Cleanup: remove seprintf and vsnprintf

2023-06-07 22:30:23 +02:00 · 2023-06-07 22:30:23 +02:00 · 48dcb79145
parent 13cdf5fffa
commit 48dcb79145
4 changed files with 1 additions and 86 deletions
--- a/src/safeguards.h
+++ b/src/safeguards.h
@ -40,7 +40,7 @@
 #define strcat    SAFEGUARD_DO_NOT_USE_THIS_METHOD
 #define strncat   SAFEGUARD_DO_NOT_USE_THIS_METHOD
-/* Use seprintf instead. */
+/* Use fmt::format instead. */
 #define sprintf   SAFEGUARD_DO_NOT_USE_THIS_METHOD
 #define snprintf  SAFEGUARD_DO_NOT_USE_THIS_METHOD
--- a/src/stdafx.h
+++ b/src/stdafx.h
@ -90,10 +90,6 @@
 #if defined(__GNUC__) || (defined(__clang__) && !defined(_MSC_VER))
 #	define NORETURN __attribute__ ((noreturn))
 #	define CDECL
 #	define __int64 long long
 	/* Warn about functions using 'printf' format syntax. First argument determines which parameter
 	 * is the format string, second argument is start of values passed to printf. */
 #	define WARN_FORMAT(string, args) __attribute__ ((format (printf, string, args)))
 #	if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)
 #		define FINAL final
 #	else
@ -128,7 +124,6 @@
 #if defined(__WATCOMC__)
 #	define NORETURN
 #	define CDECL
 #	define WARN_FORMAT(string, args)
 #	define FINAL
 #	define FALLTHROUGH
 #	include <malloc.h>
@ -170,7 +165,6 @@
 #	endif
 #	define CDECL _cdecl
 #	define WARN_FORMAT(string, args)
 #	define FINAL final
 	/* fallthrough attribute, VS 2017 */
--- a/src/string.cpp
+++ b/src/string.cpp
@ -21,7 +21,6 @@
 #include <iomanip>
 #ifdef _MSC_VER
 #	include <errno.h> // required by vsnprintf implementation for MSVC
 #	define strncasecmp strnicmp
 #endif
@ -44,10 +43,7 @@
 #	include "os/macosx/string_osx.h"
 #endif
 /* The function vsnprintf is used internally to perform the required formatting
 * tasks. As such this one must be allowed, and makes sure it's terminated. */
 #include "safeguards.h"
 #undef vsnprintf
 /**
@ -455,67 +451,6 @@ bool IsValidChar(WChar key, CharSetFilter afilter)
 	}
 }
 #ifdef _WIN32
 #if defined(_MSC_VER) && _MSC_VER < 1900
 /**
 * Almost POSIX compliant implementation of \c vsnprintf for VC compiler.
 * The difference is in the value returned on output truncation. This
 * implementation returns size whereas a POSIX implementation returns
 * size or more (the number of bytes that would be written to str
 * had size been sufficiently large excluding the terminating null byte).
 */
 int CDECL vsnprintf(char *str, size_t size, const char *format, va_list ap)
 {
 	if (size == 0) return 0;
 	errno = 0;
 	int ret = _vsnprintf(str, size, format, ap);
 	if (ret < 0) {
 		if (errno != ERANGE) {
 			/* There's a formatting error, better get that looked
 			 * at properly instead of ignoring it. */
 			NOT_REACHED();
 		}
 	} else if ((size_t)ret < size) {
 		/* The buffer is big enough for the number of
 		 * characters stored (excluding null), i.e.
 		 * the string has been null-terminated. */
 		return ret;
 	}
 	/* The buffer is too small for _vsnprintf to write the
 	 * null-terminator at its end and return size. */
 	str[size - 1] = '\0';
 	return (int)size;
 }
 #endif /* _MSC_VER */
 #endif /* _WIN32 */
 /**
 * Safer implementation of snprintf; same as snprintf except:
 * - last instead of size, i.e. replace sizeof with lastof.
 * - return gives the amount of characters added, not what it would add.
 * @param str    buffer to write to up to last
 * @param last   last character we may write to
 * @param format the formatting (see snprintf)
 * @return the number of added characters
 */
 int CDECL seprintf(char *str, const char *last, const char *format, ...)
 {
 	ptrdiff_t diff = last - str;
 	if (diff < 0) return 0;
 	va_list ap;
 	va_start(ap, format);
 	int ret = std::min(static_cast<int>(diff), vsnprintf(str, diff + 1, format, ap));
 	va_end(ap);
 	return ret;
 }
 /* UTF-8 handling routines */
--- a/src/string_func.h
+++ b/src/string_func.h
@ -7,18 +7,6 @@
 /**
 * @file string_func.h Functions related to low-level strings.
 *
 * @note Be aware of "dangerous" string functions; string functions that
 * have behaviour that could easily cause buffer overruns and such:
 * - strncpy: does not '\0' terminate when input string is longer than
 *   the size of the output string. Use strecpy instead.
 * - [v]snprintf: returns the length of the string as it would be written
 *   when the output is large enough, so it can be more than the size of
 *   the buffer and than can underflow size_t (uint-ish) which makes all
 *   subsequent snprintf alikes write outside of the buffer. Use
 *   [v]seprintf instead; it will return the number of bytes actually
 *   added so no [v]seprintf will cause outside of bounds writes.
 * - [v]sprintf: does not bounds checking: use [v]seprintf instead.
 */
 #ifndef STRING_FUNC_H
@ -33,8 +21,6 @@
 char *strecpy(char *dst, const char *src, const char *last) NOACCESS(3);
 char *stredup(const char *src, const char *last = nullptr) NOACCESS(2);
 int CDECL seprintf(char *str, const char *last, const char *format, ...) WARN_FORMAT(3, 4) NOACCESS(2);
 std::string FormatArrayAsHex(span<const byte> data);
 void StrMakeValidInPlace(char *str, const char *last, StringValidationSettings settings = SVS_REPLACE_WITH_QUESTION_MARK) NOACCESS(2);