Skip to content

Commit

Permalink
Replace sprintf with snprintf to eliminate compile warnings. v6.0.45 (o…
Browse files Browse the repository at this point in the history 
…ssrs#3534)

* Replaced all occurrences of sprintf with snprintf to address deprecation warnings
* Ensured proper buffer size is passed to snprintf to prevent potential buffer overflows
* Ran tests to confirm that the changes do not introduce any new issues or regressions

---------

Co-authored-by: ChenGH <chengh_math@126.com>
  • Loading branch information
@chundonglinlin @chen-guanghua @johzzy
2 people authored and johzzy committed Jun 25, 2023
1 parent a030950 commit 6ac7a56
Show file tree
Hide file tree
Showing 4 changed files with 43 additions and 29 deletions.
11 changes: 7 additions & 4 deletions trunk/src/app/srs_app_rtc_dtls.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,17 +333,20 @@ srs_error_t SrsDtlsCertificate::initialize()

// Show DTLS fingerprint
if (true) {
char fp[100] = {0};
char *p = fp;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int n = 0;

// TODO: FIXME: Unused variable.
/*int r = */X509_digest(dtls_cert, EVP_sha256(), md, &n);

char* fp = new char[3 * n];
SrsAutoFreeA(char, fp);
char *p = fp;

for (unsigned int i = 0; i < n; i++, ++p) {
sprintf(p, "%02X", md[i]);
p += 2;
int nb = snprintf(p, 3, "%02X", md[i]);
srs_assert(nb > 0 && nb < (3 * n - (p - fp)));
p += nb;

if(i < (n-1)) {
*p = ':';
Expand Down
4 changes: 2 additions & 2 deletions trunk/src/app/srs_app_tencentcloud.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ namespace tencentcloud_api_sign {
SHA1_Final(digest, &ctx);
char c_sha1[SHA_DIGEST_LENGTH*2+1];
for (unsigned i = 0; i < SHA_DIGEST_LENGTH; ++i) {
sprintf(&c_sha1[i*2], "%02x", (unsigned int)digest[i]);
snprintf(&c_sha1[i*2], 3, "%02x", (unsigned int)digest[i]);
}
return c_sha1;
}
Expand All @@ -65,7 +65,7 @@ namespace tencentcloud_api_sign {
HMAC_CTX_free(ctx);
#endif
for (unsigned i = 0; i != digest_len; ++i) {
sprintf(&c_hmacsha1[i*2], "%02x", (unsigned int)digest[i]);
snprintf(&c_hmacsha1[i*2], 3, "%02x", (unsigned int)digest[i]);
}
return c_hmacsha1;
}
Expand Down
55 changes: 33 additions & 22 deletions trunk/src/protocol/srs_protocol_json.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -567,7 +567,8 @@ json_value * json_parse_ex (json_settings * settings,
if (flags & flag_string)
{
if (!b)
{ sprintf (error, "Unexpected EOF in string (at %d:%d)", line_and_col);
{
snprintf(error, json_error_max, "Unexpected EOF in string (at %d:%d)", line_and_col);
goto e_failed;
}

Expand All @@ -593,7 +594,7 @@ json_value * json_parse_ex (json_settings * settings,
(uc_b3 = hex_value (*++ state.ptr)) == 0xFF ||
(uc_b4 = hex_value (*++ state.ptr)) == 0xFF)
{
sprintf (error, "Invalid character value `%c` (at %d:%d)", b, line_and_col);
snprintf(error, json_error_max, "Invalid character value `%c` (at %d:%d)", b, line_and_col);
goto e_failed;
}

Expand All @@ -610,7 +611,7 @@ json_value * json_parse_ex (json_settings * settings,
(uc_b3 = hex_value (*++ state.ptr)) == 0xFF ||
(uc_b4 = hex_value (*++ state.ptr)) == 0xFF)
{
sprintf (error, "Invalid character value `%c` (at %d:%d)", b, line_and_col);
snprintf(error, json_error_max, "Invalid character value `%c` (at %d:%d)", b, line_and_col);
goto e_failed;
}

Expand Down Expand Up @@ -739,7 +740,8 @@ json_value * json_parse_ex (json_settings * settings,
if (flags & flag_block_comment)
{
if (!b)
{ sprintf (error, "%d:%d: Unexpected EOF in block comment", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Unexpected EOF in block comment", line_and_col);
goto e_failed;
}

Expand All @@ -755,12 +757,14 @@ json_value * json_parse_ex (json_settings * settings,
else if (b == '/')
{
if (! (flags & (flag_seek_value | flag_done)) && top->type != json_object)
{ sprintf (error, "%d:%d: Comment not allowed here", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Comment not allowed here", line_and_col);
goto e_failed;
}

if (++ state.ptr == end)
{ sprintf (error, "%d:%d: EOF unexpected", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: EOF unexpected", line_and_col);
goto e_failed;
}

Expand All @@ -775,7 +779,7 @@ json_value * json_parse_ex (json_settings * settings,
continue;

default:
sprintf (error, "%d:%d: Unexpected `%c` in comment opening sequence", line_and_col, b);
snprintf(error, json_error_max, "%d:%d: Unexpected `%c` in comment opening sequence", line_and_col, b);
goto e_failed;
};
}
Expand All @@ -793,7 +797,7 @@ json_value * json_parse_ex (json_settings * settings,

default:

sprintf (error, "%d:%d: Trailing garbage: `%c`",
snprintf(error, json_error_max, "%d:%d: Trailing garbage: `%c`",
state.cur_line, state.cur_col, b);

goto e_failed;
Expand All @@ -812,7 +816,8 @@ json_value * json_parse_ex (json_settings * settings,
if (top && top->type == json_array)
flags = (flags & ~ (flag_need_comma | flag_seek_value)) | flag_next;
else
{ sprintf (error, "%d:%d: Unexpected ]", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Unexpected ]", line_and_col);
goto e_failed;
}

Expand All @@ -828,7 +833,7 @@ json_value * json_parse_ex (json_settings * settings,
}
else
{
sprintf (error, "%d:%d: Expected , before %c",
snprintf(error, json_error_max, "%d:%d: Expected , before %c",
state.cur_line, state.cur_col, b);

goto e_failed;
Expand All @@ -843,7 +848,7 @@ json_value * json_parse_ex (json_settings * settings,
}
else
{
sprintf (error, "%d:%d: Expected : before %c",
snprintf(error, json_error_max, "%d:%d: Expected : before %c",
state.cur_line, state.cur_col, b);

goto e_failed;
Expand Down Expand Up @@ -969,7 +974,8 @@ json_value * json_parse_ex (json_settings * settings,
continue;
}
else
{ sprintf (error, "%d:%d: Unexpected %c when seeking value", line_and_col, b);
{
snprintf(error, json_error_max, "%d:%d: Unexpected %c when seeking value", line_and_col, b);
goto e_failed;
}
};
Expand All @@ -989,7 +995,8 @@ json_value * json_parse_ex (json_settings * settings,
case '"':

if (flags & flag_need_comma)
{ sprintf (error, "%d:%d: Expected , before \"", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Expected , before \"", line_and_col);
goto e_failed;
}

Expand All @@ -1014,7 +1021,7 @@ json_value * json_parse_ex (json_settings * settings,
}

default:
sprintf (error, "%d:%d: Unexpected `%c` in object", line_and_col, b);
snprintf(error, json_error_max, "%d:%d: Unexpected `%c` in object", line_and_col, b);
goto e_failed;
};

Expand All @@ -1032,7 +1039,8 @@ json_value * json_parse_ex (json_settings * settings,
if (! (flags & flag_num_e))
{
if (flags & flag_num_zero)
{ sprintf (error, "%d:%d: Unexpected `0` before `%c`", line_and_col, b);
{
snprintf(error, json_error_max, "%d:%d: Unexpected `0` before `%c`", line_and_col, b);
goto e_failed;
}

Expand Down Expand Up @@ -1069,7 +1077,8 @@ json_value * json_parse_ex (json_settings * settings,
else if (b == '.' && top->type == json_integer)
{
if (!num_digits)
{ sprintf (error, "%d:%d: Expected digit before `.`", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Expected digit before `.`", line_and_col);
goto e_failed;
}

Expand All @@ -1085,7 +1094,8 @@ json_value * json_parse_ex (json_settings * settings,
if (top->type == json_double)
{
if (!num_digits)
{ sprintf (error, "%d:%d: Expected digit after `.`", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Expected digit after `.`", line_and_col);
goto e_failed;
}

Expand All @@ -1111,7 +1121,8 @@ json_value * json_parse_ex (json_settings * settings,
else
{
if (!num_digits)
{ sprintf (error, "%d:%d: Expected digit after `e`", line_and_col);
{
snprintf(error, json_error_max, "%d:%d: Expected digit after `e`", line_and_col);
goto e_failed;
}

Expand Down Expand Up @@ -1196,8 +1207,8 @@ json_value * json_parse_ex (json_settings * settings,
return root;

e_unknown_value:
sprintf (error, "%d:%d: Unknown value", line_and_col);

snprintf(error, json_error_max, "%d:%d: Unknown value", line_and_col);
goto e_failed;

e_alloc_failure:
Expand All @@ -1206,8 +1217,8 @@ json_value * json_parse_ex (json_settings * settings,
goto e_failed;

e_overflow:
sprintf (error, "%d:%d: Too long (caught overflow)", line_and_col);

snprintf(error, json_error_max, "%d:%d: Too long (caught overflow)", line_and_col);
goto e_failed;

e_failed:
Expand Down
2 changes: 1 addition & 1 deletion trunk/src/utest/srs_utest_core.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ VOID TEST(CoreLogger, CheckVsnprintf)
HELPER_ARRAY_INIT(buf, sizeof(buf), 0xf);

// Return the number of characters printed.
EXPECT_EQ(6, sprintf(buf, "%s", "Hello!"));
EXPECT_EQ(6, snprintf(buf, sizeof(buf), "%s", "Hello!"));
EXPECT_EQ('H', buf[0]);
EXPECT_EQ('!', buf[5]);
EXPECT_EQ(0x0, buf[6]);
Expand Down

0 comments on commit 6ac7a56

Please sign in to comment.