Prefer using snprintf instead of insecure sprintf

inactive123 · inactive123 · commit 7bbdd6d18adc · 2021-05-18T15:14:08.000+02:00
diff --git a/gfx/video_layout/scope.c b/gfx/video_layout/scope.c
@@ -129,7 +129,7 @@ void scope_repeat(scope_t *scope)
                gen->value.val_dec = (float)((int)gen->value.val_dec << gen->shift);
             else if (gen->shift < 0)
                gen->value.val_dec = (float)((int)gen->value.val_dec >> -gen->shift);
-            sprintf(tmp, "%f", gen->value.val_dec);
+            snprintf(tmp, sizeof(tmp), "%f", gen->value.val_dec);
          }
          else
          {
@@ -138,7 +138,7 @@ void scope_repeat(scope_t *scope)
                gen->value.val_int <<= gen->shift;
             else if (gen->shift < 0)
                gen->value.val_int >>= -gen->shift;
-            sprintf(tmp, "%d", gen->value.val_int);
+            snprintf(tmp, sizeof(tmp), "%d", gen->value.val_int);
          }
 
          string_set(&param->value, tmp);
diff --git a/libretro-common/formats/libchdr/libchdr_chd.c b/libretro-common/formats/libchdr/libchdr_chd.c
@@ -1235,7 +1235,13 @@ chd_error chd_get_metadata(chd_file *chd, UINT32 searchtag, UINT32 searchindex,
 			UINT32 faux_length;
 
 			/* fill in the faux metadata */
-			sprintf(faux_metadata, HARD_DISK_METADATA_FORMAT, chd->header.obsolete_cylinders, chd->header.obsolete_heads, chd->header.obsolete_sectors, chd->header.hunkbytes / chd->header.obsolete_hunksize);
+			snprintf(faux_metadata,
+               sizeof(faux_metadata),
+               HARD_DISK_METADATA_FORMAT,
+               chd->header.obsolete_cylinders,
+               chd->header.obsolete_heads,
+               chd->header.obsolete_sectors,
+               chd->header.hunkbytes / chd->header.obsolete_hunksize);
 			faux_length = (UINT32)strlen(faux_metadata) + 1;
 
 			/* copy the metadata itself */
diff --git a/menu/cbs/menu_cbs_sublabel.c b/menu/cbs/menu_cbs_sublabel.c
@@ -1025,7 +1025,7 @@ static int action_bind_sublabel_cpu_policy_entry_list(
    int idx = atoi(path);
    if (drivers)
    {
-      sprintf(s, "%s | Freq: %u MHz\n", drivers[idx]->scaling_governor,
+      snprintf(s, len, "%s | Freq: %u MHz\n", drivers[idx]->scaling_governor,
          drivers[idx]->current_frequency / 1000);
       return 0;
    }
diff --git a/menu/menu_displaylist.c b/menu/menu_displaylist.c
@@ -10047,7 +10047,7 @@ bool menu_displaylist_ctl(enum menu_displaylist_ctl_state type,
                while (*drivers)
                {
                   char policyid[16];
-                  sprintf(policyid, "%u", count++);
+                  snprintf(policyid, sizeof(policyid), "%u", count++);
                   menu_entries_append_enum(info->list,
                      policyid,
                      policyid,
diff --git a/misc/cpufreq/cpufreq.c b/misc/cpufreq/cpufreq.c
@@ -197,9 +197,9 @@ bool set_cpu_scaling_min_frequency(
 {
    char fpath[PATH_MAX_LENGTH];
    char value[16];
-   sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_min_freq",
+   snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_min_freq",
       driver->policy_id);
-   sprintf(value, "%" PRIu32 "\n", min_freq);
+   snprintf(value, sizeof(value), "%" PRIu32 "\n", min_freq);
    if (filestream_write_file(fpath, value, strlen(value)))
    {
       driver->min_policy_freq = min_freq;
@@ -215,9 +215,9 @@ bool set_cpu_scaling_max_frequency(
 {
    char fpath[PATH_MAX_LENGTH];
    char value[16];
-   sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_max_freq",
+   snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_max_freq",
       driver->policy_id);
-   sprintf(value, "%" PRIu32 "\n", max_freq);
+   snprintf(value, sizeof(value), "%" PRIu32 "\n", max_freq);
    if (filestream_write_file(fpath, value, strlen(value)))
    {
       driver->max_policy_freq = max_freq;
@@ -294,7 +294,7 @@ uint32_t get_cpu_scaling_next_frequency_limit(uint32_t freq, int step)
 bool set_cpu_scaling_governor(cpu_scaling_driver_t *driver, const char* governor)
 {
    char fpath[PATH_MAX_LENGTH];
-   sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_governor",
+   snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_governor",
       driver->policy_id);
    if (filestream_write_file(fpath, governor, strlen(governor)))
    {

Original file line number	Diff line number	Diff line change
`@@ -129,7 +129,7 @@ void scope_repeat(scope_t *scope)`
`129`	`129`	`gen->value.val_dec = (float)((int)gen->value.val_dec << gen->shift);`
`130`	`130`	`else if (gen->shift < 0)`
`131`	`131`	`gen->value.val_dec = (float)((int)gen->value.val_dec >> -gen->shift);`
`132`		`- sprintf(tmp, "%f", gen->value.val_dec);`
	`132`	`+ snprintf(tmp, sizeof(tmp), "%f", gen->value.val_dec);`
`133`	`133`	`}`
`134`	`134`	`else`
`135`	`135`	`{`
`@@ -138,7 +138,7 @@ void scope_repeat(scope_t *scope)`
`138`	`138`	`gen->value.val_int <<= gen->shift;`
`139`	`139`	`else if (gen->shift < 0)`
`140`	`140`	`gen->value.val_int >>= -gen->shift;`
`141`		`- sprintf(tmp, "%d", gen->value.val_int);`
	`141`	`+ snprintf(tmp, sizeof(tmp), "%d", gen->value.val_int);`
`142`	`142`	`}`
`143`	`143`
`144`	`144`	`string_set(&param->value, tmp);`
Original file line number	Diff line number	Diff line change
`@@ -1025,7 +1025,7 @@ static int action_bind_sublabel_cpu_policy_entry_list(`
`1025`	`1025`	`int idx = atoi(path);`
`1026`	`1026`	`if (drivers)`
`1027`	`1027`	`{`
`1028`		`- sprintf(s, "%s \| Freq: %u MHz\n", drivers[idx]->scaling_governor,`
	`1028`	`+ snprintf(s, len, "%s \| Freq: %u MHz\n", drivers[idx]->scaling_governor,`
`1029`	`1029`	`drivers[idx]->current_frequency / 1000);`
`1030`	`1030`	`return 0;`
`1031`	`1031`	`}`
Original file line number	Diff line number	Diff line change
`@@ -10047,7 +10047,7 @@ bool menu_displaylist_ctl(enum menu_displaylist_ctl_state type,`
`10047`	`10047`	`while (*drivers)`
`10048`	`10048`	`{`
`10049`	`10049`	`char policyid[16];`
`10050`		`- sprintf(policyid, "%u", count++);`
	`10050`	`+ snprintf(policyid, sizeof(policyid), "%u", count++);`
`10051`	`10051`	`menu_entries_append_enum(info->list,`
`10052`	`10052`	`policyid,`
`10053`	`10053`	`policyid,`
Original file line number	Diff line number	Diff line change
`@@ -197,9 +197,9 @@ bool set_cpu_scaling_min_frequency(`
`197`	`197`	`{`
`198`	`198`	`char fpath[PATH_MAX_LENGTH];`
`199`	`199`	`char value[16];`
`200`		`- sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_min_freq",`
	`200`	`+ snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_min_freq",`
`201`	`201`	`driver->policy_id);`
`202`		`- sprintf(value, "%" PRIu32 "\n", min_freq);`
	`202`	`+ snprintf(value, sizeof(value), "%" PRIu32 "\n", min_freq);`
`203`	`203`	`if (filestream_write_file(fpath, value, strlen(value)))`
`204`	`204`	`{`
`205`	`205`	`driver->min_policy_freq = min_freq;`
`@@ -215,9 +215,9 @@ bool set_cpu_scaling_max_frequency(`
`215`	`215`	`{`
`216`	`216`	`char fpath[PATH_MAX_LENGTH];`
`217`	`217`	`char value[16];`
`218`		`- sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_max_freq",`
	`218`	`+ snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_max_freq",`
`219`	`219`	`driver->policy_id);`
`220`		`- sprintf(value, "%" PRIu32 "\n", max_freq);`
	`220`	`+ snprintf(value, sizeof(value), "%" PRIu32 "\n", max_freq);`
`221`	`221`	`if (filestream_write_file(fpath, value, strlen(value)))`
`222`	`222`	`{`
`223`	`223`	`driver->max_policy_freq = max_freq;`
`@@ -294,7 +294,7 @@ uint32_t get_cpu_scaling_next_frequency_limit(uint32_t freq, int step)`
`294`	`294`	`bool set_cpu_scaling_governor(cpu_scaling_driver_t driver, const char governor)`
`295`	`295`	`{`
`296`	`296`	`char fpath[PATH_MAX_LENGTH];`
`297`		`- sprintf(fpath, CPU_POLICIES_DIR "policy%u/scaling_governor",`
	`297`	`+ snprintf(fpath, sizeof(fpath), CPU_POLICIES_DIR "policy%u/scaling_governor",`
`298`	`298`	`driver->policy_id);`
`299`	`299`	`if (filestream_write_file(fpath, governor, strlen(governor)))`
`300`	`300`	`{`