diff --git a/src/RCDEF/rcdef.cpp b/src/RCDEF/rcdef.cpp index d56e84c8e..7f7b6e852 100644 --- a/src/RCDEF/rcdef.cpp +++ b/src/RCDEF/rcdef.cpp @@ -1847,7 +1847,7 @@ LOCAL RC recs( // do records rcderr("Bad name after *file."); rchFileNm = stashSval(0); // store name for rec type definition and for have-file check below char rchFileNmX[CSE_MAX_FILENAME]; // rchFileNm variable with a x at the end - sprintf(rchFileNmX,"%sx", rchFileNm); // Add x + snprintf(rchFileNmX, CSE_MAX_FILENAME, "%sx", rchFileNm); // Add x xfjoinpath(incdir, rchFileNmX, dbuff); printf( "\n %s ... ", dbuff); if (CFILESOUT) // if outputting tables to compile & link diff --git a/src/ashwface.cpp b/src/ashwface.cpp index 93b5bab33..cc896171c 100644 --- a/src/ashwface.cpp +++ b/src/ashwface.cpp @@ -353,7 +353,7 @@ RC FENAW::fa_SetupBare( // FENAW init glazing alone } if (!rc) { // description of reference glazing - sprintf( fa_refDesc, "%s (SHGC=%.3f U=%.3f)", + snprintf( fa_refDesc, sizeof(fa_refDesc), "%s (SHGC=%.3f U=%.3f)", FCGET( fa_CFS.ID), fa_CFS.SHGCcogNFRC, fa_CFS.UcogNFRC); // adjustment factors diff --git a/src/cgdebug.cpp b/src/cgdebug.cpp index 9781f33ca..e3027094a 100644 --- a/src/cgdebug.cpp +++ b/src/cgdebug.cpp @@ -601,7 +601,7 @@ SI j; w char b[200]; /* buffers formatted line before writing */ w w for (j = 0; j < 2; j++) /* loop over 12-hour rows */ -w { bx = sprintf( b, "%-7s", tag ); /* start line / init offset */ +w { bx = snprintf( b, sizeof(b), "%-7s", tag ); /* start line / init offset */ w tag = ""; /* no tag on 2nd line */ w for (i = -1; ++i < 12; ) /* loop over 12 hours */ w { *(b + bx++) = ' '; /* inter-column space */ diff --git a/src/cgresult.cpp b/src/cgresult.cpp index a9e7f65d1..7f653cf94 100644 --- a/src/cgresult.cpp +++ b/src/cgresult.cpp @@ -617,17 +617,17 @@ void FC vpRxports( // virtual print reports and exports of given frequency for switch (rxt.fq) { case C_IVLCH_S: - sprintf(rxt.col1, "%2d%s", Top.iHr + 1, strSuffix( Top.iSubhr)); + snprintf(rxt.col1, sizeof(rxt.col1), "%2d%s", Top.iHr + 1, strSuffix( Top.iSubhr)); reHead = (Top.isBegDay && Top.iSubhr == 0); // subhrly and HS rpts get title/colHeads once day doFoot0 = (Top.isEndDay && Top.isEndHour); // .. and termination (blank line) at end each day break; case C_IVLCH_H: - sprintf( rxt.col1, "%2d", Top.iHr+1); + snprintf( rxt.col1, sizeof(rxt.col1), "%2d", Top.iHr+1); reHead = Top.isBegDay; // hourly rpts get title/colHeads each day doFoot0 = Top.isEndDay; // .. and termination (blank line) at end each day break; case C_IVLCH_D: - sprintf( rxt.col1, "%2d", Top.tp_date.mday); + snprintf( rxt.col1, sizeof(rxt.col1), "%2d", Top.tp_date.mday); reHead = Top.isBegMonth; doFoot0 = Top.isEndMonth; break; @@ -1417,7 +1417,7 @@ LOCAL void FC vpEbStRow( // virtual print zone ZEB or ZST row for zone or su if (rxt->flags & 32) // if zone mode is to show (else skip sprintf for speed) { xMode = zp->zn_md; // ZEB export CSE zone mode: integer - sprintf( mode, "%2d", zp->zn_md); // ZEB report CSE zone mode: text + snprintf( mode, sizeof(mode), "%2d", zp->zn_md); // ZEB report CSE zone mode: text } } diff --git a/src/cncult.cpp b/src/cncult.cpp index dc06f39bb..92f06632d 100644 --- a/src/cncult.cpp +++ b/src/cncult.cpp @@ -3318,7 +3318,7 @@ std::string CULT::cu_MakeDoc( // documentation string for this CULT if (ckf) sCkf = bAll ? strtprintf("%x", ckf) : "nz"; - sprintf( buf,"%-20s %-2d %-3d %-5d %-2d %-4d %-5d %-17s %-8s %-10g %-8s %-8s", + snprintf( buf, sizeof(buf),"%-20s %-2d %-3d %-5d %-2d %-4d %-5d %-17s %-8s %-10g %-8s %-8s", id, cs, fn, f, uc, evf, ty, bName, sDfpi, dff, sP2, sCkf); doc += buf; } diff --git a/src/cncult4.cpp b/src/cncult4.cpp index 8e12325e4..102a45cb8 100644 --- a/src/cncult4.cpp +++ b/src/cncult4.cpp @@ -1034,7 +1034,7 @@ RC RI::ri_oneRxp() // process one report or export for topRxp break; // C_RPTYCH_ZEB } char buf[300]; - sprintf( buf, "%s %s %s", sname, exrePort, Name()); // eg "Statistics report userName1", for errmsgs + snprintf( buf, sizeof(buf), "%s %s %s", sname, exrePort, Name()); // eg "Statistics report userName1", for errmsgs vrOpen( &vrh, buf, optn); // open virtual report, get handle (vrh). if (DvriB.add( &dvrip, WRN)==RCOK) // add record to DVRI / if ok (fail unlikely after al above) { @@ -1446,11 +1446,12 @@ const char* getErrTitleText() // get "ERR" report title text -- public functi TOPRAT* tp; int repCpl = bracket( 78, getCpl( &tp), 132); // chars per line: get best value yet avail // default if Top.repCpl unset. below. - // format title text + const int repCpl_ext = repCpl + 11; + // format title text - if (dmal( DMPP( errTitle), repCpl + 11, PWRN)) // +11 for up to 5 crlf's, and \0 + if (dmal( DMPP( errTitle), repCpl_ext, PWRN)) // +11 for up to 5 crlf's, and \0 return ""; // if failed, return value that will fall thru code - int m = sprintf( errTitle, "\n\nError Messages for Run %03d:", // title + int m = snprintf( errTitle, repCpl_ext, "\n\nError Messages for Run %03d:", // title tp ? tp->runSerial : 0 ); // run serial number, or 000 early in session // (or cd default to cnRunSerial & init that sooner? // note 3 more uses in this file. 7-92) */ @@ -1474,11 +1475,12 @@ const char* getLogTitleText() // get "LOG" report title text -- public functi TOPRAT* tp; int repCpl = bracket( 78, getCpl( &tp), 132); // chars per line: get best value yet avail // default if Top.repCpl unset. below. + const int repCpl_ext = repCpl + 11; // format title text - if (dmal( DMPP( logTitle), repCpl + 11, PWRN)) // +11 for up to 5 crlf's, and \0 + if (dmal( DMPP( logTitle), repCpl_ext, PWRN)) // +11 for up to 5 crlf's, and \0 return ""; // if failed, return value that will fall thru code - int m = sprintf( logTitle, "\n\n%sLog for Run %03d:", + int m = snprintf( logTitle, repCpl_ext, "\n\n%sLog for Run %03d:", tp ? tp->tp_RepTestPfx() : "", // test prefix (hides runDateTime re testing text compare) tp ? tp->runSerial : 0 ); // run serial number, or 000 early in session (unexpected here). char* p = logTitle + m; @@ -1502,10 +1504,11 @@ const char* getInpTitleText() // get "INP" report title text -- public functi TOPRAT* tp; int repCpl = bracket( 78, getCpl( &tp), 132); // chars per line: get best value yet avail // default if Top.repCpl unset. below. - // format title text - if (dmal( DMPP( inpTitle), repCpl + 11, PWRN)) // +11 for up to 5 crlf's, and \0 + const int repCpl_ext = repCpl + 11; + // format title text + if (dmal( DMPP( inpTitle), repCpl_ext, PWRN)) // +11 for up to 5 crlf's, and \0 return ""; // if failed, return value that will fall thru code - int m = sprintf( inpTitle, "\n\nInput for Run %03d:", // title + int m = snprintf( inpTitle, repCpl_ext, "\n\nInput for Run %03d:", // title tp ? tp->runSerial : 0 ); // run serial number, or 000 early in session (unexpected here). char* p = inpTitle + m; int r = repCpl - m + 2; // remaining space on line after the 2 \n's @@ -1602,7 +1605,7 @@ const char* getFooterText( int pageN) // get footer text for specified page n // or InputFilePath if full path and defaulted extension desired if (tp) { if (r > 5) - { int m = sprintf( p, " %03d", tp->runSerial); // run serial number + { int m = snprintf( p, repCpl, " %03d", tp->runSerial); // run serial number p += m; r -= m; } @@ -1620,7 +1623,7 @@ const char* getFooterText( int pageN) // get footer text for specified page n // note that footer[] has 3 extra bytes in case page # is 32767 not the expected 1-99. } if (footerPageN && footer && *footer) // insurance - sprintf( footerPageN, "%2d\r\n", pageN); // generate text for page number and final \r\n\0 in place in footer + snprintf( footerPageN, HFBUFSZ - 7, "%2d\r\n", pageN); // generate text for page number and final \r\n\0 in place in footer // CAUTION fix this code if page # no longer at end of footer. return footer; // return pointer to buffer with 2 lines of formatted header text } // getFooterText diff --git a/src/cncult6.cpp b/src/cncult6.cpp index a6442ceda..6808b9485 100644 --- a/src/cncult6.cpp +++ b/src/cncult6.cpp @@ -213,7 +213,7 @@ x { x TI *stg = hpStage1 + i * HPSTAGESZ; // point hpStage1..hpStage7 for i = 0..6 #endif char stgNm[20]; - sprintf( stgNm, "hpStage%d", i+1 ); // stage variable name text for error messages + snprintf( stgNm, sizeof(stgNm), "hpStage%d", i+1 ); // stage variable name text for error messages // skip stage if empty. Used stages need not be contiguous (but they should be in order of increasing power). if (!stg[0]) @@ -385,7 +385,7 @@ x TI *stg = cpStage1 + i * CPSTAGESZ; // point cpStage1..cpStage7 for stg = cpStage1 + i * CPSTAGESZ; // point cpStage1..cpStage7 for i = 0..6 #endif char stgNm[20]; - sprintf( stgNm, "cpStage%d", i+1 ); // stage variable name text for error messages + snprintf( stgNm, sizeof(stgNm), "cpStage%d", i+1 ); // stage variable name text for error messages // skip stage if empty. Used stages need not be contiguous (but they should be in order of increasing power). if (!stg[0]) diff --git a/src/cnguts.cpp b/src/cnguts.cpp index 91bb041b9..4278ef28f 100644 --- a/src/cnguts.cpp +++ b/src/cnguts.cpp @@ -2518,7 +2518,7 @@ RC MTR_IVL::mtr_Validate1( // validity checks w/ message(s) double xTot = VSum(&clg, NENDUSES); double fDiff = frDiff(double( tot), xTot, 1.); if (fDiff > 0.0001) - sprintf( msgs, "Tot (%0.1f) != VSum() (%0.1f), fDiff = %0.5f", + snprintf( msgs, sizeof(msgs), "Tot (%0.1f) != VSum() (%0.1f), fDiff = %0.5f", tot, xTot, fDiff); // test that allEU is consistent diff --git a/src/cnloads.cpp b/src/cnloads.cpp index 4dd7b1492..059cd4ab8 100644 --- a/src/cnloads.cpp +++ b/src/cnloads.cpp @@ -4176,18 +4176,18 @@ RC RSYS::rs_ExportCorrelationValues() // write CSV file containing values from R { rs_vfPerTon = vfPerTonNom * fAF[iAF]; char sVf[20]; - sprintf(sVf, "%.f", rs_vfPerTon); + snprintf(sVf, sizeof(sVf), "%.f", rs_vfPerTon); for (int idbO = 0; tdbO[idbO] > 0.f; idbO++) { // outdoor conditions rs_tdbOut = tdbO[idbO]; char sDbO[20]; - sprintf(sDbO, "%.f", rs_tdbOut); + snprintf(sDbO, sizeof(sDbO), "%.f", rs_tdbOut); for (int idbI = 0; tdbI[idbI] > 0.f; idbI++) { // entering dry bulb rs_tdbCoilIn = tdbI[idbI]; char sDbI[20]; - sprintf(sDbI, "%.f", rs_tdbCoilIn); + snprintf(sDbI, sizeof(sDbI), "%.f", rs_tdbCoilIn); for (int iwbI = 0; twbI[iwbI] > 0.f; iwbI++) { // entering wet bulb conditions rs_twbCoilIn = twbI[iwbI]; diff --git a/src/cse.cpp b/src/cse.cpp index 3979975e0..355f00643 100644 --- a/src/cse.cpp +++ b/src/cse.cpp @@ -260,7 +260,7 @@ LOCAL void ourGlobalFree( // Windows GlobalFree plus checks & messages char buf[200]; if (GlobalFlags(*pHan) & GMEM_LOCKCOUNT) // test for 0 lock count, to facilitate explicit error message { - sprintf( buf, "Error in cneHansFree():\n\n" // lock count non-0. format message. + snprintf( buf, sizeof(buf), "Error in cneHansFree():\n\n" // lock count non-0. format message. "Global handle 0x%x (%s) is locked", (unsigned)*pHan, desc ); MessageBox( 0, buf, MBoxTitle, MB_ICONSTOP | MB_OK ); // display message @@ -268,7 +268,7 @@ LOCAL void ourGlobalFree( // Windows GlobalFree plus checks & messages else // not locked if (GlobalFree(*pHan)) // free the memory, return value 0 if ok { - sprintf( buf, "Error in cneHansFree():\n\n" // GlobalFree error (unexpected). format message. + snprintf( buf, sizeof(buf), "Error in cneHansFree():\n\n" // GlobalFree error (unexpected). format message. "GlobalFree() failed, handle 0x%x (%s)", (unsigned)*pHan, desc ); MessageBox( 0, buf, MBoxTitle, MB_ICONSTOP | MB_OK ); // display message. @@ -342,7 +342,7 @@ _DLLImpExp int cse( // CSE main function, called by console main(), Windows Wi if (!IsWindow(_hPar)) { char buf[100]; - sprintf( buf, "Error in call to cse():\n\n" + snprintf( buf, sizeof(buf), "Error in call to cse():\n\n" "Parent window handle 0x%x is invalid.", (int)_hPar ); MessageBox( 0, buf, MBoxTitle, MB_ICONSTOP | MB_OK ); diff --git a/src/cuparse.cpp b/src/cuparse.cpp index d3976768b..a5206d25b 100644 --- a/src/cuparse.cpp +++ b/src/cuparse.cpp @@ -2082,7 +2082,7 @@ LOCAL RC FC fcnReg( SFST *f, USI wanTy) // parse most functions, for fcn() * // get value of fcn's type to be assigned to function * * char tx[50]; // must be in stack -* sprintf( tx, "%s(...)=", f->id); // for "after ___" in errmsgs +* snprintf( tx, sizeof(tx), "%s(...)=", f->id); // for "after ___" in errmsgs * CSE_E( expTy( /* get expr. sets nextPrec. */ * max( toprec, PRASS-1), /* parse to current toprec except stop b4 , or ) */ * f->resTy, /* type: fcn's result type */ diff --git a/src/cuprobe.cpp b/src/cuprobe.cpp index 7e5316179..34d3fee2a 100644 --- a/src/cuprobe.cpp +++ b/src/cuprobe.cpp @@ -425,7 +425,7 @@ LOCAL RC FC tryImInProbe( PROBEOBJECT *o) i = *(SI*)o->pSsV; if (i > 0 && i <= b->n) // if subscript in range, e = &b->rec(*(SI*)o->pSsV); // point to record by number, else leave e NULL. - sprintf( iBuf, "[%d]", i); + snprintf( iBuf, sizeof(iBuf), "[%d]", i); name = iBuf; // make 'name' text for error messages break; diff --git a/src/cutok.cpp b/src/cutok.cpp index 3d32e6056..0971c964e 100644 --- a/src/cutok.cpp +++ b/src/cutok.cpp @@ -988,7 +988,7 @@ RC cuErv( // errmsg with optional preprocessed file line text, caret, file name // assemble complete text char whole[MSG_MAXLEN]; - sprintf( whole, + snprintf( whole, MSG_MAXLEN, "%s" // line text (or not) "%s" // ^ (or not, or with 'where') "%s%s" // where (or not) and possible newline @@ -1013,7 +1013,7 @@ RC cuErv( // errmsg with optional preprocessed file line text, caret, file name && lisFind( fileIx, line, tex, &place) ) // and matching place found in listing spool buffer (pp.cpp) { // reassemble message without file line(s) text - sprintf( whole, + snprintf( whole, MSG_MAXLEN, "%s" // ^ (or not, or with 'where') "%s%s" // where (or not) and possible newline "%s", // caller's message (or with where) diff --git a/src/cvpak.cpp b/src/cvpak.cpp index 4fab2bf7f..2cdb406ba 100644 --- a/src/cvpak.cpp +++ b/src/cvpak.cpp @@ -51,6 +51,7 @@ static SI pneg; // precomputed sprintf precision (prcsn) for serveral cases for static double aval; // fabs(val): set by cvsd, cvdd, ft-in; updated by nexK. static double val; // value for float/double print cases static char * str; // Tmpstr destination location +static int allocLen; // string space. /*----------------------------- INITIALIZED DATA --------------------------*/ #ifdef FMTPVMASK // define in cvpak.h to restore p positive value display options, 11-91 @@ -186,7 +187,7 @@ char * FC cvin2s( // Convert internal format data to external format string in return NULL; // or should it ret blank field? set Cvnchars? 9-89. // Allocate temporary string space. - int allocLen = mfw+3+2; // +3: some paranoia space, at least 1 needed. + allocLen = mfw+3+2; // +3: some paranoia space, at least 1 needed. // +2: for FMTUNITS space or FMTPU ()'s if (fmtv & (FMTUNITS|FMTPU)) // if units to be appended allocLen += static_cast(strlen( UNIT::GetSymbol( units)) ); @@ -230,7 +231,7 @@ p ? wid : wid - 1; // full width, else 1 less p case DTSI: p if (*(SI *)data == 0 && pv==FMTPVPLUS) p pv=FMTPVSPACE; -p Cvnchars = sprintf( str, sif[lj][ipv], wid, *(SI *)data < 0 ? pneg : ppos, *(SI *)data); +p Cvnchars = snprintf( str, allocLen, sif[lj][ipv], wid, *(SI *)data < 0 ? pneg : ppos, *(SI *)data); p break; #else case DTINT: @@ -240,7 +241,7 @@ p break; case DTSI: iV = *(SI*)data; intOut: - Cvnchars = sprintf( str, sif[lj], wid, iV < 0 ? pneg : ppos, iV); + Cvnchars = snprintf( str, allocLen, sif[lj], wid, iV < 0 ? pneg : ppos, iV); break; #endif case DTUINT: @@ -250,18 +251,18 @@ p break; case DTUSI: uiV = *(USI*)data; uintOut: - Cvnchars = sprintf( str, usif[lj], wid, ppos, uiV); + Cvnchars = snprintf( str, allocLen, usif[lj], wid, ppos, uiV); break; #ifdef FMTPVMASK p case DTLI: p if (*(LI *)data == 0 && pv==FMTPVPLUS) p pv=FMTPVSPACE; -p Cvnchars = sprintf( str, lif[lj][ipv], wid, *(LI *)data < 0 ? pneg : ppos, *(LI *)data); +p Cvnchars = snprintf( str, allocLen, lif[lj][ipv], wid, *(LI *)data < 0 ? pneg : ppos, *(LI *)data); p break; #else case DTLI: - Cvnchars = sprintf( str, lif[lj], wid, *(LI *)data < 0 ? pneg : ppos, *(LI *)data); + Cvnchars = snprintf( str, allocLen, lif[lj], wid, *(LI *)data < 0 ? pneg : ppos, *(LI *)data); break; #endif @@ -322,7 +323,7 @@ p break; if (ISUNSET(nd)) strcpy(str, ""); // say else - sprintf(str, "", EXN(nd)); // say + snprintf(str, allocLen, "", EXN(nd)); // say break; } } @@ -411,7 +412,7 @@ x } case DTCH: // for char array or string ptr already dereferenced, rob 11-91 case DTANAME: // char[ ] RAT name strjust: - Cvnchars = sprintf( str, sf[ lj], wid, mfw, data); + Cvnchars = snprintf( str, allocLen, sf[ lj], wid, mfw, data); break; #ifdef DTUNDEF @@ -491,9 +492,9 @@ LOCAL void FC cvDouble2s() // float / double output conversion case for cvi #ifdef FMTPVMASK p if (pv==FMTPVPLUS) // show not + p pv=FMTPVSPACE; // but space -p Cvnchars = sprintf( str, sif[lj][ipv], wid, ppos, 0); +p Cvnchars = snprintf( str, allocLen, sif[lj][ipv], wid, ppos, 0); #else - Cvnchars = sprintf( str, sif[lj], wid, ppos, 0); + Cvnchars = snprintf( str, allocLen, sif[lj], wid, ppos, 0); #endif return; } @@ -578,7 +579,7 @@ p Cvnchars = sprintf( str, sif[lj][ipv], wid, ppos, 0); ew++; // requires extra column // so why ++ at 9 ??? rob 10-88 } - sprintf( str+Cvnchars, "e%d", i); // add exponent i + snprintf( str+Cvnchars, allocLen - Cvnchars, "e%d", i); // add exponent i Cvnchars += ew; } // additional returns above @@ -653,11 +654,11 @@ x - quinch; // less " space { dinch = val*12.; // compute float inches #ifdef FMTPVMASK -p Cvnchars = sprintf( str, ff5[ipv], // *.*f +p Cvnchars = snprintf( str, allocLen, ff5[ipv], // *.*f p fw, indfw, // width, precision p dinch ); // floating inches #else - Cvnchars = sprintf( str, ff5, // *.*f + Cvnchars = snprintf( str, allocLen, ff5, // *.*f fw, indfw, // width, precision dinch ); // floating inches #endif @@ -666,13 +667,13 @@ p dinch ); // floating inches { dinch = (val - ft)*((ft >= 0) ? 12 : -12); #ifdef FMTPVMASK -p Cvnchars = sprintf( str, ff4[ipv], // 2.*f for inches +p Cvnchars = snprintf( str, allocLen, ff4[ipv], // 2.*f for inches p fw, prcsn, // feet width, digits p ft, p inw, indfw, // inches wid, precis p dinch ); // floating inches #else - Cvnchars = sprintf( str, ff4, // 2.*f for inches + Cvnchars = snprintf( str, allocLen, ff4, // 2.*f for inches fw, prcsn, // feet width, digits ft, inw, indfw, // inches wid, precis @@ -695,22 +696,22 @@ p dinch ); // floating inches #ifdef FMTPVMASK // define in cvpak.h to restore p positive value display options, 11-91 p p if (justInches) // if showing inches only -p Cvnchars = sprintf( str, ff3[ipv], +p Cvnchars = snprintf( str, allocLen, ff3[ipv], p fw, prcsn, // inches wid, digits p inch ); p else // feet and inches -p Cvnchars = sprintf( str,ff1[ipv], // %2d for inches +p Cvnchars = snprintf( str, allocLen, ff1[ipv], // %2d for inches p fw, prcsn, // feet wid, digits p ft, p inw, // inches width p inch ); #else if (justInches) // if showing inches only - Cvnchars = sprintf( str, ff3, + Cvnchars = snprintf( str, allocLen, ff3, fw, prcsn, // inches wid, digits inch ); else // feet and inches - Cvnchars = sprintf( str,ff1, // %2d for inches + Cvnchars = snprintf( str,allocLen, ff1, // %2d for inches fw, prcsn, // feet wid, digits ft, inw, // inches width @@ -891,9 +892,9 @@ x _dfw = nDigB4Pt; // use the digits, not e or k format _dfw--; // then drop a digit now, save time of a sprintf #ifdef FMTPVMASK -p Cvnchars = sprintf( str, gf[ijust][ipv], wid, _dfw, _val); // convert number to string (c library) +p Cvnchars = snprintf( str, allocLen, gf[ijust][ipv], wid, _dfw, _val); // convert number to string (c library) #else - Cvnchars = sprintf( str, gf[ijust], wid, _dfw, _val); // convert number to string (c library) + Cvnchars = snprintf( str, allocLen, gf[ijust], wid, _dfw, _val); // convert number to string (c library) #endif // done if fits field and not 'e' format when k format overflow specified @@ -1032,9 +1033,9 @@ p }; // squeeze while (1) { #ifdef FMTPVMASK -p Cvnchars = sprintf( str, ff[ijust][ipv], wid, prcsn, val); // convert +p Cvnchars = snprintf( str, allocLen, ff[ijust][ipv], wid, prcsn, val); // convert #else - Cvnchars = sprintf( str, ff[ijust], wid, prcsn, val); // convert (C library) + Cvnchars = snprintf( str, allocLen, ff[ijust], wid, prcsn, val); // convert (C library) #endif // test if fits (allowing positive # to overflow into - position) diff --git a/src/datfcns.cpp b/src/datfcns.cpp index 06ce578a9..4c3342e08 100644 --- a/src/datfcns.cpp +++ b/src/datfcns.cpp @@ -134,7 +134,7 @@ char * FC dMonDay2Str( // convert month and day to string in form "1-Jan" static char buf[20]; if (!bufp) bufp = buf; - sprintf( bufp, "%2.2d-%s", mDay, mabrevStr[mon]); + snprintf( bufp, sizeof(buf), "%2.2d-%s", mDay, mabrevStr[mon]); return bufp; } // dMonDay2Str //--------------------------------------------------------------------------- diff --git a/src/exman.cpp b/src/exman.cpp index 4b3b3a9be..f4dd98137 100644 --- a/src/exman.cpp +++ b/src/exman.cpp @@ -1677,15 +1677,15 @@ RC rerIV( // inner fcn to issue runtime error message; msg handle ok for fmt; t char when[120]; if (Top.dateStr.IsBlank()) // if blank, still input time (eg end-of-input eval call). otta formalize this ??? - sprintf( when, "%s during %sinput setup", // setup + snprintf( when, sizeof(when), "%s during %sinput setup", // setup isWhat, Top.tp_autoSizing ? "autoSizing " : ""); else if (!Top.tp_autoSizing) // main sim - sprintf( when, "%s at hour/subhour %d/%d on %s of simulation%s", + snprintf( when, sizeof(when), "%s at hour/subhour %d/%d on %s of simulation%s", isWhat, Top.iHr+1, Top.iSubhr, Top.dateStr.CStr(), Top.isWarmup ? " warmup" : ""); else // autoSizing { int nIt = Top.tp_auszDsDayItr; - sprintf( when, "%s at hour/subhour %d/%d on autoSizing %s%s", + snprintf( when, sizeof(when), "%s at hour/subhour %d/%d on autoSizing %s%s", isWhat, Top.iHr+1, Top.iSubhr, Top.tp_AuszDoing(), // "heating design day", "Jul cooling design day", etc diff --git a/src/pp.cpp b/src/pp.cpp index 1fb170273..f612c71f3 100644 --- a/src/pp.cpp +++ b/src/pp.cpp @@ -2798,10 +2798,10 @@ LOCAL RC FC ppErv( x// make up 'where': "__ at line __ of file __" text x if (shoFnLn) // if requested x if (ppcIsClarg) // if doing cmd line -x sprintf( where, "%s in command line argument: ", +x snprintf( where, sizeof(where), "%s in command line argument: ", x isWarn ? "Warning" : "Error" ); x else if (inDepth > 0 && isf) // if a file is open -x sprintf( where, "%s at line %d of file '%s': ", +x snprintf( where, sizeof(where), "%s at line %d of file '%s': ", x isWarn ? "Warning" : "Error", x isf->line, isf->Name() ); #else // try microsoft-like format, 2-91 @@ -2810,10 +2810,10 @@ x isf->line, isf->Name() ); if (shoFnLn) // if requested if (ppcIsClarg) // if doing cmd line - sprintf( where, "Command line: %s: ", + snprintf( where, sizeof(where), "Command line: %s: ", isWarn ? "Warning" : "Error" ); else if (inDepth > 0 && isf) // if a file is open - sprintf( where, "%s(%d): %s: ", + snprintf( where, sizeof(where), "%s(%d): %s: ", getFileName(isf->fileIx), isf->line, isWarn ? "Warning" : "Error" ); #endif @@ -2865,7 +2865,8 @@ x isf->line, isf->Name() ); // assemble complete text - sprintf( whole, + snprintf( whole, + sizeof(whole), "%s%s" // line text (or not), and newline if needed (is needed after clarg) "%s" // ^ (or not, or with 'where') "%s%s" // where (or not) and possible newline @@ -2890,7 +2891,8 @@ x isf->line, isf->Name() ); && lisFind( isf->fileIx, isf->line, tex, &place) ) // and matching place found in listing spool buffer (pp.cpp) { // reassemble message without file line(s) text - sprintf( whole, + snprintf( whole, + sizeof(whole), "%s" // ^ (or not, or with 'where') "%s%s" // where (or not) and possible newline "%s", // caller's message (or with where) diff --git a/src/rmkerr.h b/src/rmkerr.h index b0f6f6ebc..629a365db 100644 --- a/src/rmkerr.h +++ b/src/rmkerr.h @@ -177,8 +177,8 @@ template< typename T> void VDbPrintf( // debug print vector l = strlen( s); } for (int i=0; i= 0) // if real year given @@ -329,16 +329,16 @@ const char* tddis( // Convert integer format date structure to string int yt = idt.year; // fetch to modify if (yt < 100) // unless already present yt += 1900; // supply the 19 for full date format - sprintf( s, ", %4d", yt); // format and append year + snprintf( s, TDFULLDATELENMAX, ", %4d", yt); // format and append year } } // short format date: "12-Jun-86" format else { - s += sprintf( s, "%2.2d-%s", // format dd-mon, point past + s += snprintf( s, TDFULLDATELENMAX, "%2.2d-%s", // format dd-mon, point past idt.mday, tddMonAbbrev( idt.month)); if (idt.year >= 0) // if a real year given - sprintf( s, "-%2.2d", (idt.year)%100 ); // append it + snprintf( s,TDFULLDATELENMAX, "-%2.2d", (idt.year)%100 ); // append it } return sbeg; } // tddis @@ -439,9 +439,9 @@ const char* tdtis( // Convert integer format time to string apchar = (hour < 12) ? " am" : " pm"; // get am or pm to append hour = (hour+11)%12 + 1; // convert 0..23 to 1..12 } - s += sprintf( s, "%d:%2.2d", hour, itm->min); // format hour:min, point to end + s += snprintf( s, sizeof(s), "%d:%2.2d", hour, itm->min); // format hour:min, point to end if (itm->sec != -1) // seconds -1 --> no display - sprintf( s, ":%2.2d", itm->sec); // format & append :seconds + snprintf( s, sizeof(s), ":%2.2d", itm->sec); // format & append :seconds return strcat( sbeg, apchar); // append am/pm if any and return } // tdtis diff --git a/src/yacam.cpp b/src/yacam.cpp index d13b78014..36a420d99 100644 --- a/src/yacam.cpp +++ b/src/yacam.cpp @@ -325,7 +325,7 @@ RC YACAM::vprintf( // "vprintf" to file va_list ap ) // pointer to vprintf-like argument list { char buf[514]; - vsprintf( buf, fmt, ap); // format arguments (if any) into given format string + vsnprintf( buf, sizeof(buf), fmt, ap); // format arguments (if any) into given format string return putBytes( buf, static_cast(strlen(buf)), -1L, erOp); // write (above), return result } //===========================================================================