diff options
| author | Mikhail Chalov <mcchalov@amazon.com> | 2022-07-19 19:06:55 +0000 |
|---|---|---|
| committer | Daniel Black <daniel@mariadb.org> | 2022-07-26 16:28:59 +1000 |
| commit | 19af1890b56c6c147c296479bb6a4ad00fa59dbb (patch) | |
| tree | 0c2ba4eeaff5dd902a2072a7167bb208ddef4ad1 /storage/connect/json.cpp | |
| parent | 95eb5e5a12c4b8125b38dfb54366fe4873e21394 (diff) | |
| download | mariadb-git-19af1890b56c6c147c296479bb6a4ad00fa59dbb.tar.gz | |
Use memory safe snprintf() in Connect Engine
This commit replaces sprintf(buf, ...) with
snprintf(buf, sizeof(buf), ...),
specifically in the "easy" cases where buf is allocated with a size
known at compile time.
The changes make sure we are not write outside array/string bounds which
will lead to undefined behaviour. In case the code is trying to write
outside bounds - safe version of functions simply cut the string
messages so we process this gracefully.
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the BSD-new
license. I am contributing on behalf of my employer Amazon Web Services,
Inc.
bsonudf.cpp warnings cleanup by Daniel Black
Reviewer: Daniel Black
Diffstat (limited to 'storage/connect/json.cpp')
| -rw-r--r-- | storage/connect/json.cpp | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/storage/connect/json.cpp b/storage/connect/json.cpp index b1d4decdcdb..755480b1608 100644 --- a/storage/connect/json.cpp +++ b/storage/connect/json.cpp @@ -208,7 +208,7 @@ PJSON ParseJson(PGLOBAL g, char* s, size_t len, int* ptyp, bool* comma) break; } // endif pretty - sprintf(g->Message, "Unexpected ',' (pretty=%d)", pretty); + snprintf(g->Message, sizeof(g->Message), "Unexpected ',' (pretty=%d)", pretty); throw 3; case '(': b = true; @@ -229,7 +229,7 @@ PJSON ParseJson(PGLOBAL g, char* s, size_t len, int* ptyp, bool* comma) }; // endswitch s[i] if (!jsp) - sprintf(g->Message, "Invalid Json string '%.*s'", MY_MIN((int)len, 50), s); + snprintf(g->Message, sizeof(g->Message), "Invalid Json string '%.*s'", MY_MIN((int)len, 50), s); else if (ptyp && pretty == 3) { *ptyp = 3; // Not recognized pretty @@ -278,7 +278,7 @@ PSZ Serialize(PGLOBAL g, PJSON jsp, char* fn, int pretty) { b = pretty == 1; } else { if (!(fs = fopen(fn, "wb"))) { - sprintf(g->Message, MSG(OPEN_MODE_ERROR), + snprintf(g->Message, sizeof(g->Message), MSG(OPEN_MODE_ERROR), "w", (int)errno, fn); strcat(strcat(g->Message, ": "), strerror(errno)); throw 2; @@ -571,7 +571,7 @@ PJAR JDOC::ParseArray(PGLOBAL g, int& i) switch (s[i]) { case ',': if (level < 2) { - sprintf(g->Message, "Unexpected ',' near %.*s",ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected ',' near %.*s",ARGS); throw 1; } else level = 1; @@ -579,7 +579,7 @@ PJAR JDOC::ParseArray(PGLOBAL g, int& i) break; case ']': if (level == 1) { - sprintf(g->Message, "Unexpected ',]' near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected ',]' near %.*s", ARGS); throw 1; } // endif level @@ -594,7 +594,7 @@ PJAR JDOC::ParseArray(PGLOBAL g, int& i) break; default: if (level == 2) { - sprintf(g->Message, "Unexpected value near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected value near %.*s", ARGS); throw 1; } else jarp->AddArrayValue(g, ParseValue(g, i)); @@ -630,7 +630,7 @@ PJOB JDOC::ParseObject(PGLOBAL g, int& i) jpp = jobp->AddPair(g, key); level = 1; } else { - sprintf(g->Message, "misplaced string near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "misplaced string near %.*s", ARGS); throw 2; } // endif level @@ -640,14 +640,14 @@ PJOB JDOC::ParseObject(PGLOBAL g, int& i) jpp->Val = ParseValue(g, ++i); level = 2; } else { - sprintf(g->Message, "Unexpected ':' near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected ':' near %.*s", ARGS); throw 2; } // endif level break; case ',': if (level < 2) { - sprintf(g->Message, "Unexpected ',' near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected ',' near %.*s", ARGS); throw 2; } else level = 0; @@ -655,7 +655,7 @@ PJOB JDOC::ParseObject(PGLOBAL g, int& i) break; case '}': if (level == 0 || level == 1) { - sprintf(g->Message, "Unexpected '}' near %.*s", ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected '}' near %.*s", ARGS); throw 2; } // endif level @@ -667,7 +667,7 @@ PJOB JDOC::ParseObject(PGLOBAL g, int& i) case '\t': break; default: - sprintf(g->Message, "Unexpected character '%c' near %.*s", + snprintf(g->Message, sizeof(g->Message), "Unexpected character '%c' near %.*s", s[i], ARGS); throw 2; }; // endswitch s[i] @@ -750,7 +750,7 @@ PJVAL JDOC::ParseValue(PGLOBAL g, int& i) return jvp; err: - sprintf(g->Message, "Unexpected character '%c' near %.*s", s[i], ARGS); + snprintf(g->Message, sizeof(g->Message), "Unexpected character '%c' near %.*s", s[i], ARGS); throw 3; } // end of ParseValue @@ -1764,7 +1764,7 @@ void JVALUE::SetValue(PGLOBAL g, PVAL valp) DataType = TYPE_BINT; break; default: - sprintf(g->Message, "Unsupported typ %d\n", valp->GetType()); + snprintf(g->Message, sizeof(g->Message), "Unsupported typ %d\n", valp->GetType()); throw(777); } // endswitch Type |