Thanks to Alejandro Colomar for pointing out that it would be better
to use a safer sprintf() alternative in the previous commit.
This fixes the calls in mutt_idna.c, as well as the rest of the
codebase where I found a malloc() followed by a sprintf().
---
This is based on top of the previous patchset updating mutt_idna.c.
I haven't pushed that patchset yet, to give more time for comments.
curs_lib.c | 4 ++--
init.c | 6 ++----
mutt_idna.c | 9 +++------
rfc822.c | 3 +--
send.c | 6 ++----
5 files changed, 10 insertions(+), 18 deletions(-)
diff --git a/curs_lib.c b/curs_lib.c
index e9795558..5c93cbb0 100644
--- a/curs_lib.c
+++ b/curs_lib.c
@@ -1138,9 +1138,9 @@ static int _enter_fname(const char *prompt, BUFFER
*fname, int flags,
}
else
{
- char *pc = safe_malloc(mutt_strlen(prompt) + 3);
+ char *pc;
- sprintf(pc, "%s: ", prompt); /* __SPRINTF_CHECKED__ */
+ safe_asprintf(&pc, "%s: ", prompt);
mutt_unget_event(ch.op ? 0 : ch.ch, ch.op ? ch.op : 0);
mutt_buffer_increase_size(fname, LONG_STRING);
diff --git a/init.c b/init.c
index 7f4b73b5..95425c83 100644
--- a/init.c
+++ b/init.c
@@ -4012,13 +4012,11 @@ void mutt_init(int skip_sys_rc, LIST *commands)
if (domain)
{
/* we have a compile-time domain name, use that for Fqdn */
- Fqdn = safe_malloc(mutt_strlen(domain) + mutt_strlen(Hostname) + 2);
- sprintf(Fqdn, "%s.%s", NONULL(Hostname), domain); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&Fqdn, "%s.%s", NONULL(Hostname), domain);
}
else if (!(getdnsdomainname(buffer)))
{
- Fqdn = safe_malloc(mutt_buffer_len(buffer) + mutt_strlen(Hostname) + 2);
- sprintf(Fqdn, "%s.%s", NONULL(Hostname), mutt_b2s(buffer)); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&Fqdn, "%s.%s", NONULL(Hostname), mutt_b2s(buffer));
}
else
/*
diff --git a/mutt_idna.c b/mutt_idna.c
index 6bfd3b88..0b3b61e3 100644
--- a/mutt_idna.c
+++ b/mutt_idna.c
@@ -115,8 +115,7 @@ static char *intl_to_utf8(char *orig_user, char
*orig_domain)
}
#endif
- mailbox = safe_malloc(mutt_strlen(utf8_user) + mutt_strlen(utf8_domain) + 2);
- sprintf(mailbox, "%s@%s", NONULL(utf8_user), NONULL(utf8_domain)); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&mailbox, "%s@%s", NONULL(utf8_user), NONULL(utf8_domain));
cleanup:
FREE(&utf8_domain);
@@ -211,8 +210,7 @@ static char *intl_to_local(char *orig_user, char
*orig_domain, int flags)
}
}
- mailbox = safe_malloc(mutt_strlen(local_user) + mutt_strlen(local_domain) +
2);
- sprintf(mailbox, "%s@%s", NONULL(local_user), NONULL(local_domain)); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&mailbox, "%s@%s", NONULL(local_user), NONULL(local_domain));
cleanup:
FREE(&local_user);
@@ -250,8 +248,7 @@ static char *local_to_intl(char *user, char *domain)
}
#endif /* defined(HAVE_LIBIDN) || defined(HAVE_LIBIDN2) */
- mailbox = safe_malloc(mutt_strlen(intl_user) + mutt_strlen(intl_domain) + 2);
- sprintf(mailbox, "%s@%s", NONULL(intl_user), NONULL(intl_domain)); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&mailbox, "%s@%s", NONULL(intl_user), NONULL(intl_domain));
cleanup:
FREE(&intl_user);
diff --git a/rfc822.c b/rfc822.c
index bfc1bb49..98230d49 100644
--- a/rfc822.c
+++ b/rfc822.c
@@ -680,8 +680,7 @@ void rfc822_qualify(ADDRESS *addr, const char *host)
for (; addr; addr = addr->next)
if (!addr->group && addr->mailbox && strchr(addr->mailbox, '@') == NULL)
{
- p = safe_malloc(mutt_strlen(addr->mailbox) + mutt_strlen(host) + 2);
- sprintf(p, "%s@%s", addr->mailbox, host); /* __SPRINTF_CHECKED__
*/
+ safe_asprintf(&p, "%s@%s", addr->mailbox, host);
FREE(&addr->mailbox);
addr->mailbox = p;
}
diff --git a/send.c b/send.c
index 64ea40c0..7554967e 100644
--- a/send.c
+++ b/send.c
@@ -771,8 +771,7 @@ void mutt_make_misc_reply_headers(ENVELOPE *env, CONTEXT
*ctx,
if (curenv->real_subj)
{
FREE(&env->subject);
- env->subject = safe_malloc(mutt_strlen(curenv->real_subj) + 5);
- sprintf(env->subject, "Re: %s", curenv->real_subj); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&env->subject, "Re: %s", curenv->real_subj);
}
else if (!env->subject)
env->subject = safe_strdup("Re:");
@@ -1117,8 +1116,7 @@ ADDRESS *mutt_default_from(void)
else if (option(OPTUSEDOMAIN))
{
adr = rfc822_new_address();
- adr->mailbox = safe_malloc(mutt_strlen(Username) + mutt_strlen(fqdn) + 2);
- sprintf(adr->mailbox, "%s@%s", NONULL(Username), NONULL(fqdn)); /*
__SPRINTF_CHECKED__ */
+ safe_asprintf(&adr->mailbox, "%s@%s", NONULL(Username), NONULL(fqdn));
}
else
{
--
2.54.0
