mirror
/
OpenTTD
mirror of https://github.com/OpenTTD/OpenTTD
1
0
Fork 0
Code Issues

(svn r14542) -Codechange: replace some sprintf with s[en]printf to make sure they will not overflow their buffers.

release/0.7
rubidium 2008-10-28 16:04:41 +00:00
parent da0a0ef8ca
commit 633b15caf3
4 changed files with 29 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/fios.cpp
View File

@ -95,9 +95,9 @@ char *FiosBrowseTo(const FiosItem *item)
switch (item->type) { switch (item->type) {
case FIOS_TYPE_DRIVE: case FIOS_TYPE_DRIVE:
#if defined(WINCE) #if defined(WINCE)
sprintf(path, PATHSEP ""); snprintf(path, MAX_PATH, PATHSEP "");
#elif defined(WIN32) || defined(__OS2__) #elif defined(WIN32) || defined(__OS2__)
sprintf(path, "%c:" PATHSEP, item->title[0]); snprintf(path, MAX_PATH, "%c:" PATHSEP, item->title[0]);
#endif #endif
/* Fallthrough */ /* Fallthrough */
case FIOS_TYPE_INVALID: case FIOS_TYPE_INVALID:
@ -124,7 +124,7 @@ char *FiosBrowseTo(const FiosItem *item)
break; break;
case FIOS_TYPE_DIRECT: case FIOS_TYPE_DIRECT:
sprintf(path, "%s", item->name); snprintf(path, MAX_PATH, "%s", item->name);
break; break;
case FIOS_TYPE_FILE: case FIOS_TYPE_FILE:

2
src/music/os2_m.cpp
View File

@ -27,7 +27,7 @@ static long CDECL MidiSendCommand(const char *cmd, ...)
va_list va; va_list va;
char buf[512]; char buf[512];
va_start(va, cmd); va_start(va, cmd);
vsprintf(buf, cmd, va); vseprintf(buf, lastof(buf), cmd, va);
va_end(va); va_end(va);
return mciSendString(buf, NULL, 0, NULL, 0); return mciSendString(buf, NULL, 0, NULL, 0);
} }

2
src/network/network_gui.cpp
View File

@ -1512,7 +1512,7 @@ struct NetworkClientListPopupWindow : Window {
GetString(this->action[i], STR_NETWORK_CLIENTLIST_KICK, lastof(this->action[i])); GetString(this->action[i], STR_NETWORK_CLIENTLIST_KICK, lastof(this->action[i]));
this->proc[i++] = &ClientList_Kick; this->proc[i++] = &ClientList_Kick;
sprintf(this->action[i],"Ban"); // XXX GetString? seprintf(this->action[i], lastof(this->action[i]), "Ban"); // XXX GetString?
this->proc[i++] = &ClientList_Ban; this->proc[i++] = &ClientList_Ban;
} }

44
src/win32.cpp
View File

@ -177,14 +177,14 @@ static void GetFileInfo(DebugFileInfo *dfi, const TCHAR *filename)
} }
static char *PrintModuleInfo(char *output, HMODULE mod) static char *PrintModuleInfo(char *output, const char *last, HMODULE mod)
{ {
TCHAR buffer[MAX_PATH]; TCHAR buffer[MAX_PATH];
DebugFileInfo dfi; DebugFileInfo dfi;
GetModuleFileName(mod, buffer, MAX_PATH); GetModuleFileName(mod, buffer, MAX_PATH);
GetFileInfo(&dfi, buffer); GetFileInfo(&dfi, buffer);
output += sprintf(output, " %-20s handle: %p size: %d crc: %.8X date: %d-%.2d-%.2d %.2d:%.2d:%.2d\r\n", output += seprintf(output, last, " %-20s handle: %p size: %d crc: %.8X date: %d-%.2d-%.2d %.2d:%.2d:%.2d\r\n",
WIDE_TO_MB(buffer), WIDE_TO_MB(buffer),
mod, mod,
dfi.size, dfi.size,
@ -199,7 +199,7 @@ static char *PrintModuleInfo(char *output, HMODULE mod)
return output; return output;
} }
static char *PrintModuleList(char *output) static char *PrintModuleList(char *output, const char *last)
{ {
BOOL (WINAPI *EnumProcessModules)(HANDLE, HMODULE*, DWORD, LPDWORD); BOOL (WINAPI *EnumProcessModules)(HANDLE, HMODULE*, DWORD, LPDWORD);
@ -215,12 +215,12 @@ static char *PrintModuleList(char *output)
if (res) { if (res) {
size_t count = min(needed / sizeof(HMODULE), lengthof(modules)); size_t count = min(needed / sizeof(HMODULE), lengthof(modules));
for (size_t i = 0; i != count; i++) output = PrintModuleInfo(output, modules[i]); for (size_t i = 0; i != count; i++) output = PrintModuleInfo(output, last, modules[i]);
return output; return output;
} }
} }
} }
output = PrintModuleInfo(output, NULL); output = PrintModuleInfo(output, last, NULL);
return output; return output;
} }
@ -464,6 +464,9 @@ static void GamelogPrintCrashLogProc(const char *s)
WriteFile(_file_crash_log, "\r\n", (DWORD)strlen("\r\n"), &num_written, NULL); WriteFile(_file_crash_log, "\r\n", (DWORD)strlen("\r\n"), &num_written, NULL);
} }
/** Amount of output for the execption handler. */
static const int EXCEPTION_OUTPUT_SIZE = 8192;
static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep) static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
{ {
char *output; char *output;
@ -475,12 +478,13 @@ static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
_ident = GetTickCount(); // something pretty unique _ident = GetTickCount(); // something pretty unique
MakeCRCTable(AllocaM(uint32, 256)); MakeCRCTable(AllocaM(uint32, 256));
_crash_msg = output = (char*)LocalAlloc(LMEM_FIXED, 8192); _crash_msg = output = (char*)LocalAlloc(LMEM_FIXED, EXCEPTION_OUTPUT_SIZE);
const char *last = output + EXCEPTION_OUTPUT_SIZE - 1;
{ {
SYSTEMTIME time; SYSTEMTIME time;
GetLocalTime(&time); GetLocalTime(&time);
output += sprintf(output, output += seprintf(output, last,
"*** OpenTTD Crash Report ***\r\n" "*** OpenTTD Crash Report ***\r\n"
"Date: %d-%.2d-%.2d %.2d:%.2d:%.2d\r\n" "Date: %d-%.2d-%.2d %.2d:%.2d:%.2d\r\n"
"Build: %s built on " __DATE__ " " __TIME__ "\r\n", "Build: %s built on " __DATE__ " " __TIME__ "\r\n",
@ -495,12 +499,12 @@ static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
} }
if (_exception_string) if (_exception_string)
output += sprintf(output, "Reason: %s\r\n", _exception_string); output += seprintf(output, last, "Reason: %s\r\n", _exception_string);
output += sprintf(output, "Language: %s\r\n", _dynlang.curr_file); output += seprintf(output, last, "Language: %s\r\n", _dynlang.curr_file);
#ifdef _M_AMD64 #ifdef _M_AMD64
output += sprintf(output, "Exception %.8X at %.16IX\r\n" output += seprintf(output, last, "Exception %.8X at %.16IX\r\n"
"Registers:\r\n" "Registers:\r\n"
"RAX: %.16llX RBX: %.16llX RCX: %.16llX RDX: %.16llX\r\n" "RAX: %.16llX RBX: %.16llX RCX: %.16llX RDX: %.16llX\r\n"
"RSI: %.16llX RDI: %.16llX RBP: %.16llX RSP: %.16llX\r\n" "RSI: %.16llX RDI: %.16llX RBP: %.16llX RSP: %.16llX\r\n"
@ -530,7 +534,7 @@ static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
ep->ContextRecord->EFlags ep->ContextRecord->EFlags
); );
#else #else
output += sprintf(output, "Exception %.8X at %.8p\r\n" output += seprintf(output, last, "Exception %.8X at %.8p\r\n"
"Registers:\r\n" "Registers:\r\n"
" EAX: %.8X EBX: %.8X ECX: %.8X EDX: %.8X\r\n" " EAX: %.8X EBX: %.8X ECX: %.8X EDX: %.8X\r\n"
" ESI: %.8X EDI: %.8X EBP: %.8X ESP: %.8X\r\n" " ESI: %.8X EDI: %.8X EBP: %.8X ESP: %.8X\r\n"
@ -560,13 +564,13 @@ static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
int i; int i;
for (i = 0; i != 24; i++) { for (i = 0; i != 24; i++) {
if (IsBadReadPtr(b, 1)) { if (IsBadReadPtr(b, 1)) {
output += sprintf(output, " ??"); // OCR: WAS: , 0); output += seprintf(output, last, " ??"); // OCR: WAS: , 0);
} else { } else {
output += sprintf(output, " %.2X", *b); output += seprintf(output, last, " %.2X", *b);
} }
b++; b++;
} }
output += sprintf(output, output += seprintf(output, last,
"\r\n" "\r\n"
"\r\nStack trace: \r\n" "\r\nStack trace: \r\n"
); );
@ -582,24 +586,24 @@ static LONG WINAPI ExceptionHandler(EXCEPTION_POINTERS *ep)
for (j = 0; j != 24; j++) { for (j = 0; j != 24; j++) {
for (i = 0; i != 8; i++) { for (i = 0; i != 8; i++) {
if (IsBadReadPtr(b, sizeof(uint32))) { if (IsBadReadPtr(b, sizeof(uint32))) {
output += sprintf(output, " ????????"); //OCR: WAS - , 0); output += seprintf(output, last, " ????????"); //OCR: WAS - , 0);
} else { } else {
output += sprintf(output, " %.8X", *b); output += seprintf(output, last, " %.8X", *b);
} }
b++; b++;
} }
output += sprintf(output, "\r\n"); output += seprintf(output, last, "\r\n");
} }
} }
output += sprintf(output, "\r\nModule information:\r\n"); output += seprintf(output, last, "\r\nModule information:\r\n");
output = PrintModuleList(output); output = PrintModuleList(output, last);
{ {
_OSVERSIONINFOA os; _OSVERSIONINFOA os;
os.dwOSVersionInfoSize = sizeof(os); os.dwOSVersionInfoSize = sizeof(os);
GetVersionExA(&os); GetVersionExA(&os);
output += sprintf(output, "\r\nSystem information:\r\n" output += seprintf(output, last, "\r\nSystem information:\r\n"
" Windows version %d.%d %d %s\r\n\r\n", " Windows version %d.%d %d %s\r\n\r\n",
os.dwMajorVersion, os.dwMinorVersion, os.dwBuildNumber, os.szCSDVersion); os.dwMajorVersion, os.dwMinorVersion, os.dwBuildNumber, os.szCSDVersion);
} }