You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ma...@apache.org on 2022/12/16 17:28:15 UTC
[trafficserver] branch master updated: Use snprintf instead of sprintf (#9256)

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 4ebcba09f Use snprintf instead of sprintf (#9256)
4ebcba09f is described below

commit 4ebcba09f531c17405df5b0e4cff2aa1a1d74efd
Author: Masakazu Kitajo <ma...@apache.org>
AuthorDate: Fri Dec 16 10:28:10 2022 -0700

    Use snprintf instead of sprintf (#9256)
    
    * Use snprintf instead of sprintf (experimental plugins)
    
    * Use snprintf instead of sprintf (example plugins)
    
    * Use snprintf instead of sprintf (QUIC)
    
    * Use snprintf instead of sprintf (tests)
    
    * Use snprintf instead of sprintf (HTTP/3)
    
    * Use snprintf instead of sprintf (tscore)
    
    * fix denylist_1
    
    * fix secure_link
---
 example/plugins/c-api/denylist_0/denylist_0.c   |  2 +-
 example/plugins/c-api/denylist_1/denylist_1.c   |  4 ++--
 example/plugins/c-api/secure_link/secure_link.c |  2 +-
 example/plugins/c-api/thread_pool/psi.c         |  2 +-
 iocore/net/quic/QUICHKDF.cc                     |  4 ++--
 plugins/experimental/url_sig/url_sig.c          |  2 +-
 proxy/http3/test/test_QPACK.cc                  | 14 ++++++++------
 src/tscore/unit_tests/test_MMH.cc               |  2 +-
 tests/gold_tests/tls/ssl-post.c                 |  2 +-
 9 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/example/plugins/c-api/denylist_0/denylist_0.c b/example/plugins/c-api/denylist_0/denylist_0.c
index 67a4796f4..93066f1cb 100644
--- a/example/plugins/c-api/denylist_0/denylist_0.c
+++ b/example/plugins/c-api/denylist_0/denylist_0.c
@@ -118,7 +118,7 @@ handle_response(TSHttpTxn txnp)
   buf = TSmalloc(4096);
 
   url_str = TSUrlStringGet(bufp, url_loc, &url_length);
-  sprintf(buf, "You are forbidden from accessing \"%s\"\n", url_str);
+  snprintf(buf, 4096, "You are forbidden from accessing \"%s\"\n", url_str);
   TSfree(url_str);
   TSHandleMLocRelease(bufp, hdr_loc, url_loc);
   TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
diff --git a/example/plugins/c-api/denylist_1/denylist_1.c b/example/plugins/c-api/denylist_1/denylist_1.c
index 0cbcec2e9..e61884f36 100644
--- a/example/plugins/c-api/denylist_1/denylist_1.c
+++ b/example/plugins/c-api/denylist_1/denylist_1.c
@@ -162,7 +162,7 @@ handle_response(TSHttpTxn txnp, TSCont contp ATS_UNUSED)
   buf = (char *)TSmalloc(4096);
 
   url_str = TSUrlStringGet(bufp, url_loc, &url_length);
-  sprintf(buf, "You are forbidden from accessing \"%s\"\n", url_str);
+  snprintf(buf, 4096, "You are forbidden from accessing \"%s\"\n", url_str);
   TSfree(url_str);
   TSHandleMLocRelease(bufp, hdr_loc, url_loc);
   TSHandleMLocRelease(bufp, TS_NULL_MLOC, hdr_loc);
@@ -179,7 +179,7 @@ read_denylist(TSCont contp)
   char denylist_file[1024];
   TSFile file;
 
-  sprintf(denylist_file, "%s/denylist.txt", TSPluginDirGet());
+  snprintf(denylist_file, sizeof(denylist_file), "%s/denylist.txt", TSPluginDirGet());
   file   = TSfopen(denylist_file, "r");
   nsites = 0;
 
diff --git a/example/plugins/c-api/secure_link/secure_link.c b/example/plugins/c-api/secure_link/secure_link.c
index 6452e7508..661f831ac 100644
--- a/example/plugins/c-api/secure_link/secure_link.c
+++ b/example/plugins/c-api/secure_link/secure_link.c
@@ -125,7 +125,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn rh, TSRemapRequestInfo *rri)
   EVP_MD_CTX_destroy(ctx);
 #endif
   for (i = 0; i < MD5_DIGEST_LENGTH; i++) {
-    sprintf(&hash[i * 2], "%02x", md[i]);
+    snprintf(&hash[i * 2], sizeof(hash) - (i * 2), "%02x", md[i]);
   }
   time(&t);
   e = (NULL == expire ? 0 : strtol(expire, NULL, 16));
diff --git a/example/plugins/c-api/thread_pool/psi.c b/example/plugins/c-api/thread_pool/psi.c
index 197a1e019..a25220d2b 100644
--- a/example/plugins/c-api/thread_pool/psi.c
+++ b/example/plugins/c-api/thread_pool/psi.c
@@ -978,7 +978,7 @@ TSPluginInit(int argc ATS_UNUSED, const char *argv[] ATS_UNUSED)
 
   for (i = 0; i < NB_THREADS; i++) {
     char *thread_name = (char *)TSmalloc(64);
-    sprintf(thread_name, "Thread[%d]", i);
+    snprintf(thread_name, 64, "Thread[%d]", i);
     if (!TSThreadCreate(thread_loop, thread_name)) {
       TSError("[%s] Failed creating threads", PLUGIN_NAME);
       return;
diff --git a/iocore/net/quic/QUICHKDF.cc b/iocore/net/quic/QUICHKDF.cc
index 778eac50b..51714e6b7 100644
--- a/iocore/net/quic/QUICHKDF.cc
+++ b/iocore/net/quic/QUICHKDF.cc
@@ -45,8 +45,8 @@ QUICHKDF::expand(uint8_t *dst, size_t *dst_len, const uint8_t *secret, size_t se
   hkdf_label_len += 2;
 
   // label (prefix + Label) field
-  hkdf_label_len += sprintf(reinterpret_cast<char *>(hkdf_label + hkdf_label_len), "%ctls13 %.*s", static_cast<int>(6 + label_len),
-                            static_cast<int>(label_len), label);
+  hkdf_label_len += snprintf(reinterpret_cast<char *>(hkdf_label + hkdf_label_len), sizeof(hkdf_label) - hkdf_label_len,
+                             "%ctls13 %.*s", static_cast<int>(6 + label_len), static_cast<int>(label_len), label);
 
   // context field
   // XXX: Assuming Context is zero-length character (indicated by "")
diff --git a/plugins/experimental/url_sig/url_sig.c b/plugins/experimental/url_sig/url_sig.c
index fb0827a86..892c95ffc 100644
--- a/plugins/experimental/url_sig/url_sig.c
+++ b/plugins/experimental/url_sig/url_sig.c
@@ -825,7 +825,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   }
 
   for (i = 0; i < sig_len; i++) {
-    sprintf(&(sig_string[i * 2]), "%02x", sig[i]);
+    snprintf(&(sig_string[i * 2]), sizeof(sig_string) - (i * 2), "%02x", sig[i]);
   }
 
   TSDebug(PLUGIN_NAME, "Expected signature: %s", sig_string);
diff --git a/proxy/http3/test/test_QPACK.cc b/proxy/http3/test/test_QPACK.cc
index 3faee2af6..178a6e3ce 100644
--- a/proxy/http3/test/test_QPACK.cc
+++ b/proxy/http3/test/test_QPACK.cc
@@ -425,7 +425,7 @@ TEST_CASE("Encoding", "[qpack-encode]")
 
   while ((d = readdir(dir)) != nullptr) {
     char section_name[1024];
-    sprintf(section_name, "%s: DTS=%d, MBS=%d, AM=%d", d->d_name, tablesize, streams, ackmode);
+    snprintf(section_name, sizeof(section_name), "%s: DTS=%d, MBS=%d, AM=%d", d->d_name, tablesize, streams, ackmode);
     SECTION(section_name)
     {
       qif_file[strlen(qifdir)]     = '/';
@@ -433,7 +433,8 @@ TEST_CASE("Encoding", "[qpack-encode]")
       ink_strlcat(qif_file, d->d_name, sizeof(qif_file));
       stat(qif_file, &st);
       if (S_ISREG(st.st_mode) && strstr(d->d_name, ".qif") == (d->d_name + (strlen(d->d_name) - 4))) {
-        sprintf(out_file + strlen(encdir), "/ats/%s.ats.%d.%d.%d", d->d_name, tablesize, streams, ackmode);
+        snprintf(out_file + strlen(encdir), sizeof(out_file) - strlen(encdir), "/ats/%s.ats.%d.%d.%d", d->d_name, tablesize,
+                 streams, ackmode);
         CHECK(test_encode(qif_file, out_file, tablesize, streams, ackmode) == 0);
       }
     }
@@ -443,7 +444,7 @@ TEST_CASE("Encoding", "[qpack-encode]")
 TEST_CASE("Decoding", "[qpack-decode]")
 {
   char app_dir[PATH_MAX + 1] = "";
-  sprintf(app_dir, "%s/%s", encdir, appname);
+  snprintf(app_dir, sizeof(app_dir), "%s/%s", encdir, appname);
   struct dirent *d;
   DIR *dir = opendir(app_dir);
 
@@ -460,13 +461,14 @@ TEST_CASE("Decoding", "[qpack-decode]")
 
   while ((d = readdir(dir)) != nullptr) {
     char section_name[1024];
-    sprintf(section_name, "%s: DTS=%d, MBS=%d, AM=%d, APP=%s", d->d_name, tablesize, streams, ackmode, appname);
+    snprintf(section_name, sizeof(section_name), "%s: DTS=%d, MBS=%d, AM=%d, APP=%s", d->d_name, tablesize, streams, ackmode,
+             appname);
     SECTION(section_name)
     {
-      sprintf(enc_file + strlen(encdir), "/%s/%s", appname, d->d_name);
+      snprintf(enc_file + strlen(encdir), sizeof(enc_file) - strlen(encdir), "/%s/%s", appname, d->d_name);
       stat(enc_file, &st);
       if (S_ISREG(st.st_mode) && strstr(d->d_name, pattern)) {
-        sprintf(out_file + strlen(decdir), "/%s/%s.decoded", appname, d->d_name);
+        snprintf(out_file + strlen(decdir), sizeof(out_file) - strlen(decdir), "/%s/%s.decoded", appname, d->d_name);
         CHECK(test_decode(enc_file, out_file, tablesize, streams, ackmode, appname) == 0);
       }
     }
diff --git a/src/tscore/unit_tests/test_MMH.cc b/src/tscore/unit_tests/test_MMH.cc
index 9cdf7ffaf..36fc53407 100644
--- a/src/tscore/unit_tests/test_MMH.cc
+++ b/src/tscore/unit_tests/test_MMH.cc
@@ -76,7 +76,7 @@ TEST_CASE("MMH", "[libts][MMH]")
   for (int xx = 0; xx < TEST_COLLISIONS; xx++) {
     char xs[256];
     xf[xx] = ts::Random::drandom();
-    sprintf(xs, "http://@npdev/%16.14f/4000;?", xf[xx]);
+    snprintf(xs, sizeof(xs), "http://@npdev/%16.14f/4000;?", xf[xx]);
     ink_code_MMH((unsigned char *)xs, strlen(xs), (unsigned char *)&xxh[xx]);
   }
   qsort(xxh, TEST_COLLISIONS, 16, xxcompar);
diff --git a/tests/gold_tests/tls/ssl-post.c b/tests/gold_tests/tls/ssl-post.c
index 5823e3477..9e37597d4 100644
--- a/tests/gold_tests/tls/ssl-post.c
+++ b/tests/gold_tests/tls/ssl-post.c
@@ -230,7 +230,7 @@ main(int argc, char *argv[])
            sizeof(post_buf));
   int i;
   for (i = 0; i < header_count; i++) {
-    sprintf(req_buf + strlen(req_buf), "header%d:%d\r\n", i, i);
+    snprintf(req_buf + strlen(req_buf), sizeof(req_buf) - strlen(req_buf), "header%d:%d\r\n", i, i);
   }
   strcat(req_buf, "\r\n");
   memset(post_buf, '0', sizeof(post_buf));