Using snprintf. ZF_LOGE Errors logged.

mystic.cpp

@@ -3,10 +3,10 @@
 #include <pty.h>
 #include <stdio.h>
 #include <string.h>
-#include <termios.h>
-#include <unistd.h>
 #include <sys/select.h>
 #include <sys/wait.h>
+#include <termios.h>
+#include <unistd.h>
 
 // #include <signal.h> // handle Ctrl-C/SIGINT
 
@@ -78,7 +78,6 @@ struct console_details console;
 
 #include "utils.h"
 
-
 // END LOGGING
 
 #include "lastseen.h"
@@ -148,6 +147,7 @@ const char *random_phrase(const char *words, int len, int last_seen) {
 void harry_idle_event(int fd) {
   // Make something happen
   char buffer[100];
+  int slen;
   int r;
   // This is no where near finished, BUT!
   const char *phrases[] = {"Hahaha",    "Snicker, snicker", "Boo!",
@@ -176,7 +176,12 @@ void harry_idle_event(int fd) {
   } // If it's 0 let's make it 1.   // color = (random() % 15) + 1
   */
 
-  sprintf(buffer, "^S2^C%02d%s^P2^CR^D%02d", color, cp, (int)strlen(cp));
+  slen = snprintf(buffer, sizeof(buffer), "^S2^C%02d%s^P2^CR^D%02d", color, cp,
+                  (int)strlen(cp));
+  if (slen >= sizeof(buffer)) {
+    ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+    buffer[0] = 0;
+  }
   ZF_LOGD("harry_event: render(%d, \"%s\")", fd, buffer);
   render(fd, buffer, strlen(buffer));
 }
@@ -544,6 +549,7 @@ int mangle(int fd, const char *buffer, int len) {
 
       if (random_activate(3)) {
         char display[100] = "";
+        int slen;
         int needs_cls = 0;
 
         struct file_need {
@@ -566,8 +572,14 @@ int mangle(int fd, const char *buffer, int len) {
         x = randint(50) + 1;
         y = randint(12) + 1;
         char fgoto[10];
+
         if (possibles[r].rand_pos) {
-          sprintf(fgoto, "^f%02d%02d", x, y);
+          int slen;
+          slen = snprintf(fgoto, sizeof(fgoto), "^f%02d%02d", x, y);
+          if (slen >= sizeof(fgoto)) {
+            ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(fgoto));
+            fgoto[0] = 0;
+          }
         } else {
           strcpy(fgoto, "^F");
         }
@@ -583,9 +595,13 @@ int mangle(int fd, const char *buffer, int len) {
         // I tried a ^P2 before doing this .. but I'd rather have the picture up
         // right away I think.
 
-        sprintf(display, "%s%s%s.^P3%s", needs_cls ? "\x1b[2J" : "", fgoto,
-                possibles[r].filename, restore_color);
-
+        slen = snprintf(display, sizeof(display), "%s%s%s.^P3%s",
+                        needs_cls ? "\x1b[2J" : "", fgoto,
+                        possibles[r].filename, restore_color);
+        if (slen >= sizeof(display)) {
+          ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(display));
+          display[0] = 0;
+        }
         ZF_LOGI("mangle(ANSI_CLS): %d file inserted %s", r, repr(display));
 
         // Move the buffer so there's room for the display string.
@@ -617,14 +633,20 @@ int mangle(int fd, const char *buffer, int len) {
         if (random_activate(4)) {
           int r;
           char display[100] = "";
-          /* 
+          int slen;
+
+          /*
           Interesting note here:
           "Anyone there" qualifies as a valid WORDS regex match.
           It is possible that it can get mangled/wrangled!
           */
-          const char *phrasing[] = {"^R1Haha^P1ha^P1ha", "Poof!", "Got U",
-                                    "Anyone there?", "^R1Knock, ^P1Knock",
-                                    "^G0101^C07^S9Segmentation fault (core dumped)^P2"};
+          const char *phrasing[] = {
+              "^R1Haha^P1ha^P1ha",
+              "Poof!",
+              "Got U",
+              "Anyone there?",
+              "^R1Knock, ^P1Knock",
+              "^G0101^C07^S9Segmentation fault (core dumped)^P2"};
           static LastSeen last_phrasing(2);
 
           ZF_LOGI("mangle(ANSI_CLS)");
@@ -637,7 +659,8 @@ int mangle(int fd, const char *buffer, int len) {
           // Add in random text, plus color!
           do {
             r = random() % ((sizeof(phrasing) / sizeof(char *)) - 1);
-            // Does this drop the last element in phrasing? (Seems like it takes awhile to get Seg Fault spoof, might be why)
+            // Does this drop the last element in phrasing? (Seems like it takes
+            // awhile to get Seg Fault spoof, might be why)
           } while (last_phrasing.seen_before(r));
 
           int color = random() % 15 + 1;
@@ -658,13 +681,20 @@ int mangle(int fd, const char *buffer, int len) {
           HOME, CLS, HOME, ...  Not sure what others do there.  We'll see.
           */
 
-          sprintf(display, "^G%02d%02d^S3^C%02d^P1%s^S0^R0%s^P1^G0101", x, y,
-                  color, phrasing[r], restore_color);
+          slen = snprintf(display, sizeof(display),
+                          "^G%02d%02d^S3^C%02d^P1%s^S0^R0%s^P1^G0101", x, y,
+                          color, phrasing[r], restore_color);
+          if (slen >= sizeof(display)) {
+            ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(display));
+            display[0] = 0;
+          }
 
           // sprintf(display, "^P1^S3^C%02d%s^S0^R0%s^P1", color, phrasing[r],
           // restore_color);
-          // Added debug statement so we can identify what was sent... color, number picked and what that is
-          ZF_LOGD("mangle(ANSI_CLS): Inserted color=%02d r=%d phrase='%s'", color, r, phrasing[r]);
+          // Added debug statement so we can identify what was sent... color,
+          // number picked and what that is
+          ZF_LOGD("mangle(ANSI_CLS): Inserted color=%02d r=%d phrase='%s'",
+                  color, r, phrasing[r]);
           ZF_LOGI_MEM(play, len, "mangle(ANSI_CLS) :");
 
           // Move the buffer so there's room for the display string.
@@ -738,7 +768,7 @@ int mangle(int fd, const char *buffer, int len) {
    I'd want mangle and wrangle to work.
 
    The Message menu -- doesn't hardly get mangled at all (at least on
-   my test site).  Because all of the color changes break up the 
+   my test site).  Because all of the color changes break up the
    words in the menu.
    */
   x = rx_match(&WORDS, work);
@@ -809,7 +839,7 @@ int harry_happens(time_t *last_event, int wakeup) {
 
 /*
 
-This is done.  :D  My buffering system works with stack'em.  
+This is done.  :D  My buffering system works with stack'em.
 
 TO FIX:  Stop using c strings, must use char * buffer + int length.
 MAY CONTAIN NULL VALUES.

render.cpp

@@ -107,6 +107,7 @@ const int MYSTIC[] = {0, 4, 2, 6, 1, 5, 3, 7};
 
 void write_color(int fd, int color) {
   char buffer[12];
+  int slen;
 
   switch (color) {
   case 0:
@@ -117,7 +118,11 @@ void write_color(int fd, int color) {
   case 5:
   case 6:
   case 7:
-    sprintf(buffer, "\x1b[0;3%dm", MYSTIC[color]);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[0;3%dm", MYSTIC[color]);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
     break;
   case 8:
   case 9:
@@ -127,7 +132,11 @@ void write_color(int fd, int color) {
   case 13:
   case 14:
   case 15:
-    sprintf(buffer, "\x1b[0;1;3%dm", MYSTIC[color - 8]);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[0;1;3%dm", MYSTIC[color - 8]);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
     break;
   case 16:
   case 17:
@@ -137,7 +146,11 @@ void write_color(int fd, int color) {
   case 21:
   case 22:
   case 23:
-    sprintf(buffer, "\x1b[4%dm", MYSTIC[color - 16]);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[4%dm", MYSTIC[color - 16]);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
     break;
   case 24:
   case 25:
@@ -147,7 +160,11 @@ void write_color(int fd, int color) {
   case 29:
   case 30:
   case 31:
-    sprintf(buffer, "\x1b[5;4%dm", MYSTIC[color - 24]);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[5;4%dm", MYSTIC[color - 24]);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
     break;
   default:
     buffer[0] = 0;
@@ -177,8 +194,13 @@ int send_file(int fd, char *filename) {
 
 void send_goto(int fd, int x, int y) {
   char gbuffer[16];
+  int slen;
 
-  sprintf(gbuffer, "\x1b[%d;%dH", y, x);
+  slen = snprintf(gbuffer, sizeof(gbuffer), "\x1b[%d;%dH", y, x);
+  if (slen >= sizeof(gbuffer)) {
+    ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(gbuffer));
+    gbuffer[0] = 0;
+  }
   write(fd, gbuffer, strlen(gbuffer));
 }
 
@@ -329,8 +351,13 @@ const char *process_trigger(int fd, const char *cp) {
       cp++;
     };
     char buffer[20]; // row ; column H
+    int slen;
     ZF_LOGD("GOTO (%d,%d)", x, y);
-    sprintf(buffer, "\x1b[%d;%dH", y, x);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[%d;%dH", y, x);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
     write(fd, buffer, strlen(buffer));
   } break;
 

terminal.cpp

@@ -6,16 +6,15 @@ Everything else, I'm not sure I really care about.
 
  */
 
-#include <string.h>
 #include <ctype.h>
+#include <stdio.h> // snprintf
 #include <stdlib.h>
-#include <stdio.h> // sprintf
+#include <string.h>
 
 #include "terminal.h"
+#include "utils.h"
 #include "zf_log.h"
 
-extern const char *repr(const char *data);
-
 void console_init(struct console_details *cdp) {
   cdp->posx = 0;
   cdp->posy = 0;
@@ -56,11 +55,22 @@ void ansi_color(struct console_details *cdp, int color) {
 
 const char *color_restore(struct console_details *cdp) {
   static char buffer[30];
+  int slen;
+
   if (cdp->status == 0) {
-    sprintf(buffer, "\x1b[0;3%d;4%dm", cdp->fgcolor, cdp->bgcolor);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[0;3%d;4%dm", cdp->fgcolor,
+                    cdp->bgcolor);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
   } else {
-    sprintf(buffer, "\x1b[0;%d;3%d;4%dm", cdp->status, cdp->fgcolor,
-            cdp->bgcolor);
+    slen = snprintf(buffer, sizeof(buffer), "\x1b[0;%d;3%d;4%dm", cdp->status,
+                    cdp->fgcolor, cdp->bgcolor);
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+      buffer[0] = 0;
+    }
   };
   return buffer;
 }

utils.cpp

@@ -1,6 +1,6 @@
+#include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <stdio.h>
 
 #include "utils.h"
 
@@ -97,7 +97,13 @@ char *repr(const char *data) {
     // Ok, default to \xHH output.
     memmove(cp + 3, cp, strlen(cp) + 1);
     char buffer[10];
-    sprintf(buffer, "\\x%02x", (int)c & 0xff);
+    int slen;
+    slen = snprintf(buffer, sizeof(buffer), "\\x%02x", (int)c & 0xff);
+    /*
+    if (slen >= sizeof(buffer)) {
+      ZF_LOGE("snprintf %d > size %d", slen, (int)sizeof(buffer));
+    }
+    */
     strncpy(cp, buffer, 4);
     cp += 4;
     continue;
@@ -149,4 +155,3 @@ int rstrnstr(const char *buffer, int len, const char *find) {
   }
   return -1;
 }
-