From 8eb3200286d523379295143ce3f44d77ce036d4b Mon Sep 17 00:00:00 2001 From: Simon Howard Date: Tue, 1 Apr 2014 20:43:45 -0400 Subject: Replace all snprintf() calls with M_snprintf(). The Windows API has an _snprintf function that is not the same as Unix's snprintf(): if the string is truncated then no trailing NUL character is appended. This makes the function unsafe. Define a replacement/wrapper called M_snprintf that works the same but always appends a trailing NUL, for safety on Windows and other OSes that behave like this. Do the same thing for vsnprintf(), and update HACKING to list snprintf/vsnprintf as forbidden functions. This fixes #375; thanks to Quasar for pointing out the different behavior of these functions. --- src/heretic/am_map.c | 6 +++--- src/heretic/d_main.c | 4 ++-- src/heretic/f_finale.c | 2 +- src/heretic/i_sound.c | 34 +++++++++++++++++----------------- src/heretic/p_saveg.c | 4 ++-- src/heretic/sb_bar.c | 14 +++++++------- 6 files changed, 32 insertions(+), 32 deletions(-) (limited to 'src/heretic') diff --git a/src/heretic/am_map.c b/src/heretic/am_map.c index fb2d0f72..df3932a1 100644 --- a/src/heretic/am_map.c +++ b/src/heretic/am_map.c @@ -411,7 +411,7 @@ void AM_loadPics(void) //char namebuf[9]; /* for (i=0;i<10;i++) { - snprintf(namebuf, sizeof(namebuf), "AMMNUM%d", i); + M_snprintf(namebuf, sizeof(namebuf), "AMMNUM%d", i); marknums[i] = W_CacheLumpName(namebuf, PU_STATIC); }*/ maplump = W_CacheLumpName(DEH_String("AUTOPAGE"), PU_STATIC); @@ -603,8 +603,8 @@ boolean AM_Responder(event_t * ev) } else if (key == key_map_mark) { - snprintf(buffer, sizeof(buffer), "%s %d", - AMSTR_MARKEDSPOT, markpointnum); + M_snprintf(buffer, sizeof(buffer), "%s %d", + AMSTR_MARKEDSPOT, markpointnum); plr->message = buffer; AM_addMark(); } diff --git a/src/heretic/d_main.c b/src/heretic/d_main.c index 81fa6c0d..89c88108 100644 --- a/src/heretic/d_main.c +++ b/src/heretic/d_main.c @@ -247,7 +247,7 @@ void D_DoomLoop(void) if (M_CheckParm("-debugfile")) { char filename[20]; - snprintf(filename, sizeof(filename), "debug%i.txt", consoleplayer); + M_snprintf(filename, sizeof(filename), "debug%i.txt", consoleplayer); debugfile = fopen(filename, "w"); } I_GraphicsCheckCommandLine(); @@ -776,7 +776,7 @@ void D_BindVariables(void) { char buf[12]; - snprintf(buf, sizeof(buf), "chatmacro%i", i); + M_snprintf(buf, sizeof(buf), "chatmacro%i", i); M_BindVariable(buf, &chat_macros[i]); } } diff --git a/src/heretic/f_finale.c b/src/heretic/f_finale.c index 7978e45b..c7212add 100644 --- a/src/heretic/f_finale.c +++ b/src/heretic/f_finale.c @@ -405,7 +405,7 @@ void F_BunnyScroll(void) laststage = stage; } - snprintf(name, sizeof(name), "END%i", stage); + M_snprintf(name, sizeof(name), "END%i", stage); V_DrawPatch((SCREENWIDTH - 13 * 8) / 2, (SCREENHEIGHT - 8 * 8) / 2, W_CacheLumpName(name, PU_CACHE)); } diff --git a/src/heretic/i_sound.c b/src/heretic/i_sound.c index 2dc66239..f415ce0a 100644 --- a/src/heretic/i_sound.c +++ b/src/heretic/i_sound.c @@ -211,8 +211,8 @@ int I_GetSfxLumpNum(sfxinfo_t * sound) return 0; if (sound->link) sound = sound->link; -// snprintf(namebuf, sizeof(namebuf), "d%c%s", -// snd_prefixen[snd_SfxDevice], sound->name); +// M_snprintf(namebuf, sizeof(namebuf), "d%c%s", +// snd_prefixen[snd_SfxDevice], sound->name); return W_GetNumForName(sound->name); } @@ -320,15 +320,15 @@ void I_sndArbitrateCards(void) { if (debugmode) { - snprintf(tmp, sizeof(tmp), "cfg p=0x%x, i=%d, d=%d\n", - snd_SBport, snd_SBirq, snd_SBdma); + M_snprintf(tmp, sizeof(tmp), "cfg p=0x%x, i=%d, d=%d\n", + snd_SBport, snd_SBirq, snd_SBdma); tprintf(tmp, 0); } if (SB_Detect(&snd_SBport, &snd_SBirq, &snd_SBdma, 0)) { - snprintf(tmp, sizeof(tmp), - "SB isn't responding at p=0x%x, i=%d, d=%d\n", - snd_SBport, snd_SBirq, snd_SBdma); + M_snprintf(tmp, sizeof(tmp), + "SB isn't responding at p=0x%x, i=%d, d=%d\n", + snd_SBport, snd_SBirq, snd_SBdma); tprintf(tmp, 0); } else @@ -336,8 +336,8 @@ void I_sndArbitrateCards(void) if (debugmode) { - snprintf(tmp, sizeof(tmp), "SB_Detect returned p=0x%x,i=%d,d=%d\n", - snd_SBport, snd_SBirq, snd_SBdma); + M_snprintf(tmp, sizeof(tmp), "SB_Detect returned p=0x%x,i=%d,d=%d\n", + snd_SBport, snd_SBirq, snd_SBdma); tprintf(tmp, 0); } } @@ -354,14 +354,14 @@ void I_sndArbitrateCards(void) { if (debugmode) { - snprintf(tmp, sizeof(tmp), "cfg p=0x%x\n", snd_Mport); + M_snprintf(tmp, sizeof(tmp), "cfg p=0x%x\n", snd_Mport); tprintf(tmp, 0); } if (MPU_Detect(&snd_Mport, &i)) { - snprintf(tmp, sizeof(tmp), - "The MPU-401 isn't reponding @ p=0x%x.\n", snd_Mport); + M_snprintf(tmp, sizeof(tmp), + "The MPU-401 isn't reponding @ p=0x%x.\n", snd_Mport); tprintf(tmp, 0); } else @@ -399,11 +399,11 @@ void I_StartupSound(void) if (debugmode) { - snprintf(tmp, sizeof(tmp), " Music device #%d & dmxCode=%d", - snd_MusicDevice, dmxCodes[snd_MusicDevice]); + M_snprintf(tmp, sizeof(tmp), " Music device #%d & dmxCode=%d", + snd_MusicDevice, dmxCodes[snd_MusicDevice]); tprintf(tmp, 0); - snprintf(tmp, sizeof(tmp), " Sfx device #%d & dmxCode=%d\n", - snd_SfxDevice, dmxCodes[snd_SfxDevice]); + M_snprintf(tmp, sizeof(tmp), " Sfx device #%d & dmxCode=%d\n", + snd_SfxDevice, dmxCodes[snd_SfxDevice]); tprintf(tmp, 0); } @@ -414,7 +414,7 @@ void I_StartupSound(void) if (debugmode) { - snprintf(tmp, sizeof(tmp), " DMX_Init() returned %d", rc); + M_snprintf(tmp, sizeof(tmp), " DMX_Init() returned %d", rc); tprintf(tmp, 0); } diff --git a/src/heretic/p_saveg.c b/src/heretic/p_saveg.c index 27e6423c..7b4c5389 100644 --- a/src/heretic/p_saveg.c +++ b/src/heretic/p_saveg.c @@ -55,8 +55,8 @@ char *SV_Filename(int slot) filename_len = strlen(savegamedir) + strlen(SAVEGAMENAME) + 8; filename = malloc(filename_len); - snprintf(filename, filename_len, - "%s" SAVEGAMENAME "%d.hsg", savegamedir, slot); + M_snprintf(filename, filename_len, + "%s" SAVEGAMENAME "%d.hsg", savegamedir, slot); return filename; } diff --git a/src/heretic/sb_bar.c b/src/heretic/sb_bar.c index 0a2da956..6821fb1e 100644 --- a/src/heretic/sb_bar.c +++ b/src/heretic/sb_bar.c @@ -484,20 +484,20 @@ static void DrawSoundInfo(void) MN_DrTextA(DEH_String("------"), xPos[0], y); continue; } - snprintf(text, sizeof(text), "%s", c->name); + M_snprintf(text, sizeof(text), "%s", c->name); M_ForceUppercase(text); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->mo->type); + M_snprintf(text, sizeof(text), "%d", c->mo->type); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->mo->x >> FRACBITS); + M_snprintf(text, sizeof(text), "%d", c->mo->x >> FRACBITS); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->mo->y >> FRACBITS); + M_snprintf(text, sizeof(text), "%d", c->mo->y >> FRACBITS); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->id); + M_snprintf(text, sizeof(text), "%d", c->id); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->priority); + M_snprintf(text, sizeof(text), "%d", c->priority); MN_DrTextA(text, xPos[x++], y); - snprintf(text, sizeof(text), "%d", c->distance); + M_snprintf(text, sizeof(text), "%d", c->distance); MN_DrTextA(text, xPos[x++], y); } UpdateState |= I_FULLSCRN; -- cgit v1.2.3