Bug#983743: group.c: use "snprintf()" instead of "sprintf()"

Sun, 28 Feb 2021 17:00:14 -0800 

Source: nn
Version: 6.7.3-14
Severity: normal
Tags: patch

Dear Maintainer,

>From edfaa66587777b316e4c0c84ce2d452b5bc4102d Mon Sep 17 00:00:00 2001
>From: Bjarni Ingi Gislason <bjarn...@rhi.hi.is>
>Date: Mon, 1 Mar 2021 00:51:48 +0000
>Subject: [PATCH] group.c: use "snprintf()" instead of "sprintf()"

  group.c: use "snprintf()" instead of "sprintf()".

Signed-off-by: Bjarni Ingi Gislason <bjarn...@rhi.hi.is>
---
 group.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/group.c b/group.c
index 2045e7b..8819d52 100644
--- a/group.c
+++ b/group.c
@@ -52,6 +52,7 @@ extern int      killed_articles;
 extern int      seq_cross_filtering;
 extern char    *default_save_file, *folder_save_file;
 
+extern const size_t NDELAYED_MSG;
 extern char     delayed_msg[];
 extern int32    db_read_counter;
 
@@ -541,7 +542,7 @@ goto_group(int command, article_header * ah, flag_type 
access_mode)
            goto_return(ME_NO_REDRAW);
 
        if (gh->first_db_article < gh->last_db_article && gh->current_first <= 
0) {
-           sprintf(buffer, "%s%s%s) ",
+           snprintf(buffer, FILENAME, "%s%s%s) ",
                    (gh->group_flag & G_UNSUBSCRIBED) ? " UNSUB" : "",
                    (gh->group_flag & G_MERGE_HEAD) ? " MERGED" : "",
                    gh->unread_count <= 0 ? " READ" : "");
@@ -641,7 +642,7 @@ get_group_name:
            goto_return(ME_NO_REDRAW);
        goto get_first;
     }
-    sprintf(buffer, "%c", ans1);
+    snprintf(buffer, FILENAME, "%c", ans1);
 
     switch (ans1) {
 
@@ -679,7 +680,7 @@ get_group_name:
 #endif
 
                    *group_file_name = NUL;
-                   sprintf(fbuffer, "%s%ld", group_path_name, ah->a_number);
+                   snprintf(fbuffer, FILENAME, "%s%ld", group_path_name, 
ah->a_number);
                    answer = fbuffer;
                    goto get_folder;
                }
@@ -1159,7 +1160,7 @@ merge_and_read(flag_type access_mode, char *mask)
     current_group = &dummy_group;
 
     kb = (kb + 1023) >> 10;
-    sprintf(delayed_msg, "Read %ld articles in %ld seconds (%ld kbyte/s)",
+    snprintf(delayed_msg, NDELAYED_MSG, "Read %ld articles in %ld seconds (%ld 
kbyte/s)",
            (long) db_read_counter, (long) t2, t2 > 0 ? kb / t2 : kb);
 
     menu(merged_header);
-- 
2.30.1



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.9-1 (SMP w/2 CPU threads)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), 
LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

-- debconf information excluded

-- 
Bjarni I. Gislason

Reply via email to