COMMON: Forbid use of unsafe sprintf and vsprintf

2022-10-23 15:32:54 +02:00 · 2022-10-23 15:32:54 +02:00 · 6524f7beb5
commit 6524f7beb5
parent 43997e2911
8 changed files with 38 additions and 1 deletions
--- a/backends/platform/sdl/sdl-sys.h
+++ b/backends/platform/sdl/sdl-sys.h
@ -74,6 +74,16 @@
 #define strcat FAKE_strcat
 #endif

+#if !defined(FORBIDDEN_SYMBOL_ALLOW_ALL) && !defined(FORBIDDEN_SYMBOL_EXCEPTION_vsprintf)
+#undef vsprintf
+#define vsprintf FAKE_vsprintf
+#endif
+
+#if !defined(FORBIDDEN_SYMBOL_ALLOW_ALL) && !defined(FORBIDDEN_SYMBOL_EXCEPTION_sprintf)
+#undef sprintf
+#define sprintf FAKE_sprintf
+#endif
+
 // Fix compilation with MacPorts SDL 2
 // It needs various (usually forbidden) symbols from time.h
 #ifndef FORBIDDEN_SYMBOL_EXCEPTION_time_h
@ -275,6 +285,16 @@
 #define strcat(a,b)    FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
 #endif

+#if !defined(FORBIDDEN_SYMBOL_ALLOW_ALL) && !defined(FORBIDDEN_SYMBOL_EXCEPTION_vsprintf)
+#undef vsprintf
+#define vsprintf(a,b,c)    FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
+#endif
+
+#if !defined(FORBIDDEN_SYMBOL_ALLOW_ALL) && !defined(FORBIDDEN_SYMBOL_EXCEPTION_sprintf)
+#undef sprintf
+#define sprintf(a,b,...)    FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
+#endif
+
 // re-forbid all those time.h symbols again (if they were forbidden)
 #ifndef FORBIDDEN_SYMBOL_EXCEPTION_time_h

--- a/common/forbidden.h
+++ b/common/forbidden.h
@ -539,6 +539,18 @@
 #define strcpy(a,b)	FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
 #endif

+// Use Common::vsprintf_s in common/str.h or vsnprintf
+#ifndef FORBIDDEN_SYMBOL_EXCEPTION_vsprintf
+#undef vsprintf
+#define vsprintf(a,b,c)	FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
+#endif
+
+// Use Common::sprintf_s in common/str.h or snprintf
+#ifndef FORBIDDEN_SYMBOL_EXCEPTION_sprintf
+#undef sprintf
+#define sprintf(a,b,...)	FORBIDDEN_look_at_common_forbidden_h_for_more_info SYMBOL !%*
+#endif
+
 // Use Common:scumm_stricmp in common/str.h
 #ifndef FORBIDDEN_SYMBOL_EXCEPTION_stricmp
 #undef stricmp
--- a/common/lua/liolib.cpp
+++ b/common/lua/liolib.cpp
@ -4,6 +4,7 @@
 ** See Copyright Notice in lua.h
 */

+#define FORBIDDEN_SYMBOL_EXCEPTION_sprintf

 #include <stdio.h>
 #include <stdlib.h>
--- a/common/lua/llex.cpp
+++ b/common/lua/llex.cpp
@ -4,6 +4,7 @@
 ** See Copyright Notice in lua.h
 */

+#define FORBIDDEN_SYMBOL_EXCEPTION_sprintf
 #include "common/util.h"

 #define llex_c
--- a/common/lua/lobject.cpp
+++ b/common/lua/lobject.cpp
@ -6,6 +6,7 @@

 #define FORBIDDEN_SYMBOL_EXCEPTION_strcpy
 #define FORBIDDEN_SYMBOL_EXCEPTION_strcat
+#define FORBIDDEN_SYMBOL_EXCEPTION_sprintf

 #include "common/util.h"

--- a/common/lua/lstrlib.cpp
+++ b/common/lua/lstrlib.cpp
@ -5,6 +5,7 @@
 */

 #define FORBIDDEN_SYMBOL_EXCEPTION_strcpy
+#define FORBIDDEN_SYMBOL_EXCEPTION_sprintf

 #include "common/util.h"

--- a/common/lua/lvm.cpp
+++ b/common/lua/lvm.cpp
@ -4,6 +4,7 @@
 ** See Copyright Notice in lua.h
 */

+#define FORBIDDEN_SYMBOL_EXCEPTION_sprintf

 #include <stdio.h>
 #include <stdlib.h>
--- a/test/common/md5.h
+++ b/test/common/md5.h
@ -39,7 +39,7 @@ class MD5TestSuite : public CxxTest::TestSuite {
 			Common::computeStreamMD5(stream, md5sum);

 			for (j = 0; j < 16; j++) {
-				sprintf(output + j * 2, "%02x", md5sum[j]);
+				snprintf(output + j * 2, 3, "%02x", md5sum[j]);
 			}

 			Common::String tmp(output);