Replace sprintf with snprintf

This commit is contained in:
o9000 2017-12-21 11:22:11 +01:00
parent 6bf72a030a
commit c96201930b
9 changed files with 67 additions and 54 deletions

View file

@ -882,22 +882,22 @@ gboolean read_execp(void *obj)
return FALSE; return FALSE;
} }
const char *time_to_string(int seconds, char *buffer) const char *time_to_string(int seconds, char *buffer, size_t buffer_size)
{ {
if (seconds < 60) { if (seconds < 60) {
sprintf(buffer, "%ds", seconds); snprintf(buffer, buffer_size, "%ds", seconds);
} else if (seconds < 60 * 60) { } else if (seconds < 60 * 60) {
int m = seconds / 60; int m = seconds / 60;
seconds = seconds % 60; seconds = seconds % 60;
int s = seconds; int s = seconds;
sprintf(buffer, "%d:%ds", m, s); snprintf(buffer, buffer_size, "%d:%ds", m, s);
} else { } else {
int h = seconds / (60 * 60); int h = seconds / (60 * 60);
seconds = seconds % (60 * 60); seconds = seconds % (60 * 60);
int m = seconds / 60; int m = seconds / 60;
seconds = seconds % 60; seconds = seconds % 60;
int s = seconds; int s = seconds;
sprintf(buffer, "%d:%d:%ds", h, m, s); snprintf(buffer, buffer_size, "%d:%d:%ds", h, m, s);
} }
return buffer; return buffer;
} }
@ -923,35 +923,39 @@ char *execp_get_tooltip(void *obj)
if (execp->backend->last_update_finish_time) { if (execp->backend->last_update_finish_time) {
// We updated at least once // We updated at least once
if (execp->backend->interval > 0) { if (execp->backend->interval > 0) {
sprintf(execp->backend->tooltip_text, snprintf(execp->backend->tooltip_text,
"Last update finished %s ago (took %s). Next update starting in %s.", sizeof(execp->backend->tooltip_text),
time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1), "Last update finished %s ago (took %s). Next update starting in %s.",
time_to_string((int)execp->backend->last_update_duration, tmp_buf2), time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1, sizeof(tmp_buf1)),
time_to_string((int)(execp->backend->interval - (now - execp->backend->last_update_finish_time)), time_to_string((int)execp->backend->last_update_duration, tmp_buf2, sizeof(tmp_buf2)),
tmp_buf3)); time_to_string((int)(execp->backend->interval - (now - execp->backend->last_update_finish_time)),
tmp_buf3, sizeof(tmp_buf3)));
} else { } else {
sprintf(execp->backend->tooltip_text, snprintf(execp->backend->tooltip_text,
"Last update finished %s ago (took %s).", sizeof(execp->backend->tooltip_text),
time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1), "Last update finished %s ago (took %s).",
time_to_string((int)execp->backend->last_update_duration, tmp_buf2)); time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1, sizeof(tmp_buf1)),
time_to_string((int)execp->backend->last_update_duration, tmp_buf2, sizeof(tmp_buf2)));
} }
} else { } else {
// we never requested an update // we never requested an update
sprintf(execp->backend->tooltip_text, "Never updated. No update scheduled."); snprintf(execp->backend->tooltip_text, sizeof(execp->backend->tooltip_text), "Never updated. No update scheduled.");
} }
} else { } else {
// Currently executing command // Currently executing command
if (execp->backend->last_update_finish_time) { if (execp->backend->last_update_finish_time) {
// we finished updating at least once // we finished updating at least once
sprintf(execp->backend->tooltip_text, snprintf(execp->backend->tooltip_text,
"Last update finished %s ago. Update in progress (started %s ago).", sizeof(execp->backend->tooltip_text),
time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1), "Last update finished %s ago. Update in progress (started %s ago).",
time_to_string((int)(now - execp->backend->last_update_start_time), tmp_buf3)); time_to_string((int)(now - execp->backend->last_update_finish_time), tmp_buf1, sizeof(tmp_buf1)),
time_to_string((int)(now - execp->backend->last_update_start_time), tmp_buf3, sizeof(tmp_buf3)));
} else { } else {
// we never finished an update // we never finished an update
sprintf(execp->backend->tooltip_text, snprintf(execp->backend->tooltip_text,
"First update in progress (started %s seconds ago).", sizeof(execp->backend->tooltip_text),
time_to_string((int)(now - execp->backend->last_update_start_time), tmp_buf1)); "First update in progress (started %s seconds ago).",
time_to_string((int)(now - execp->backend->last_update_start_time), tmp_buf1, sizeof(tmp_buf1)));
} }
} }
return strdup(execp->backend->tooltip_text); return strdup(execp->backend->tooltip_text);

View file

@ -60,9 +60,9 @@ void expand_exec(DesktopEntry *entry, const char *path)
// %c -> Name // %c -> Name
// %k -> path // %k -> path
if (entry->exec) { if (entry->exec) {
char *exec2 = calloc(strlen(entry->exec) + (entry->name ? strlen(entry->name) : 1) + size_t buf_size = strlen(entry->exec) + (entry->name ? strlen(entry->name) : 1) +
(entry->icon ? strlen(entry->icon) : 1) + 100, (entry->icon ? strlen(entry->icon) : 1) + 100;
1); char *exec2 = calloc(buf_size, 1);
char *p, *q; char *p, *q;
// p will never point to an escaped char // p will never point to an escaped char
for (p = entry->exec, q = exec2; *p; p++, q++) { for (p = entry->exec, q = exec2; *p; p++, q++) {
@ -82,23 +82,30 @@ void expand_exec(DesktopEntry *entry, const char *path)
if (!*p) if (!*p)
break; break;
if (*p == 'i' && entry->icon != NULL) { if (*p == 'i' && entry->icon != NULL) {
sprintf(q, "--icon '%s'", entry->icon); snprintf(q, buf_size, "--icon '%s'", entry->icon);
char *old = q;
q += strlen("--icon ''"); q += strlen("--icon ''");
q += strlen(entry->icon); q += strlen(entry->icon);
buf_size -= (size_t)(q - old);
q--; // To balance the q++ in the for q--; // To balance the q++ in the for
} else if (*p == 'c' && entry->name != NULL) { } else if (*p == 'c' && entry->name != NULL) {
sprintf(q, "'%s'", entry->name); snprintf(q, buf_size, "'%s'", entry->name);
char *old = q;
q += strlen("''"); q += strlen("''");
q += strlen(entry->name); q += strlen(entry->name);
buf_size -= (size_t)(q - old);
q--; // To balance the q++ in the for q--; // To balance the q++ in the for
} else if (*p == 'c') { } else if (*p == 'c') {
sprintf(q, "'%s'", path); snprintf(q, buf_size, "'%s'", path);
char *old = q;
q += strlen("''"); q += strlen("''");
q += strlen(path); q += strlen(path);
buf_size -= (size_t)(q - old);
q--; // To balance the q++ in the for q--; // To balance the q++ in the for
} else if (*p == 'f' || *p == 'F') { } else if (*p == 'f' || *p == 'F') {
sprintf(q, "%c%c", '%', *p); snprintf(q, buf_size, "%c%c", '%', *p);
q += 2; q += 2;
buf_size -= 2;
q--; // To balance the q++ in the for q--; // To balance the q++ in the for
} else { } else {
// We don't care about other expansions // We don't care about other expansions

View file

@ -621,7 +621,7 @@ char *get_icon_path_helper(GSList *themes, const char *icon_name, int size)
} }
file_name[0] = 0; file_name[0] = 0;
// filename = directory/$(themename)/subdirectory/iconname.extension // filename = directory/$(themename)/subdirectory/iconname.extension
sprintf(file_name, "%s/%s/%s/%s%s", base_name, theme_name, dir_name, icon_name, extension); snprintf(file_name, (size_t)file_name_size, "%s/%s/%s/%s%s", base_name, theme_name, dir_name, icon_name, extension);
if (debug_icons) if (debug_icons)
fprintf(stderr, "tint2: Checking %s\n", file_name); fprintf(stderr, "tint2: Checking %s\n", file_name);
if (g_file_test(file_name, G_FILE_TEST_EXISTS)) { if (g_file_test(file_name, G_FILE_TEST_EXISTS)) {
@ -679,9 +679,10 @@ char *get_icon_path_helper(GSList *themes, const char *icon_name, int size)
for (GSList *ext = extensions; ext; ext = g_slist_next(ext)) { for (GSList *ext = extensions; ext; ext = g_slist_next(ext)) {
char *base_name = (char *)base->data; char *base_name = (char *)base->data;
char *extension = (char *)ext->data; char *extension = (char *)ext->data;
file_name = calloc(strlen(base_name) + strlen(icon_name) + strlen(extension) + 100, 1); size_t file_name_size = strlen(base_name) + strlen(icon_name) + strlen(extension) + 100;
file_name = calloc(file_name_size, 1);
// filename = directory/iconname.extension // filename = directory/iconname.extension
sprintf(file_name, "%s/%s%s", base_name, icon_name, extension); snprintf(file_name, file_name_size, "%s/%s%s", base_name, icon_name, extension);
if (debug_icons) if (debug_icons)
fprintf(stderr, "tint2: Checking %s\n", file_name); fprintf(stderr, "tint2: Checking %s\n", file_name);
if (g_file_test(file_name, G_FILE_TEST_EXISTS)) { if (g_file_test(file_name, G_FILE_TEST_EXISTS)) {

View file

@ -470,7 +470,7 @@ void launcher_load_icons(Launcher *launcher)
launcherIcon->area.size_mode = LAYOUT_FIXED; launcherIcon->area.size_mode = LAYOUT_FIXED;
launcherIcon->area._resize = NULL; launcherIcon->area._resize = NULL;
launcherIcon->area._compute_desired_size = launcher_icon_compute_desired_size; launcherIcon->area._compute_desired_size = launcher_icon_compute_desired_size;
sprintf(launcherIcon->area.name, "LauncherIcon %d", index); snprintf(launcherIcon->area.name, sizeof(launcherIcon->area.name), "LauncherIcon %d", index);
launcherIcon->area.resize_needed = 0; launcherIcon->area.resize_needed = 0;
launcherIcon->area.has_mouse_over_effect = panel_config.mouse_effects; launcherIcon->area.has_mouse_over_effect = panel_config.mouse_effects;
launcherIcon->area.has_mouse_press_effect = launcherIcon->area.has_mouse_over_effect; launcherIcon->area.has_mouse_press_effect = launcherIcon->area.has_mouse_over_effect;

View file

@ -723,7 +723,7 @@ void handle_panel_refresh()
if (debug_frames) { if (debug_frames) {
for (int i = 0; i < num_panels; i++) { for (int i = 0; i < num_panels; i++) {
char path[256]; char path[256];
sprintf(path, "tint2-%d-panel-%d-frame-%d.png", getpid(), i, frame); snprintf(path, sizeof(path), "tint2-%d-panel-%d-frame-%d.png", getpid(), i, frame);
save_panel_screenshot(&panels[i], path); save_panel_screenshot(&panels[i], path);
} }
} }

View file

@ -1312,19 +1312,19 @@ void set_panel_items(const char *items)
} else if (v == ':') { } else if (v == ':') {
separator_index++; separator_index++;
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Separator"), separator_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Separator"), separator_index + 1);
name = buffer; name = buffer;
value = ":"; value = ":";
} else if (v == 'E') { } else if (v == 'E') {
execp_index++; execp_index++;
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Executor"), execp_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Executor"), execp_index + 1);
name = buffer; name = buffer;
value = "E"; value = "E";
} else if (v == 'P') { } else if (v == 'P') {
button_index++; button_index++;
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Button"), button_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Button"), button_index + 1);
name = buffer; name = buffer;
value = "P"; value = "P";
} else { } else {
@ -4097,7 +4097,7 @@ void create_separator(GtkWidget *notebook, int i)
Separator *separator = &g_array_index(separators, Separator, i); Separator *separator = &g_array_index(separators, Separator, i);
separator->name[0] = 0; separator->name[0] = 0;
sprintf(separator->name, "%s %d", _("Separator"), i + 1); snprintf(separator->name, sizeof(separator->name), "%s %d", _("Separator"), i + 1);
separator->page_label = gtk_label_new(separator->name); separator->page_label = gtk_label_new(separator->name);
gtk_widget_show(separator->page_label); gtk_widget_show(separator->page_label);
separator->page_separator = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING); separator->page_separator = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING);
@ -4223,7 +4223,7 @@ void create_execp(GtkWidget *notebook, int i)
Executor *executor = &g_array_index(executors, Executor, i); Executor *executor = &g_array_index(executors, Executor, i);
executor->name[0] = 0; executor->name[0] = 0;
sprintf(executor->name, "%s %d", _("Executor"), i + 1); snprintf(executor->name, sizeof(executor->name), "%s %d", _("Executor"), i + 1);
executor->page_label = gtk_label_new(executor->name); executor->page_label = gtk_label_new(executor->name);
gtk_widget_show(executor->page_label); gtk_widget_show(executor->page_label);
executor->page_execp = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING); executor->page_execp = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING);
@ -4644,7 +4644,7 @@ void create_button(GtkWidget *notebook, int i)
Button *button = &g_array_index(buttons, Button, i); Button *button = &g_array_index(buttons, Button, i);
button->name[0] = 0; button->name[0] = 0;
sprintf(button->name, "%s %d", _("Button"), i + 1); snprintf(button->name, sizeof(button->name), "%s %d", _("Button"), i + 1);
button->page_label = gtk_label_new(button->name); button->page_label = gtk_label_new(button->name);
gtk_widget_show(button->page_label); gtk_widget_show(button->page_label);
button->page_button = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING); button->page_button = gtk_vbox_new(FALSE, DEFAULT_HOR_SPACING);
@ -5033,7 +5033,7 @@ void separator_update_indices()
{ {
for (int i = 0; i < separators->len; i++) { for (int i = 0; i < separators->len; i++) {
Separator *separator = &g_array_index(separators, Separator, i); Separator *separator = &g_array_index(separators, Separator, i);
sprintf(separator->name, "%s %d", _("Separator"), i + 1); snprintf(separator->name, sizeof(separator->name), "%s %d", _("Separator"), i + 1);
gtk_label_set_text(GTK_LABEL(separator->page_label), separator->name); gtk_label_set_text(GTK_LABEL(separator->page_label), separator->name);
} }
@ -5051,7 +5051,7 @@ void separator_update_indices()
separator_index++; separator_index++;
char buffer[256]; char buffer[256];
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Separator"), separator_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Separator"), separator_index + 1);
gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1); gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1);
} }
@ -5065,7 +5065,7 @@ void execp_update_indices()
{ {
for (int i = 0; i < executors->len; i++) { for (int i = 0; i < executors->len; i++) {
Executor *executor = &g_array_index(executors, Executor, i); Executor *executor = &g_array_index(executors, Executor, i);
sprintf(executor->name, "%s %d", _("Executor"), i + 1); snprintf(executor->name, sizeof(executor->name), "%s %d", _("Executor"), i + 1);
gtk_label_set_text(GTK_LABEL(executor->page_label), executor->name); gtk_label_set_text(GTK_LABEL(executor->page_label), executor->name);
} }
@ -5083,7 +5083,7 @@ void execp_update_indices()
execp_index++; execp_index++;
char buffer[256]; char buffer[256];
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Executor"), execp_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Executor"), execp_index + 1);
gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1); gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1);
} }
@ -5097,7 +5097,7 @@ void button_update_indices()
{ {
for (int i = 0; i < buttons->len; i++) { for (int i = 0; i < buttons->len; i++) {
Button *button = &g_array_index(buttons, Button, i); Button *button = &g_array_index(buttons, Button, i);
sprintf(button->name, "%s %d", _("Button"), i + 1); snprintf(button->name, sizeof(button->name), "%s %d", _("Button"), i + 1);
gtk_label_set_text(GTK_LABEL(button->page_label), button->name); gtk_label_set_text(GTK_LABEL(button->page_label), button->name);
} }
@ -5115,7 +5115,7 @@ void button_update_indices()
button_index++; button_index++;
char buffer[256]; char buffer[256];
buffer[0] = 0; buffer[0] = 0;
sprintf(buffer, "%s %d", _("Button"), button_index + 1); snprintf(buffer, sizeof(buffer), "%s %d", _("Button"), button_index + 1);
gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1); gtk_list_store_set(panel_items, &iter, itemsColName, buffer, -1);
} }

View file

@ -478,7 +478,7 @@ void config_write_task_font_color(FILE *fp, char *name, GtkWidget *task_color)
GdkColor color; GdkColor color;
gtk_color_button_get_color(GTK_COLOR_BUTTON(task_color), &color); gtk_color_button_get_color(GTK_COLOR_BUTTON(task_color), &color);
char full_name[128]; char full_name[128];
sprintf(full_name, "task%s_font_color", name); snprintf(full_name, sizeof(full_name), "task%s_font_color", name);
config_write_color(fp, full_name, color, gtk_color_button_get_alpha(GTK_COLOR_BUTTON(task_color)) * 100 / 0xffff); config_write_color(fp, full_name, color, gtk_color_button_get_alpha(GTK_COLOR_BUTTON(task_color)) * 100 / 0xffff);
} }
@ -489,7 +489,7 @@ void config_write_task_icon_osb(FILE *fp,
GtkWidget *widget_brightness) GtkWidget *widget_brightness)
{ {
char full_name[128]; char full_name[128];
sprintf(full_name, "task%s_icon_asb", name); snprintf(full_name, sizeof(full_name), "task%s_icon_asb", name);
fprintf(fp, fprintf(fp,
"%s = %d %d %d\n", "%s = %d %d %d\n",
full_name, full_name,
@ -501,7 +501,7 @@ void config_write_task_icon_osb(FILE *fp,
void config_write_task_background(FILE *fp, char *name, GtkWidget *task_background) void config_write_task_background(FILE *fp, char *name, GtkWidget *task_background)
{ {
char full_name[128]; char full_name[128];
sprintf(full_name, "task%s_background_id", name); snprintf(full_name, sizeof(full_name), "task%s_background_id", name);
fprintf(fp, "%s = %d\n", full_name, gtk_combo_box_get_active(GTK_COMBO_BOX(task_background))); fprintf(fp, "%s = %d\n", full_name, gtk_combo_box_get_active(GTK_COMBO_BOX(task_background)));
} }

View file

@ -191,7 +191,7 @@ const char *signal_name(int sig)
return "SIGSYS: Bad system call."; return "SIGSYS: Bad system call.";
} }
static char s[64]; static char s[64];
sprintf(s, "SIG=%d: Unknown", sig); snprintf(s, sizeof(s), "SIG=%d: Unknown", sig);
return s; return s;
} }
@ -266,7 +266,7 @@ extern char *config_path;
int setenvd(const char *name, const int value) int setenvd(const char *name, const int value)
{ {
char buf[256]; char buf[256];
sprintf(buf, "%d", value); snprintf(buf, sizeof(buf), "%d", value);
return setenv(name, buf, 1); return setenv(name, buf, 1);
} }
@ -793,7 +793,7 @@ Imlib_Image load_image(const char *path, int cached)
} }
if (!image && g_str_has_suffix(path, ".svg")) { if (!image && g_str_has_suffix(path, ".svg")) {
char tmp_filename[128]; char tmp_filename[128];
sprintf(tmp_filename, "/tmp/tint2-%d.png", (int)getpid()); snprintf(tmp_filename, sizeof(tmp_filename), "/tmp/tint2-%d.png", (int)getpid());
int fd = open(tmp_filename, O_CREAT | O_EXCL, 0600); int fd = open(tmp_filename, O_CREAT | O_EXCL, 0600);
if (fd >= 0) { if (fd >= 0) {
// We fork here because librsvg allocates memory like crazy // We fork here because librsvg allocates memory like crazy

View file

@ -49,8 +49,9 @@ char *addr2name(void *func)
free(strings); free(strings);
return result; return result;
#else #else
char *result = (char*) calloc(32, 1); const size_t buf_size = 32;
sprintf(result, "%p", func); char *result = (char*) calloc(buf_size, 1);
snprintf(result, buf_size, "%p", func);
return result; return result;
#endif #endif
} }