diff --git a/client/acct_setup.cpp b/client/acct_setup.cpp index f1ab3226bb..438a17e0e2 100644 --- a/client/acct_setup.cpp +++ b/client/acct_setup.cpp @@ -383,7 +383,7 @@ int LOOKUP_LOGIN_TOKEN_OP::do_rpc( ) { char url[1024]; pli = _pli; - sprintf(url, "%slogin_token_lookup.php?user_id=%d&token=%s", + snprintf(url, sizeof(url), "%slogin_token_lookup.php?user_id=%d&token=%s", pli->master_url.c_str(), user_id, login_token ); return gui_http->do_rpc(this, url, LOGIN_TOKEN_LOOKUP_REPLY, false); diff --git a/client/app_config.cpp b/client/app_config.cpp index 4e7e2d0bd6..c7d6c00c2c 100644 --- a/client/app_config.cpp +++ b/client/app_config.cpp @@ -139,7 +139,7 @@ void check_app_config() { for (unsigned int i=0; iproject_dir(), APP_CONFIG_FILE_NAME); + snprintf(path, sizeof(path), "%s/%s", p->project_dir(), APP_CONFIG_FILE_NAME); f = boinc_fopen(path, "r"); if (!f) { clear_app_config(p); diff --git a/client/cs_account.cpp b/client/cs_account.cpp index 04ea7c49dc..4f431a468a 100644 --- a/client/cs_account.cpp +++ b/client/cs_account.cpp @@ -568,7 +568,7 @@ int CLIENT_STATE::add_project( // (unless PROJECT/app_info.xml is found, so that // people using anonymous platform don't have to get apps again) // - sprintf(path, "%s/%s", project->project_dir(), APP_INFO_FILE_NAME); + snprintf(path, sizeof(path), "%s/%s", project->project_dir(), APP_INFO_FILE_NAME); if (boinc_file_exists(path)) { project->anonymous_platform = true; f = fopen(path, "r"); diff --git a/client/rrsim_test.cpp b/client/rrsim_test.cpp index 9e41f2e953..69779593b4 100644 --- a/client/rrsim_test.cpp +++ b/client/rrsim_test.cpp @@ -127,7 +127,7 @@ void msg_printf(PROJECT* p, int, const char* fmt, ...) { char buf[8192]; va_list ap; va_start(ap, fmt); - vsprintf(buf, fmt, ap); + vsnprintf(buf, sizeof(buf), fmt, ap); va_end(ap); printf("%s: %s\n", p?p->name:"BOINC", buf); } diff --git a/lib/cc_config.cpp b/lib/cc_config.cpp index d593128b62..9de2e8f1bc 100644 --- a/lib/cc_config.cpp +++ b/lib/cc_config.cpp @@ -713,7 +713,7 @@ int APP_CONFIG::parse_gpu_versions( continue; } if (log_flags.unparsed_xml) { - sprintf(buf, "Unparsed line in app_config.xml: %s", xp.parsed_tag); + snprintf(buf, sizeof(buf), "Unparsed line in app_config.xml: %s", xp.parsed_tag); mv.push_back(string(buf)); } } @@ -747,7 +747,7 @@ int APP_CONFIG::parse(XML_PARSER& xp, MSG_VEC& mv, LOG_FLAGS& log_flags) { // unparsed XML not considered an error; maybe it should be? // if (log_flags.unparsed_xml) { - sprintf(buf, "Unparsed line in app_config.xml: %s", xp.parsed_tag); + snprintf(buf, sizeof(buf), "Unparsed line in app_config.xml: %s", xp.parsed_tag); mv.push_back(string(buf)); } xp.skip_unexpected(log_flags.unparsed_xml, "APP_CONFIG::parse"); @@ -764,7 +764,7 @@ int APP_VERSION_CONFIG::parse( while (!xp.get_tag()) { if (!xp.is_tag) { - sprintf(buf, "unexpected text '%s' in app_config.xml", xp.parsed_tag); + snprintf(buf, sizeof(buf), "unexpected text '%s' in app_config.xml", xp.parsed_tag); mv.push_back(string(buf)); return ERR_XML_PARSE; } @@ -775,7 +775,7 @@ int APP_VERSION_CONFIG::parse( if (xp.parse_double("avg_ncpus", avg_ncpus)) continue; if (xp.parse_double("ngpus", ngpus)) continue; if (log_flags.unparsed_xml) { - sprintf(buf, "Unparsed line in app_config.xml: %s", xp.parsed_tag); + snprintf(buf, sizeof(buf), "Unparsed line in app_config.xml: %s", xp.parsed_tag); mv.push_back(string(buf)); } xp.skip_unexpected(log_flags.unparsed_xml, "APP_VERSION_CONFIG::parse"); @@ -790,7 +790,7 @@ int APP_CONFIGS::parse(XML_PARSER& xp, MSG_VEC& mv, LOG_FLAGS& log_flags) { clear(); while (!xp.get_tag()) { if (!xp.is_tag) { - sprintf(buf, "unexpected text '%s' in app_config.xml", xp.parsed_tag); + snprintf(buf, sizeof(buf), "unexpected text '%s' in app_config.xml", xp.parsed_tag); mv.push_back(string(buf)); return ERR_XML_PARSE; } @@ -819,7 +819,7 @@ int APP_CONFIGS::parse(XML_PARSER& xp, MSG_VEC& mv, LOG_FLAGS& log_flags) { if (xp.parse_bool("report_results_immediately", report_results_immediately)) { continue; } - sprintf(buf, "Unknown tag in app_config.xml: %s", xp.parsed_tag); + snprintf(buf, sizeof(buf), "Unknown tag in app_config.xml: %s", xp.parsed_tag); mv.push_back(string(buf)); xp.skip_unexpected(log_flags.unparsed_xml, "APP_CONFIGS::parse"); diff --git a/lib/gui_rpc_client_ops.cpp b/lib/gui_rpc_client_ops.cpp index 2729d612da..60ec613e9b 100644 --- a/lib/gui_rpc_client_ops.cpp +++ b/lib/gui_rpc_client_ops.cpp @@ -2636,7 +2636,7 @@ int RPC_CLIENT::get_app_config(const char* url, APP_CONFIGS& config) { MSG_VEC mv; char buf[1024]; - sprintf(buf, + snprintf(buf, sizeof (buf), "\n" " %s\n" "\n", diff --git a/lib/msg_log.cpp b/lib/msg_log.cpp index 6bd438de8e..1ad2a7b638 100644 --- a/lib/msg_log.cpp +++ b/lib/msg_log.cpp @@ -116,7 +116,7 @@ void MSG_LOG::vprintf_multiline( char sprefix[256] = ""; if (prefix_format) { - vsprintf(sprefix, prefix_format, va); + vsnprintf(sprefix, sizeof(sprefix),prefix_format, va); } const char* now_timestamp = precision_time_to_string(dtime()); const char* skind = v_format_kind(kind); @@ -143,7 +143,7 @@ void MSG_LOG::vprintf_file( char sprefix[256] = ""; if (prefix_format) { - vsprintf(sprefix, prefix_format, va); + vsnprintf(sprefix, sizeof(sprefix), prefix_format, va); } const char* now_timestamp = precision_time_to_string(dtime()); const char* skind = v_format_kind(kind);