From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1Khmxm-0001Oi-7I for qemu-devel@nongnu.org; Mon, 22 Sep 2008 11:04:34 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1Khmxl-0001OM-7R for qemu-devel@nongnu.org; Mon, 22 Sep 2008 11:04:33 -0400 Received: from [199.232.76.173] (port=39886 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Khmxl-0001OJ-2s for qemu-devel@nongnu.org; Mon, 22 Sep 2008 11:04:33 -0400 Received: from savannah.gnu.org ([199.232.41.3]:36644 helo=sv.gnu.org) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1Khmxk-0005Ul-Lp for qemu-devel@nongnu.org; Mon, 22 Sep 2008 11:04:32 -0400 Received: from cvs.savannah.gnu.org ([199.232.41.69]) by sv.gnu.org with esmtp (Exim 4.63) (envelope-from ) id 1Khmxk-0004ir-4C for qemu-devel@nongnu.org; Mon, 22 Sep 2008 15:04:32 +0000 Received: from aliguori by cvs.savannah.gnu.org with local (Exim 4.63) (envelope-from ) id 1Khmxj-0004in-Rn for qemu-devel@nongnu.org; Mon, 22 Sep 2008 15:04:32 +0000 MIME-Version: 1.0 Errors-To: aliguori Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Anthony Liguori Message-Id: Date: Mon, 22 Sep 2008 15:04:31 +0000 Subject: [Qemu-devel] [5290] Don't use sprintf() or strcpy() Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Revision: 5290 http://svn.sv.gnu.org/viewvc/?view=rev&root=qemu&revision=5290 Author: aliguori Date: 2008-09-22 15:04:31 +0000 (Mon, 22 Sep 2008) Log Message: ----------- Don't use sprintf() or strcpy() They are unsafe. The current code is correct, but to be safer, we should pass an explicit size. Signed-off-by: Anthony Liguori Modified Paths: -------------- trunk/usb-linux.c Modified: trunk/usb-linux.c =================================================================== --- trunk/usb-linux.c 2008-09-22 14:49:01 UTC (rev 5289) +++ trunk/usb-linux.c 2008-09-22 15:04:31 UTC (rev 5290) @@ -1449,20 +1449,20 @@ return 0; } -static void dec2str(int val, char *str) +static void dec2str(int val, char *str, size_t size) { if (val == -1) - strcpy(str, "*"); + snprintf(str, size, "*"); else - sprintf(str, "%d", val); + snprintf(str, size, "%d", val); } -static void hex2str(int val, char *str) +static void hex2str(int val, char *str, size_t size) { if (val == -1) - strcpy(str, "*"); + snprintf(str, size, "*"); else - sprintf(str, "%x", val); + snprintf(str, size, "%x", val); } void usb_host_info(void) @@ -1475,10 +1475,10 @@ term_printf(" Auto filters:\n"); for (f = usb_auto_filter; f; f = f->next) { char bus[10], addr[10], vid[10], pid[10]; - dec2str(f->bus_num, bus); - dec2str(f->addr, addr); - hex2str(f->vendor_id, vid); - hex2str(f->product_id, pid); + dec2str(f->bus_num, bus, sizeof(bus)); + dec2str(f->addr, addr, sizeof(addr)); + hex2str(f->vendor_id, vid, sizeof(vid)); + hex2str(f->product_id, pid, sizeof(pid)); term_printf(" Device %s.%s ID %s:%s\n", bus, addr, vid, pid); } }