sprintf -> PyOS_snprintf in some "obviously safe" cases.

Also changed <>-style #includes to ""-style in some places where the former didn't make sense.
2001-11-28 20:27:42 +00:00 · 2001-11-28 20:27:42 +00:00 · 885d457709
parent 05bd787c6c
commit 885d457709
15 changed files with 61 additions and 42 deletions
--- a/Demo/pysvr/pysvr.c
+++ b/Demo/pysvr/pysvr.c
@ -25,7 +25,7 @@ can log in on your machine.  Use with caution!
   Python.h defines a typedef destructor, which conflicts with pthread.h.
   So Python.h must be included after pthread.h. */
-#include <Python.h>
+#include "Python.h"
 extern int Py_VerboseFlag;
@ -364,6 +364,7 @@ static void
 ps(void)
 {
 	char buffer[100];
-	sprintf(buffer, "ps -l -p %d </dev/null | tail +2l\n", getpid());
+	PyOS_snprintf(buffer, sizeof(buffer),
 		      "ps -l -p %d </dev/null | tail +2l\n", getpid());
 	system(buffer);
 }
--- a/Modules/_hotshot.c
+++ b/Modules/_hotshot.c
@ -2,11 +2,11 @@
 * This is the High Performance Python Profiler portion of HotShot.
 */
-#include <Python.h>
+#include "Python.h"
-#include <compile.h>
+#include "compile.h"
-#include <eval.h>
+#include "eval.h"
-#include <frameobject.h>
+#include "frameobject.h"
-#include <structmember.h>
+#include "structmember.h"
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
@ -1452,12 +1452,12 @@ write_header(ProfilerObject *self)
        pack_add_info(self, "executable-version", buffer);
 #ifdef MS_WIN32
-    sprintf(cwdbuffer, "%I64d", frequency.QuadPart);
+    PyOS_snprintf(cwdbuffer, sizeof(cwdbuffer), "%I64d", frequency.QuadPart);
    pack_add_info(self, "reported-performance-frequency", cwdbuffer);
 #else
-    sprintf(cwdbuffer, "%lu", rusage_diff);
+    PyOS_snprintf(cwdbuffer, sizeof(cwdbuffer), "%lu", rusage_diff);
    pack_add_info(self, "observed-interval-getrusage", cwdbuffer);
-    sprintf(cwdbuffer, "%lu", timeofday_diff);
+    PyOS_snprintf(cwdbuffer, sizeof(cwdbuffer), "%lu", timeofday_diff);
    pack_add_info(self, "observed-interval-gettimeofday", cwdbuffer);
 #endif
--- a/Modules/_localemodule.c
+++ b/Modules/_localemodule.c
@ -376,7 +376,7 @@ PyLocale_getdefaultlocale(PyObject* self, PyObject* args)
    if (!PyArg_NoArgs(args))
        return NULL;
-    sprintf(encoding, "cp%d", GetACP());
+    PyOS_snprintf(encoding, sizeof(encoding), "cp%d", GetACP());
    if (GetLocaleInfo(LOCALE_USER_DEFAULT,
                      LOCALE_SISO639LANGNAME,
--- a/Modules/_testcapimodule.c
+++ b/Modules/_testcapimodule.c
@ -19,7 +19,7 @@ raiseTestError(const char* test_name, const char* msg)
 	if (strlen(test_name) + strlen(msg) > sizeof(buf) - 50)
 		PyErr_SetString(TestError, "internal error msg too large");
 	else {
-		sprintf(buf, "%s: %s", test_name, msg);
+		PyOS_snprintf(buf, sizeof(buf), "%s: %s", test_name, msg);
 		PyErr_SetString(TestError, buf);
 	}
 	return NULL;
@ -36,7 +36,8 @@ sizeof_error(const char* fatname, const char* typename,
        int expected, int got)
 {
 	char buf[1024];
-	sprintf(buf, "%.200s #define == %d but sizeof(%.200s) == %d",
+	PyOS_snprintf(buf, sizeof(buf), 
 		"%.200s #define == %d but sizeof(%.200s) == %d",
 		fatname, expected, typename, got);
 	PyErr_SetString(TestError, buf);
 	return (PyObject*)NULL;
--- a/Modules/_tkinter.c
+++ b/Modules/_tkinter.c
@ -1579,8 +1579,8 @@ Tktt_Repr(PyObject *self)
 	TkttObject *v = (TkttObject *)self;
 	char buf[100];
-	sprintf(buf, "<tktimertoken at %p%s>", v,
+	PyOS_snprintf(buf, sizeof(buf), "<tktimertoken at %p%s>", v,
-		v->func == NULL ? ", handler deleted" : "");
+		      v->func == NULL ? ", handler deleted" : "");
 	return PyString_FromString(buf);
 }
--- a/Modules/arraymodule.c
+++ b/Modules/arraymodule.c
@ -1313,12 +1313,13 @@ array_repr(arrayobject *a)
 	int i, len;
 	len = a->ob_size;
 	if (len == 0) {
-		sprintf(buf, "array('%c')", a->ob_descr->typecode);
+		PyOS_snprintf(buf, sizeof(buf), "array('%c')",
 			      a->ob_descr->typecode);
 		return PyString_FromString(buf);
 	}
 	if (a->ob_descr->typecode == 'c') {
 		PyObject *t_empty = PyTuple_New(0);
-		sprintf(buf, "array('c', ");
+		PyOS_snprintf(buf, sizeof(buf), "array('c', ");
 		s = PyString_FromString(buf);
 		v = array_tostring(a, t_empty);
 		Py_DECREF(t_empty);
@ -1328,7 +1329,7 @@ array_repr(arrayobject *a)
 		PyString_ConcatAndDel(&s, PyString_FromString(")"));
 		return s;
 	}
-	sprintf(buf, "array('%c', [", a->ob_descr->typecode);
+	PyOS_snprintf(buf, sizeof(buf), "array('%c', [", a->ob_descr->typecode);
 	s = PyString_FromString(buf);
 	comma = PyString_FromString(", ");
 	for (i = 0; i < len && !PyErr_Occurred(); i++) {
--- a/Modules/flmodule.c
+++ b/Modules/flmodule.c
@ -370,8 +370,8 @@ static PyObject *
 generic_repr(genericobject *g)
 {
 	char buf[100];
-	sprintf(buf, "<FORMS_object at %p, objclass=%d>",
+	PyOS_snprintf(buf, sizeof(buf), "<FORMS_object at %p, objclass=%d>",
-		g, g->ob_generic->objclass);
+		      g, g->ob_generic->objclass);
 	return PyString_FromString(buf);
 }
@ -1580,8 +1580,8 @@ static PyObject *
 form_repr(formobject *f)
 {
 	char buf[100];
-	sprintf(buf, "<FORMS_form at %p, window=%ld>",
+	PyOS_snprintf(buf, sizeof(buf), "<FORMS_form at %p, window=%ld>",
-		f, f->ob_form->window);
+		      f, f->ob_form->window);
 	return PyString_FromString(buf);
 }
--- a/Modules/gdbmmodule.c
+++ b/Modules/gdbmmodule.c
@ -477,7 +477,8 @@ dbmopen(PyObject *self, PyObject *args)
                break;
 #endif
            default:
-                sprintf(buf, "Flag '%c' is not supported.", *flags);
+                PyOS_snprintf(buf, sizeof(buf), "Flag '%c' is not supported.",
                	      *flags);
                PyErr_SetString(DbmError, buf);
                return NULL;
        }
--- a/Modules/pcremodule.c
+++ b/Modules/pcremodule.c
@ -263,7 +263,8 @@ PyPcre_expand_escape(unsigned char *pattern, int pattern_len,
 	case('U'):    case('l'):    case('u'):
 	{
 		char message[50];
-		sprintf(message, "\\%c is not allowed", c);
+		PyOS_snprintf(message, sizeof(message),
 			      "\\%c is not allowed", c);
 		PyErr_SetString(ErrorObject, message);
 		return NULL;
 	}
@ -495,7 +496,7 @@ PyPcre_expand(PyObject *self, PyObject *args)
 				if (result==Py_None)
 				{
 					char message[50];
-					sprintf(message, 
+					PyOS_snprintf(message, sizeof(message),
 						"group did not contribute to the match");
 					PyErr_SetString(ErrorObject, 
 							message);
--- a/Modules/posixmodule.c
+++ b/Modules/posixmodule.c
@ -432,7 +432,8 @@ os2_strerror(char *msgbuf, int msgbuflen, int errorcode, char *reason)
    if (rc == NO_ERROR)
        os2_formatmsg(msgbuf, msglen, reason);
    else
-        sprintf(msgbuf, "unknown OS error #%d", errorcode);
+        PyOS_snprintf(msgbuf, sizeof(msgbuf),
        	      "unknown OS error #%d", errorcode);
    return msgbuf;
 }
@ -5814,8 +5815,9 @@ static int insertvalues(PyObject *d)
    case 40: ver = "4.00"; break;
    case 50: ver = "5.00"; break;
    default:
-        sprintf(tmp, "%d-%d", values[QSV_VERSION_MAJOR],
+        PyOS_snprintf(tmp, sizeof(tmp),
-                              values[QSV_VERSION_MINOR]);
+        	      "%d-%d", values[QSV_VERSION_MAJOR],
                      values[QSV_VERSION_MINOR]);
        ver = &tmp[0];
    }
--- a/Modules/pyexpat.c
+++ b/Modules/pyexpat.c
@ -129,7 +129,7 @@ set_error(xmlparseobject *self)
    int column = XML_GetErrorColumnNumber(parser);
    enum XML_Error code = XML_GetErrorCode(parser);
-    sprintf(buffer, "%.200s: line %i, column %i",
+    PyOS_snprintf(buffer, sizeof(buffer), "%.200s: line %i, column %i",
            XML_ErrorString(code), lineno, column);
    err = PyObject_CallFunction(ErrorObject, "s", buffer);
    if (  err != NULL
--- a/Modules/readline.c
+++ b/Modules/readline.c
@ -165,7 +165,7 @@ set_hook(const char * funcname, PyObject **hook_var, PyThreadState **tstate, PyO
 {
 	PyObject *function = Py_None;
 	char buf[80];
-	sprintf(buf, "|O:set_%.50s", funcname);
+	PyOS_snprintf(buf, sizeof(buf), "|O:set_%.50s", funcname);
 	if (!PyArg_ParseTuple(args, buf, &function))
 		return NULL;
 	if (function == Py_None) {
@ -181,7 +181,9 @@ set_hook(const char * funcname, PyObject **hook_var, PyThreadState **tstate, PyO
 		*tstate = PyThreadState_Get();
 	}
 	else {
-		sprintf(buf, "set_%.50s(func): argument not callable", funcname);
+		PyOS_snprintf(buf, sizeof(buf),
 			      "set_%.50s(func): argument not callable",
 			      funcname);
 		PyErr_SetString(PyExc_TypeError, buf);
 		return NULL;
 	}
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@ -1768,9 +1768,11 @@ PySocketSock_repr(PySocketSockObject *s)
 		return NULL;
 	}
 #endif
-	sprintf(buf,
+	PyOS_snprintf(buf, sizeof(buf),
-		"<socket object, fd=%ld, family=%d, type=%d, protocol=%d>",
+		      "<socket object, fd=%ld, family=%d, type=%d, protocol=%d>",
-		(long)s->sock_fd, s->sock_family, s->sock_type, s->sock_proto);
+		      (long)s->sock_fd, s->sock_family,
 		      s->sock_type,
 		      s->sock_proto);
 	return PyString_FromString(buf);
 }
@ -3056,7 +3058,8 @@ NTinit(void)
 		    "WSAStartup failed: requested version not supported");
 		break;
 	default:
-		sprintf(buf, "WSAStartup failed: error code %d", ret);
+		PyOS_snprintf(buf, sizeof(buf),
 			      "WSAStartup failed: error code %d", ret);
 		PyErr_SetString(PyExc_ImportError, buf);
 		break;
 	}
--- a/Modules/stropmodule.c
+++ b/Modules/stropmodule.c
@ -772,7 +772,8 @@ strop_atoi(PyObject *self, PyObject *args)
 		end++;
 	if (*end != '\0') {
  bad:
-		sprintf(buffer, "invalid literal for atoi(): %.200s", s);
+		PyOS_snprintf(buffer, sizeof(buffer),
 			      "invalid literal for atoi(): %.200s", s);
 		PyErr_SetString(PyExc_ValueError, buffer);
 		return NULL;
 	}
@ -865,12 +866,14 @@ strop_atof(PyObject *self, PyObject *args)
 	while (*end && isspace(Py_CHARMASK(*end)))
 		end++;
 	if (*end != '\0') {
-		sprintf(buffer, "invalid literal for atof(): %.200s", s);
+		PyOS_snprintf(buffer, sizeof(buffer),
 			      "invalid literal for atof(): %.200s", s);
 		PyErr_SetString(PyExc_ValueError, buffer);
 		return NULL;
 	}
 	else if (errno != 0) {
-		sprintf(buffer, "atof() literal too large: %.200s", s);
+		PyOS_snprintf(buffer, sizeof(buffer), 
 			      "atof() literal too large: %.200s", s);
 		PyErr_SetString(PyExc_ValueError, buffer);
 		return NULL;
 	}
--- a/Objects/stringobject.c
+++ b/Objects/stringobject.c
@ -2876,7 +2876,9 @@ formatfloat(char *buf, size_t buflen, int flags,
 		prec = 6;
 	if (type == 'f' && fabs(x)/1e25 >= 1e25)
 		type = 'g';
-	sprintf(fmt, "%%%s.%d%c", (flags&F_ALT) ? "#" : "", prec, type);
+	PyOS_snprintf(fmt, sizeof(fmt), "%%%s.%d%c",
 		      (flags&F_ALT) ? "#" : "",
 		      prec, type);
 	/* worst case length calc to ensure no buffer overrun:
 	     fmt = %#.<prec>g
 	     buf = '-' + [0-9]*prec + '.' + 'e+' + (longest exp
@ -2889,7 +2891,7 @@ formatfloat(char *buf, size_t buflen, int flags,
 			"formatted float is too long (precision too large?)");
 		return -1;
 	}
-	sprintf(buf, fmt, x);
+	PyOS_snprintf(buf, buflen, fmt, x);
 	return strlen(buf);
 }
@ -3047,7 +3049,9 @@ formatint(char *buf, size_t buflen, int flags,
 		return -1;
 	if (prec < 0)
 		prec = 1;
-	sprintf(fmt, "%%%s.%dl%c", (flags&F_ALT) ? "#" : "", prec, type);
+	PyOS_snprintf(fmt, sizeof(fmt), "%%%s.%dl%c",
 		      (flags&F_ALT) ? "#" : "", 
 		      prec, type);
 	/* buf = '+'/'-'/'0'/'0x' + '[0-9]'*max(prec, len(x in octal))
 	   worst case buf = '0x' + [0-9]*prec, where prec >= 11 */
 	if (buflen <= 13 || buflen <= (size_t)2 + (size_t)prec) {
@ -3055,7 +3059,7 @@ formatint(char *buf, size_t buflen, int flags,
 			"formatted integer is too long (precision too large?)");
 		return -1;
 	}
-	sprintf(buf, fmt, x);
+	PyOS_snprintf(buf, buflen, fmt, x);
 	/* When converting 0 under %#x or %#X, C leaves off the base marker,
 	 * but we want it (for consistency with other %#x conversions, and
 	 * for consistency with Python's hex() function).