Signed-off-by: Alan Coopersmith <[email protected]>
---
save.c | 17 ++++++-----------
smproxy.c | 23 ++++++++++++++---------
2 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/save.c b/save.c
index 5d6b4ce..267f806 100644
--- a/save.c
+++ b/save.c
@@ -361,7 +361,7 @@ unique_filename(char *path, char *prefix, int *pFd)
char tempFile[PATH_MAX];
char *tmp;
- sprintf (tempFile, "%s/%sXXXXXX", path, prefix);
+ snprintf (tempFile, sizeof(tempFile), "%s/%sXXXXXX", path, prefix);
tmp = (char *) mktemp (tempFile);
if (tmp)
{
@@ -373,17 +373,12 @@ unique_filename(char *path, char *prefix, int *pFd)
return (NULL);
# endif /* HAVE_MKTEMP */
#else /* HAVE_MKSTEMP */
- char tempFile[PATH_MAX];
- char *ptr;
+ char *tempFile;
- sprintf (tempFile, "%s/%sXXXXXX", path, prefix);
- ptr = (char *)malloc(strlen(tempFile) + 1);
- if (ptr != NULL)
- {
- strcpy(ptr, tempFile);
- *pFd = mkstemp(ptr);
- }
- return ptr;
+ if (asprintf (&tempFile, "%s/%sXXXXXX", path, prefix) == -1)
+ return NULL;
+ *pFd = mkstemp(tempFile);
+ return tempFile;
#endif /* HAVE_MKSTEMP */
}
diff --git a/smproxy.c b/smproxy.c
index 17316b5..7c59f16 100644
--- a/smproxy.c
+++ b/smproxy.c
@@ -221,12 +221,12 @@ CheckFullyQuantifiedName(char *name, int *newstring)
}
else
{
- int bytes = strlen (name) + strlen (firstDot + 1) + 2;
char *newptr;
- newptr = (char *) malloc (bytes);
- sprintf (newptr, "%s.%s", name, firstDot + 1);
-
+ if (asprintf (&newptr, "%s.%s", name, firstDot + 1) == -1) {
+ *newstring = 0;
+ return NULL;
+ }
*newstring = 1;
return (newptr);
}
@@ -255,7 +255,7 @@ FinishSaveYourself(WinInfo *winInfo, Bool
has_WM_SAVEYOURSELF)
prop1val.value = (SmPointer) winInfo->wm_command[0];
prop1val.length = strlen (winInfo->wm_command[0]);
- sprintf (userId, "%ld", (long)getuid());
+ snprintf (userId, sizeof(userId), "%ld", (long)getuid());
prop2.name = SmUserID;
prop2.type = SmARRAY8;
prop2.num_vals = 1;
@@ -265,7 +265,8 @@ FinishSaveYourself(WinInfo *winInfo, Bool
has_WM_SAVEYOURSELF)
fullyQuantifiedName = CheckFullyQuantifiedName (
(char *) winInfo->wm_client_machine.value, &newstring);
- sprintf (restartService, "rstart-rsh/%s", fullyQuantifiedName);
+ snprintf (restartService, sizeof(restartService),
+ "rstart-rsh/%s", fullyQuantifiedName);
if (newstring)
free (fullyQuantifiedName);
@@ -882,7 +883,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer
clientData)
Bool success = True;
SmProp prop1, prop2, prop3, *props[3];
SmPropValue prop1val, prop2val, prop3val;
- char discardCommand[80];
+ char *discardCommand;
int numVals, i;
static int first_time = 1;
@@ -898,7 +899,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer
clientData)
prop1val.value = Argv[0];
prop1val.length = strlen (Argv[0]);
- sprintf (userId, "%ld", (long)getuid());
+ snprintf (userId, sizeof(userId), "%ld", (long)getuid());
prop2.name = SmUserID;
prop2.type = SmARRAY8;
prop2.num_vals = 1;
@@ -971,7 +972,10 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer
clientData)
prop1.num_vals = numVals;
- sprintf (discardCommand, "rm %s", filename);
+ if (asprintf (&discardCommand, "rm %s", filename) == -1) {
+ success = False;
+ goto finishUp;
+ }
prop2.name = SmDiscardCommand;
prop2.type = SmARRAY8;
prop2.num_vals = 1;
@@ -984,6 +988,7 @@ ProxySaveYourselfPhase2CB(SmcConn smcConn, SmPointer
clientData)
SmcSetProperties (smcConn, 2, props);
free ((char *) prop1.vals);
+ free (discardCommand);
finishUp:
--
1.7.9.2
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
