From 79278875da80bc918b113ac2bdf98aa1a4e2c359 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fl=C3=B6ssie?= Date: Tue, 15 Sep 2020 14:56:57 +0200 Subject: [PATCH] Use `snprintf()` instead of `sprintf()` (#5907) --- rtengine/dcraw.cc | 12 ++++---- rtengine/imagedata.cc | 10 +++---- rtengine/improcfun.cc | 2 +- rtengine/jdatasrc.cc | 4 +-- rtengine/klt/trackFeatures.cc | 20 ++++++------- rtengine/klt/writeFeatures.cc | 4 +-- rtengine/rawimage.cc | 2 +- rtexif/canonattribs.cc | 22 +++++++------- rtexif/nikonattribs.cc | 6 ++-- rtexif/pentaxattribs.cc | 30 +++++++++---------- rtexif/rtexif.cc | 56 ++++++++++++++++++++++------------- rtexif/rtexif.h | 6 ++-- rtexif/sonyminoltaattribs.cc | 14 ++++----- rtexif/stdattribs.cc | 18 +++++------ rtgui/batchqueue.cc | 2 +- rtgui/cropwindow.cc | 4 +-- rtgui/icmpanel.cc | 4 +-- rtgui/main.cc | 2 +- 18 files changed, 117 insertions(+), 101 deletions(-) diff --git a/rtengine/dcraw.cc b/rtengine/dcraw.cc index ffd4f89ed..ed2eea212 100644 --- a/rtengine/dcraw.cc +++ b/rtengine/dcraw.cc @@ -4085,7 +4085,7 @@ void CLASS foveon_interpolate() FORC3 diag[c][i] = LAST(1,1)*LAST(2,2) - LAST(1,2)*LAST(2,1); #undef LAST FORC3 div[c] = diag[c][0]*0.3127 + diag[c][1]*0.329 + diag[c][2]*0.3583; - sprintf (str, "%sRGBNeutral", model2); + snprintf(str, sizeof(str), "%sRGBNeutral", model2); if (foveon_camf_param ("IncludeBlocks", str)) foveon_fixed (div, 3, str); num = 0; @@ -6723,7 +6723,7 @@ int CLASS parse_tiff_ifd (int base) raw_height = height; left_margin = top_margin = filters = flip = 0; } - sprintf (model, "Ixpress %d-Mp", height*width/1000000); + snprintf(model, sizeof(model), "Ixpress %d-Mp", height*width/1000000); load_raw = &CLASS imacon_full_load_raw; if (filters) { if (left_margin & 1) filters = 0x61616161; @@ -7717,7 +7717,7 @@ void CLASS parse_smal (int offset, int fsize) raw_height = height = get2(); raw_width = width = get2(); strcpy (make, "SMaL"); - sprintf (model, "v%d %dx%d", ver, width, height); + snprintf(model, sizeof(model), "v%d %dx%d", ver, width, height); if (ver == 6) load_raw = &CLASS smal_v6_load_raw; if (ver == 9) load_raw = &CLASS smal_v9_load_raw; } @@ -7745,7 +7745,7 @@ void CLASS parse_cine() } fseek (ifp, off_setup+792, SEEK_SET); strcpy (make, "CINE"); - sprintf (model, "%d", get4()); + snprintf(model, sizeof(model), "%d", get4()); fseek (ifp, 12, SEEK_CUR); switch ((i=get4()) & 0xffffff) { case 3: filters = 0x94949494; break; @@ -9058,7 +9058,7 @@ void CLASS adobe_coeff (const char *make, const char *model) char name[130]; int i, j; - sprintf (name, "%s %s", make, model); + snprintf(name, sizeof(name), "%s %s", make, model); // -- RT -------------------------------------------------------------------- @@ -10522,7 +10522,7 @@ bw: colors = 1; load_raw = &CLASS rollei_load_raw; } if (!model[0]) - sprintf (model, "%dx%d", width, height); + snprintf(model, sizeof(model), "%dx%d", width, height); if (filters == UINT_MAX) filters = 0x94949494; if (thumb_offset && !thumb_height) { fseek (ifp, thumb_offset, SEEK_SET); diff --git a/rtengine/imagedata.cc b/rtengine/imagedata.cc index 5025b31e5..cedf08ca0 100644 --- a/rtengine/imagedata.cc +++ b/rtengine/imagedata.cc @@ -1238,7 +1238,7 @@ std::string FramesMetaData::apertureToString(double aperture) { char buffer[256]; - sprintf(buffer, "%0.1f", aperture); + snprintf(buffer, sizeof(buffer), "%0.1f", aperture); return buffer; } @@ -1248,9 +1248,9 @@ std::string FramesMetaData::shutterToString(double shutter) char buffer[256]; if (shutter > 0.0 && shutter <= 0.5) { - sprintf(buffer, "1/%0.0f", 1.0 / shutter); + snprintf(buffer, sizeof(buffer), "1/%0.0f", 1.0 / shutter); } else { - sprintf(buffer, "%0.1f", shutter); + snprintf(buffer, sizeof(buffer), "%0.1f", shutter); } return buffer; @@ -1263,13 +1263,13 @@ std::string FramesMetaData::expcompToString(double expcomp, bool maskZeroexpcomp if (maskZeroexpcomp) { if (expcomp != 0.0) { - sprintf(buffer, "%0.2f", expcomp); + snprintf(buffer, sizeof(buffer), "%0.2f", expcomp); return buffer; } else { return ""; } } else { - sprintf(buffer, "%0.2f", expcomp); + snprintf(buffer, sizeof(buffer), "%0.2f", expcomp); return buffer; } } diff --git a/rtengine/improcfun.cc b/rtengine/improcfun.cc index 6051b6b0b..0fd3e954c 100644 --- a/rtengine/improcfun.cc +++ b/rtengine/improcfun.cc @@ -5218,7 +5218,7 @@ void ImProcFunctions::EPDToneMaplocal(int sp, LabImage *lab, LabImage *tmp1, uns /* Debuggery. Saves L for toying with outside of RT. char nm[64]; - sprintf(nm, "%ux%ufloat.bin", lab->W, lab->H); + snprintf(nm, sizeof(nm), "%ux%ufloat.bin", lab->W, lab->H); FILE *f = fopen(nm, "wb"); fwrite(L, N, sizeof(float), f); fclose(f);*/ diff --git a/rtengine/jdatasrc.cc b/rtengine/jdatasrc.cc index e461b60f5..3a53b80d3 100644 --- a/rtengine/jdatasrc.cc +++ b/rtengine/jdatasrc.cc @@ -373,9 +373,9 @@ format_message (j_common_ptr cinfo, char * buffer) /* Format the message into the passed buffer */ if (isstring) { - sprintf(buffer, msgtext, err->msg_parm.s); + snprintf(buffer, sizeof(buffer), msgtext, err->msg_parm.s); } else - sprintf(buffer, msgtext, + snprintf(buffer, sizeof(buffer), msgtext, err->msg_parm.i[0], err->msg_parm.i[1], err->msg_parm.i[2], err->msg_parm.i[3], err->msg_parm.i[4], err->msg_parm.i[5], diff --git a/rtengine/klt/trackFeatures.cc b/rtengine/klt/trackFeatures.cc index a99225543..8c0cd5ba6 100644 --- a/rtengine/klt/trackFeatures.cc +++ b/rtengine/klt/trackFeatures.cc @@ -1044,7 +1044,7 @@ static int _am_trackFeatureAffine( #ifdef DEBUG_AFFINE_MAPPING aff_diff_win->data = imgdiff; - sprintf(fname, "./debug/kltimg_trans_diff_win%03d.%03d.pgm", glob_index, counter); + snprintf(fname, sizeof(fname), "./debug/kltimg_trans_diff_win%03d.%03d.pgm", glob_index, counter); printf("%s\n", fname); _KLTWriteAbsFloatImageToPGM(aff_diff_win, fname,256.0); printf("iter = %d translation tracker res: %f\n", iteration, _sumAbsFloatWindow(imgdiff, width, height)/(width*height)); @@ -1095,13 +1095,13 @@ static int _am_trackFeatureAffine( counter++; _am_computeAffineMappedImage(img1, x1, y1, 1.0, 0.0 , 0.0, 1.0, width, height, imgdiff); aff_diff_win->data = imgdiff; - sprintf(fname, "./debug/kltimg_aff_diff_win%03d.%03d_1.pgm", glob_index, counter); + snprintf(fname, sizeof(fname), "./debug/kltimg_aff_diff_win%03d.%03d_1.pgm", glob_index, counter); printf("%s\n", fname); _KLTWriteAbsFloatImageToPGM(aff_diff_win, fname,256.0); _am_computeAffineMappedImage(img2, *x2, *y2, *Axx, *Ayx , *Axy, *Ayy, width, height, imgdiff); aff_diff_win->data = imgdiff; - sprintf(fname, "./debug/kltimg_aff_diff_win%03d.%03d_2.pgm", glob_index, counter); + snprintf(fname, sizeof(fname), "./debug/kltimg_aff_diff_win%03d.%03d_2.pgm", glob_index, counter); printf("%s\n", fname); _KLTWriteAbsFloatImageToPGM(aff_diff_win, fname,256.0); #endif @@ -1110,7 +1110,7 @@ static int _am_trackFeatureAffine( width, height, imgdiff); #ifdef DEBUG_AFFINE_MAPPING aff_diff_win->data = imgdiff; - sprintf(fname, "./debug/kltimg_aff_diff_win%03d.%03d_3.pgm", glob_index,counter); + snprintf(fname, sizeof(fname), "./debug/kltimg_aff_diff_win%03d.%03d_3.pgm", glob_index,counter); printf("%s\n", fname); _KLTWriteAbsFloatImageToPGM(aff_diff_win, fname,256.0); @@ -1335,17 +1335,17 @@ void KLTTrackFeatures( if (tc->writeInternalImages) { char fname[80]; for (i = 0 ; i < tc->nPyramidLevels ; i++) { - sprintf(fname, "kltimg_tf_i%d.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_i%d.pgm", i); _KLTWriteFloatImageToPGM(pyramid1->img[i], fname); - sprintf(fname, "kltimg_tf_i%d_gx.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_i%d_gx.pgm", i); _KLTWriteFloatImageToPGM(pyramid1_gradx->img[i], fname); - sprintf(fname, "kltimg_tf_i%d_gy.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_i%d_gy.pgm", i); _KLTWriteFloatImageToPGM(pyramid1_grady->img[i], fname); - sprintf(fname, "kltimg_tf_j%d.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_j%d.pgm", i); _KLTWriteFloatImageToPGM(pyramid2->img[i], fname); - sprintf(fname, "kltimg_tf_j%d_gx.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_j%d_gx.pgm", i); _KLTWriteFloatImageToPGM(pyramid2_gradx->img[i], fname); - sprintf(fname, "kltimg_tf_j%d_gy.pgm", i); + snprintf(fname, sizeof(fname), "kltimg_tf_j%d_gy.pgm", i); _KLTWriteFloatImageToPGM(pyramid2_grady->img[i], fname); } } diff --git a/rtengine/klt/writeFeatures.cc b/rtengine/klt/writeFeatures.cc index 1bfe3f20f..02763135a 100644 --- a/rtengine/klt/writeFeatures.cc +++ b/rtengine/klt/writeFeatures.cc @@ -124,7 +124,7 @@ static FILE* _printSetupTxt( } /* Construct feature format */ - sprintf(format, "(%s,%s)=%%%dd ", fmt, fmt, val_width); + snprintf(format, sizeof(format), "(%s,%s)=%%%dd ", fmt, fmt, val_width); return fp; } @@ -163,7 +163,7 @@ static void _printInteger( int width) { char fmt[80]; - sprintf(fmt, "%%%dd", width); + snprintf(fmt, sizeof(fmt), "%%%dd", width); fprintf(fp, fmt, integer); } diff --git a/rtengine/rawimage.cc b/rtengine/rawimage.cc index e3a747048..49abc0c3d 100644 --- a/rtengine/rawimage.cc +++ b/rtengine/rawimage.cc @@ -1047,7 +1047,7 @@ DCraw::dcraw_coeff_overrides(const char make[], const char model[], const int is } char name[strlen(make) + strlen(model) + 32]; - sprintf(name, "%s %s", make, model); + snprintf(name, sizeof(name), "%s %s", make, model); for (size_t i = 0; i < sizeof table / sizeof(table[0]); i++) { if (strcasecmp(name, table[i].prefix) == 0) { diff --git a/rtexif/canonattribs.cc b/rtexif/canonattribs.cc index 529b2314d..57fe6d07e 100644 --- a/rtexif/canonattribs.cc +++ b/rtexif/canonattribs.cc @@ -70,7 +70,7 @@ public: return "undef"; } - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } }; @@ -99,7 +99,7 @@ public: } char buffer[32]; - sprintf (buffer, "%.1fs %s", sec / 10., (sec & 0x4000) ? ",Custom" : ""); + snprintf(buffer, sizeof(buffer), "%.1fs %s", sec / 10., (sec & 0x4000) ? ",Custom" : ""); return buffer; } }; @@ -542,7 +542,7 @@ public: } char buffer[32]; - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } }; @@ -1175,7 +1175,7 @@ public: } char buffer[32]; - sprintf (buffer, "%.2fmm", val * 25.4 / 1000); + snprintf(buffer, sizeof(buffer), "%.2fmm", val * 25.4 / 1000); return buffer; } }; @@ -1188,7 +1188,7 @@ public: { char buffer[32]; double d = pow (2, - t->toInt() / 32.0); - sprintf (buffer, "%.3f", d); + snprintf(buffer, sizeof(buffer), "%.3f", d); return buffer; } }; @@ -1199,7 +1199,7 @@ class CAEVInterpreter : public Interpreter std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%.1f", t->toDouble() / 32.0 ); + snprintf(buffer, sizeof(buffer), "%.1f", t->toDouble() / 32.0 ); return buffer; } }; @@ -1212,7 +1212,7 @@ public: { char buffer[32]; int a = t->toInt(); - sprintf (buffer, "%d", a); + snprintf(buffer, sizeof(buffer), "%d", a); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1354,7 +1354,7 @@ public: } char buffer[32]; - sprintf (buffer, "%.0f", n / 32. ); + snprintf(buffer, sizeof(buffer), "%.0f", n / 32. ); return buffer; } }; @@ -1409,7 +1409,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%.2f", t->toDouble() / 100 ); + snprintf(buffer, sizeof(buffer), "%.2f", t->toDouble() / 100 ); return buffer; } }; @@ -1421,7 +1421,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%.1f", t->toDouble() / 8 - 6 ); + snprintf(buffer, sizeof(buffer), "%.1f", t->toDouble() / 8 - 6 ); return buffer; } }; @@ -1557,7 +1557,7 @@ public: { unsigned long val = t->toInt (0, LONG); char buffer[32]; - sprintf (buffer, "%ld", ((val & 0xffc0) >> 6) * 10000 + ((val >> 16) & 0xff) + ((val & 0x3f) << 8) ); + snprintf(buffer, sizeof(buffer), "%ld", ((val & 0xffc0) >> 6) * 10000 + ((val >> 16) & 0xff) + ((val & 0x3f) << 8) ); return buffer; } }; diff --git a/rtexif/nikonattribs.cc b/rtexif/nikonattribs.cc index 70213e8b0..0ea476a24 100644 --- a/rtexif/nikonattribs.cc +++ b/rtexif/nikonattribs.cc @@ -35,7 +35,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%d", t->toInt (2)); + snprintf(buffer, sizeof(buffer), "%d", t->toInt (2)); return buffer; } }; @@ -49,7 +49,7 @@ public: { char buffer[32]; int a = t->toInt(); - sprintf (buffer, "%d", a); + snprintf(buffer, sizeof(buffer), "%d", a); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -128,7 +128,7 @@ public: default: { char buffer[32]; - sprintf (buffer, "0x%04X", a); + snprintf(buffer, sizeof(buffer), "0x%04X", a); return buffer; } } diff --git a/rtexif/pentaxattribs.cc b/rtexif/pentaxattribs.cc index d6b9a9c84..f534d549a 100644 --- a/rtexif/pentaxattribs.cc +++ b/rtexif/pentaxattribs.cc @@ -422,7 +422,7 @@ public: return "undef"; } - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } }; @@ -626,7 +626,7 @@ public: return s.str(); } else { char buffer[1024]; - t->toString (buffer); + t->toString (buffer, sizeof(buffer)); return std::string (buffer); } } @@ -1341,7 +1341,7 @@ public: } char buffer[32]; - sprintf (buffer, "%d", a ); + snprintf(buffer, sizeof(buffer), "%d", a ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1369,7 +1369,7 @@ public: if (a > 1.) { char buffer[32]; - sprintf (buffer, "%.2f", a / 100. ); + snprintf(buffer, sizeof(buffer), "%.2f", a / 100. ); return buffer; } else { return "n/a"; @@ -1399,7 +1399,7 @@ public: if (b > 1.0) { char buffer[32]; - sprintf (buffer, "%.2f", b ); + snprintf(buffer, sizeof(buffer), "%.2f", b ); return buffer; } else { return "n/a"; @@ -1428,7 +1428,7 @@ public: int a = t->toInt (0, BYTE); char buffer[32]; double v = 100.*exp (double (a - 32) * log (2.) / 8.); - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1456,7 +1456,7 @@ public: return "undef"; } - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } else { return "n/a"; @@ -1485,7 +1485,7 @@ public: int a = t->toInt (0, BYTE); char buffer[32]; double v = double (a - 64) / 8.; - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1505,7 +1505,7 @@ public: int a = t->toInt (0, SBYTE); char buffer[32]; double v = double (a) / 8.; - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1525,7 +1525,7 @@ public: int a = t->toInt (0, BYTE); char buffer[32]; double v = exp ((double (a) - 68.) * log (2.) / 16.); - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1545,7 +1545,7 @@ public: int a = t->toInt (0, BYTE); char buffer[32]; double v = 24.*exp (- (double (a) - 32.) * log (2.) / 8.); - sprintf (buffer, "%.6f", v ); + snprintf(buffer, sizeof(buffer), "%.6f", v ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1565,7 +1565,7 @@ public: char buffer[32]; int a = t->toInt (0, BYTE); int mina = a & 0x0F; - sprintf (buffer, "%.1f", double (int (pow (2.0, double (mina + 10) / 4.0) + 0.2))); + snprintf(buffer, sizeof(buffer), "%.1f", double (int (pow (2.0, double (mina + 10) / 4.0) + 0.2))); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1585,7 +1585,7 @@ public: char buffer[32]; int a = t->toInt (0, BYTE); int maxa = (a & 0xF0) >> 4; - sprintf (buffer, "%.1f", double (int (pow (2.0, double (maxa) / 4.0) + 0.2)) ); + snprintf(buffer, sizeof(buffer), "%.1f", double (int (pow (2.0, double (maxa) / 4.0) + 0.2)) ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -1702,7 +1702,7 @@ public: { char buffer[32]; int b = t->toInt (0, BYTE) & 0x1F; - sprintf (buffer, "%.0f", pow (2., b / 16. + 4) ); + snprintf(buffer, sizeof(buffer), "%.0f", pow (2., b / 16. + 4) ); return buffer; } }; @@ -1788,7 +1788,7 @@ public: return r->second; } else { char buffer[1024]; - t->toString (buffer); + t->toString (buffer, sizeof(buffer)); return std::string (buffer); } } diff --git a/rtexif/rtexif.cc b/rtexif/rtexif.cc index f32a9feb1..b3d31b950 100644 --- a/rtexif/rtexif.cc +++ b/rtexif/rtexif.cc @@ -1017,13 +1017,13 @@ Tag::Tag (TagDirectory* p, FILE* f, int base) Tag* tmake = parent->getRoot()->getTag ("Make"); if (tmake) { - tmake->toString (make); + tmake->toString (make, sizeof(make)); } Tag* tmodel = parent->getRoot()->getTag ("Model"); if (tmodel) { - tmodel->toString (model); + tmodel->toString (model, sizeof(model)); } if (!strncmp (make, "SONY", 4)) { @@ -1677,8 +1677,11 @@ void Tag::toRational (int& num, int& denom, int ofs) const } } -void Tag::toString (char* buffer, int ofs) const +void Tag::toString (char* buffer, std::size_t size, int ofs) const { + if (!buffer || !size) { + return; + } if (type == UNDEFINED && !directory) { bool isstring = true; @@ -1690,67 +1693,80 @@ void Tag::toString (char* buffer, int ofs) const } if (isstring) { - int j = 0; + if (size < 3) { + return; + } + + std::size_t j = 0; for (i = 0; i + ofs < count && i < 64 && value[i + ofs]; i++) { if (value[i + ofs] == '<' || value[i + ofs] == '>') { buffer[j++] = '\\'; + if (j > size - 2) { + break; + } } buffer[j++] = value[i + ofs]; + if (j > size - 2) { + break; + } } buffer[j++] = 0; return; } } else if (type == ASCII) { - sprintf (buffer, "%.64s", value + ofs); + snprintf(buffer, size, "%.64s", value + ofs); return; } size_t maxcount = rtengine::min(count, 10); - strcpy (buffer, ""); + buffer[0] = 0; for (ssize_t i = 0; i < rtengine::min(maxcount, valuesize - ofs); i++) { - if (i > 0) { + std::size_t len = strlen(buffer); + + if (i > 0 && size - len > 2) { strcat (buffer, ", "); + len += 2; } - char* b = buffer + strlen (buffer); + char* b = buffer + len; switch (type) { case UNDEFINED: case BYTE: - sprintf (b, "%d", value[i + ofs]); + snprintf(b, size - len, "%d", value[i + ofs]); break; case SSHORT: - sprintf (b, "%d", toInt (2 * i + ofs)); + snprintf(b, size - len, "%d", toInt (2 * i + ofs)); break; case SHORT: - sprintf (b, "%u", toInt (2 * i + ofs)); + snprintf(b, size - len, "%u", toInt (2 * i + ofs)); break; case SLONG: - sprintf (b, "%d", toInt (4 * i + ofs)); + snprintf(b, size - len, "%d", toInt (4 * i + ofs)); break; case LONG: - sprintf (b, "%u", toInt (4 * i + ofs)); + snprintf(b, size - len, "%u", toInt (4 * i + ofs)); break; case SRATIONAL: - sprintf (b, "%d/%d", (int)sget4 (value + 8 * i + ofs, getOrder()), (int)sget4 (value + 8 * i + ofs + 4, getOrder())); + snprintf(b, size - len, "%d/%d", (int)sget4 (value + 8 * i + ofs, getOrder()), (int)sget4 (value + 8 * i + ofs + 4, getOrder())); break; case RATIONAL: - sprintf (b, "%u/%u", (uint32_t)sget4 (value + 8 * i + ofs, getOrder()), (uint32_t)sget4 (value + 8 * i + ofs + 4, getOrder())); + snprintf(b, size - len, "%u/%u", (uint32_t)sget4 (value + 8 * i + ofs, getOrder()), (uint32_t)sget4 (value + 8 * i + ofs + 4, getOrder())); break; case FLOAT: - sprintf (b, "%g", toDouble (8 * i + ofs)); + snprintf(b, size - len, "%g", toDouble (8 * i + ofs)); break; default: @@ -1758,7 +1774,7 @@ void Tag::toString (char* buffer, int ofs) const } } - if (count > maxcount) { + if (count > maxcount && size - strlen(buffer) > 3) { strcat (buffer, "..."); } } @@ -1771,7 +1787,7 @@ std::string Tag::nameToString (int i) if (attrib) { strncpy (buffer, attrib->name, 1024); } else { - sprintf (buffer, "0x%x", tag); + snprintf(buffer, sizeof(buffer), "0x%x", tag); } if (i > 0) { @@ -1788,7 +1804,7 @@ std::string Tag::valueToString () const return attrib->interpreter->toString (this); } else { char buffer[1024]; - toString (buffer); + toString (buffer, sizeof(buffer)); return buffer; } } @@ -2763,7 +2779,7 @@ parse_leafdata (TagDirectory* root, ByteOrder order) &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) == 6) { char tstr[64]; - sprintf (tstr, "%04d:%02d:%02d %02d:%02d:%02d", tm.tm_year, tm.tm_mon, + snprintf(tstr, sizeof(tstr), "%04d:%02d:%02d %02d:%02d:%02d", tm.tm_year, tm.tm_mon, tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec); t->initString (tstr); exif->getDirectory()->addTagFront (t); diff --git a/rtexif/rtexif.h b/rtexif/rtexif.h index 5084f70de..dd89b70ce 100644 --- a/rtexif/rtexif.h +++ b/rtexif/rtexif.h @@ -304,7 +304,7 @@ public: double toDouble (int ofs = 0) const; double* toDoubleArray (int ofs = 0) const; void toRational (int& num, int& denom, int ofs = 0) const; - void toString (char* buffer, int ofs = 0) const; + void toString (char* buffer, std::size_t size, int ofs = 0) const; void fromString (const char* v, int size = -1); void setInt (int v, int ofs = 0, TagType astype = LONG); int getDistanceFrom (const TagDirectory *root); @@ -392,7 +392,7 @@ public: virtual std::string toString (const Tag* t) const { char buffer[1024]; - t->toString (buffer); + t->toString (buffer, sizeof(buffer)); std::string s (buffer); std::string::size_type p1 = s.find_first_not_of (' '); @@ -526,7 +526,7 @@ public: return r->second; } else { char buffer[1024]; - t->toString(buffer); + t->toString(buffer, sizeof(buffer)); return buffer; } } diff --git a/rtexif/sonyminoltaattribs.cc b/rtexif/sonyminoltaattribs.cc index 5eb5c9ec1..95aea1252 100644 --- a/rtexif/sonyminoltaattribs.cc +++ b/rtexif/sonyminoltaattribs.cc @@ -1979,7 +1979,7 @@ public: if (a > 0) { char buffer[32]; - sprintf (buffer, "%.4f", a); + snprintf(buffer, sizeof(buffer), "%.4f", a); return buffer; } else { return "n/a"; @@ -2039,7 +2039,7 @@ public: if (a) { char buffer[32]; - sprintf (buffer, "%.1f", a / 100. ); + snprintf(buffer, sizeof(buffer), "%.1f", a / 100. ); return buffer; } else { return "n/a"; @@ -2099,7 +2099,7 @@ public: if (a) { char buffer[32]; - sprintf (buffer, "%d", a ); + snprintf(buffer, sizeof(buffer), "%d", a ); return buffer; } else { return "Auto"; @@ -2138,7 +2138,7 @@ public: { double a = t->toDouble(); char buffer[32]; - sprintf (buffer, "%.2f", a ); + snprintf(buffer, sizeof(buffer), "%.2f", a ); return buffer; } double toDouble (const Tag* t, int ofs) override @@ -2158,7 +2158,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%d", t->getValue()[0] - 20); + snprintf(buffer, sizeof(buffer), "%d", t->getValue()[0] - 20); return buffer; } int toInt (const Tag* t, int ofs, TagType astype) override @@ -2197,7 +2197,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%d", t->getValue()[0] & 0x7f); + snprintf(buffer, sizeof(buffer), "%d", t->getValue()[0] & 0x7f); return buffer; } int toInt (const Tag* t, int ofs, TagType astype) override @@ -2253,7 +2253,7 @@ public: std::string toString (const Tag* t) const override { char buffer[32]; - sprintf (buffer, "%d", t->toInt()); + snprintf(buffer, sizeof(buffer), "%d", t->toInt()); return buffer; } int toInt (const Tag* t, int ofs, TagType astype) override diff --git a/rtexif/stdattribs.cc b/rtexif/stdattribs.cc index be7a28a5c..e6e3bb35b 100644 --- a/rtexif/stdattribs.cc +++ b/rtexif/stdattribs.cc @@ -334,7 +334,7 @@ public: return "undef"; } - sprintf (buffer, "%0.1f", v); + snprintf(buffer, sizeof(buffer), "%0.1f", v); return buffer; } }; @@ -353,7 +353,7 @@ public: return "undef"; } - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } }; @@ -372,7 +372,7 @@ public: return "undef"; } - sprintf (buffer, "%+0.2f", v ); + snprintf(buffer, sizeof(buffer), "%+0.2f", v ); return buffer; } }; @@ -388,9 +388,9 @@ public: double d = pow (2.0, -t->toDouble()); if (d > 0.0 && d <= 0.5) { - sprintf (buffer, "1/%.0f", 1.0 / d); + snprintf(buffer, sizeof(buffer), "1/%.0f", 1.0 / d); } else { - sprintf (buffer, "%.1f", d); + snprintf(buffer, sizeof(buffer), "%.1f", d); } return buffer; @@ -408,9 +408,9 @@ public: double d = t->toDouble(); if (d > 0.0 && d <= 0.5) { - sprintf (buffer, "1/%.0f", 1.0 / d); + snprintf(buffer, sizeof(buffer), "1/%.0f", 1.0 / d); } else { - sprintf (buffer, "%.1f", d); + snprintf(buffer, sizeof(buffer), "%.1f", d); } return buffer; @@ -431,7 +431,7 @@ public: return "undef"; } - sprintf (buffer, "%.1f", v ); + snprintf(buffer, sizeof(buffer), "%.1f", v ); return buffer; } }; @@ -637,7 +637,7 @@ public: int lastSegmentWidth = t->toInt(4, SHORT); char buffer[32]; - sprintf (buffer, "%d %d %d", segmentNumber, segmentWidth, lastSegmentWidth); + snprintf(buffer, sizeof(buffer), "%d %d %d", segmentNumber, segmentWidth, lastSegmentWidth); return buffer; } }; diff --git a/rtgui/batchqueue.cc b/rtgui/batchqueue.cc index 3b6bb73ed..fc1fc855e 100644 --- a/rtgui/batchqueue.cc +++ b/rtgui/batchqueue.cc @@ -390,7 +390,7 @@ Glib::ustring BatchQueue::getTempFilenameForParams( const Glib::ustring &filenam timeval tv; gettimeofday(&tv, nullptr); char mseconds[11]; - sprintf(mseconds, "%d", (int)(tv.tv_usec / 1000)); + snprintf(mseconds, sizeof(mseconds), "%d", (int)(tv.tv_usec / 1000)); time_t rawtime; struct tm *timeinfo; char stringTimestamp [80]; diff --git a/rtgui/cropwindow.cc b/rtgui/cropwindow.cc index d87876cec..b6559b66f 100644 --- a/rtgui/cropwindow.cc +++ b/rtgui/cropwindow.cc @@ -125,13 +125,13 @@ void CropWindow::initZoomSteps() char lbl[64]; for (int s = 100; s >= 11; --s) { float z = 10.f / s; - sprintf(lbl, "% 2d%%", int(z * 100)); + snprintf(lbl, sizeof(lbl), "% 2d%%", int(z * 100)); bool is_major = (s == s/10 * 10); zoomSteps.push_back(ZoomStep(lbl, z, s, is_major)); } zoom11index = zoomSteps.size(); for (int s = 1; s <= 8; ++s) { - sprintf(lbl, "%d00%%", s); + snprintf(lbl, sizeof(lbl), "%d00%%", s); zoomSteps.push_back(ZoomStep(lbl, s, s * 1000, true)); } zoomSteps.push_back(ZoomStep("1600%", 16, 16000, true)); diff --git a/rtgui/icmpanel.cc b/rtgui/icmpanel.cc index 920924c6c..69cd21115 100644 --- a/rtgui/icmpanel.cc +++ b/rtgui/icmpanel.cc @@ -424,8 +424,8 @@ void ICMPanel::updateDCP(int dcpIlluminant, Glib::ustring dcp_name) if (illuminants.will_interpolate) { if (dcpTemperatures[0] != illuminants.temperature_1 || dcpTemperatures[1] != illuminants.temperature_2) { char tempstr1[64], tempstr2[64]; - sprintf(tempstr1, "%.0fK", illuminants.temperature_1); - sprintf(tempstr2, "%.0fK", illuminants.temperature_2); + snprintf(tempstr1, sizeof(tempstr1), "%.0fK", illuminants.temperature_1); + snprintf(tempstr2, sizeof(tempstr2), "%.0fK", illuminants.temperature_2); int curr_active = dcpIll->get_active_row_number(); dcpIll->remove_all(); dcpIll->append(M("TP_ICM_DCPILLUMINANT_INTERPOLATED")); diff --git a/rtgui/main.cc b/rtgui/main.cc index 7bb4afdc9..9f623a6df 100644 --- a/rtgui/main.cc +++ b/rtgui/main.cc @@ -460,7 +460,7 @@ int main (int argc, char **argv) SetConsoleCtrlHandler ( NULL, true ); // Set title of console char consoletitle[128]; - sprintf (consoletitle, "RawTherapee %s Console", RTVERSION); + snprintf(consoletitle, sizeof(consoletitle), "RawTherapee %s Console", RTVERSION); SetConsoleTitle (consoletitle); // increase size of screen buffer COORD c;