tUse snprintf instead of sprintf for security reasons - cngf-pf - continuum mod… | |
git clone git://src.adamsgaard.dk/cngf-pf | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit 05b6c6a8eb96032d53f60ae53158a3870dc7cc5d | |
parent 374445d8f064c5aea4703a6f957795bea7425c95 | |
Author: Anders Damsgaard <[email protected]> | |
Date: Mon, 26 Aug 2019 10:32:26 +0200 | |
Use snprintf instead of sprintf for security reasons | |
Diffstat: | |
M main.c | 2 +- | |
M parameter_defaults.h | 2 +- | |
M simulation.c | 7 ++++--- | |
3 files changed, 6 insertions(+), 5 deletions(-) | |
--- | |
diff --git a/main.c b/main.c | |
t@@ -268,7 +268,7 @@ main(int argc, char* argv[]) | |
"error: more than one simulation name specifie… | |
return 1; | |
} | |
- sprintf(sim.name, "%s", argv[i]); | |
+ snprintf(sim.name, sizeof(sim.name), "%s", argv[i]); | |
} | |
prepare_arrays(&sim); | |
diff --git a/parameter_defaults.h b/parameter_defaults.h | |
t@@ -13,7 +13,7 @@ struct simulation init_sim(void) | |
{ | |
struct simulation sim; | |
- sprintf(sim.name, DEFAULT_SIMULATION_NAME); | |
+ snprintf(sim.name, sizeof(sim.name), DEFAULT_SIMULATION_NAME); | |
sim.G = 9.81; | |
diff --git a/simulation.c b/simulation.c | |
t@@ -63,12 +63,12 @@ check_float(const char name[], const double value, int* re… | |
#endif | |
if (isnan(value)) { | |
char message[100]; | |
- sprintf(message, "%s is NaN", name); | |
+ snprintf(message, sizeof(message), "%s is NaN", name); | |
warn_parameter_value(message, value, return_status); | |
*return_status = 1; | |
} else if (isinf(value)) { | |
char message[100]; | |
- sprintf(message, "%s is infinite", name); | |
+ snprintf(message, sizeof(message), "%s is infinite", name); | |
warn_parameter_value(message, value, return_status); | |
*return_status = 1; | |
} | |
t@@ -471,7 +471,8 @@ write_output_file(struct simulation* sim, const int normal… | |
char outfile[200]; | |
FILE *fp; | |
- sprintf(outfile, "%s.output%05d.txt", sim->name, sim->n_file++); | |
+ snprintf(outfile, sizeof(outfile), "%s.output%05d.txt", | |
+ sim->name, sim->n_file++); | |
fp = fopen(outfile, "w"); | |
if (sim->fluid) |