From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1NPYPR-0004d9-I4 for mharc-grub-devel@gnu.org; Tue, 29 Dec 2009 04:30:33 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NPYPP-0004bj-2l for grub-devel@gnu.org; Tue, 29 Dec 2009 04:30:31 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1NPYPK-0004aA-Eh for grub-devel@gnu.org; Tue, 29 Dec 2009 04:30:30 -0500 Received: from [199.232.76.173] (port=35368 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NPYPK-0004a7-4l for grub-devel@gnu.org; Tue, 29 Dec 2009 04:30:26 -0500 Received: from mail-bw0-f215.google.com ([209.85.218.215]:63090) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1NPYPI-0008Gs-F2 for grub-devel@gnu.org; Tue, 29 Dec 2009 04:30:25 -0500 Received: by bwz7 with SMTP id 7so7646561bwz.26 for ; Tue, 29 Dec 2009 01:30:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:x-enigmail-version:content-type; bh=v8dSn9snGTBLBr34MzGRIC/QFoHAuwsIZl0UvftL16I=; b=T9859KjV71neoPDKshSjYSgUN67z8QfCLE96TG2EkdJ1M19Z8yML/YF80HiLUOP5v8 /LCn3xKDSd9j61Tjqh4sqs4TroHDVYoIdNARAOlbVxs2Z9Npd45WqTj+ka+3khEojfsU 6SYUU1QlkCGSzDDiQKuvOa7VKJWbjOR7eRPq8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:content-type; b=Zx4jGHz4LZM4/LV1YN+0uXaiADhdEOYc2DthUZH2VHIeOX77XXV6p3UXM/7N8WPzuF +I+nntm1AY8CQbuAl7mpUnKrbdfJGdvFDHwbY0amCZIgIcV7/dHhwz721qoEM4oI6kYk 3mmY2ZD9ub8h/CuHxD2HatV6gn1DTNbPSBejI= Received: by 10.204.154.216 with SMTP id p24mr353111bkw.16.1262079022895; Tue, 29 Dec 2009 01:30:22 -0800 (PST) Received: from debian.bg45.phnet (235-189.203-62.cust.bluewin.ch [62.203.189.235]) by mx.google.com with ESMTPS id 13sm3567235bwz.10.2009.12.29.01.30.19 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 29 Dec 2009 01:30:22 -0800 (PST) Message-ID: <4B39CC24.9060607@gmail.com> Date: Tue, 29 Dec 2009 10:30:12 +0100 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20091109) MIME-Version: 1.0 To: The development of GRUB 2 X-Enigmail-Version: 0.95.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig06E91FB3E07F5E771EC709AD" X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: [PATCH] switch from sprintf to asprintf and snprintf X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 09:30:31 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig06E91FB3E07F5E771EC709AD Content-Type: multipart/mixed; boundary="------------050106090109020605050709" This is a multi-part message in MIME format. --------------050106090109020605050709 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable sprintf is potentially dangerous especially with gettext, when messages may be larger than coder would expect. I attach the patch to fix it --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------050106090109020605050709 Content-Type: text/x-diff; name="asprintf.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; filename="asprintf.diff" =3D=3D=3D modified file 'commands/ls.c' --- commands/ls.c 2009-12-25 23:50:59 +0000 +++ commands/ls.c 2009-12-29 09:04:06 +0000 @@ -86,7 +86,7 @@ int print_files_long (const char *filename, const struct grub_dirhook_info *info) { - char pathname[grub_strlen (dirname) + grub_strlen (filename) + 1];= + char *pathname; =20 if ((! all) && (filename[0] =3D=3D '.')) return 0; @@ -96,9 +96,12 @@ grub_file_t file; =20 if (dirname[grub_strlen (dirname) - 1] =3D=3D '/') - grub_sprintf (pathname, "%s%s", dirname, filename); + pathname =3D grub_asprintf ("%s%s", dirname, filename); else - grub_sprintf (pathname, "%s/%s", dirname, filename); + pathname =3D grub_asprintf ("%s/%s", dirname, filename); + + if (!pathname) + return 1; =20 /* XXX: For ext2fs symlinks are detected as files while they should be reported as directories. */ @@ -130,8 +133,9 @@ grub_uint32_t whole, fraction; =20 whole =3D grub_divmod64 (fsize, 100, &fraction); - grub_sprintf (buf, "%u.%02u%c", whole, fraction, - grub_human_sizes[units]); + grub_snprintf (buf, sizeof (buf), + "%u.%02u%c", whole, fraction, + grub_human_sizes[units]); grub_printf ("%-12s", buf); } else =3D=3D=3D modified file 'commands/memrw.c' --- commands/memrw.c 2009-12-25 23:50:59 +0000 +++ commands/memrw.c 2009-12-29 09:04:06 +0000 @@ -61,7 +61,7 @@ =20 if (cmd->state[0].set) { - grub_sprintf (buf, "%x", value); + grub_snprintf (buf, sizeof (buf), "%x", value); grub_env_set (cmd->state[0].arg, buf); } else =3D=3D=3D modified file 'commands/parttool.c' --- commands/parttool.c 2009-12-25 23:50:59 +0000 +++ commands/parttool.c 2009-12-29 09:04:06 +0000 @@ -182,12 +182,11 @@ { char *filename; =20 - filename =3D grub_malloc (grub_strlen (prefix) + sizeof ("/parttool.lst= ")); + filename =3D grub_asprintf ("%s/parttool.lst", prefix); if (filename) { grub_file_t file; =20 - grub_sprintf (filename, "%s/parttool.lst", prefix); file =3D grub_file_open (filename); if (file) { =3D=3D=3D modified file 'commands/search.c' --- commands/search.c 2009-12-25 23:50:59 +0000 +++ commands/search.c 2009-12-29 09:04:06 +0000 @@ -33,7 +33,6 @@ FUNC_NAME (const char *key, const char *var, int no_floppy) { int count =3D 0; - char *buf =3D NULL; grub_fs_autoload_hook_t saved_autoload; =20 auto int iterate_device (const char *name); @@ -48,24 +47,20 @@ =20 #ifdef DO_SEARCH_FILE { - grub_size_t len; - char *p; + char *buf; grub_file_t file; =20 - len =3D grub_strlen (name) + 2 + grub_strlen (key) + 1; - p =3D grub_realloc (buf, len); - if (! p) + buf =3D grub_asprintf ("(%s)%s", name, key); + if (! buf) return 1; =20 - buf =3D p; - grub_sprintf (buf, "(%s)%s", name, key); - file =3D grub_file_open (buf); if (file) { found =3D 1; grub_file_close (file); } + grub_free (buf); } #else { @@ -135,8 +130,6 @@ else grub_device_iterate (iterate_device); =20 - grub_free (buf); - if (grub_errno =3D=3D GRUB_ERR_NONE && count =3D=3D 0) grub_error (GRUB_ERR_FILE_NOT_FOUND, "no such device: %s", key); } =3D=3D=3D modified file 'commands/xnu_uuid.c' --- commands/xnu_uuid.c 2009-12-25 23:50:59 +0000 +++ commands/xnu_uuid.c 2009-12-29 09:04:06 +0000 @@ -349,18 +349,18 @@ grub_memcpy (hashme.prefix, hash_prefix, sizeof (hashme.prefix)); =20 md5 ((char *) &hashme, sizeof (hashme), (char *) xnu_uuid); - grub_sprintf (uuid_string, - "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x"= , - (unsigned int) xnu_uuid[0], (unsigned int) xnu_uuid[1], - (unsigned int) xnu_uuid[2], (unsigned int) xnu_uuid[3], - (unsigned int) xnu_uuid[4], (unsigned int) xnu_uuid[5], - (unsigned int) ((xnu_uuid[6] & 0xf) | 0x30), - (unsigned int) xnu_uuid[7], - (unsigned int) ((xnu_uuid[8] & 0x3f) | 0x80), - (unsigned int) xnu_uuid[9], - (unsigned int) xnu_uuid[10], (unsigned int) xnu_uuid[11], - (unsigned int) xnu_uuid[12], (unsigned int) xnu_uuid[13], - (unsigned int) xnu_uuid[14], (unsigned int) xnu_uuid[15]); + grub_snprintf (uuid_string, sizeof (uuid_string), + "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x= ", + (unsigned int) xnu_uuid[0], (unsigned int) xnu_uuid[1], + (unsigned int) xnu_uuid[2], (unsigned int) xnu_uuid[3], + (unsigned int) xnu_uuid[4], (unsigned int) xnu_uuid[5], + (unsigned int) ((xnu_uuid[6] & 0xf) | 0x30), + (unsigned int) xnu_uuid[7], + (unsigned int) ((xnu_uuid[8] & 0x3f) | 0x80), + (unsigned int) xnu_uuid[9], + (unsigned int) xnu_uuid[10], (unsigned int) xnu_uuid[11], + (unsigned int) xnu_uuid[12], (unsigned int) xnu_uuid[13], + (unsigned int) xnu_uuid[14], (unsigned int) xnu_uuid[15]); for (ptr =3D uuid_string; *ptr; ptr++) *ptr =3D grub_toupper (*ptr); if (argc =3D=3D 1) =3D=3D=3D modified file 'disk/ata.c' --- disk/ata.c 2009-12-25 00:04:51 +0000 +++ disk/ata.c 2009-12-29 09:04:06 +0000 @@ -648,12 +648,14 @@ =20 for (dev =3D grub_ata_devices; dev; dev =3D dev->next) { - char devname[5]; - grub_sprintf (devname, "ata%d", dev->port * 2 + dev->device); + char devname[10]; =20 if (dev->atapi) continue; =20 + grub_snprintf (devname, sizeof (devname),=20 + "ata%d", dev->port * 2 + dev->device); + if (hook (devname)) return 1; } @@ -668,8 +670,9 @@ =20 for (dev =3D grub_ata_devices; dev; dev =3D dev->next) { - char devname[5]; - grub_sprintf (devname, "ata%d", dev->port * 2 + dev->device); + char devname[10]; + grub_snprintf (devname, sizeof (devname), + "ata%d", dev->port * 2 + dev->device); if (grub_strcmp (name, devname) =3D=3D 0) break; } @@ -735,8 +738,9 @@ =20 for (dev =3D grub_ata_devices; dev; dev =3D dev->next) { - char devname[7]; - grub_sprintf (devname, "ata%d", dev->port * 2 + dev->device); + char devname[10]; + grub_snprintf (devname, sizeof (devname), + "ata%d", dev->port * 2 + dev->device); =20 if (! dev->atapi) continue; @@ -808,8 +812,9 @@ =20 for (dev =3D grub_ata_devices; dev; dev =3D dev->next) { - char devname[7]; - grub_sprintf (devname, "ata%d", dev->port * 2 + dev->device); + char devname[10]; + grub_snprintf (devname, sizeof (devname), + "ata%d", dev->port * 2 + dev->device); =20 if (!grub_strcmp (devname, name)) { =3D=3D=3D modified file 'disk/efi/efidisk.c' --- disk/efi/efidisk.c 2009-06-10 21:04:23 +0000 +++ disk/efi/efidisk.c 2009-12-29 09:04:06 +0000 @@ -440,7 +440,7 @@ =20 for (d =3D fd_devices, count =3D 0; d; d =3D d->next, count++) { - grub_sprintf (buf, "fd%d", count); + grub_snprintf (buf, sizeof (buf), "fd%d", count); grub_dprintf ("efidisk", "iterating %s\n", buf); if (hook (buf)) return 1; @@ -448,7 +448,7 @@ =20 for (d =3D hd_devices, count =3D 0; d; d =3D d->next, count++) { - grub_sprintf (buf, "hd%d", count); + grub_snprintf (buf, sizeof (buf), "hd%d", count); grub_dprintf ("efidisk", "iterating %s\n", buf); if (hook (buf)) return 1; @@ -456,7 +456,7 @@ =20 for (d =3D cd_devices, count =3D 0; d; d =3D d->next, count++) { - grub_sprintf (buf, "cd%d", count); + grub_snprintf (buf, sizeof (buf), "cd%d", count); grub_dprintf ("efidisk", "iterating %s\n", buf); if (hook (buf)) return 1; @@ -805,18 +805,10 @@ return 0; } =20 - device_name =3D grub_malloc (grub_strlen (parent->name) + 1 - + grub_strlen (partition_name) + 1); - if (! device_name) - { - grub_free (partition_name); - grub_disk_close (parent); - return 0; - } - - grub_sprintf (device_name, "%s,%s", parent->name, partition_name);= + device_name =3D grub_asprintf ("%s,%s", parent->name, partition_na= me); grub_free (partition_name); grub_disk_close (parent); + return device_name; } else =3D=3D=3D modified file 'disk/i386/pc/biosdisk.c' --- disk/i386/pc/biosdisk.c 2009-12-10 18:15:20 +0000 +++ disk/i386/pc/biosdisk.c 2009-12-29 09:04:06 +0000 @@ -56,7 +56,8 @@ { char name[10]; =20 - grub_sprintf (name, (drive & 0x80) ? "hd%d" : "fd%d", drive & (~0x80= )); + grub_snprintf (name, sizeof (name), + (drive & 0x80) ? "hd%d" : "fd%d", drive & (~0x80)); return hook (name); } =20 =3D=3D=3D modified file 'disk/raid.c' --- disk/raid.c 2009-12-24 22:53:05 +0000 +++ disk/raid.c 2009-12-29 09:04:06 +0000 @@ -556,7 +556,7 @@ } } =20 - array->name =3D grub_malloc (13); + array->name =3D grub_asprintf ("md%d", array->number); if (! array->name) { grub_free (array->uuid); @@ -565,8 +565,6 @@ return grub_errno; } =20 - grub_sprintf (array->name, "md%d", array->number); - grub_dprintf ("raid", "Found array %s (%s)\n", array->name, scanner_name); =20 =3D=3D=3D modified file 'disk/scsi.c' --- disk/scsi.c 2009-12-24 22:53:05 +0000 +++ disk/scsi.c 2009-12-29 09:04:06 +0000 @@ -197,7 +197,6 @@ =20 int scsi_iterate (const char *name, int luns) { - char sname[40]; int i; =20 /* In case of a single LUN, just return `usbX'. */ @@ -208,9 +207,13 @@ distinguish it. */ for (i =3D 0; i < luns; i++) { - grub_sprintf (sname, "%s%c", name, 'a' + i); + char *sname; + sname =3D grub_asprintf ("%s%c", name, 'a' + i); + if (!sname) + return 1; if (hook (sname)) return 1; + grub_free (sname); } return 0; } =3D=3D=3D modified file 'disk/usbms.c' --- disk/usbms.c 2009-07-19 13:59:21 +0000 +++ disk/usbms.c 2009-12-29 09:04:06 +0000 @@ -200,11 +200,15 @@ =20 for (p =3D grub_usbms_dev_list; p; p =3D p->next) { - char devname[20]; - grub_sprintf (devname, "usb%d", cnt); + char *devname; + devname =3D grub_asprintf ("usb%d", cnt); =20 if (hook (devname, p->luns)) - return 1; + { + grub_free (devname); + return 1; + } + grub_free (devname); cnt++; } =20 =3D=3D=3D modified file 'efiemu/main.c' --- efiemu/main.c 2009-12-26 10:01:33 +0000 +++ efiemu/main.c 2009-12-29 09:04:06 +0000 @@ -255,12 +255,11 @@ =20 suffix =3D grub_efiemu_get_default_core_name (); =20 - filename =3D grub_malloc (grub_strlen (prefix) + grub_strlen (suffix) = + 2); + filename =3D grub_asprintf ("%s/%s", prefix, suffix); if (! filename) return grub_error (GRUB_ERR_OUT_OF_MEMORY, "couldn't allocate temporary space"); =20 - grub_sprintf (filename, "%s/%s", prefix, suffix); =20 err =3D grub_efiemu_load_file (filename); grub_free (filename); =3D=3D=3D modified file 'fs/ext2.c' --- fs/ext2.c 2009-10-25 15:23:48 +0000 +++ fs/ext2.c 2009-12-29 09:04:06 +0000 @@ -875,12 +875,15 @@ data =3D grub_ext2_mount (disk); if (data) { - *uuid =3D grub_malloc (40 + sizeof ('\0')); - grub_sprintf (*uuid, "%04x%04x-%04x-%04x-%04x-%04x%04x%04x", - grub_be_to_cpu16 (data->sblock.uuid[0]), grub_be_to_cpu16 (data->s= block.uuid[1]), - grub_be_to_cpu16 (data->sblock.uuid[2]), grub_be_to_cpu16 (data->s= block.uuid[3]), - grub_be_to_cpu16 (data->sblock.uuid[4]), grub_be_to_cpu16 (data->s= block.uuid[5]), - grub_be_to_cpu16 (data->sblock.uuid[6]), grub_be_to_cpu16 (data->s= block.uuid[7])); + *uuid =3D grub_asprintf ("%04x%04x-%04x-%04x-%04x-%04x%04x%04x", + grub_be_to_cpu16 (data->sblock.uuid[0]), + grub_be_to_cpu16 (data->sblock.uuid[1]), + grub_be_to_cpu16 (data->sblock.uuid[2]), + grub_be_to_cpu16 (data->sblock.uuid[3]), + grub_be_to_cpu16 (data->sblock.uuid[4]), + grub_be_to_cpu16 (data->sblock.uuid[5]), + grub_be_to_cpu16 (data->sblock.uuid[6]), + grub_be_to_cpu16 (data->sblock.uuid[7])); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/fat.c' --- fs/fat.c 2009-12-25 00:04:51 +0000 +++ fs/fat.c 2009-12-29 09:04:06 +0000 @@ -833,9 +833,9 @@ data =3D grub_fat_mount (disk); if (data) { - *uuid =3D grub_malloc (sizeof ("xxxx-xxxx")); - grub_sprintf (*uuid, "%04x-%04x", (grub_uint16_t) (data->uuid >> 1= 6), - (grub_uint16_t) data->uuid); + *uuid =3D grub_asprintf ("%04x-%04x", + (grub_uint16_t) (data->uuid >> 16), + (grub_uint16_t) data->uuid); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/hfs.c' --- fs/hfs.c 2009-12-25 00:04:51 +0000 +++ fs/hfs.c 2009-12-29 09:04:06 +0000 @@ -1082,10 +1082,9 @@ data =3D grub_hfs_mount (device->disk); if (data && data->sblock.num_serial !=3D 0) { - *uuid =3D grub_malloc (16 + sizeof ('\0')); - grub_sprintf (*uuid, "%016llx", - (unsigned long long) - grub_be_to_cpu64 (data->sblock.num_serial)); + *uuid =3D grub_asprintf ("%016llx", + (unsigned long long) + grub_be_to_cpu64 (data->sblock.num_serial)); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/hfsplus.c' --- fs/hfsplus.c 2009-12-25 00:04:51 +0000 +++ fs/hfsplus.c 2009-12-29 09:04:06 +0000 @@ -995,10 +995,9 @@ data =3D grub_hfsplus_mount (disk); if (data) { - *uuid =3D grub_malloc (16 + sizeof ('\0')); - grub_sprintf (*uuid, "%016llx", - (unsigned long long) - grub_be_to_cpu64 (data->volheader.num_serial)); + *uuid =3D grub_asprintf ("%016llx", + (unsigned long long) + grub_be_to_cpu64 (data->volheader.num_serial)); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/i386/pc/pxe.c' --- fs/i386/pc/pxe.c 2009-12-25 21:01:06 +0000 +++ fs/i386/pc/pxe.c 2009-12-29 09:04:06 +0000 @@ -356,7 +356,8 @@ =20 for (i =3D 0; i < mac_len; i++) { - grub_sprintf (ptr, "%02x:", mac_addr[i] & 0xff); + grub_snprintf (ptr, sizeof (buf) - (ptr - buf), + "%02x:", mac_addr[i] & 0xff); ptr +=3D (sizeof ("XX:") - 1); } if (mac_len) @@ -483,8 +484,8 @@ { char buf[sizeof ("XXX.XXX.XXX.XXX")]; =20 - grub_sprintf (buf, "%d.%d.%d.%d", (ip & 0xff), - (ip >> 8) & 0xff, (ip >> 16) & 0xff, (ip >> 24) & 0xff); + grub_snprintf (buf, sizeof (buf), "%d.%d.%d.%d", (ip & 0xff), + (ip >> 8) & 0xff, (ip >> 16) & 0xff, (ip >> 24) & 0xff); grub_env_set (varname, buf); } =20 @@ -500,15 +501,13 @@ return 0; =20 /* Normalize the IP. */ - buf =3D grub_malloc (sizeof ("XXX.XXX.XXX.XXX")); + buf =3D grub_asprintf ("%d.%d.%d.%d", (newip & 0xff), (newip >> 8) & 0= xff, + (newip >> 16) & 0xff, (newip >> 24) & 0xff); if (!buf) return 0; =20 *ip =3D newip; =20 - grub_sprintf (buf, "%d.%d.%d.%d", (newip & 0xff), (newip >> 8) & 0xff,= - (newip >> 16) & 0xff, (newip >> 24) & 0xff); - return buf;=20 } =20 @@ -544,11 +543,10 @@ else if (size > GRUB_PXE_MAX_BLKSIZE) size =3D GRUB_PXE_MAX_BLKSIZE; =20 - buf =3D grub_malloc (sizeof ("XXXXXX XXXXXX")); + buf =3D grub_asprintf ("%d", size); if (!buf) return 0; =20 - grub_sprintf (buf, "%d", size); grub_pxe_blksize =3D size; =20 return buf; @@ -562,12 +560,10 @@ { char *buf; =20 - buf =3D grub_malloc (sizeof ("XXXXXX XXXXXX")); + buf =3D grub_asprintf ("%d", grub_pxe_blksize); if (buf) - { - grub_sprintf (buf, "%d", grub_pxe_blksize); - grub_env_set ("net_pxe_blksize", buf); - } + grub_env_set ("net_pxe_blksize", buf); + grub_free (buf); =20 set_ip_env ("pxe_default_server", grub_pxe_default_server_ip); set_ip_env ("pxe_default_gateway", grub_pxe_default_gateway_ip); =3D=3D=3D modified file 'fs/iso9660.c' --- fs/iso9660.c 2009-12-25 00:04:51 +0000 +++ fs/iso9660.c 2009-12-29 09:04:06 +0000 @@ -837,16 +837,23 @@ } else { - *uuid =3D grub_malloc (sizeof ("YYYY-MM-DD-HH-mm-ss-hh")); - grub_sprintf (*uuid, "%c%c%c%c-%c%c-%c%c-%c%c-%c%c-%c%c-%c%c", - data->voldesc.modified.year[0], data->voldesc.modified.year[1], - data->voldesc.modified.year[2], data->voldesc.modified.year[3], - data->voldesc.modified.month[0], data->voldesc.modified.month[1], - data->voldesc.modified.day[0], data->voldesc.modified.day[1], - data->voldesc.modified.hour[0], data->voldesc.modified.hour[1], - data->voldesc.modified.minute[0], data->voldesc.modified.minute[1], - data->voldesc.modified.second[0], data->voldesc.modified.second[1], - data->voldesc.modified.hundredth[0], data->voldesc.modified.hundredth= [1]); + *uuid =3D grub_asprintf ("%c%c%c%c-%c%c-%c%c-%c%c-%c%c-%c%c-%c%c", + data->voldesc.modified.year[0], + data->voldesc.modified.year[1], + data->voldesc.modified.year[2], + data->voldesc.modified.year[3], + data->voldesc.modified.month[0], + data->voldesc.modified.month[1], + data->voldesc.modified.day[0], + data->voldesc.modified.day[1], + data->voldesc.modified.hour[0], + data->voldesc.modified.hour[1], + data->voldesc.modified.minute[0], + data->voldesc.modified.minute[1], + data->voldesc.modified.second[0], + data->voldesc.modified.second[1], + data->voldesc.modified.hundredth[0], + data->voldesc.modified.hundredth[1]); } } else =3D=3D=3D modified file 'fs/jfs.c' --- fs/jfs.c 2009-12-25 00:04:51 +0000 +++ fs/jfs.c 2009-12-29 09:04:06 +0000 @@ -842,17 +842,16 @@ data =3D grub_jfs_mount (disk); if (data) { - *uuid =3D grub_malloc (40 + sizeof ('\0')); - - grub_sprintf (*uuid, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-= %02x%02x%02x%02x%02x%02x", - data->sblock.uuid[0], data->sblock.uuid[1], - data->sblock.uuid[2], data->sblock.uuid[3], - data->sblock.uuid[4], data->sblock.uuid[5], - data->sblock.uuid[6], data->sblock.uuid[7], - data->sblock.uuid[8], data->sblock.uuid[9], - data->sblock.uuid[10], data->sblock.uuid[11], - data->sblock.uuid[12], data->sblock.uuid[13], - data->sblock.uuid[14], data->sblock.uuid[15]); + *uuid =3D grub_asprintf ("%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%= 02x-" + "%02x%02x%02x%02x%02x%02x", + data->sblock.uuid[0], data->sblock.uuid[1], + data->sblock.uuid[2], data->sblock.uuid[3], + data->sblock.uuid[4], data->sblock.uuid[5], + data->sblock.uuid[6], data->sblock.uuid[7], + data->sblock.uuid[8], data->sblock.uuid[9], + data->sblock.uuid[10], data->sblock.uuid[11], + data->sblock.uuid[12], data->sblock.uuid[13], + data->sblock.uuid[14], data->sblock.uuid[15]); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/ntfs.c' --- fs/ntfs.c 2009-12-24 22:53:05 +0000 +++ fs/ntfs.c 2009-12-29 09:04:06 +0000 @@ -1072,8 +1072,7 @@ data =3D grub_ntfs_mount (disk); if (data) { - *uuid =3D grub_malloc (16 + sizeof ('\0')); - grub_sprintf (*uuid, "%016llx", (unsigned long long) data->uuid); + *uuid =3D grub_asprintf ("%016llx", (unsigned long long) data->uui= d); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/reiserfs.c' --- fs/reiserfs.c 2009-12-25 00:04:51 +0000 +++ fs/reiserfs.c 2009-12-29 09:04:06 +0000 @@ -1335,12 +1335,15 @@ data =3D grub_reiserfs_mount (disk); if (data) { - *uuid =3D grub_malloc (sizeof ("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx= xx")); - grub_sprintf (*uuid, "%04x%04x-%04x-%04x-%04x-%04x%04x%04x", - grub_be_to_cpu16 (data->superblock.uuid[0]), grub_be_to_cpu16 (dat= a->superblock.uuid[1]), - grub_be_to_cpu16 (data->superblock.uuid[2]), grub_be_to_cpu16 (dat= a->superblock.uuid[3]), - grub_be_to_cpu16 (data->superblock.uuid[4]), grub_be_to_cpu16 (dat= a->superblock.uuid[5]), - grub_be_to_cpu16 (data->superblock.uuid[6]), grub_be_to_cpu16 (dat= a->superblock.uuid[7])); + *uuid =3D grub_asprintf ("%04x%04x-%04x-%04x-%04x-%04x%04x%04x", + grub_be_to_cpu16 (data->superblock.uuid[0]), + grub_be_to_cpu16 (data->superblock.uuid[1]), + grub_be_to_cpu16 (data->superblock.uuid[2]), + grub_be_to_cpu16 (data->superblock.uuid[3]), + grub_be_to_cpu16 (data->superblock.uuid[4]), + grub_be_to_cpu16 (data->superblock.uuid[5]), + grub_be_to_cpu16 (data->superblock.uuid[6]), + grub_be_to_cpu16 (data->superblock.uuid[7])); } else *uuid =3D NULL; =3D=3D=3D modified file 'fs/ufs.c' --- fs/ufs.c 2009-12-25 00:04:51 +0000 +++ fs/ufs.c 2009-12-29 09:04:06 +0000 @@ -732,12 +732,9 @@ =20 data =3D grub_ufs_mount (disk); if (data && (data->sblock.uuidhi !=3D 0 || data->sblock.uuidlow !=3D 0= )) - { - *uuid =3D grub_malloc (16 + sizeof ('\0')); - grub_sprintf (*uuid, "%08x%08x", - (unsigned) grub_le_to_cpu32 (data->sblock.uuidhi), - (unsigned) grub_le_to_cpu32 (data->sblock.uuidlow)); - } + *uuid =3D grub_asprintf ("%08x%08x", + (unsigned) grub_le_to_cpu32 (data->sblock.uuidhi), + (unsigned) grub_le_to_cpu32 (data->sblock.uuidlow)); else *uuid =3D NULL; =20 =3D=3D=3D modified file 'fs/xfs.c' --- fs/xfs.c 2009-12-25 00:04:51 +0000 +++ fs/xfs.c 2009-12-29 09:04:06 +0000 @@ -777,12 +777,15 @@ data =3D grub_xfs_mount (disk); if (data) { - *uuid =3D grub_malloc (sizeof ("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx= xx")); - grub_sprintf (*uuid, "%04x%04x-%04x-%04x-%04x-%04x%04x%04x", - grub_be_to_cpu16 (data->sblock.uuid[0]), grub_be_to_cpu16 (data->s= block.uuid[1]), - grub_be_to_cpu16 (data->sblock.uuid[2]), grub_be_to_cpu16 (data->s= block.uuid[3]), - grub_be_to_cpu16 (data->sblock.uuid[4]), grub_be_to_cpu16 (data->s= block.uuid[5]), - grub_be_to_cpu16 (data->sblock.uuid[6]), grub_be_to_cpu16 (data->s= block.uuid[7])); + *uuid =3D grub_asprintf ("%04x%04x-%04x-%04x-%04x-%04x%04x%04x", + grub_be_to_cpu16 (data->sblock.uuid[0]), + grub_be_to_cpu16 (data->sblock.uuid[1]), + grub_be_to_cpu16 (data->sblock.uuid[2]), + grub_be_to_cpu16 (data->sblock.uuid[3]), + grub_be_to_cpu16 (data->sblock.uuid[4]), + grub_be_to_cpu16 (data->sblock.uuid[5]), + grub_be_to_cpu16 (data->sblock.uuid[6]), + grub_be_to_cpu16 (data->sblock.uuid[7])); } else *uuid =3D NULL; =3D=3D=3D modified file 'gettext/gettext.c' --- gettext/gettext.c 2009-12-25 23:50:59 +0000 +++ gettext/gettext.c 2009-12-29 09:04:06 +0000 @@ -275,14 +275,19 @@ /* Warning: if changing some paths in the below line, change the grub_= malloc contents below. */ =20 - grub_sprintf (mo_file, "%s/%s.mo", locale_dir, lang); + mo_file =3D grub_asprintf ("%s/%s.mo", locale_dir, lang); + if (!mo_file) + return; =20 fd_mo =3D grub_mofile_open (mo_file); =20 /* Will try adding .gz as well. */ if (fd_mo =3D=3D NULL) { - grub_sprintf (mo_file, "%s.gz", mo_file); + grub_free (mo_file); + mo_file =3D grub_asprintf ("%s.gz", mo_file); + if (!mo_file) + return; fd_mo =3D grub_mofile_open (mo_file); } =20 =3D=3D=3D modified file 'hook/datehook.c' --- hook/datehook.c 2009-05-04 03:49:08 +0000 +++ hook/datehook.c 2009-12-29 09:04:06 +0000 @@ -76,7 +76,7 @@ return grub_get_weekday_name (&datetime); } =20 - grub_sprintf (buf, "%d", n); + grub_snprintf (buf, sizeof (buf), "%d", n); break; } } =3D=3D=3D modified file 'include/grub/misc.h' --- include/grub/misc.h 2009-12-18 02:57:32 +0000 +++ include/grub/misc.h 2009-12-29 09:04:06 +0000 @@ -179,8 +179,13 @@ const char *condition, const char *fmt, ...) __attribute__= ((format (printf, 4, 5))); int EXPORT_FUNC(grub_vprintf) (const char *fmt, va_list args); -int EXPORT_FUNC(grub_sprintf) (char *str, const char *fmt, ...) __attrib= ute__ ((format (printf, 2, 3))); -int EXPORT_FUNC(grub_vsprintf) (char *str, const char *fmt, va_list args= ); +int EXPORT_FUNC(grub_snprintf) (char *str, grub_size_t n, const char *fm= t, ...) + __attribute__ ((format (printf, 3, 4))); +int EXPORT_FUNC(grub_vsnprintf) (char *str, grub_size_t n, const char *f= mt, + va_list args); +char *EXPORT_FUNC(grub_asprintf) (const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); +char *EXPORT_FUNC(grub_avsprintf) (const char *fmt, va_list args); void EXPORT_FUNC(grub_exit) (void) __attribute__ ((noreturn)); void EXPORT_FUNC(grub_abort) (void) __attribute__ ((noreturn)); grub_ssize_t EXPORT_FUNC(grub_utf8_to_ucs4) (grub_uint32_t *dest, =3D=3D=3D modified file 'kern/device.c' --- kern/device.c 2009-12-10 12:26:22 +0000 +++ kern/device.c 2009-12-29 09:04:06 +0000 @@ -86,7 +86,7 @@ struct part_ent { struct part_ent *next; - char name[0]; + char *name; } *ents; =20 int iterate_disk (const char *disk_name) @@ -118,6 +118,7 @@ =20 if (!ret) ret =3D hook (p->name); + grub_free (p->name); grub_free (p); p =3D next; } @@ -138,15 +139,20 @@ if (! partition_name) return 1; =20 - p =3D grub_malloc (sizeof (p->next) + grub_strlen (disk->name) + 1= + - grub_strlen (partition_name) + 1); + p =3D grub_malloc (sizeof (p->next)); if (!p) { grub_free (partition_name); return 1; } =20 - grub_sprintf (p->name, "%s,%s", disk->name, partition_name); + p->name =3D grub_asprintf ("%s,%s", disk->name, partition_name); + if (!p->name) + { + grub_free (partition_name); + grub_free (p); + return 1; + } =20 grub_free (partition_name); =20 p->next =3D ents; =3D=3D=3D modified file 'kern/dl.c' --- kern/dl.c 2009-11-23 15:31:54 +0000 +++ kern/dl.c 2009-12-29 09:04:06 +0000 @@ -628,12 +628,10 @@ return 0; } =20 - filename =3D (char *) grub_malloc (grub_strlen (grub_dl_dir) + 1 - + grub_strlen (name) + 4 + 1); + filename =3D grub_asprintf ("%s/%s.mod", grub_dl_dir, name); if (! filename) return 0; =20 - grub_sprintf (filename, "%s/%s.mod", grub_dl_dir, name); mod =3D grub_dl_load_file (filename); grub_free (filename); =20 =3D=3D=3D modified file 'kern/efi/init.c' --- kern/efi/init.c 2009-06-10 21:04:23 +0000 +++ kern/efi/init.c 2009-12-29 09:04:06 +0000 @@ -63,11 +63,10 @@ if (p) *p =3D '\0'; =20 - prefix =3D grub_malloc (1 + grub_strlen (device) + 1 - + grub_strlen (file) + 1); + prefix =3D grub_asprintf ("(%s)%s", device, file); if (prefix) { - grub_sprintf (prefix, "(%s)%s", device, file); + =20 grub_env_set ("prefix", prefix); grub_free (prefix); } =3D=3D=3D modified file 'kern/env.c' --- kern/env.c 2009-12-23 16:41:32 +0000 +++ kern/env.c 2009-12-29 09:04:06 +0000 @@ -356,14 +356,7 @@ static char * mangle_data_slot_name (const char *name) { - char *mangled_name; - - mangled_name =3D grub_malloc (grub_strlen (name) + 2); - if (! mangled_name) - return 0; - - grub_sprintf (mangled_name, "\e%s", name); - return mangled_name; + return grub_asprintf ("\e%s", name); } =20 grub_err_t =3D=3D=3D modified file 'kern/err.c' --- kern/err.c 2009-06-10 21:04:23 +0000 +++ kern/err.c 2009-12-29 09:04:06 +0000 @@ -44,7 +44,7 @@ grub_errno =3D n; =20 va_start (ap, fmt); - grub_vsprintf (grub_errmsg, fmt, ap); + grub_vsnprintf (grub_errmsg, sizeof (grub_errmsg), fmt, ap); va_end (ap); =20 return n; =3D=3D=3D modified file 'kern/i386/pc/init.c' --- kern/i386/pc/init.c 2009-06-15 23:25:38 +0000 +++ kern/i386/pc/init.c 2009-12-29 09:04:06 +0000 @@ -56,22 +56,30 @@ make_install_device (void) { /* XXX: This should be enough. */ - char dev[100]; + char dev[100], *ptr =3D dev; =20 if (grub_prefix[0] !=3D '(') { /* No hardcoded root partition - make it from the boot drive and t= he partition number encoded at the install time. */ - grub_sprintf (dev, "(%cd%u", (grub_boot_drive & 0x80) ? 'h' : 'f',= + grub_snprintf (dev, sizeof (dev), + "(%cd%u", (grub_boot_drive & 0x80) ? 'h' : 'f', grub_boot_drive & 0x7f); + ptr +=3D grub_strlen (ptr); =20 if (grub_install_dos_part >=3D 0) - grub_sprintf (dev + grub_strlen (dev), ",%u", grub_install_dos_part + 1= ); + grub_snprintf (ptr, sizeof (dev) - (ptr - dev), + ",%u", grub_install_dos_part + 1); + + ptr +=3D grub_strlen (ptr); =20 if (grub_install_bsd_part >=3D 0) - grub_sprintf (dev + grub_strlen (dev), ",%c", grub_install_bsd_part + '= a'); - - grub_sprintf (dev + grub_strlen (dev), ")%s", grub_prefix); + grub_snprintf (ptr, sizeof (dev) - (ptr - dev), ",%c", + grub_install_bsd_part + 'a'); + + ptr +=3D grub_strlen (ptr); + + grub_snprintf (ptr, sizeof (dev) - (ptr - dev), ")%s", grub_prefix= ); grub_strcpy (grub_prefix, dev); } =20 =3D=3D=3D modified file 'kern/ieee1275/init.c' --- kern/ieee1275/init.c 2009-12-24 22:53:05 +0000 +++ kern/ieee1275/init.c 2009-12-29 09:04:06 +0000 @@ -111,11 +111,12 @@ *lastslash =3D '\0'; grub_translate_ieee1275_path (filename); =20 - newprefix =3D grub_malloc (grub_strlen (prefix) - + grub_strlen (filename)); - grub_sprintf (newprefix, "%s%s", prefix, filename); - grub_free (prefix); - prefix =3D newprefix; + newprefix =3D grub_asprintf ("%s%s", prefix, filename); + if (newprefix) + { + grub_free (prefix); + prefix =3D newprefix; + } } } =20 =3D=3D=3D modified file 'kern/ieee1275/openfw.c' --- kern/ieee1275/openfw.c 2009-12-24 22:53:05 +0000 +++ kern/ieee1275/openfw.c 2009-12-29 09:04:06 +0000 @@ -38,7 +38,7 @@ grub_ieee1275_phandle_t dev; grub_ieee1275_phandle_t child; char *childtype, *childpath; - char *childname, *fullname; + char *childname; int ret =3D 0; =20 if (grub_ieee1275_finddevice (devpath, &dev)) @@ -63,19 +63,12 @@ grub_free (childtype); return 0; } - fullname =3D grub_malloc (IEEE1275_MAX_PATH_LEN); - if (!fullname) - { - grub_free (childname); - grub_free (childpath); - grub_free (childtype); - return 0; - } =20 do { struct grub_ieee1275_devalias alias; grub_ssize_t actual; + char *fullname; =20 if (grub_ieee1275_get_property (child, "device_type", childtype, IEEE1275_MAX_PROP_LEN, &actual)) @@ -89,18 +82,25 @@ IEEE1275_MAX_PROP_LEN, &actual)) continue; =20 - grub_sprintf (fullname, "%s/%s", devpath, childname); + fullname =3D grub_asprintf ("%s/%s", devpath, childname); + if (!fullname) + { + grub_free (childname); + grub_free (childpath); + grub_free (childtype); + return 0; + } =20 alias.type =3D childtype; alias.path =3D childpath; alias.name =3D fullname; ret =3D hook (&alias); + grub_free (fullname); if (ret) break; } while (grub_ieee1275_peer (child, &child)); =20 - grub_free (fullname); grub_free (childname); grub_free (childpath); grub_free (childtype); @@ -330,12 +330,11 @@ { char *filepath =3D comma + 1; =20 - ret =3D grub_malloc (grub_strlen (filepath) + 1); /* Make sure filepath has leading backslash. */ if (filepath[0] !=3D '\\') - grub_sprintf (ret, "\\%s", filepath); + ret =3D grub_asprintf ("\\%s", filepath); else - grub_strcpy (ret, filepath); + ret =3D grub_strdup (filepath); } } else if (ptype =3D=3D GRUB_PARSE_PARTITION) @@ -383,15 +382,10 @@ /* GRUB partition 1 is OF partition 0. */ partno++; =20 - /* Assume partno will require less than five bytes to encode. */ - encoding =3D grub_malloc (grub_strlen (device) + 3 + 5); - grub_sprintf (encoding, "(%s,%d)", device, partno); + encoding =3D grub_asprintf ("(%s,%d)", device, partno); } else - { - encoding =3D grub_malloc (grub_strlen (device) + 2); - grub_sprintf (encoding, "(%s)", device); - } + encoding =3D grub_asprintf ("(%s)", device); =20 grub_free (partition); grub_free (device); =3D=3D=3D modified file 'kern/misc.c' --- kern/misc.c 2009-12-18 02:57:32 +0000 +++ kern/misc.c 2009-12-29 09:04:06 +0000 @@ -26,6 +26,9 @@ #include =20 static int +grub_vsnprintf_real (char *str, grub_size_t n, const char *fmt, va_list = args); + +static int grub_iswordseparator (int c) { return (grub_isspace (c) || c =3D=3D ',' || c =3D=3D ';' || c =3D=3D '= |' || c =3D=3D '&'); @@ -202,7 +205,7 @@ { int ret; =20 - ret =3D grub_vsprintf (0, fmt, args); + ret =3D grub_vsnprintf_real (0, 0, fmt, args); grub_refresh (); return ret; } @@ -626,11 +629,11 @@ return p; } =20 -int -grub_vsprintf (char *str, const char *fmt, va_list args) +static int +grub_vsnprintf_real (char *str, grub_size_t n, const char *fmt, va_list = args) { char c; - int count =3D 0; + grub_size_t count =3D 0; auto void write_char (unsigned char ch); auto void write_str (const char *s); auto void write_fill (const char ch, int n); @@ -638,7 +641,10 @@ void write_char (unsigned char ch) { if (str) - *str++ =3D ch; + { + if (count < n) + *str++ =3D ch; + } else grub_putchar (ch); =20 @@ -867,13 +873,64 @@ } =20 int -grub_sprintf (char *str, const char *fmt, ...) +grub_vsnprintf (char *str, grub_size_t n, const char *fmt, va_list ap) +{ + grub_size_t ret; + + if (!n) + return 0; + + n--; + + ret =3D grub_vsnprintf_real (str, n, fmt, ap); + + return ret < n ? ret : n; +} + +int +grub_snprintf (char *str, grub_size_t n, const char *fmt, ...) { va_list ap; int ret; =20 va_start (ap, fmt); - ret =3D grub_vsprintf (str, fmt, ap); + ret =3D grub_vsnprintf (str, n, fmt, ap); + va_end (ap); + + return ret; +} + +#define PREALLOC_SIZE 255 + +char * +grub_avsprintf (const char *fmt, va_list ap) +{ + grub_size_t s, as =3D PREALLOC_SIZE; + char *ret; + + while (1) + { + ret =3D grub_malloc (as + 1); + if (!ret) + return NULL; + + s =3D grub_vsnprintf (ret, as, fmt, ap); + if (s <=3D as) + return ret; + + grub_free (ret); + as =3D s; + } +} + +char * +grub_asprintf (const char *fmt, ...) +{ + va_list ap; + char *ret; + + va_start (ap, fmt); + ret =3D grub_avsprintf (fmt, ap); va_end (ap); =20 return ret; =3D=3D=3D modified file 'kern/sparc64/ieee1275/init.c' --- kern/sparc64/ieee1275/init.c 2009-04-30 13:17:10 +0000 +++ kern/sparc64/ieee1275/init.c 2009-12-29 09:04:06 +0000 @@ -90,10 +90,7 @@ } prefix =3D grub_ieee1275_encode_devname (bootpath); =20 - path =3D grub_malloc (grub_strlen (grub_prefix) - + grub_strlen (prefix) - + 2); - grub_sprintf(path, "%s%s", prefix, grub_prefix); + path =3D grub_asprintf("%s%s", prefix, grub_prefix); =20 grub_strcpy (grub_prefix, path); =20 =3D=3D=3D modified file 'lib/hexdump.c' --- lib/hexdump.c 2009-02-02 19:43:14 +0000 +++ lib/hexdump.c 2009-12-29 09:04:06 +0000 @@ -31,21 +31,22 @@ { int cnt, i; =20 - pos =3D grub_sprintf (line, "%08lx ", bse); + pos =3D grub_snprintf (line, sizeof (line), "%08lx ", bse); cnt =3D 16; if (cnt > len) cnt =3D len; =20 for (i =3D 0; i < cnt; i++) { - pos +=3D grub_sprintf (&line[pos], "%02x ", (unsigned char) buf[i]); + pos +=3D grub_snprintf (&line[pos], sizeof (line) - pos, + "%02x ", (unsigned char) buf[i]); if ((i & 7) =3D=3D 7) line[pos++] =3D ' '; } =20 for (; i < 16; i++) { - pos +=3D grub_sprintf (&line[pos], " "); + pos +=3D grub_snprintf (&line[pos], sizeof (line) - pos, " "); if ((i & 7) =3D=3D 7) line[pos++] =3D ' '; } =3D=3D=3D modified file 'loader/i386/bsd.c' --- loader/i386/bsd.c 2009-12-26 10:01:33 +0000 +++ loader/i386/bsd.c 2009-12-29 09:04:06 +0000 @@ -1138,14 +1138,20 @@ =20 if (*curr) { - char name[grub_strlen (curr) + sizeof("kFreeBSD.")]; + char *name; =20 if (*p =3D=3D '"') p++; =20 - grub_sprintf (name, "kFreeBSD.%s", curr); + name =3D grub_asprintf ("kFreeBSD.%s", curr); + if (!name) + goto fail; if (grub_env_set (name, p)) - goto fail; + { + grub_free (name); + goto fail; + } + grub_free (name); } } =20 =3D=3D=3D modified file 'loader/i386/linux.c' --- loader/i386/linux.c 2009-12-26 23:36:59 +0000 +++ loader/i386/linux.c 2009-12-29 09:04:06 +0000 @@ -517,11 +517,9 @@ May change in future if we have modes without framebuffer. */ if (modevar && *modevar !=3D 0) { - tmp =3D grub_malloc (grub_strlen (modevar) - + sizeof (";text")); + tmp =3D grub_asprintf ("%s;text", modevar); if (! tmp) return grub_errno; - grub_sprintf (tmp, "%s;text", modevar); err =3D grub_video_set_mode (tmp, 0); grub_free (tmp); } @@ -779,19 +777,18 @@ break; } =20 - buf =3D grub_malloc (sizeof ("WWWWxHHHHxDD;WWWWxHHHH")); - if (! buf) - goto fail; - linux_mode =3D &linux_vesafb_modes[vid_mode - GRUB_LINUX_VID_MODE_VESA_START= ]; =20 - grub_sprintf (buf, "%ux%ux%u,%ux%u", - linux_vesafb_res[linux_mode->res_index].width, - linux_vesafb_res[linux_mode->res_index].height, - linux_mode->depth, - linux_vesafb_res[linux_mode->res_index].width, - linux_vesafb_res[linux_mode->res_index].height); + buf =3D grub_asprintf ("%ux%ux%u,%ux%u", + linux_vesafb_res[linux_mode->res_index].width, + linux_vesafb_res[linux_mode->res_index].height, + linux_mode->depth, + linux_vesafb_res[linux_mode->res_index].width, + linux_vesafb_res[linux_mode->res_index].height); + if (! buf) + goto fail; + grub_printf ("%s is deprecated. " "Use set gfxpayload=3D%s before " "linux command instead.\n", =3D=3D=3D modified file 'loader/i386/pc/xnu.c' --- loader/i386/pc/xnu.c 2009-10-15 12:40:13 +0000 +++ loader/i386/pc/xnu.c 2009-12-29 09:04:06 +0000 @@ -52,12 +52,10 @@ err =3D grub_video_set_mode (DEFAULT_VIDEO_MODE, video_hook); else { - tmp =3D grub_malloc (grub_strlen (modevar) - + sizeof (DEFAULT_VIDEO_MODE) + 1); + tmp =3D grub_asprintf ("%s;" DEFAULT_VIDEO_MODE, modevar); if (! tmp) return grub_error (GRUB_ERR_OUT_OF_MEMORY, "couldn't allocate temporary storag"); - grub_sprintf (tmp, "%s;" DEFAULT_VIDEO_MODE, modevar); err =3D grub_video_set_mode (tmp, video_hook); grub_free (tmp); } =3D=3D=3D modified file 'loader/i386/xnu.c' --- loader/i386/xnu.c 2009-12-24 22:53:05 +0000 +++ loader/i386/xnu.c 2009-12-29 09:04:06 +0000 @@ -748,11 +748,13 @@ #endif =20 /* The name of key for new table. */ - grub_sprintf (guidbuf, "%08x-%04x-%04x-%02x%02x-", - guid.data1, guid.data2, guid.data3, guid.data4[0], - guid.data4[1]); + grub_snprintf (guidbuf, sizeof (guidbuf), "%08x-%04x-%04x-%02x%02x= -", + guid.data1, guid.data2, guid.data3, guid.data4[0], + guid.data4[1]); for (j =3D 2; j < 8; j++) - grub_sprintf (guidbuf + grub_strlen (guidbuf), "%02x", guid.data4[j]); + grub_snprintf (guidbuf + grub_strlen (guidbuf), + sizeof (guidbuf) - grub_strlen (guidbuf), + "%02x", guid.data4[j]); /* For some reason GUID has to be in uppercase. */ for (j =3D 0; guidbuf[j] ; j++) if (guidbuf[j] >=3D 'a' && guidbuf[j] <=3D 'f') =3D=3D=3D modified file 'loader/xnu.c' --- loader/xnu.c 2009-12-26 23:36:59 +0000 +++ loader/xnu.c 2009-12-29 09:04:06 +0000 @@ -568,10 +568,9 @@ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "can't register memory");= if (suffix) { - driverkey->name =3D grub_malloc (grub_strlen (prefix) + 10); + driverkey->name =3D grub_asprintf ("%s%d", prefix, (*suffix)++); if (!driverkey->name) return grub_error (GRUB_ERR_OUT_OF_MEMORY, "can't register memory"); - grub_sprintf (driverkey->name, "%s%d", prefix, (*suffix)++); } else driverkey->name =3D grub_strdup (prefix); =3D=3D=3D modified file 'normal/autofs.c' --- normal/autofs.c 2009-11-09 14:45:28 +0000 +++ normal/autofs.c 2009-12-29 09:04:06 +0000 @@ -63,12 +63,11 @@ { char *filename; =20 - filename =3D grub_malloc (grub_strlen (prefix) + sizeof ("/fs.lst"= )); + filename =3D grub_asprintf ("%s/fs.lst", prefix); if (filename) { grub_file_t file; =20 - grub_sprintf (filename, "%s/fs.lst", prefix); file =3D grub_file_open (filename); if (file) { =3D=3D=3D modified file 'normal/completion.c' --- normal/completion.c 2009-12-20 21:54:12 +0000 +++ normal/completion.c 2009-12-29 09:04:06 +0000 @@ -107,16 +107,11 @@ if (! partition_name) return 1; =20 - name =3D grub_malloc (grub_strlen (disk_name) + 1 - + grub_strlen (partition_name) + 1); + name =3D grub_asprintf ("%s,%s", disk_name, partition_name); + grub_free (partition_name); + if (! name) - { - grub_free (partition_name); - return 1; - } - - grub_sprintf (name, "%s,%s", disk_name, partition_name); - grub_free (partition_name); + return 1; =20 ret =3D add_completion (name, ")", GRUB_COMPLETION_TYPE_PARTITION); grub_free (name); @@ -141,11 +136,15 @@ } else if (grub_strcmp (filename, ".") && grub_strcmp (filename, "..")) { - char fname[grub_strlen (filename) + 2]; + char *fname; =20 - grub_sprintf (fname, "%s/", filename); + fname =3D grub_asprintf ("%s/", filename); if (add_completion (fname, "", GRUB_COMPLETION_TYPE_FILE)) - return 1; + { + grub_free (fname); + return 1; + } + grub_free (fname); } =20 return 0; @@ -360,8 +359,9 @@ if (!option->longarg) continue; =20 - longarg =3D grub_malloc (grub_strlen (option->longarg)); - grub_sprintf (longarg, "--%s", option->longarg); + longarg =3D grub_asprintf ("--%s", option->longarg); + if (!longarg) + return 1; =20 if (add_completion (longarg, " ", GRUB_COMPLETION_TYPE_ARGUMENT)) { =3D=3D=3D modified file 'normal/dyncmd.c' --- normal/dyncmd.c 2009-12-25 20:51:05 +0000 +++ normal/dyncmd.c 2009-12-29 09:04:06 +0000 @@ -75,12 +75,11 @@ { char *filename; =20 - filename =3D grub_malloc (grub_strlen (prefix) + sizeof ("/command= =2Elst")); + filename =3D grub_asprintf ("%s/command.lst", prefix); if (filename) { grub_file_t file; =20 - grub_sprintf (filename, "%s/command.lst", prefix); file =3D grub_file_open (filename); if (file) { =3D=3D=3D modified file 'normal/handler.c' --- normal/handler.c 2009-12-26 10:01:33 +0000 +++ normal/handler.c 2009-12-29 09:04:06 +0000 @@ -172,12 +172,11 @@ { char *filename; =20 - filename =3D grub_malloc (grub_strlen (prefix) + sizeof ("/handler= =2Elst")); + filename =3D grub_asprintf ("%s/handler.lst", prefix); if (filename) { grub_file_t file; =20 - grub_sprintf (filename, "%s/handler.lst", prefix); file =3D grub_file_open (filename); if (file) { =3D=3D=3D modified file 'normal/main.c' --- normal/main.c 2009-12-26 23:43:21 +0000 +++ normal/main.c 2009-12-29 09:04:06 +0000 @@ -389,16 +389,17 @@ int posx; const char *msg =3D _("GNU GRUB version %s"); =20 - char *msg_formatted =3D grub_malloc (grub_strlen(msg) + - grub_strlen(PACKAGE_VERSION)); -=20 - grub_cls (); - - grub_sprintf (msg_formatted, msg, PACKAGE_VERSION); + char *msg_formatted; =20 grub_uint32_t *unicode_msg; grub_uint32_t *last_position; =20 + grub_cls (); + + msg_formatted =3D grub_asprintf (msg, PACKAGE_VERSION); + if (!msg_formatted) + return; +=20 msg_len =3D grub_utf8_to_ucs4_alloc (msg_formatted, &unicode_msg, &last_position); =20 @@ -475,11 +476,10 @@ prefix =3D grub_env_get ("prefix"); if (prefix) { - config =3D grub_malloc (grub_strlen (prefix) + sizeof ("/grub.cfg"));= + config =3D grub_asprintf ("%s/grub.cfg", prefix); if (! config) goto quit; =20 - grub_sprintf (config, "%s/grub.cfg", prefix); grub_enter_normal_mode (config); grub_free (config); } @@ -528,10 +528,11 @@ =20 const char *msg_esc =3D _("ESC at any time exits."); =20 - char *msg_formatted =3D grub_malloc (sizeof (char) * (grub_strlen (msg= ) + - grub_strlen(msg_esc) + 1)); + char *msg_formatted; =20 - grub_sprintf (msg_formatted, msg, reader_nested ? msg_esc : ""); + msg_formatted =3D grub_asprintf (msg, reader_nested ? msg_esc : ""); + if (!msg_formatted) + return grub_errno; grub_print_message_indented (msg_formatted, 3, STANDARD_MARGIN); grub_puts ("\n"); =20 @@ -546,9 +547,11 @@ grub_normal_read_line (char **line, int cont) { grub_parser_t parser =3D grub_parser_get_current (); - char prompt[sizeof(">") + grub_strlen (parser->name)]; + char *prompt; =20 - grub_sprintf (prompt, "%s>", parser->name); + prompt =3D grub_asprintf ("%s>", parser->name); + if (!prompt) + return grub_errno; =20 while (1) { =3D=3D=3D modified file 'normal/menu.c' --- normal/menu.c 2009-08-24 23:55:06 +0000 +++ normal/menu.c 2009-12-29 09:04:06 +0000 @@ -78,7 +78,7 @@ { char buf[16]; =20 - grub_sprintf (buf, "%d", timeout); + grub_snprintf (buf, sizeof (buf), "%d", timeout); grub_env_set ("timeout", buf); } } =3D=3D=3D modified file 'normal/menu_text.c' --- normal/menu_text.c 2009-12-27 21:32:52 +0000 +++ normal/menu_text.c 2009-12-29 09:04:06 +0000 @@ -210,13 +210,14 @@ } else { - const char *msg =3D _("Use the %C and %C keys to select which \ -entry is highlighted.\n"); - char *msg_translated =3D - grub_malloc (sizeof (char) * grub_strlen (msg) + 1); + const char *msg =3D _("Use the %C and %C keys to select which " + "entry is highlighted.\n"); + char *msg_translated; =20 - grub_sprintf (msg_translated, msg, (grub_uint32_t) GRUB_TERM_DISP_= UP, - (grub_uint32_t) GRUB_TERM_DISP_DOWN); + msg_translated =3D grub_asprintf (msg, (grub_uint32_t) GRUB_TERM_D= ISP_UP, + (grub_uint32_t) GRUB_TERM_DISP_DOWN); + if (!msg_translated) + return; grub_putchar ('\n'); grub_print_message_indented (msg_translated, STANDARD_MARGIN, STAN= DARD_MARGIN); =20 @@ -394,13 +395,13 @@ { const char *msg =3D _("The highlighted entry will be booted automatically in %ds."); + char *msg_translated; =20 grub_gotoxy (0, GRUB_TERM_HEIGHT - 3); =20 - char *msg_translated =3D - grub_malloc (sizeof (char) * grub_strlen (msg) + 5); - - grub_sprintf (msg_translated, msg, timeout); + msg_translated =3D grub_asprintf (msg, timeout); + if (!msg_translated) + return; grub_print_message_indented (msg_translated, 3, 0); =20 int posx; =3D=3D=3D modified file 'partmap/acorn.c' --- partmap/acorn.c 2009-12-24 22:53:05 +0000 +++ partmap/acorn.c 2009-12-29 09:04:06 +0000 @@ -175,14 +175,7 @@ static char * acorn_partition_map_get_name (const grub_partition_t p) { - char *name; - - name =3D grub_malloc (13); - if (! name) - return 0; - - grub_sprintf (name, "%d", p->index + 1); - return name; + return grub_asprintf ("%d", p->index + 1); } =0C =20 =3D=3D=3D modified file 'partmap/amiga.c' --- partmap/amiga.c 2009-12-24 22:53:05 +0000 +++ partmap/amiga.c 2009-12-29 09:04:06 +0000 @@ -184,14 +184,7 @@ static char * amiga_partition_map_get_name (const grub_partition_t p) { - char *name; - - name =3D grub_malloc (13); - if (! name) - return 0; - - grub_sprintf (name, "%d", p->index + 1); - return name; + return grub_asprintf ("%d", p->index + 1); } =20 =0C =3D=3D=3D modified file 'partmap/apple.c' --- partmap/apple.c 2009-12-24 22:53:05 +0000 +++ partmap/apple.c 2009-12-29 09:04:06 +0000 @@ -227,14 +227,7 @@ static char * apple_partition_map_get_name (const grub_partition_t p) { - char *name; - - name =3D grub_malloc (13); - if (! name) - return 0; - - grub_sprintf (name, "%d", p->index + 1); - return name; + return grub_asprintf ("%d", p->index + 1); } =20 =0C =3D=3D=3D modified file 'partmap/gpt.c' --- partmap/gpt.c 2009-08-24 13:34:03 +0000 +++ partmap/gpt.c 2009-12-29 09:04:06 +0000 @@ -162,14 +162,7 @@ static char * gpt_partition_map_get_name (const grub_partition_t p) { - char *name; - - name =3D grub_malloc (13); - if (! name) - return 0; - - grub_sprintf (name, "%d", p->index + 1); - return name; + return grub_asprintf ("%d", p->index + 1); } =20 =0C =3D=3D=3D modified file 'partmap/msdos.c' --- partmap/msdos.c 2009-09-16 19:23:33 +0000 +++ partmap/msdos.c 2009-12-29 09:04:06 +0000 @@ -300,21 +300,15 @@ static char * pc_partition_map_get_name (const grub_partition_t p) { - char *name; struct grub_msdos_partition *pcdata =3D p->data; =20 - name =3D grub_malloc (13); - if (! name) - return 0; - if (pcdata->bsd_part < 0) - grub_sprintf (name, "%d", pcdata->dos_part + 1); + return grub_asprintf ("%d", pcdata->dos_part + 1); else if (pcdata->dos_part < 0) - grub_sprintf (name, "%c", pcdata->bsd_part + 'a'); + return grub_asprintf ("%c", pcdata->bsd_part + 'a'); else - grub_sprintf (name, "%d,%c", pcdata->dos_part + 1, pcdata->bsd_part = + 'a'); - - return name; + return grub_asprintf ("%d,%c", pcdata->dos_part + 1, + pcdata->bsd_part + 'a'); } =20 =0C =3D=3D=3D modified file 'partmap/sun.c' --- partmap/sun.c 2009-08-24 13:34:03 +0000 +++ partmap/sun.c 2009-12-29 09:04:06 +0000 @@ -184,13 +184,7 @@ static char * sun_partition_map_get_name (const grub_partition_t p) { - char *name; - - name =3D grub_malloc (13); - if (name) - grub_sprintf (name, "%d", p->index + 1); - - return name; + return grub_asprintf ("%d", p->index + 1); } =20 /* Partition map type. */ =3D=3D=3D modified file 'script/execute.c' --- script/execute.c 2009-12-13 12:35:20 +0000 +++ script/execute.c 2009-12-29 09:04:06 +0000 @@ -92,7 +92,7 @@ grub_err_t ret =3D 0; int argcount =3D 0; grub_script_function_t func =3D 0; - char errnobuf[6]; + char errnobuf[18]; char *cmdname; =20 /* Lookup the command. */ @@ -123,7 +123,7 @@ } grub_free (assign); =20 - grub_sprintf (errnobuf, "%d", grub_errno); + grub_snprintf (errnobuf, sizeof (errnobuf), "%d", grub_errno); grub_env_set ("?", errnobuf); =20 return 0; @@ -156,7 +156,7 @@ grub_free (args[i]); grub_free (args); =20 - grub_sprintf (errnobuf, "%d", ret); + grub_snprintf (errnobuf, sizeof (errnobuf), "%d", ret); grub_env_set ("?", errnobuf); =20 return ret; =3D=3D=3D modified file 'term/gfxterm.c' --- term/gfxterm.c 2009-12-26 10:01:33 +0000 +++ term/gfxterm.c 2009-12-29 09:04:06 +0000 @@ -272,9 +272,9 @@ err =3D grub_video_set_mode (DEFAULT_VIDEO_MODE, video_hook); else { - tmp =3D grub_malloc (grub_strlen (modevar) - + sizeof (DEFAULT_VIDEO_MODE) + 1); - grub_sprintf (tmp, "%s;" DEFAULT_VIDEO_MODE, modevar); + tmp =3D grub_asprintf ("%s;" DEFAULT_VIDEO_MODE, modevar); + if (!tmp) + return grub_errno; err =3D grub_video_set_mode (tmp, video_hook); grub_free (tmp); } =3D=3D=3D modified file 'term/ieee1275/ofconsole.c' --- term/ieee1275/ofconsole.c 2009-12-24 22:53:05 +0000 +++ term/ieee1275/ofconsole.c 2009-12-29 09:04:06 +0000 @@ -104,7 +104,7 @@ static void grub_ofconsole_setcolorstate (grub_term_color_state state) { - char setcol[20]; + char *setcol; int fg; int bg; =20 @@ -123,8 +123,10 @@ return; } =20 - grub_sprintf (setcol, "\e[3%dm\e[4%dm", fg, bg); - grub_ofconsole_writeesc (setcol); + setcol =3D grub_asprintf ("\e[3%dm\e[4%dm", fg, bg); + if (setcol) + grub_ofconsole_writeesc (setcol); + grub_free (setcol); } =20 static void @@ -287,15 +289,16 @@ static void grub_ofconsole_gotoxy (grub_uint8_t x, grub_uint8_t y) { - char s[11]; /* 5 + 3 + 3. */ - if (! grub_ieee1275_test_flag (GRUB_IEEE1275_FLAG_NO_ANSI)) { + char *s; grub_curr_x =3D x; grub_curr_y =3D y; =20 - grub_sprintf (s, "\e[%d;%dH", y + 1, x + 1); - grub_ofconsole_writeesc (s); + s =3D grub_asprintf ("\e[%d;%dH", y + 1, x + 1); + if (s) + grub_ofconsole_writeesc (s); + grub_free (s); } else { =3D=3D=3D modified file 'term/tparm.c' --- term/tparm.c 2009-10-12 21:53:15 +0000 +++ term/tparm.c 2009-12-29 09:04:06 +0000 @@ -167,7 +167,7 @@ =20 get_space(s_len + 1); =20 - (void) grub_sprintf(out_buff + out_used, fmt, s); + (void) grub_snprintf(out_buff + out_used, s_len + 1, fmt, s); out_used +=3D grub_strlen(out_buff + out_used); } =20 @@ -179,7 +179,7 @@ =20 get_space((unsigned) len + 1); =20 - (void) grub_sprintf(out_buff + out_used, fmt, number); + (void) grub_snprintf(out_buff + out_used, len + 1, fmt, number); out_used +=3D grub_strlen(out_buff + out_used); } =20 =3D=3D=3D modified file 'util/grub-fstest.c' --- util/grub-fstest.c 2009-12-10 13:39:54 +0000 +++ util/grub-fstest.c 2009-12-29 09:04:06 +0000 @@ -278,18 +278,26 @@ static void fstest (char **images, int num_disks, int cmd, int n, char **args) { - char host_file[128]; - char loop_name[8]; - char *argv[3] =3D { "-p", loop_name, host_file}; + char *host_file; + char *loop_name; + char *argv[3] =3D { "-p" }; int i; =20 for (i =3D 0; i < num_disks; i++) { - if (grub_strlen (images[i]) + 7 > sizeof (host_file)) - grub_util_error ("Pathname %s too long.", images[i]); - - grub_sprintf (loop_name, "loop%d", i); - grub_sprintf (host_file, "(host)%s", images[i]); + loop_name =3D grub_asprintf ("loop%d", i); + host_file =3D grub_asprintf ("(host)%s", images[i]); + + if (!loop_name || !host_file) + { + grub_free (loop_name); + grub_free (host_file); + grub_util_error (grub_errmsg); + return; + } + + argv[1] =3D loop_name; + argv[2] =3D host_file; =20 if (execute_command ("loopback", 3, argv)) grub_util_error ("loopback command fails."); @@ -328,9 +336,19 @@ =20 for (i =3D 0; i < num_disks; i++) { - grub_sprintf (loop_name, "loop%d", i); + grub_free (loop_name); + loop_name =3D grub_asprintf ("loop%d", i); + if (!loop_name) + { + grub_free (host_file); + grub_util_error (grub_errmsg); + return; + } execute_command ("loopback", 2, argv); } + + grub_free (loop_name); + grub_free (host_file); } =20 static struct option options[] =3D { --------------050106090109020605050709-- --------------enig06E91FB3E07F5E771EC709AD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iF4EAREKAAYFAks5zCoACgkQNak7dOguQglghwD/YTOT6MvP8pcLu01T/5/Wq2bu 5gLcbewPlnsBsTHpVJEBALr0SLo3f45gkxnMs789wIHJ9H2PknSeAdNjPnG0+KVu =6rMC -----END PGP SIGNATURE----- --------------enig06E91FB3E07F5E771EC709AD--