commit 05b6c6a8eb96032d53f60ae53158a3870dc7cc5d
parent 374445d8f064c5aea4703a6f957795bea7425c95
Author: Anders Damsgaard <anders@adamsgaard.dk>
Date: Mon, 26 Aug 2019 10:32:26 +0200
Use snprintf instead of sprintf for security reasons
Diffstat:
3 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/main.c b/main.c
@@ -268,7 +268,7 @@ main(int argc, char* argv[])
"error: more than one simulation name specified\n");
return 1;
}
- sprintf(sim.name, "%s", argv[i]);
+ snprintf(sim.name, sizeof(sim.name), "%s", argv[i]);
}
prepare_arrays(&sim);
diff --git a/parameter_defaults.h b/parameter_defaults.h
@@ -13,7 +13,7 @@ struct simulation init_sim(void)
{
struct simulation sim;
- sprintf(sim.name, DEFAULT_SIMULATION_NAME);
+ snprintf(sim.name, sizeof(sim.name), DEFAULT_SIMULATION_NAME);
sim.G = 9.81;
diff --git a/simulation.c b/simulation.c
@@ -63,12 +63,12 @@ check_float(const char name[], const double value, int* return_status)
#endif
if (isnan(value)) {
char message[100];
- sprintf(message, "%s is NaN", name);
+ snprintf(message, sizeof(message), "%s is NaN", name);
warn_parameter_value(message, value, return_status);
*return_status = 1;
} else if (isinf(value)) {
char message[100];
- sprintf(message, "%s is infinite", name);
+ snprintf(message, sizeof(message), "%s is infinite", name);
warn_parameter_value(message, value, return_status);
*return_status = 1;
}
@@ -471,7 +471,8 @@ write_output_file(struct simulation* sim, const int normalize)
char outfile[200];
FILE *fp;
- sprintf(outfile, "%s.output%05d.txt", sim->name, sim->n_file++);
+ snprintf(outfile, sizeof(outfile), "%s.output%05d.txt",
+ sim->name, sim->n_file++);
fp = fopen(outfile, "w");
if (sim->fluid)
