sprintf to snprintf conversion

Move out string operations to another file, and introduce a frontend to snprintf for various situations. This change is important for catching and eliminating sprintf overflows, which are as of now many times silently corrupting memory. Signed-off-by: Dan Farina <drfarina@acm.org> Signed-off-by: Peter van Hardenberg <pvh@heroku.com>
2026-03-24 23:56:29 +00:00 · 2010-12-07 21:31:49 -08:00
parent 846c0b92e8
commit 916c0492fb
9 changed files with 187 additions and 70 deletions
--- a/check_dir.c
+++ b/check_dir.c
@@ -1,6 +1,8 @@
 /*
 * check_dir.c
+ *
 * Copyright (c) 2ndQuadrant, 2010
+ * Copyright (c) Heroku, 2010
 *
 * Directories management functions
 */
@@ -12,9 +14,12 @@
 #include <stdio.h>
 #include <string.h>

+/* NB: postgres_fe must be included BEFORE check_dir */
 #include "postgres_fe.h"
 #include "check_dir.h"

+#include "strutil.h"
+

 static int mkdir_p(char *path, mode_t omode);

@@ -207,10 +212,11 @@ mkdir_p(char *path, mode_t omode)
 bool
 is_pg_dir(char *dir)
 {
-	char	path[8192];
-	struct stat sb;
+	const size_t buf_sz = 8192;
+	char		 path[buf_sz];
+	struct stat	 sb;

-	sprintf(path, "%s/PG_VERSION", dir);
+	xsnprintf(path, buf_sz, "%s/PG_VERSION", dir);

 	return (stat(path, &sb) == 0) ? true : false;
 }