texlive[50650] Build/source/texk/dvipsk: avoid arbitrary %s sprintf
commits+karl at tug.org
commits+karl at tug.org
Sat Mar 30 02:50:10 CET 2019
Revision: 50650
http://tug.org/svn/texlive?view=revision&revision=50650
Author: karl
Date: 2019-03-30 02:50:10 +0100 (Sat, 30 Mar 2019)
Log Message:
-----------
avoid arbitrary %s sprintf into fixed errbuf
Modified Paths:
--------------
trunk/Build/source/texk/dvipsk/ChangeLog
trunk/Build/source/texk/dvipsk/dosection.c
trunk/Build/source/texk/dvipsk/dospecial.c
trunk/Build/source/texk/dvipsk/flib.c
trunk/Build/source/texk/dvipsk/loadfont.c
trunk/Build/source/texk/dvipsk/makefont.c
trunk/Build/source/texk/dvipsk/output.c
trunk/Build/source/texk/dvipsk/pprescan.c
trunk/Build/source/texk/dvipsk/protos.h
trunk/Build/source/texk/dvipsk/scanpage.c
trunk/Build/source/texk/dvipsk/tfmload.c
Modified: trunk/Build/source/texk/dvipsk/ChangeLog
===================================================================
--- trunk/Build/source/texk/dvipsk/ChangeLog 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/ChangeLog 2019-03-30 01:50:10 UTC (rev 50650)
@@ -1,5 +1,15 @@
2019-03-29 Karl Berry <karl at freefriends.org>
+ * loadfont.c (errbuf),
+ * protos.h (errbuf): increase to 1500.
+ * dospecial.c,
+ * flib.c,
+ * makefont.c,
+ * output.c,
+ * pprescan.c,
+ * scanpage.c,
+ * tfmload.c: limit sprintf %s arguments into buffers.
+
* dospecial.c (dospecial) <bare psfile>: reverse sense of maccess
test, as intended; check for buffer overflow.
(maccess): add doc.
Modified: trunk/Build/source/texk/dvipsk/dosection.c
===================================================================
--- trunk/Build/source/texk/dvipsk/dosection.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/dosection.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -40,7 +40,7 @@
doubleout(mag);
numout((integer)DPI);
numout((integer)VDPI);
- snprintf(buf, sizeof(buf), "(%.99s)", fulliname);
+ snprintf(buf, sizeof(buf), "(%.500s)", fulliname);
cmdout(buf);
newline();
cmdout("@start");
Modified: trunk/Build/source/texk/dvipsk/dospecial.c
===================================================================
--- trunk/Build/source/texk/dvipsk/dospecial.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/dospecial.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -129,7 +129,7 @@
}
fclose(fp);
}
- sprintf(errbuf, "Couldn't get BoundingBox of %s: assuming full A4 size", f);
+ sprintf(errbuf, "Couldn't get BoundingBox of %.500s: assuming full A4 size", f);
specerror(errbuf);
*llx_p = 0.0;
*lly_p = 0.0;
@@ -329,7 +329,7 @@
switch (KeyTab[i].Type) {
case Integer:
if(sscanf(ValStr,"%ld",&ValInt)!=1) {
- sprintf(errbuf,"Non-integer value (%s) given for keyword %s",
+ sprintf(errbuf,"Non-integer value (%.500s) given for keyword %.500s",
ValStr, KeyStr);
specerror(errbuf);
ValInt = 0;
@@ -338,7 +338,7 @@
case Number:
case Dimension:
if(sscanf(ValStr,"%f",&ValNum)!=1) {
- sprintf(errbuf,"Non-numeric value (%s) given for keyword %s",
+ sprintf(errbuf,"Non-numeric value (%.500s) given for keyword %.500s",
ValStr, KeyStr);
specerror(errbuf);
ValNum = 0.0;
@@ -702,7 +702,8 @@
cmdout("@rhi");
break;
default:
- sprintf(errbuf, "Unknown keyword `%s' in \\special{epsfile=%s...} will be ignored\n", KeyStr, psfile);
+ sprintf(errbuf, "Unknown keyword `%.500s' in \\special{epsfile=%.500s...} will be ignored\n",
+ KeyStr, psfile);
specerror(errbuf);
break;
}
Modified: trunk/Build/source/texk/dvipsk/flib.c
===================================================================
--- trunk/Build/source/texk/dvipsk/flib.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/flib.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -243,7 +243,7 @@
fli_cache[i] = fli_cache[i-1];
/* put this font library at front */
if ( (pkfile=search(flipath,lib->name,READBIN)) == (FILE *)NULL ) {
- sprintf(errbuf,"Can't reopen font library %s", lib->name);
+ sprintf(errbuf,"Can't reopen font library %.500s", lib->name);
error(errbuf);
return((FILE *)NULL);
}
@@ -253,7 +253,7 @@
}
flib = 1; /* tell loadfont() not to close it */
/* then seek font within library */
- sprintf(name,"%s %s %ddpi",lib->name, n, dpi1);
+ sprintf(name,"%.500s %.500s %ddpi",lib->name, n, dpi1);
if (fseek(pkfile,entry->offset,0) )
badpk("couldn't seek font");
/* make sure it is a PK font */
@@ -263,7 +263,7 @@
badpk("couldn't seek font");
return(pkfile); /* found it */
}
- sprintf(errbuf,"%s %s %ddpi isn't PK format, ignoring",
+ sprintf(errbuf,"%.500s %.500s %ddpi isn't PK format, ignoring",
lib->name, n, dpi1);
error(errbuf);
} /* end if name correct */
Modified: trunk/Build/source/texk/dvipsk/loadfont.c
===================================================================
--- trunk/Build/source/texk/dvipsk/loadfont.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/loadfont.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -27,7 +27,7 @@
*/
#include "protos_add.h"
-char errbuf[1000];
+char errbuf[1500];
int lastresortsizes[40];
/*
* Now we have some routines to get stuff from the PK file.
Modified: trunk/Build/source/texk/dvipsk/makefont.c
===================================================================
--- trunk/Build/source/texk/dvipsk/makefont.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/makefont.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -161,7 +161,7 @@
sprintf(q, "%d", bdpi);
break;
case 'o' : case 'O' :
- sprintf(q, "%s", mfmode ? mfmode : "default");
+ sprintf(q, "%.99s", mfmode ? mfmode : "default");
modegiven = 1;
break;
case 'm' : case 'M' :
Modified: trunk/Build/source/texk/dvipsk/output.c
===================================================================
--- trunk/Build/source/texk/dvipsk/output.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/output.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -176,7 +176,7 @@
}
#endif /* VMCMS */
#else /* VMCMS || MVSXA */
- sprintf(errbuf, "Could not find figure file %s; continuing.", s);
+ sprintf(errbuf, "Could not find figure file %.500s; continuing.", s);
if (secure == 2) {
strcat(errbuf, "\nNote that an absolute path or a relative path with .. are denied in -R2 mode.");
}
@@ -190,19 +190,20 @@
#ifndef __THINK__
case 2:
#ifdef SECURE
- sprintf(errbuf, "<%s>: Tick filename execution disabled", s);
+ sprintf(errbuf, "<%.500s>: Tick filename execution disabled", s);
#else
#ifdef OS2
if (_osmode == OS2_MODE) {
#endif
if (secure == 0) {
- sprintf(errbuf, "Execution of <%s> failed ", s);
+ sprintf(errbuf, "Execution of <%.500s> failed ", s);
f = popen(s, "r");
if (f != 0)
SET_BINARY(fileno(f));
}
else {
- sprintf(errbuf,"Secure mode is %d so execute <%s> will not run", secure,s);
+ sprintf(errbuf,"Secure mode is %d so execute <%.500s> will not run",
+ secure, s);
}
#ifdef OS2
}
@@ -221,7 +222,7 @@
if(f==NULL)
f = search(figpath, s, READBIN);
}
- sprintf(errbuf, "! Could not find header file %s.", s);
+ sprintf(errbuf, "! Could not find header file %.500s.", s);
if (secure == 2) {
strcat(errbuf, "\nNote that an absolute path or a relative path with .. are denied in -R2 mode.");
}
Modified: trunk/Build/source/texk/dvipsk/pprescan.c
===================================================================
--- trunk/Build/source/texk/dvipsk/pprescan.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/pprescan.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -113,7 +113,8 @@
if (curfnt==NULL)
error("! Bad DVI file: no font selected");
if (mychar>=curfnt->maxchars) {
- sprintf(errbuf,"! invalid char %d from font %s", mychar, curfnt->name);
+ sprintf(errbuf,"! invalid char %d from font %.500s",
+ mychar, curfnt->name);
error(errbuf);
}
if (curfnt->loaded == 2) { /* scanning a virtual font character */
Modified: trunk/Build/source/texk/dvipsk/protos.h
===================================================================
--- trunk/Build/source/texk/dvipsk/protos.h 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/protos.h 2019-03-30 01:50:10 UTC (rev 50650)
@@ -380,7 +380,7 @@
#endif
/* global variables from loadfont.c */
-extern char errbuf[1000];
+extern char errbuf[1500];
extern int lastresortsizes[40];
extern FILE *pkfile;
Modified: trunk/Build/source/texk/dvipsk/scanpage.c
===================================================================
--- trunk/Build/source/texk/dvipsk/scanpage.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/scanpage.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -193,7 +193,8 @@
if (curfnt==NULL)
error("! Bad DVI file: no font selected");
if (mychar>=curfnt->maxchars) {
- sprintf(errbuf,"! invalid char %d from font %s", mychar, curfnt->name);
+ sprintf(errbuf,"! invalid char %d from font %.500s",
+ mychar, curfnt->name);
error(errbuf);
}
if (curfnt->loaded == 2) { /* scanning a virtual font character */
Modified: trunk/Build/source/texk/dvipsk/tfmload.c
===================================================================
--- trunk/Build/source/texk/dvipsk/tfmload.c 2019-03-30 01:30:26 UTC (rev 50649)
+++ trunk/Build/source/texk/dvipsk/tfmload.c 2019-03-30 01:50:10 UTC (rev 50650)
@@ -73,7 +73,7 @@
#endif
if ((tfmfile=search(d, name, READBIN))!=NULL)
return;
- sprintf(errbuf, "Can't open font metric file %s%s",
+ sprintf(errbuf, "Can't open font metric file %.500s%.500s",
fd->area, name);
error(errbuf);
error("I will use cmr10.tfm instead, so expect bad output.");
More information about the tex-live-commits
mailing list