[ros-diffs] [reactos] 01/02: [CABMAN] Fix GCC13 buffer format overflow warning (#7408)

Tue, 08 Oct 2024 09:16:16 -0700 

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=a0f8b40d5a369979d02a4706f4dce0e89c77910b

commit a0f8b40d5a369979d02a4706f4dce0e89c77910b
Author:     Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
AuthorDate: Sun Sep 29 16:08:20 2024 +0200
Commit:     Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
CommitDate: Tue Oct 8 17:47:46 2024 +0200

    [CABMAN] Fix GCC13 buffer format overflow warning (#7408)
    
    CORE-19724
    
    sdk/tools/cabman/dfp.cxx:1136:36: warning: 'sprintf' may write a 
terminating nul past the end of the destination [-Wformat-overflow=]
     1136 |             sprintf(InfLine, "%s=%s", GetFileName(SrcName).c_str(), 
DstName);
          |                                    ^
    sdk/tools/cabman/dfp.cxx:1136:20: note: 'sprintf' output 2 or more bytes 
(assuming 4097) into a destination of size 4096
---
 sdk/tools/cabman/cabinet.h | 5 +++++
 sdk/tools/cabman/dfp.cxx   | 9 +++++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/sdk/tools/cabman/cabinet.h b/sdk/tools/cabman/cabinet.h
index 1697588bbfc..b3516ff2c8c 100644
--- a/sdk/tools/cabman/cabinet.h
+++ b/sdk/tools/cabman/cabinet.h
@@ -36,10 +36,15 @@
 #define C_ASSERT(expr) extern char (*c_assert(void)) [(expr) ? 1 : -1]
 #endif
 
+#ifndef _countof
+#define _countof(_Array) (sizeof(_Array) / sizeof(_Array[0]))
+#endif
+
 #if defined(_WIN32)
 #define DIR_SEPARATOR_CHAR '\\'
 #define DIR_SEPARATOR_STRING "\\"
 
+#define snprintf _snprintf
 #define strcasecmp _stricmp
 #define strdup _strdup
 #else
diff --git a/sdk/tools/cabman/dfp.cxx b/sdk/tools/cabman/dfp.cxx
index 575b48f0816..498c81ff7b8 100644
--- a/sdk/tools/cabman/dfp.cxx
+++ b/sdk/tools/cabman/dfp.cxx
@@ -1031,7 +1031,7 @@ ULONG CDFParser::PerformFileCopy()
     char ch;
     char SrcName[PATH_MAX];
     char DstName[PATH_MAX];
-    char InfLine[PATH_MAX];
+    char InfLine[PATH_MAX*2+1]; // To hold: GetFileName(SrcName) "=" DstName
     char Options[128];
     char BaseFilename[PATH_MAX];
 
@@ -1076,7 +1076,7 @@ ULONG CDFParser::PerformFileCopy()
     }
 
     // options (it may be empty)
-    SkipSpaces ();
+    SkipSpaces();
 
     if (CurrentToken != TokenEnd)
     {
@@ -1133,12 +1133,13 @@ ULONG CDFParser::PerformFileCopy()
     switch (Status)
     {
         case CAB_STATUS_SUCCESS:
-            sprintf(InfLine, "%s=%s", GetFileName(SrcName).c_str(), DstName);
+            snprintf(InfLine, _countof(InfLine) - 1,
+                     "%s=%s", GetFileName(SrcName).c_str(), DstName);
             WriteInfLine(InfLine);
             break;
 
         case CAB_STATUS_CANNOT_OPEN:
-            if (strstr(Options,"optional"))
+            if (strstr(Options, "optional"))
             {
                 Status = CAB_STATUS_SUCCESS;
                 printf("Optional file skipped (does not exist): %s.\n", 
SrcName);

Reply via email to