80486DX2-66/taisei
1
0
Fork 1
Code Issues Activity

Fixed a buffer overflow and prohibited sprintf

Browse source
This commit is contained in:
Andrei "Akari" Alexeyev 2017-03-25 03:41:10 +02:00
parent 457ca7bf10
commit 8e8abf1db6
4 changed files with 14 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/progress.c
View file

@ -63,9 +63,7 @@ static uint8_t progress_magic_bytes[] = {
};
static char* progress_getpath(void) {
char *p = malloc(strlen(get_config_path()) + strlen(PROGRESS_FILENAME) + 2);
sprintf(p, "%s/%s", get_config_path(), PROGRESS_FILENAME);
return p;
return strfmt("%s/%s", get_config_path(), PROGRESS_FILENAME);
}
static uint32_t progress_checksum(uint8_t *buf, size_t num) {

11
src/replay.c
View file

@ -481,15 +481,8 @@ int replay_read(Replay *rpy, SDL_RWops *file, ReplayReadMode mode) {
#undef PRINTPROP
char* replay_getpath(const char *name, bool ext) {
char *p = (char*)malloc(strlen(get_replays_path()) + strlen(name) + strlen(REPLAY_EXTENSION) + 3);
if(ext) {
sprintf(p, "%s/%s.%s", get_replays_path(), name, REPLAY_EXTENSION);
} else {
sprintf(p, "%s/%s", get_replays_path(), name);
}
return p;
return ext ? strfmt("%s/%s.%s", get_replays_path(), name, REPLAY_EXTENSION) :
strfmt("%s/%s", get_replays_path(), name);
}
int replay_save(Replay *rpy, const char *name) {

14
src/stage.c
View file

@ -387,7 +387,7 @@ static void draw_stars(int x, int y, int numstars, int numfrags, int maxstars, i
void draw_hud(void) {
draw_texture(SCREEN_W/2.0, SCREEN_H/2.0, "hud");
char buf[16];
char buf[64];
glPushMatrix();
glTranslatef(615,0,0);
@ -409,18 +409,18 @@ void draw_hud(void) {
draw_stars(0, 200, global.plr.bombs, global.plr.bomb_fragments, PLR_MAX_BOMBS, PLR_MAX_BOMB_FRAGMENTS, 1);
}
// sprintf(buf, "%.2f", global.plr.power / 100.0);
// snprintf(buf, sizeof(buf), "%.2f", global.plr.power / 100.0);
// draw_text(AL_Left, -6, 236, buf, _fonts.standard);
draw_stars(0, 236, global.plr.power / 100, global.plr.power % 100, PLR_MAX_POWER / 100, 100, 1);
sprintf(buf, "%i", global.plr.graze);
snprintf(buf, sizeof(buf), "%i", global.plr.graze);
draw_text(AL_Left, -6, 270, buf, _fonts.standard);
sprintf(buf, "%i", global.plr.points);
snprintf(buf, sizeof(buf), "%i", global.plr.points);
draw_text(AL_Left, 8, 49, buf, _fonts.standard);
sprintf(buf, "%i", progress.hiscore);
snprintf(buf, sizeof(buf), "%i", progress.hiscore);
draw_text(AL_Left, 8, 83, buf, _fonts.standard);
if(global.plr.iddqd) {
@ -429,14 +429,14 @@ void draw_hud(void) {
glPopMatrix();
sprintf(buf, "%i fps", global.fps.show_fps);
snprintf(buf, sizeof(buf), "%i fps", global.fps.show_fps);
draw_text(AL_Right, SCREEN_W, SCREEN_H - 0.5 * stringheight(buf, _fonts.standard), buf, _fonts.standard);
if(global.boss)
draw_texture(VIEWPORT_X+creal(global.boss->pos), 590, "boss_indicator");
if(global.replaymode == REPLAY_PLAY) {
sprintf(buf, "Replay: %s (%i fps)", global.replay.playername, global.replay_stage->fps);
snprintf(buf, sizeof(buf), "Replay: %s (%i fps)", global.replay.playername, global.replay_stage->fps);
glColor4f(0.5f, 0.5f, 0.5f, 0.5f);
draw_text(AL_Left, 0, SCREEN_H - 0.5 * stringheight(buf, _fonts.standard), buf, _fonts.standard);
glColor4f(1.0f, 1.0f, 1.0f, 1.0f);

4
src/util.h
View file

@ -171,4 +171,8 @@ int fprintf(FILE*, const char*, ...) __attribute__((deprecated(
char* strtok() __attribute__((deprecated(
"Use strtok_r instead")));
#undef sprintf
int sprintf(char *, const char*, ...) __attribute__((deprecated(
"Use snprintf or strfmt instead")));
#endif