lukechilds
/
komodo
mirror of https://github.com/lukechilds/komodo.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Remove last occurrence of potentially insecure function sprintf. 

%d can return up to 11 characters. Move away from fixed buffer completely and
use our own safe function strprintf.
try
Wladimir J. van der Laan 12 years ago
parent
eaf00a3a5d
commit
9c80909452
1 changed files with 8 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      src/net.cpp

18
src/net.cpp
View File

@ -1020,9 +1020,7 @@ void ThreadMapPort2(void* parg)
{ {
printf("ThreadMapPort started\n"); printf("ThreadMapPort started\n");
char port[6]; std::string port = strprintf("%d", GetListenPort());
sprintf(port, "%d", GetListenPort());
const char * multicastif = 0; const char * multicastif = 0;
const char * minissdpdpath = 0; const char * minissdpdpath = 0;
struct UPNPDev * devlist = 0; struct UPNPDev * devlist = 0;
@ -1065,23 +1063,23 @@ void ThreadMapPort2(void* parg)
#ifndef UPNPDISCOVER_SUCCESS #ifndef UPNPDISCOVER_SUCCESS
/* miniupnpc 1.5 */ /* miniupnpc 1.5 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0);
#else #else
/* miniupnpc 1.6 */ /* miniupnpc 1.6 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0, "0"); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0, "0");
#endif #endif
if(r!=UPNPCOMMAND_SUCCESS) if(r!=UPNPCOMMAND_SUCCESS)
printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n", printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n",
port, port, lanaddr, r, strupnperror(r)); port.c_str(), port.c_str(), lanaddr, r, strupnperror(r));
else else
printf("UPnP Port Mapping successful.\n"); printf("UPnP Port Mapping successful.\n");
int i = 1; int i = 1;
loop { loop {
if (fShutdown || !fUseUPnP) if (fShutdown || !fUseUPnP)
{ {
r = UPNP_DeletePortMapping(urls.controlURL, data.first.servicetype, port, "TCP", 0); r = UPNP_DeletePortMapping(urls.controlURL, data.first.servicetype, port.c_str(), "TCP", 0);
printf("UPNP_DeletePortMapping() returned : %d\n", r); printf("UPNP_DeletePortMapping() returned : %d\n", r);
freeUPNPDevlist(devlist); devlist = 0; freeUPNPDevlist(devlist); devlist = 0;
FreeUPNPUrls(&urls); FreeUPNPUrls(&urls);
@ -1092,16 +1090,16 @@ void ThreadMapPort2(void* parg)
#ifndef UPNPDISCOVER_SUCCESS #ifndef UPNPDISCOVER_SUCCESS
/* miniupnpc 1.5 */ /* miniupnpc 1.5 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0);
#else #else
/* miniupnpc 1.6 */ /* miniupnpc 1.6 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0, "0"); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0, "0");
#endif #endif
if(r!=UPNPCOMMAND_SUCCESS) if(r!=UPNPCOMMAND_SUCCESS)
printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n", printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n",
port, port, lanaddr, r, strupnperror(r)); port.c_str(), port.c_str(), lanaddr, r, strupnperror(r));
else else
printf("UPnP Port Mapping successful.\n");; printf("UPnP Port Mapping successful.\n");;
} }

Write Preview
Loading…
Cancel
Save