diff --git a/fmtx.c b/fmtx.c index dd250b6..c0fd4a0 100644 --- a/fmtx.c +++ b/fmtx.c @@ -60,11 +60,11 @@ const TCHAR *fmtx_timestamp(int64_t n, unsigned int flags) { default: case FMTX_TS_DISPLAY_90kHz_RAW: - _stprintf(buf, _T("%") I64FMT _T("dt"), n27 / 300LL); + _sntprintf(buf, FMTX_BUFFER_SIZE, _T("%") I64FMT _T("dt"), n27 / 300LL); break; case FMTX_TS_DISPLAY_27MHz_RAW: - _stprintf(buf, _T("%") I64FMT _T("d:%03dt"), n27 / 300LL, frac_27MHz(n27)); + _sntprintf(buf, FMTX_BUFFER_SIZE, _T("%") I64FMT _T("d:%03dt"), n27 / 300LL, frac_27MHz(n27)); break; case FMTX_TS_DISPLAY_90kHz_32BIT: @@ -73,13 +73,13 @@ const TCHAR *fmtx_timestamp(int64_t n, unsigned int flags) TCHAR * p = buf; if (n90 < 0) *p++ = _T('-'); - _stprintf(p, _T("%ut"), (unsigned int)(n90 < 0 ? -n90 : n90)); + _sntprintf(p, FMTX_BUFFER_SIZE, _T("%ut"), (unsigned int)(n90 < 0 ? -n90 : n90)); break; } case FMTX_TS_DISPLAY_ms: // No timestamp when converted into ms should exceed 32bits - _stprintf(buf, _T("%dms"), (int)(n27 / 27000LL)); + _sntprintf(buf, FMTX_BUFFER_SIZE, _T("%dms"), (int)(n27 / 27000LL)); break; case FMTX_TS_DISPLAY_HMS: @@ -93,7 +93,7 @@ const TCHAR *fmtx_timestamp(int64_t n, unsigned int flags) a27 /= I64K(60); m = (unsigned int)(a27 % I64K(60)); h = (unsigned int)(a27 / I64K(60)); - _stprintf(buf, _T("%s%u:%02u:%02u.%04u"), n27 < 0 ? _T("-") : _T(""), h, m, s, f/1000); + _sntprintf(buf, FMTX_BUFFER_SIZE, _T("%s%u:%02u:%02u.%04u"), n27 < 0 ? _T("-") : _T(""), h, m, s, f/1000); break; } diff --git a/fmtx.h b/fmtx.h index 8ee0cb4..0b4d23d 100644 --- a/fmtx.h +++ b/fmtx.h @@ -39,6 +39,7 @@ typedef char TCHAR; #define I64FMT "ll" #define I64K(x) x##LL #define _stprintf sprintf +#define _sntprintf snprintf #define _tcscmp strcmp #endif diff --git a/misc.c b/misc.c index 1045ea9..4595be5 100644 --- a/misc.c +++ b/misc.c @@ -1476,7 +1476,7 @@ const char *ipv4_addr_to_string(const uint32_t addr) { static char buf[64]; - sprintf(buf, "%d.%d.%d.%d", + snprintf(buf, sizeof(buf), "%d.%d.%d.%d", (addr >> 24)&0xff, (addr >> 16)&0xff, (addr >> 8)&0xff, diff --git a/pcapreport.c b/pcapreport.c index 882a836..77bb5cd 100644 --- a/pcapreport.c +++ b/pcapreport.c @@ -784,7 +784,7 @@ stream_merge_vlan_info(pcapreport_stream_t * const st, const ethernet_packet_t * } static char * -vlan_name(const char * prefix, const pcapreport_stream_t * const st, char * const buf) +vlan_name(const char * prefix, const pcapreport_stream_t * const st, const size_t blen, char * const buf) { if (st->vlan_count == 0) { @@ -795,14 +795,17 @@ vlan_name(const char * prefix, const pcapreport_stream_t * const st, char * cons int i; size_t n = strlen(prefix); char * p = buf; + char * const eob = buf + blen; + memcpy(p, prefix, n); p += n; - for (i = 0; i < st->vlan_count; ++i) + + for (i = 0; i < st->vlan_count && eob - p > 2; ++i) { const pcapreport_vlan_info_t * const vi = st->vlans + i; if (i != 0) *p++ = '.'; - p += sprintf(p, "%d", vi->vid); + p += snprintf(p, eob - p, "%d", vi->vid); } } return buf; @@ -842,8 +845,8 @@ stream_create(pcapreport_ctx_t * const ctx, // that name! if (ctx->filter_dest_addr == 0 || ctx->filter_dest_port == 0) { - sprintf(st->output_name + len, "%s_%u.%u.%u.%u_%u.ts", - vlan_name("_V", st, pbuf), + snprintf(st->output_name + len, 64, "%s_%u.%u.%u.%u_%u.ts", + vlan_name("_V", st, sizeof(pbuf), pbuf), dest_addr >> 24, (dest_addr >> 16) & 0xff, (dest_addr >> 8) & 0xff, dest_addr & 0xff, dest_port); @@ -860,8 +863,8 @@ stream_create(pcapreport_ctx_t * const ctx, if (ctx->filter_dest_addr == 0 || ctx->filter_dest_port == 0) { - sprintf(name + len, "%s_%u.%u.%u.%u_%u.csv", - vlan_name("_V", st, pbuf), + snprintf(name + len, 64, "%s_%u.%u.%u.%u_%u.csv", + vlan_name("_V", st, sizeof(pbuf), pbuf), dest_addr >> 24, (dest_addr >> 16) & 0xff, (dest_addr >> 8) & 0xff, dest_addr & 0xff, dest_port); @@ -875,19 +878,20 @@ stream_create(pcapreport_ctx_t * const ctx, } static char * -map_to_string(unsigned int n, char * const buf) +map_to_string(unsigned int n, const size_t blen, char * const buf) { int i = 0; char * p = buf; + char * const eob = buf + blen; int first = TRUE; - while (n != 0) + while (n != 0 && eob - p > 2) { if ((n & 1) != 0) { if (!first) *p++ = ','; - p += sprintf(p, "%d", i); + p += snprintf(p, eob - p, "%d", i); first = FALSE; } n >>= 1; @@ -907,7 +911,7 @@ stream_analysis(const pcapreport_ctx_t * const ctx, const pcapreport_stream_t * fprint_msg("Stream %d: Dest:%s %u.%u.%u.%u:%u\n", st->stream_no, - vlan_name(" VLAN:", st, pbuf), + vlan_name(" VLAN:", st, sizeof(pbuf), pbuf), dest_addr >> 24, (dest_addr >> 16) & 0xff, (dest_addr >> 8) & 0xff, dest_addr & 0xff, st->output_dest_port); @@ -921,7 +925,7 @@ stream_analysis(const pcapreport_ctx_t * const ctx, const pcapreport_stream_t * char pbuf1[64], pbuf2[64]; fprint_msg(" VLAN %d: cfi:[%s], pcp[%s]\n", vi->vid, - map_to_string(vi->cfimap, pbuf1), map_to_string(vi->pcpmap, pbuf2)); + map_to_string(vi->cfimap, sizeof(pbuf1), pbuf1), map_to_string(vi->pcpmap, sizeof(pbuf2), pbuf2)); } } diff --git a/ts.c b/ts.c index eaae21b..7c23da3 100644 --- a/ts.c +++ b/ts.c @@ -2616,7 +2616,7 @@ extern int print_descriptors(int is_msg, default: { char temp_c[50]; // twice as much as I need... - sprintf(temp_c, "%s (%d)", + snprintf(temp_c, sizeof(temp_c), "%s (%d)", tag < sizeof(descriptor_names)/sizeof(descriptor_names[0]) ? descriptor_names[tag] : tag < 64 ? "Reserved" : "User Private",