/****************************************************************************
- * Copyright (c) 1998-2009,2010 Free Software Foundation, Inc. *
+ * Copyright (c) 1998-2013,2018 Free Software Foundation, Inc. *
* *
* Permission is hereby granted, free of charge, to any person obtaining a *
* copy of this software and associated documentation files (the *
****************************************************************************/
/****************************************************************************
- * Author: Thomas E. Dickey <dickey@clark.net> 1997 *
+ * Author: Thomas E. Dickey 1997-on *
****************************************************************************/
#include <curses.priv.h>
#include <ctype.h>
-MODULE_ID("$Id: safe_sprintf.c,v 1.24 2010/06/05 22:22:27 tom Exp $")
+MODULE_ID("$Id: safe_sprintf.c,v 1.31 2018/02/17 21:19:41 tom Exp $")
#if USE_SAFE_SPRINTF
} else if (state == Prec) {
prec = ival;
}
- sprintf(fmt_arg, "%d", ival);
+ _nc_SPRINTF(fmt_arg,
+ _nc_SLIMIT(sizeof(fmt_arg))
+ "%d", ival);
fmt_len += strlen(fmt_arg);
if ((format = _nc_doalloc(format, fmt_len)) == 0) {
+ free(buffer);
return -1;
}
- strcpy(&format[--f], fmt_arg);
+ --f;
+ _nc_STRCPY(&format[f], fmt_arg, fmt_len - f);
f = strlen(format);
} else if (isalpha(UChar(*fmt))) {
done = TRUE;
format[f] = '\0';
switch (used) {
case 'i':
- sprintf(buffer, format, ival);
+ _nc_SPRINTF(buffer, _nc_SLIMIT(length) format, ival);
break;
case 'f':
- sprintf(buffer, format, fval);
+ _nc_SPRINTF(buffer, _nc_SLIMIT(length) format, fval);
break;
default:
- sprintf(buffer, format, pval);
+ _nc_SPRINTF(buffer, _nc_SLIMIT(length) format, pval);
break;
}
len += (int) strlen(buffer);
{
char *result = 0;
- if (fmt != 0) {
+ if (SP_PARM != 0 && fmt != 0) {
#if USE_SAFE_SPRINTF
va_list ap2;
int len;
if (my_buffer != 0) {
# if HAVE_VSNPRINTF
- vsnprintf(my_buffer, my_length, fmt, ap); /* GNU extension */
+ vsnprintf(my_buffer, my_length, fmt, ap); /* SUSv2, 1997 */
# else
- vsprintf(my_buffer, fmt, ap); /* ANSI */
+ vsprintf(my_buffer, fmt, ap); /* ISO/ANSI C, 1989 */
# endif
result = my_buffer;
}