARNING %s RUN WARNING\n", buf);