database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

Minimize unsafe C functions usage

Browse Source 
Replace calls to `sprintf` and `strcpy` by the safer options `snprintf`
and `safe_strcpy` in the following directories:

- libmysqld
- mysys
- sql-common
- strings

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer
Amazon Web Services, Inc.
This commit is contained in:
Christian Gonzalez
2023-02-23 22:43:14 +00:00
committed by Andrew Hutchings
parent e240e2749e
commit 8b0f766c6c
9 changed files with 33 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
strings/xml.c
View File

@ -304,10 +304,10 @@ static int my_xml_leave(MY_XML_PARSER *p, const char *str, size_t slen)
if (glen)
{
mstr(g, tag, sizeof(g)-1, glen);
sprintf(p->errstr,"'</%s>' unexpected ('</%s>' wanted)",s,g);
snprintf(p->errstr,sizeof(p->errstr),"'</%s>' unexpected ('</%s>' wanted)",s,g);
}
else
sprintf(p->errstr,"'</%s>' unexpected (END-OF-INPUT wanted)", s);
snprintf(p->errstr,sizeof(p->errstr),"'</%s>' unexpected (END-OF-INPUT wanted)", s);
return MY_XML_ERROR;
}
@ -362,7 +362,7 @@ int my_xml_parse(MY_XML_PARSER *p,const char *str, size_t len)
{
if (MY_XML_IDENT != (lex=my_xml_scan(p,&a)))
{
sprintf(p->errstr,"%s unexpected (ident wanted)",lex2str(lex));
snprintf(p->errstr,sizeof(p->errstr),"%s unexpected (ident wanted)",lex2str(lex));
return MY_XML_ERROR;
}
if (MY_XML_OK != my_xml_leave(p,a.beg,(size_t) (a.end-a.beg)))
@ -390,7 +390,7 @@ int my_xml_parse(MY_XML_PARSER *p,const char *str, size_t len)
}
else
{
sprintf(p->errstr,"%s unexpected (ident or '/' wanted)",
snprintf(p->errstr,sizeof(p->errstr),"%s unexpected (ident or '/' wanted)",
lex2str(lex));
return MY_XML_ERROR;
}
@ -412,7 +412,7 @@ int my_xml_parse(MY_XML_PARSER *p,const char *str, size_t len)
}
else
{
sprintf(p->errstr,"%s unexpected (ident or string wanted)",
snprintf(p->errstr,sizeof(p->errstr),"%s unexpected (ident or string wanted)",
lex2str(lex));
return MY_XML_ERROR;
}
@ -449,7 +449,7 @@ gt:
{
if (lex != MY_XML_QUESTION)
{
sprintf(p->errstr,"%s unexpected ('?' wanted)",lex2str(lex));
snprintf(p->errstr,sizeof(p->errstr),"%s unexpected ('?' wanted)",lex2str(lex));
return MY_XML_ERROR;
}
if (MY_XML_OK != my_xml_leave(p,NULL,0))
@ -465,7 +465,7 @@ gt:
if (lex != MY_XML_GT)
{
sprintf(p->errstr,"%s unexpected ('>' wanted)",lex2str(lex));
snprintf(p->errstr,sizeof(p->errstr),"%s unexpected ('>' wanted)",lex2str(lex));
return MY_XML_ERROR;
}
}
@ -486,7 +486,7 @@ gt:
if (p->attr.start[0])
{
sprintf(p->errstr,"unexpected END-OF-INPUT");
snprintf(p->errstr,sizeof(p->errstr),"unexpected END-OF-INPUT");
return MY_XML_ERROR;
}
return MY_XML_OK;