From 2ea8fd11ec5da77ba66b24c0c2cbee892e803904 Mon Sep 17 00:00:00 2001
From: Simon Howard
Date: Sun, 30 Mar 2014 19:08:27 -0400
Subject: strife: Eliminate use of sprintf().

Use snprintf() in place of sprintf(). This is part of fixing #371.
---
 src/strife/am_map.c   |  3 ++-
 src/strife/d_main.c   |  2 +-
 src/strife/g_game.c   | 26 +++++++++++++++-----------
 src/strife/m_saves.c  | 10 ++++------
 src/strife/p_inter.c  |  6 ++++--
 src/strife/p_saveg.c  | 16 ++++++++--------
 src/strife/p_user.c   |  3 ++-
 src/strife/s_sound.c  |  2 +-
 src/strife/st_stuff.c |  3 ++-
 9 files changed, 39 insertions(+), 32 deletions(-)

diff --git a/src/strife/am_map.c b/src/strife/am_map.c
index e942e3ac..05f8a519 100644
--- a/src/strife/am_map.c
+++ b/src/strife/am_map.c
@@ -670,7 +670,8 @@ AM_Responder
         }
         else if (key == key_map_mark)
         {
-            sprintf(buffer, "%s %d", DEH_String(AMSTR_MARKEDSPOT), markpointnum);
+            snprintf(buffer, sizeof(buffer),
+                     "%s %d", DEH_String(AMSTR_MARKEDSPOT), markpointnum);
             plr->message = buffer;
             AM_addMark();
         }
diff --git a/src/strife/d_main.c b/src/strife/d_main.c
index 5d8399eb..e419fd99 100644
--- a/src/strife/d_main.c
+++ b/src/strife/d_main.c
@@ -461,7 +461,7 @@ void D_BindVariables(void)
     {
         char buf[12];
 
-        sprintf(buf, "chatmacro%i", i);
+        snprintf(buf, sizeof(buf), "chatmacro%i", i);
         M_BindVariable(buf, &chat_macros[i]);
     }
 }
diff --git a/src/strife/g_game.c b/src/strife/g_game.c
index 8bb068fe..23e0cef9 100644
--- a/src/strife/g_game.c
+++ b/src/strife/g_game.c
@@ -985,7 +985,8 @@ void G_Ticker (void)
             {
                 static char turbomessage[80];
                 extern char player_names[8][16];
-                sprintf (turbomessage, "%s is turbo!", player_names[i]);
+                snprintf(turbomessage, sizeof(turbomessage),
+                         "%s is turbo!", player_names[i]);
                 players[consoleplayer].message = turbomessage;
                 turbodetected[i] = false;
             }
@@ -1289,7 +1290,7 @@ void G_LoadPath(int map)
     char mapbuf[33];
 
     memset(mapbuf, 0, sizeof(mapbuf));
-    sprintf(mapbuf, "%d", map);
+    snprintf(mapbuf, sizeof(mapbuf), "%d", map);
 
     // haleyjd: free if already set, and use M_SafeFilePath
     if(loadpath)
@@ -1804,7 +1805,7 @@ void G_DoSaveGame (char *path)
     
     // [STRIFE] custom save file path logic
     memset(gamemapstr, 0, sizeof(gamemapstr));
-    sprintf(gamemapstr, "%d", gamemap);
+    snprintf(gamemapstr, sizeof(gamemapstr), "%d", gamemap);
     savegame_file = M_SafeFilePath(path, gamemapstr);
 
     // [STRIFE] write the "current" file, which tells which hub map
@@ -1869,7 +1870,7 @@ void G_DoSaveGame (char *path)
     // [STRIFE]: custom message logic
     if(!strcmp(path, savepath))
     {
-        sprintf(savename, "%s saved.", character_name);
+        snprintf(savename, sizeof(savename), "%s saved.", character_name);
         players[consoleplayer].message = savename;
     }
 
@@ -2185,14 +2186,16 @@ void G_WriteDemoTiccmd (ticcmd_t* cmd)
 // 
 // [STRIFE] Verified unmodified
 //
-void G_RecordDemo (char* name) 
-{ 
-    int             i; 
+void G_RecordDemo (char* name)
+{
+    size_t demoname_size;
+    int             i;
     int             maxsize;
 
-    usergame = false; 
-    demoname = Z_Malloc(strlen(name) + 5, PU_STATIC, NULL);
-    sprintf(demoname, "%s.lmp", name);
+    usergame = false;
+    demoname_size = strlen(name) + 5;
+    demoname = Z_Malloc(demoname_size, PU_STATIC, NULL);
+    snprintf(demoname, demoname_size, "%s.lmp", name);
     maxsize = 0x20000;
 
     //!
@@ -2287,7 +2290,8 @@ static char *DemoVersionDescription(int version)
     }
 
     // Unknown version. Who knows?
-    sprintf(resultbuf, "%i.%i (unknown)", version / 100, version % 100);
+    snprintf(resultbuf, sizeof(resultbuf),
+             "%i.%i (unknown)", version / 100, version % 100);
 
     return resultbuf;
 }
diff --git a/src/strife/m_saves.c b/src/strife/m_saves.c
index 2908b694..4303dbe2 100644
--- a/src/strife/m_saves.c
+++ b/src/strife/m_saves.c
@@ -222,8 +222,7 @@ void M_SaveMoveMapToHere(void)
     char tmpnum[33];
 
     // haleyjd: no itoa available...
-    memset(tmpnum, 0, sizeof(tmpnum));
-    sprintf(tmpnum, "%d", gamemap);
+    snprintf(tmpnum, sizeof(tmpnum), "%d", gamemap);
 
     // haleyjd: use M_SafeFilePath, not sprintf
     mapsave  = M_SafeFilePath(savepath, tmpnum);
@@ -252,8 +251,7 @@ void M_SaveMoveHereToMap(void)
     char tmpnum[33];
 
     // haleyjd: no itoa available...
-    memset(tmpnum, 0, sizeof(tmpnum));
-    sprintf(tmpnum, "%d", gamemap);
+    snprintf(tmpnum, sizeof(tmpnum), "%d", gamemap);
 
     mapsave  = M_SafeFilePath(savepathtemp, tmpnum);
     heresave = M_SafeFilePath(savepathtemp, "here");
@@ -479,8 +477,8 @@ char *M_MakeStrifeSaveDir(int slotnum, const char *extra)
 {
     static char tmpbuffer[32];
 
-    memset(tmpbuffer, 0, sizeof(tmpbuffer));
-    sprintf(tmpbuffer, "strfsav%d.ssg%s", slotnum, extra);
+    snprintf(tmpbuffer, sizeof(tmpbuffer),
+             "strfsav%d.ssg%s", slotnum, extra);
 
     return tmpbuffer;
 }
diff --git a/src/strife/p_inter.c b/src/strife/p_inter.c
index 573a5efd..00b0ef24 100644
--- a/src/strife/p_inter.c
+++ b/src/strife/p_inter.c
@@ -971,7 +971,8 @@ void P_KillMobj(mobj_t* source, mobj_t* target)
         EV_DoDoor(&junk, close);
         P_NoiseAlert(players[0].mo, players[0].mo);
 
-        sprintf(plrkilledmsg, "%s", DEH_String("You're dead!  You set off the alarm."));
+        snprintf(plrkilledmsg, sizeof(plrkilledmsg),
+                 "%s", DEH_String("You're dead!  You set off the alarm."));
         if(!deathmatch)
             players[consoleplayer].message = plrkilledmsg;
 
@@ -1010,7 +1011,8 @@ void P_KillMobj(mobj_t* source, mobj_t* target)
     case MT_TOKEN_ALARM:
         P_NoiseAlert(players[0].mo, players[0].mo);
 
-        sprintf(plrkilledmsg, "%s", DEH_String("You Fool!  You've set off the alarm"));
+        snprintf(plrkilledmsg, sizeof(plrkilledmsg),
+                 "%s", DEH_String("You Fool!  You've set off the alarm"));
         if(!deathmatch)
             players[consoleplayer].message = plrkilledmsg;
         return;
diff --git a/src/strife/p_saveg.c b/src/strife/p_saveg.c
index bc014de9..5c80d42b 100644
--- a/src/strife/p_saveg.c
+++ b/src/strife/p_saveg.c
@@ -58,11 +58,9 @@ char *P_TempSaveGameFile(void)
 
     if (filename == NULL)
     {
-        filename = malloc(strlen(savegamedir) + 32);
+        filename = M_StringJoin(savegamdir, "temp.dsg");
     }
 
-    sprintf(filename, "%stemp.dsg", savegamedir);
-
     return filename;
 }
 
@@ -71,16 +69,18 @@ char *P_TempSaveGameFile(void)
 char *P_SaveGameFile(int slot)
 {
     static char *filename = NULL;
+    static size_t filename_size;
     char basename[32];
 
     if (filename == NULL)
     {
-        filename = malloc(strlen(savegamedir) + 32);
+        filename_size = strlen(savegamedir) + 32;
+        filename = malloc(filename_size);
     }
 
     DEH_snprintf(basename, 32, SAVEGAMENAME "%d.dsg", slot);
 
-    sprintf(filename, "%s%s", savegamedir, basename);
+    snprintf(filename, filename_size, "%s%s", savegamedir, basename);
 
     return filename;
 }
@@ -1609,7 +1609,7 @@ void P_WriteSaveGameHeader(char *description)
     */
 
     memset (name,0,sizeof(name)); 
-    sprintf (name,"ver %i",STRIFE_VERSION); 
+    snprintf(name, sizeof(name), "ver %i", STRIFE_VERSION);
 
     for (i=0; i<VERSIONSIZE; ++i)
         saveg_write8(name[i]);
@@ -1648,8 +1648,8 @@ boolean P_ReadSaveGameHeader(void)
     for (i=0; i<VERSIONSIZE; ++i)
         read_vcheck[i] = saveg_read8();
 
-    memset (vcheck,0,sizeof(vcheck)); 
-    sprintf (vcheck,"ver %i",STRIFE_VERSION); 
+    memset (vcheck,0,sizeof(vcheck));
+    snprintf(vcheck, sizeof(vcheck), "ver %i", STRIFE_VERSION);
     if (strcmp(read_vcheck, vcheck) != 0)
         return false;                       // bad version 
 
diff --git a/src/strife/p_user.c b/src/strife/p_user.c
index a6d74b9f..d2f8b8e3 100644
--- a/src/strife/p_user.c
+++ b/src/strife/p_user.c
@@ -861,7 +861,8 @@ boolean P_UseInventoryItem(player_t* player, int item)
         if(name == NULL)
             name = "Item";
 
-        sprintf(useinventorymsg, "You used the %s.", name);
+        snprintf(useinventorymsg, sizeof(useinventorymsg),
+                 "You used the %s.", name);
         player->message = useinventorymsg;
 
         if(player == &players[consoleplayer])
diff --git a/src/strife/s_sound.c b/src/strife/s_sound.c
index ab8ffdd3..861586fe 100644
--- a/src/strife/s_sound.c
+++ b/src/strife/s_sound.c
@@ -788,7 +788,7 @@ void S_ChangeMusic(int musicnum, int looping)
     // get lumpnum if neccessary
     if (!music->lumpnum)
     {
-        sprintf(namebuf, "d_%s", DEH_String(music->name));
+        snprintf(namebuf, sizeof(namebuf), "d_%s", DEH_String(music->name));
         music->lumpnum = W_GetNumForName(namebuf);
     }
 
diff --git a/src/strife/st_stuff.c b/src/strife/st_stuff.c
index 290edc5c..34682093 100644
--- a/src/strife/st_stuff.c
+++ b/src/strife/st_stuff.c
@@ -663,7 +663,8 @@ boolean ST_Responder(event_t* ev)
     {
         // [STRIFE] 'GPS' for player position
         static char buf[ST_MSGWIDTH];
-        sprintf(buf, "ang=0x%x;x,y=(0x%x,0x%x)",
+        snprintf(buf, sizeof(buf),
+                "ang=0x%x;x,y=(0x%x,0x%x)",
                 players[consoleplayer].mo->angle,
                 players[consoleplayer].mo->x,
                 players[consoleplayer].mo->y);
-- 
cgit v1.2.3