diff options
| author | Josh Oguin <josh.oguin@oarcorp.com> | 2014-11-19 14:42:02 -0600 |
|---|---|---|
| committer | Joel Sherrill <joel.sherrill@oarcorp.com> | 2014-11-26 07:51:59 -0600 |
| commit | 90a8e42be480f2f6ad58930d879d1cb1340bcd7a (patch) | |
| tree | d3b1f627e75e03dd6568c855b457a3b7a37941d8 | |
| parent | imfs/imfs_handlers_link.c: Add _Assert for NULL pointer (diff) | |
| download | rtems-90a8e42be480f2f6ad58930d879d1cb1340bcd7a.tar.bz2 | |
monitor/mon-editor.c: Use puts() and snprintf() not fprintf() or sprintf()
CodeSonar flagged this as a case where the user could inject a format
string and cause issues. Since we were not printing anything but a
string, just switching to puts() rather than fprintf(stdout,...) was
sufficient to make this code safer.
snprintf() places a limit on the length of the output from sprintf()
and avoids similar buffer overrun issues.
| -rw-r--r-- | cpukit/libmisc/monitor/mon-editor.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/cpukit/libmisc/monitor/mon-editor.c b/cpukit/libmisc/monitor/mon-editor.c index 813c88389f..e7a3ae4e8e 100644 --- a/cpukit/libmisc/monitor/mon-editor.c +++ b/cpukit/libmisc/monitor/mon-editor.c @@ -265,7 +265,7 @@ rtems_monitor_line_editor ( switch (c) { case KEYS_END: - fprintf(stdout,buffer + pos); + puts(buffer + pos); pos = (int) strlen (buffer); break; @@ -428,7 +428,7 @@ rtems_monitor_line_editor ( int ch, bs; for (ch = end; ch > pos; ch--) buffer[ch] = buffer[ch - 1]; - fprintf(stdout,buffer + pos); + puts(buffer + pos); for (bs = 0; bs < (end - pos + 1); bs++) putchar ('\b'); } @@ -490,16 +490,18 @@ rtems_monitor_command_read(char *command, */ #if defined(RTEMS_MULTIPROCESSING) if (!rtems_configuration_get_user_multiprocessing_table ()) - sprintf (monitor_prompt, "%s", + snprintf (monitor_prompt, sizeof(monitor_prompt), "%s", (env_prompt == NULL) ? MONITOR_PROMPT: env_prompt); else /* .... */ #endif if (rtems_monitor_default_node != rtems_monitor_node) - sprintf (monitor_prompt, "%" PRId32 "-%s-%" PRId32 "", rtems_monitor_node, + snprintf (monitor_prompt, sizeof(monitor_prompt), + "%" PRId32 "-%s-%" PRId32 "", rtems_monitor_node, (env_prompt == NULL) ? MONITOR_PROMPT : env_prompt, rtems_monitor_default_node); else - sprintf (monitor_prompt, "%" PRId32 "-%s", rtems_monitor_node, + snprintf (monitor_prompt, sizeof(monitor_prompt), + "%" PRId32 "-%s", rtems_monitor_node, (env_prompt == NULL) ? MONITOR_PROMPT : env_prompt); rtems_monitor_line_editor (command); |