Skip to content

Commit

Permalink
iiod: replace sprintf with snprintf
Browse files Browse the repository at this point in the history
This replaces sprintf with snprintf to ensure bounds checking inside
iiod. Since iiod is only on Linux, we don't have to use iio_snprintf.

Signed-off-by: Robin Getz <[email protected]>
  • Loading branch information
rgetz authored and pcercuei committed Feb 17, 2022
1 parent 8a94f8d commit cad8314
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion iiod/lexer.l
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 143,7 @@ WORD (([[:alpha:]] ,)|(iio:))?(-|_|\.|[[:alnum:]])
errno = 0;
yylval->value = strtol(yytext, &end, 10);
if (yytext == end || errno == ERANGE) {
sprintf(errstr,"lex : bad long constant: %s",(char*)yytext);
snprintf(errstr, sizeof(errstr), "lex : bad long constant: %s",(char*)yytext);
perror(errstr);
}
return VALUE;
Expand Down
8 changes: 4 additions & 4 deletions iiod/parser.y
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 148,7 @@ Line:
const char *xml = iio_context_get_xml(pdata->ctx);
if (!pdata->verbose) {
char buf[128];
sprintf(buf, "%lu\n", (unsigned long) strlen(xml));
snprintf(buf, sizeof(buf), "%lu\n", (unsigned long) strlen(xml));
output(pdata, buf);
}
output(pdata, xml);
Expand All @@ -160,7 160,7 @@ Line:
if (pdata->xml_zstd) {
if (!pdata->verbose) {
char buf[128];
sprintf(buf, "%lu\n", (unsigned long)pdata->xml_zstd_len);
snprintf(buf, sizeof(buf), "%lu\n", (unsigned long)pdata->xml_zstd_len);
output(pdata, buf);
}
if (write_all(pdata, pdata->xml_zstd, pdata->xml_zstd_len) <= 0)
Expand All @@ -169,7 169,7 @@ Line:
YYACCEPT;
} else {
char buf[128];
sprintf(buf, "%d\n", -EINVAL);
snprintf(buf, sizeof(buf), "%d\n", -EINVAL);
output(pdata, buf);
YYABORT;
}
Expand Down Expand Up @@ -452,7 452,7 @@ void yyerror(yyscan_t scanner, const char *msg)
output(pdata, "\n");
} else {
char buf[128];
sprintf(buf, "%i\n", -EINVAL);
snprintf(buf, sizeof(buf), "%i\n", -EINVAL);
output(pdata, buf);
}
}
Expand Down

0 comments on commit cad8314

Please sign in to comment.