Changeset: fce4e2434bd2 for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB/rev/fce4e2434bd2
Modified Files:
clients/examples/C/testsfile.c
clients/mapilib/connect.c
clients/mapilib/connect_unix.c
clients/odbc/winsetup/setup.c
common/utils/msabaoth.c
geom/monetdb5/geom.c
monetdb5/mal/mal_linker.c
monetdb5/modules/atoms/inet.c
monetdb5/modules/atoms/json.c
monetdb5/modules/atoms/url.c
monetdb5/modules/mal/tablet.c
monetdb5/optimizer/opt_remoteQueries.c
sql/backends/monet5/sql_gencode.c
sql/backends/monet5/sql_result.c
sql/backends/monet5/vaults/odbc/odbc_loader.c
sql/backends/monet5/vaults/shp/shp.c
sql/benchmarks/hist-uva/ground/main.c
sql/server/rel_updates.c
sql/server/sql_atom.c
tools/merovingian/client/monetdb.c
tools/merovingian/daemon/forkmserver.c
tools/merovingian/daemon/snapshot.c
tools/merovingian/utils/properties.c
tools/merovingian/utils/utils.c
tools/merovingian/utils/utils.h
tools/mserver/mserver5.c
Branch: Mar2025
Log Message:
Replaced ALL occurrences of sprintf with snprintf.
DO NOT USE sprintf.
diffs (truncated from 994 to 300 lines):
diff --git a/clients/examples/C/testsfile.c b/clients/examples/C/testsfile.c
--- a/clients/examples/C/testsfile.c
+++ b/clients/examples/C/testsfile.c
@@ -488,7 +488,7 @@ run_tests_inner(stream *s, int verbose)
while (true) {
lineno++;
- sprintf(location_lineno, "%d", lineno);
+ snprintf(location_lineno, 100 - 1, "%d", lineno);
ssize_t nread = mnstr_readline(s, line_buffer,
sizeof(line_buffer));
if (nread == 0)
break;
diff --git a/clients/mapilib/connect.c b/clients/mapilib/connect.c
--- a/clients/mapilib/connect.c
+++ b/clients/mapilib/connect.c
@@ -617,13 +617,14 @@ mapi_handshake(Mapi mid)
return mapi_setError(mid, buf, __func__, MERROR);
}
- char *replacement_password = malloc(1 + strlen(pwdhash) + 1);
+ size_t replpwlen = 1 + strlen(pwdhash) + 1;
+ char *replacement_password = malloc(replpwlen);
if (replacement_password == NULL) {
free(pwdhash);
close_connection(mid);
return mapi_setError(mid, "malloc failed", __func__,
MERROR);
}
- sprintf(replacement_password, "\1%s", pwdhash);
+ snprintf(replacement_password, replpwlen, "\1%s", pwdhash);
free(pwdhash);
msettings_error errmsg = msetting_set_string(mid->settings,
MP_PASSWORD, replacement_password);
free(replacement_password);
@@ -866,7 +867,7 @@ mapi_handshake(Mapi mid)
bool autocommit = msetting_bool(mid->settings, MP_AUTOCOMMIT);
if (mid->handshake_options <= MAPI_HANDSHAKE_AUTOCOMMIT && autocommit
!= msetting_bool(msettings_default, MP_AUTOCOMMIT)) {
char buf[50];
- sprintf(buf, "%d", !!autocommit);
+ snprintf(buf, sizeof(buf), "%d", !!autocommit);
MapiMsg result = mapi_Xcommand(mid, "auto_commit", buf);
if (result != MOK)
return mid->error;
@@ -874,14 +875,14 @@ mapi_handshake(Mapi mid)
long replysize = msetting_long(mid->settings, MP_REPLYSIZE);
if (mid->handshake_options <= MAPI_HANDSHAKE_REPLY_SIZE && replysize !=
msetting_long(msettings_default, MP_REPLYSIZE)) {
char buf[50];
- sprintf(buf, "%ld", replysize);
+ snprintf(buf, sizeof(buf), "%ld", replysize);
MapiMsg result = mapi_Xcommand(mid, "reply_size", buf);
if (result != MOK)
return mid->error;
}
if (mid->handshake_options <= MAPI_HANDSHAKE_SIZE_HEADER &&
mid->sizeheader != MapiStructDefaults.sizeheader) {
char buf[50];
- sprintf(buf, "%d", !!mid->sizeheader);
+ snprintf(buf, sizeof(buf), "%d", !!mid->sizeheader);
MapiMsg result = mapi_Xcommand(mid, "sizeheader", buf); // no
underscore!
if (result != MOK)
return mid->error;
diff --git a/clients/mapilib/connect_unix.c b/clients/mapilib/connect_unix.c
--- a/clients/mapilib/connect_unix.c
+++ b/clients/mapilib/connect_unix.c
@@ -63,7 +63,7 @@ scan_unix_sockets(Mapi mid)
if (port < 1 || port > 65535 || *end)
continue;
- sprintf(put_port_here, "%ld", port);
+ snprintf(put_port_here, 50 - 12, "%ld", port);
struct stat st;
if (stat(namebuf, &st) < 0 || !S_ISSOCK(st.st_mode))
continue;
diff --git a/clients/odbc/winsetup/setup.c b/clients/odbc/winsetup/setup.c
--- a/clients/odbc/winsetup/setup.c
+++ b/clients/odbc/winsetup/setup.c
@@ -229,12 +229,12 @@ TestConnection(HWND hwndDlg, struct data
// get Error msg
ret2 = SQLGetDiagRec(SQL_HANDLE_DBC, dbc, 1, state,
&errnr, msg, sizeof(msg), &msglen);
if (ret == SQL_SUCCESS_WITH_INFO) {
- sprintf(buf, "Connection successful\n\nWarning
message: %s\n\nSQLState %s\n\nConnectString used: %s\n\nReturned ConnectString:
%s",
+ snprintf(buf, sizeof(buf), "Connection
successful\n\nWarning message: %s\n\nSQLState %s\n\nConnectString used:
%s\n\nReturned ConnectString: %s",
(char *) msg, (char *) state, inStr,
outStr);
MessageBox(hwndDlg, buf, boxtitle, MB_OK |
MB_ICONWARNING);
ret = SQLDisconnect(dbc);
} else {
- sprintf(buf, "Connection failed!\n\nError
message: %s\n\nSQLState %s, Errnr %d\n\nConnectString used: %s\n\nReturned
ConnectString: %s",
+ snprintf(buf, sizeof(buf), "Connection
failed!\n\nError message: %s\n\nSQLState %s, Errnr %d\n\nConnectString used:
%s\n\nReturned ConnectString: %s",
(char *) msg, (char *) state, (int)
errnr, inStr, outStr);
MessageBox(hwndDlg, buf, boxtitle,
MB_ICONERROR);
}
diff --git a/common/utils/msabaoth.c b/common/utils/msabaoth.c
--- a/common/utils/msabaoth.c
+++ b/common/utils/msabaoth.c
@@ -187,35 +187,38 @@ msab_init(const char *dbfarm, const char
/* clean out old UUID files in case the database crashed in a
* previous incarnation */
- if (_sabaoth_internal_dbname != NULL &&
- (tmp = malloc(strlen(_sabaoth_internal_dbfarm) +
strlen(_sabaoth_internal_dbname) + 2)) != NULL) {
- sprintf(tmp, "%s%c%s", _sabaoth_internal_dbfarm, DIR_SEP,
_sabaoth_internal_dbname);
- if ((d = opendir(tmp)) != NULL) {
- struct dbe {
- struct dbe *next;
- char path[];
- } *dbe = NULL, *db;
- struct dirent *e;
- len = offsetof(struct dbe, path) + strlen(tmp) + 2;
- while ((e = readdir(d)) != NULL) {
- if (msab_isuuid(e->d_name) &&
- (db = malloc(strlen(e->d_name) + len))
!= NULL) {
- db->next = dbe;
- dbe = db;
- sprintf(db->path, "%s%c%s", tmp,
DIR_SEP, e->d_name);
+ if (_sabaoth_internal_dbname != NULL) {
+ size_t len = strlen(_sabaoth_internal_dbfarm) +
strlen(_sabaoth_internal_dbname) + 2;
+ if ((tmp = malloc(len)) != NULL) {
+ snprintf(tmp, len, "%s%c%s", _sabaoth_internal_dbfarm,
DIR_SEP, _sabaoth_internal_dbname);
+ if ((d = opendir(tmp)) != NULL) {
+ struct dbe {
+ struct dbe *next;
+ char path[];
+ } *dbe = NULL, *db;
+ struct dirent *e;
+ len = offsetof(struct dbe, path) + strlen(tmp)
+ 2;
+ while ((e = readdir(d)) != NULL) {
+ if (msab_isuuid(e->d_name) &&
+ (db = malloc(strlen(e->d_name)
+ len)) != NULL) {
+ db->next = dbe;
+ dbe = db;
+ snprintf(db->path, len -
offsetof(struct dbe, path),
+ "%s%c%s", tmp,
DIR_SEP, e->d_name);
+ }
+ }
+ closedir(d);
+ /* remove in a separate loop after reading the
directory,
+ * so as to not have any interference */
+ while (dbe != NULL) {
+ (void) MT_remove(dbe->path);
+ db = dbe;
+ dbe = dbe->next;
+ free(db);
}
}
- closedir(d);
- /* remove in a separate loop after reading the
directory,
- * so as to not have any interference */
- while (dbe != NULL) {
- (void) MT_remove(dbe->path);
- db = dbe;
- dbe = dbe->next;
- free(db);
- }
+ free(tmp);
}
- free(tmp);
}
}
void
diff --git a/geom/monetdb5/geom.c b/geom/monetdb5/geom.c
--- a/geom/monetdb5/geom.c
+++ b/geom/monetdb5/geom.c
@@ -2023,12 +2023,13 @@ dumpPointsPoint(BAT *idBAT, BAT *geomBAT
throw(MAL, "geom.Dump", SQLSTATE(HY013) MAL_MALLOC_FAIL);
(*lvl)++;
- newPath = GDKmalloc(pathLength + lvlDigitsNum + 1);
+ size_t newLen = pathLength + lvlDigitsNum + 1;
+ newPath = GDKmalloc(newLen);
if (newPath == NULL) {
GDKfree(pointWKB);
throw(MAL, "geom.Dump", SQLSTATE(HY013) MAL_MALLOC_FAIL);
}
- sprintf(newPath, "%s%u", path, *lvl);
+ snprintf(newPath, newLen, "%s%u", path, *lvl);
if (BUNappend(idBAT, newPath, false) != GDK_SUCCEED ||
BUNappend(geomBAT, pointWKB, false) != GDK_SUCCEED)
diff --git a/monetdb5/mal/mal_linker.c b/monetdb5/mal/mal_linker.c
--- a/monetdb5/mal/mal_linker.c
+++ b/monetdb5/mal/mal_linker.c
@@ -459,9 +459,10 @@ locate_file(const char *basename, const
continue;
if (strcmp(e->d_name + strlen(e->d_name) -
strlen(ext), ext) == 0) {
int len;
- strs[lasts] =
GDKmalloc(strlen(fullname) + sizeof(DIR_SEP)
-
+ strlen(e->d_name) +
-
sizeof(PATH_SEP) + 1);
+ size_t strslen = strlen(fullname) +
sizeof(DIR_SEP)
+ + strlen(e->d_name) +
+ sizeof(PATH_SEP) + 1;
+ strs[lasts] = GDKmalloc(strslen);
if (strs[lasts] == NULL) {
while (lasts >= 0)
GDKfree(strs[lasts--]);
@@ -469,7 +470,8 @@ locate_file(const char *basename, const
(void) closedir(rdir);
return NULL;
}
- len = sprintf(strs[lasts], "%s%c%s%c",
fullname, DIR_SEP,
+ len = snprintf(strs[lasts], strslen,
+ "%s%c%s%c",
fullname, DIR_SEP,
e->d_name,
PATH_SEP);
if (len == -1 || len >= FILENAME_MAX) {
while (lasts >= 0)
diff --git a/monetdb5/modules/atoms/inet.c b/monetdb5/modules/atoms/inet.c
--- a/monetdb5/modules/atoms/inet.c
+++ b/monetdb5/modules/atoms/inet.c
@@ -545,10 +545,10 @@ INEThost(str *retval, const inet *val)
if (*retval == NULL)
throw(MAL, "INEThost", SQLSTATE(HY013) MAL_MALLOC_FAIL);
} else {
- ip = GDKmalloc(sizeof(char) * 16);
+ ip = GDKmalloc(16);
if (ip == NULL)
throw(MAL, "INEThost", SQLSTATE(HY013) MAL_MALLOC_FAIL);
- sprintf(ip, "%d.%d.%d.%d", val->q1, val->q2, val->q3, val->q4);
+ snprintf(ip, 16, "%d.%d.%d.%d", val->q1, val->q2, val->q3,
val->q4);
*retval = ip;
}
return (MAL_SUCCEED);
diff --git a/monetdb5/modules/atoms/json.c b/monetdb5/modules/atoms/json.c
--- a/monetdb5/modules/atoms/json.c
+++ b/monetdb5/modules/atoms/json.c
@@ -2964,7 +2964,7 @@ JSONjsonaggr(BAT **bnp, BAT *b, BAT *g,
char *dst = buf;
*dst++ = '[';
*dst++ = ' ';
- dst += sprintf(dst, "%f", val);
+ dst += snprintf(dst, maxlen -
5, "%f", val);
*dst++ = ' ';
*dst++ = ']';
*dst = '\0';
diff --git a/monetdb5/modules/atoms/url.c b/monetdb5/modules/atoms/url.c
--- a/monetdb5/modules/atoms/url.c
+++ b/monetdb5/modules/atoms/url.c
@@ -230,14 +230,15 @@ escape_str(str *retval, const char *s)
if (!s)
throw(ILLARG, "url.escape", "url missing");
- if (!(res = (str) GDKmalloc(strlen(s) * 3)))
+ size_t reslen = strlen(s) * 3;
+ if (!(res = (str) GDKmalloc(reslen)))
throw(MAL, "url.escape", SQLSTATE(HY013) MAL_MALLOC_FAIL);
for (x = 0, y = 0; s[x]; ++x, ++y) {
if (needEscape(s[x])) {
if (s[x] == ' ') {
res[y] = '+';
} else {
- sprintf(res + y, "%%%2x", (uint8_t) s[x]);
+ snprintf(res + y, reslen - y, "%%%2x",
(uint8_t) s[x]);
y += 2;
}
} else {
@@ -711,8 +712,9 @@ URLgetRobotURL(str *retval, const url *v
throw(ILLARG, "url.getQuery", "bad url");
l = s - *val;
- if ((*retval = GDKmalloc(l + sizeof("/robots.txt"))) != NULL) {
- sprintf(*retval, "%.*s/robots.txt", (int) l, *val);
+ size_t retlen = l + sizeof("/robots.txt");
+ if ((*retval = GDKmalloc(retlen)) != NULL) {
+ snprintf(*retval, retlen, "%.*s/robots.txt", (int) l,
*val);
}
}
diff --git a/monetdb5/modules/mal/tablet.c b/monetdb5/modules/mal/tablet.c
--- a/monetdb5/modules/mal/tablet.c
+++ b/monetdb5/modules/mal/tablet.c
@@ -741,7 +741,7 @@ mystrlen(const char *s)
}
static char *
-mycpstr(char *t, const char *s)
+mycpstr(char *t, const char *s, size_t l)
{
/* Copy the string pointed to by s into the buffer pointed to by
* t, and return a pointer to the NULL byte at the end. During
@@ -750,42 +750,55 @@ mycpstr(char *t, const char *s)
* the incorrect byte. The buffer t needs to be large enough to
* hold the result, but the correct length can be calculated by
* the function mystrlen above.*/
+#ifndef NDEBUG
+ const size_t orig_l = l;
+#endif
while (*s) {
+ assert(l <= orig_l); /* no overflow */
if ((*s & 0x80) == 0) {
*t++ = *s++;
+ l--;
} else if ((*s & 0xC0) == 0x80) {
- t += sprintf(t, "<%02X>", (uint8_t) * s++);
+ t += snprintf(t, l, "<%02X>", (uint8_t) * s++);
+ l -= 4;
} else if ((*s & 0xE0) == 0xC0) {
/* two-byte sequence */
- if ((s[1] & 0xC0) != 0x80)
- t += sprintf(t, "<%02X>", (uint8_t) * s++);
- else {
+ if ((s[1] & 0xC0) != 0x80) {
+ t += snprintf(t, l, "<%02X>", (uint8_t) * s++);
+ l -= 4;
+ } else {
_______________________________________________
checkin-list mailing list -- [email protected]
To unsubscribe send an email to [email protected]
