From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6396 invoked by alias); 7 Apr 2009 08:09:39 -0000 Received: (qmail 6384 invoked by uid 22791); 7 Apr 2009 08:09:33 -0000 X-SWARE-Spam-Status: No, hits=-2.1 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from mailhost.u-strasbg.fr (HELO mailhost.u-strasbg.fr) (130.79.200.155) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 07 Apr 2009 08:09:27 +0000 Received: from baal.u-strasbg.fr (baal.u-strasbg.fr [IPv6:2001:660:2402::41]) by mailhost.u-strasbg.fr (8.14.2/jtpda-5.5pre1) with ESMTP id n3789OTl050608 for ; Tue, 7 Apr 2009 10:09:24 +0200 (CEST) Received: from mailserver.u-strasbg.fr (ms1.u-strasbg.fr [IPv6:2001:660:2402:d::10]) by baal.u-strasbg.fr (8.14.0/jtpda-5.5pre1) with ESMTP id n3789N33081580 for ; Tue, 7 Apr 2009 10:09:24 +0200 (CEST) (envelope-from muller@ics.u-strasbg.fr) Received: from d620muller (www-ics.u-strasbg.fr [130.79.210.225]) (user=mullerp mech=LOGIN) by mailserver.u-strasbg.fr (8.14.3/jtpda-5.5pre1) with ESMTP id n3789N8Y011219 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Tue, 7 Apr 2009 10:09:23 +0200 (CEST) (envelope-from muller@ics.u-strasbg.fr) From: "Pierre Muller" To: Subject: [RFC] Ada ARI fix for sprintf Date: Tue, 07 Apr 2009 08:09:00 -0000 Message-ID: <000401c9b758$2c1cf4b0$8456de10$@u-strasbg.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2009-04/txt/msg00123.txt.bz2 The reason this is a RFC rather than a RFA is that I used another function than the one recommended on ARI page. Currently AR Index gives 153 failures for "sprint" rule. sprintf 153 Do not use sprintf, instead use xstrprintf But they seem to all have local static buffers whereas xstrprintf allocates memory globally. I propose to use xsnprintf instead for such case, which checks for buffer overflow. If you agree, I will also update the ARI recommendation. All comments welcome, Pierre Muller Pascal language support maintainer for GDB 2009-04-07 Pierre Muller ARI fix: sprintf rule. * ada-exp.y (convert_char_literal): Replace sprintf by xsnprintf. * ada-lang.c (add_angle_bracket): Ditto. (ada_decode, find_old_style_renaming_symbol): Ditto. (ada_to_fixed_type_1, ada_enum_name): Ditto. Index: ada-exp.y =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /cvs/src/src/gdb/ada-exp.y,v retrieving revision 1.36 diff -u -p -r1.36 ada-exp.y --- ada-exp.y 24 Mar 2009 02:08:23 -0000 1.36 +++ ada-exp.y 7 Apr 2009 08:01:25 -0000 @@ -1452,7 +1452,7 @@ convert_char_literal (struct type *type, =20 if (type =3D=3D NULL || TYPE_CODE (type) !=3D TYPE_CODE_ENUM) return val; - sprintf (name, "QU%02x", (int) val); + xsnprintf (name, sizeof (name), "QU%02x", (int) val); for (f =3D 0; f < TYPE_NFIELDS (type); f +=3D 1) { if (strcmp (name, TYPE_FIELD_NAME (type, f)) =3D=3D 0) Index: ada-lang.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /cvs/src/src/gdb/ada-lang.c,v retrieving revision 1.205 diff -u -p -r1.205 ada-lang.c --- ada-lang.c 24 Mar 2009 02:07:06 -0000 1.205 +++ ada-lang.c 7 Apr 2009 08:01:28 -0000 @@ -335,11 +335,13 @@ static char * add_angle_brackets (const char *str) { static char *result =3D NULL; + int result_size; =20 xfree (result); - result =3D (char *) xmalloc ((strlen (str) + 3) * sizeof (char)); + result_size =3D (strlen (str) + 3) * sizeof (char); + result =3D (char *) xmalloc (result_size); =20 - sprintf (result, "<%s>", str); + xsnprintf (result, result_size, "<%s>", str); return result; } =20 @@ -1114,7 +1116,7 @@ Suppress: if (encoded[0] =3D=3D '<') strcpy (decoded, encoded); else - sprintf (decoded, "<%s>", encoded); + xsnprintf (decoded, decoding_buffer_size, "<%s>", encoded); return decoded; =20 } @@ -6609,13 +6611,14 @@ find_old_style_renaming_symbol (const ch function_name =3D function_name + 5; =20 rename =3D (char *) alloca (rename_len * sizeof (char)); - sprintf (rename, "%s__%s___XR", function_name, name); + xsnprintf (rename, rename_len * sizeof (char), "%s__%s___XR",=20 + function_name, name); } else { const int rename_len =3D strlen (name) + 6; rename =3D (char *) alloca (rename_len * sizeof (char)); - sprintf (rename, "%s___XR", name); + xsnprintf (rename, rename_len * sizeof (char), "%s___XR", name); } =20 return ada_find_any_symbol (rename); @@ -7308,7 +7311,7 @@ ada_to_fixed_type_1 (struct type *type,=20 int xvz_found =3D 0; LONGEST size; =20 - sprintf (xvz_name, "%s___XVZ", name); + xsnprintf (xvz_name, strlen (name) + 7, "%s___XVZ", name); size =3D get_int_var_value (xvz_name, &xvz_found); if (xvz_found && TYPE_LENGTH (fixed_record_type) !=3D size) { @@ -7760,11 +7763,11 @@ ada_enum_name (const char *name) =20 GROW_VECT (result, result_len, 16); if (isascii (v) && isprint (v)) - sprintf (result, "'%c'", v); + xsnprintf (result, result_len, "'%c'", v); else if (name[1] =3D=3D 'U') - sprintf (result, "[\"%02x\"]", v); + xsnprintf (result, result_len, "[\"%02x\"]", v); else - sprintf (result, "[\"%04x\"]", v); + xsnprintf (result, result_len, "[\"%04x\"]", v); =20 return result; }