Function 'sprintf' has potential buffer overflow risk. This patch use 'sprintf_s' to improve the code.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Yao Jiewen <Jiewen.Yao@intel.com>
Reviewed-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19582
6f19259b-4bc3-4df7-8a09-
765794883524
**/\r
#include "OnigurumaUefiPort.h"\r
\r
-int sprintf(char *str, char const *fmt, ...)\r
+int sprintf_s(char *str, size_t sizeOfBuffer, char const *fmt, ...)\r
{\r
VA_LIST Marker;\r
int NumberOfPrinted;\r
\r
VA_START (Marker, fmt);\r
- NumberOfPrinted = (int)AsciiVSPrint (str, 1000000, fmt, Marker);\r
+ NumberOfPrinted = (int)AsciiVSPrint (str, sizeOfBuffer, fmt, Marker);\r
VA_END (Marker);\r
\r
return NumberOfPrinted;\r
\r
int OnigStrCmp (char* Str1, char* Str2);\r
\r
-int sprintf (char *str, char const *fmt, ...);\r
+int sprintf_s (char *str, size_t sizeOfBuffer, char const *fmt, ...);\r
\r
#define exit(n) ASSERT(FALSE);\r
\r
\r
static void sprint_byte(char* s, unsigned int v)\r
{\r
- sprintf(s, "%02x", (v & 0377));\r
+ sprintf_s(s, sizeof("00"), "%02x", (v & 0377));\r
}\r
\r
static void sprint_byte_with_x(char* s, unsigned int v)\r
{\r
- sprintf(s, "\\x%02x", (v & 0377));\r
+ sprintf_s(s, sizeof("\\x00"), "\\x%02x", (v & 0377));\r
}\r
\r
static int to_ascii(OnigEncoding enc, UChar *s, UChar *end,\r
s = "";\r
}\r
else {\r
- sprintf(tbuf, "undefined error code (%d)", posix_ecode);\r
+ sprintf_s(tbuf, sizeof(tbuf), "undefined error code (%d)", posix_ecode);\r
s = tbuf;\r
}\r
\r
{\r
static char s[12];\r
\r
- sprintf(s, "%d.%d.%d",\r
+ sprintf_s(s, \r
+ sizeof(s),\r
+ "%d.%d.%d",\r
ONIGURUMA_VERSION_MAJOR,\r
ONIGURUMA_VERSION_MINOR,\r
ONIGURUMA_VERSION_TEENY);\r
{\r
static char s[58];\r
\r
- sprintf(s, "Oniguruma %d.%d.%d : Copyright (C) 2002-2008 K.Kosako",\r
+ sprintf_s(s,\r
+ sizeof(s),\r
+ "Oniguruma %d.%d.%d : Copyright (C) 2002-2008 K.Kosako",\r
ONIGURUMA_VERSION_MAJOR,\r
ONIGURUMA_VERSION_MINOR,\r
ONIGURUMA_VERSION_TEENY);\r