Merge pull request #459 from Master92/compile_warnings

Prevent possible invalid memory accesses by sprintf

Author: ligenxxxx

src/core/dvr.c

@@ -44,14 +44,14 @@ void dvr_update_status() {
 void dvr_enable_line_out(bool enable) {
     char buf[128];
     if (enable) {
-        sprintf(buf, "%s out_on", AUDIO_SEL_SH);
+        snprintf(buf, sizeof(buf), "%s out_on", AUDIO_SEL_SH);
         system_exec(buf);
-        sprintf(buf, "%s out_linein_on", AUDIO_SEL_SH);
+        snprintf(buf, sizeof(buf), "%s out_linein_on", AUDIO_SEL_SH);
         system_exec(buf);
-        sprintf(buf, "%s out_dac_off", AUDIO_SEL_SH);
+        snprintf(buf, sizeof(buf), "%s out_dac_off", AUDIO_SEL_SH);
         system_exec(buf);
     } else {
-        sprintf(buf, "%s out_off", AUDIO_SEL_SH);
+        snprintf(buf, sizeof(buf), "%s out_off", AUDIO_SEL_SH);
         system_exec(buf);
     }
 }
@@ -65,7 +65,7 @@ void dvr_select_audio_source(uint8_t source) {
 
     if (source > 2)
         source = 2;
-    sprintf(buf, "%s %s", AUDIO_SEL_SH, audio_source[source]);
+    snprintf(buf, sizeof(buf), "%s %s", AUDIO_SEL_SH, audio_source[source]);
     system_exec(buf);
 }
 

src/core/osd.c

@@ -70,7 +70,7 @@ void osd_resource_path(char *buf, const char *fmt, osd_resource_t osd_resource_t
 
     va_list args;
     va_start(args, osd_resource_type);
-    vsprintf(filename, fmt, args);
+    vsnprintf(filename, sizeof(filename), fmt, args);
     va_end(args);
     strcpy(buf2, buf);
     strcpy(buf, RESOURCE_PATH_SDCARD);
@@ -292,12 +292,12 @@ void osd_channel_show(bool bShow) {
     if (channel_osd_mode & 0x80) {
         ch = channel_osd_mode & 0x7F;
         color = lv_color_make(0xFF, 0x20, 0x20);
-        sprintf(buf, "  To %s?  ", channel2str(g_setting.source.hdzero_band, ch));
+        snprintf(buf, sizeof(buf), "  To %s?  ", channel2str(g_setting.source.hdzero_band, ch));
         lv_obj_set_style_bg_opa(g_osd_hdzero.channel[is_fhd], LV_OPA_100, 0);
     } else {
         ch = g_setting.scan.channel & 0x7F;
         color = lv_color_make(0xFF, 0xFF, 0xFF);
-        sprintf(buf, "CH:%s", channel2str(g_setting.source.hdzero_band, ch));
+        snprintf(buf, sizeof(buf), "CH:%s", channel2str(g_setting.source.hdzero_band, ch));
         lv_obj_set_style_bg_opa(g_osd_hdzero.channel[is_fhd], 0, 0);
     }
 
@@ -644,13 +644,13 @@ void osd_hdzero_update(void) {
         lv_obj_add_flag(g_osd_hdzero.ant3[is_fhd], LV_OBJ_FLAG_HIDDEN);
 
     if (g_setting.storage.selftest) {
-        sprintf(buf, "T:%d-%d", fan_speed.top, g_temperature.top / 10);
+        snprintf(buf, sizeof(buf), "T:%d-%d", fan_speed.top, g_temperature.top / 10);
         lv_label_set_text(g_osd_hdzero.osd_tempe[is_fhd][0], buf);
 
-        sprintf(buf, "L:%d-%d", fan_speed.left, g_temperature.left / 10);
+        snprintf(buf, sizeof(buf), "L:%d-%d", fan_speed.left, g_temperature.left / 10);
         lv_label_set_text(g_osd_hdzero.osd_tempe[is_fhd][1], buf);
 
-        sprintf(buf, "R:%d-%d", fan_speed.right, g_temperature.right / 10);
+        snprintf(buf, sizeof(buf), "R:%d-%d", fan_speed.right, g_temperature.right / 10);
         lv_label_set_text(g_osd_hdzero.osd_tempe[is_fhd][2], buf);
     }
 }
@@ -929,13 +929,13 @@ void load_fc_osd_font(uint8_t fhd) {
     int i;
 
     if (fhd) {
-        sprintf(fp[0], "%s%s_FHD_000.bmp", FC_OSD_SDCARD_PATH, fc_variant);
-        sprintf(fp[1], "%s%s_FHD_000.bmp", FC_OSD_LOCAL_PATH, fc_variant);
-        sprintf(fp[2], "%sBTFL_FHD_000.bmp", FC_OSD_LOCAL_PATH);
+        snprintf(fp[0], sizeof(fp[0]), "%s%s_FHD_000.bmp", FC_OSD_SDCARD_PATH, fc_variant);
+        snprintf(fp[1], sizeof(fp[1]), "%s%s_FHD_000.bmp", FC_OSD_LOCAL_PATH, fc_variant);
+        snprintf(fp[2], sizeof(fp[2]), "%sBTFL_FHD_000.bmp", FC_OSD_LOCAL_PATH);
     } else {
-        sprintf(fp[0], "%s%s_000.bmp", FC_OSD_SDCARD_PATH, fc_variant);
-        sprintf(fp[1], "%s%s_000.bmp", FC_OSD_LOCAL_PATH, fc_variant);
-        sprintf(fp[2], "%sBTFL_000.bmp", FC_OSD_LOCAL_PATH);
+        snprintf(fp[0], sizeof(fp[0]), "%s%s_000.bmp", FC_OSD_SDCARD_PATH, fc_variant);
+        snprintf(fp[1], sizeof(fp[1]), "%s%s_000.bmp", FC_OSD_LOCAL_PATH, fc_variant);
+        snprintf(fp[2], sizeof(fp[2]), "%sBTFL_000.bmp", FC_OSD_LOCAL_PATH);
     }
 
     // Optimized for runtime execution

src/core/settings.c

@@ -227,17 +227,17 @@ const setting_t g_setting_defaults = {
 int settings_put_osd_element_shown(bool show, char *config_name) {
     char setting_key[128];
 
-    sprintf(setting_key, "element_%s_show", config_name);
+    snprintf(setting_key, sizeof(setting_key), "element_%s_show", config_name);
     return settings_put_bool("osd", setting_key, show);
 }
 
 int settings_put_osd_element_pos_x(const setting_osd_goggle_element_positions_t *pos, char *config_name) {
     char setting_key[128];
     int ret = 0;
 
-    sprintf(setting_key, "element_%s_pos_4_3_x", config_name);
+    snprintf(setting_key, sizeof(setting_key), "element_%s_pos_4_3_x", config_name);
     ret = ini_putl("osd", setting_key, pos->mode_4_3.x, SETTING_INI);
-    sprintf(setting_key, "element_%s_pos_16_9_x", config_name);
+    snprintf(setting_key, sizeof(setting_key), "element_%s_pos_16_9_x", config_name);
     ret &= ini_putl("osd", setting_key, pos->mode_16_9.x, SETTING_INI);
     return ret;
 }
@@ -246,9 +246,9 @@ int settings_put_osd_element_pos_y(const setting_osd_goggle_element_positions_t
     char setting_key[128];
     int ret = 0;
 
-    sprintf(setting_key, "element_%s_pos_4_3_y", config_name);
+    snprintf(setting_key, sizeof(setting_key), "element_%s_pos_4_3_y", config_name);
     ret = ini_putl("osd", setting_key, pos->mode_4_3.y, SETTING_INI);
-    sprintf(setting_key, "element_%s_pos_16_9_y", config_name);
+    snprintf(setting_key, sizeof(setting_key), "element_%s_pos_16_9_y", config_name);
     ret &= ini_putl("osd", setting_key, pos->mode_16_9.y, SETTING_INI);
     return ret;
 }
@@ -265,19 +265,19 @@ int settings_put_osd_element(const setting_osd_goggle_element_t *element, char *
 static void settings_load_osd_element(setting_osd_goggle_element_t *element, char *config_name, const setting_osd_goggle_element_t *defaults) {
     char buf[128];
 
-    sprintf(buf, "element_%s_show", config_name);
+    snprintf(buf, sizeof(buf), "element_%s_show", config_name);
     element->show = settings_get_bool("osd", buf, defaults->show);
 
-    sprintf(buf, "element_%s_pos_4_3_x", config_name);
+    snprintf(buf, sizeof(buf), "element_%s_pos_4_3_x", config_name);
     element->position.mode_4_3.x = ini_getl("osd", buf, defaults->position.mode_4_3.x, SETTING_INI);
 
-    sprintf(buf, "element_%s_pos_4_3_y", config_name);
+    snprintf(buf, sizeof(buf), "element_%s_pos_4_3_y", config_name);
     element->position.mode_4_3.y = ini_getl("osd", buf, defaults->position.mode_4_3.y, SETTING_INI);
 
-    sprintf(buf, "element_%s_pos_16_9_x", config_name);
+    snprintf(buf, sizeof(buf), "element_%s_pos_16_9_x", config_name);
     element->position.mode_16_9.x = ini_getl("osd", buf, defaults->position.mode_16_9.x, SETTING_INI);
 
-    sprintf(buf, "element_%s_pos_16_9_y", config_name);
+    snprintf(buf, sizeof(buf), "element_%s_pos_16_9_y", config_name);
     element->position.mode_16_9.y = ini_getl("osd", buf, defaults->position.mode_16_9.y, SETTING_INI);
 }
 
@@ -295,11 +295,11 @@ int settings_put_bool(char *section, char *key, bool value) {
 void settings_reset(void) {
     char buf[256];
 
-    sprintf(buf, "rm -f %s", SETTING_INI);
+    snprintf(buf, sizeof(buf), "rm -f %s", SETTING_INI);
     system_exec(buf);
     usleep(50);
 
-    sprintf(buf, "touch %s", SETTING_INI);
+    snprintf(buf, sizeof(buf), "touch %s", SETTING_INI);
     system_exec(buf);
     usleep(50);
 
@@ -310,7 +310,7 @@ void settings_init(void) {
     // check if backup of old settings file exists after goggle update
     if (fs_file_exists("/mnt/UDISK/setting.ini")) {
         char buf[256];
-        sprintf(buf, "cp -f /mnt/UDISK/setting.ini %s", SETTING_INI);
+        snprintf(buf, sizeof(buf), "cp -f /mnt/UDISK/setting.ini %s", SETTING_INI);
         system_exec(buf);
         usleep(10);
         system_exec("rm /mnt/UDISK/setting.ini");

src/driver/gpio.c

@@ -36,7 +36,7 @@ void gpio_open(int port_num) {
     }
 
     char buf[64];
-    sprintf(buf, "/sys/class/gpio/gpio%d/direction", port_num);
+    snprintf(buf, sizeof(buf), "/sys/class/gpio/gpio%d/direction", port_num);
 
     if (!fs_printf(buf, "out")) {
         return;
@@ -45,6 +45,6 @@ void gpio_open(int port_num) {
 
 void gpio_set(int port_num, bool val) {
     char buf[64];
-    sprintf(buf, "/sys/class/gpio/gpio%d/value", port_num);
+    snprintf(buf, sizeof(buf), "/sys/class/gpio/gpio%d/value", port_num);
     fs_printf(buf, "%d", val ? 1 : 0);
 }

src/driver/nct75.c

@@ -27,7 +27,7 @@ int nct_read_temperature(nct_type_t type) {
 
     int dev_id = type + (getHwRevision() == HW_REV_1 ? 1 : 0);
 
-    sprintf(buf, "/sys/bus/iio/devices/iio:device%d/in_voltage0_raw", dev_id);
+    snprintf(buf, sizeof(buf), "/sys/bus/iio/devices/iio:device%d/in_voltage0_raw", dev_id);
     fp = fopen(buf, "r");
     if (!fp) {
         static bool bFirst = true;

src/lang/language.c

@@ -59,7 +59,7 @@ bool language_config() {
     int i = 0;
 
     for (i = 0; i < LANG_END; i++) {
-        sprintf(buf, "/mnt/extsd/%s", language_config_file[i]);
+        snprintf(buf, sizeof(buf), "/mnt/extsd/%s", language_config_file[i]);
         if (access(buf, F_OK) == 0) {
             LOGI("%s found", language_config_file[i]);
             ini_putl("language", "lang", i, SETTING_INI);

src/record/confparser.c

@@ -404,7 +404,7 @@ void conf_loadRecordParams(char* confFile, RecordParams_t* para)
         memset(para->diskPath, 0, sizeof(para->packPath));
         strcpy(para->diskPath, sTemp);
         memset(para->packPath, 0, sizeof(para->packPath));
-        sprintf(para->packPath, "%s%s", para->diskPath, REC_packPATH);
+        snprintf(para->packPath, MAX_pathLEN, "%s%s", para->diskPath, REC_packPATH);
     }
 
     lValue = ini_gets(SEC_RECORD, KEY_TYPE, REC_packTYPE, sTemp, sizearray(sTemp), confFile);

src/record/main.c

@@ -121,7 +121,7 @@ int already_running(void)
         exit(1);
     }
     ftruncate(fd, 0);
-    sprintf(buf, "%ld", (long)getpid());
+    snprintf(buf, sizeof(buf), "%ld", (long)getpid());
     write(fd, buf, strlen(buf)+1);
     return(0);
 }
@@ -203,7 +203,7 @@ void record_saveStatus(RecordContext_t* recCtx, RecordStatus_e recStatus)
         LOGE( "can't lock %s: %s", REC_dataFILE, strerror(errno));
     }
     ftruncate(fd, 0);
-    sprintf(buf, "%d", recCtx->status);
+    snprintf(buf, sizeof(buf), "%d", recCtx->status);
     write(fd, buf, strlen(buf)+1);
     close(fd);
 
@@ -354,13 +354,13 @@ int record_start(RecordContext_t* recCtx)
     char sFile[256];
     switch (recCtx->params.fileNaming) {
     case NAMING_CONTIGUOUS:
-        REC_filePathGet(sFile, recCtx->params.packPath, REC_packPREFIX, nbFileIndex, recCtx->params.packType);
+        REC_filePathGet(sFile, sizeof(sFile), recCtx->params.packPath, REC_packPREFIX, nbFileIndex, recCtx->params.packType);
         break;
     case NAMING_DATE: {
         const time_t t = time(0);
         const struct tm* date = localtime(&t);
-        sprintf(dateString, "%04d%02d%02d-%02d%02d%02d", date->tm_year + 1900, date->tm_mon + 1, date->tm_mday, date->tm_hour, date->tm_min, date->tm_sec);
-        sprintf(sFile, "%s%s.%s", recCtx->params.packPath, dateString, recCtx->params.packType);
+        snprintf(dateString, sizeof(dateString), "%04d%02d%02d-%02d%02d%02d", date->tm_year + 1900, date->tm_mon + 1, date->tm_mday, date->tm_hour, date->tm_min, date->tm_sec);
+        snprintf(sFile, sizeof(sFile), "%s%s.%s", recCtx->params.packPath, dateString, recCtx->params.packType);
         break;
     }
     }
@@ -429,7 +429,7 @@ int record_start(RecordContext_t* recCtx)
         strcpy(fileName, strrchr(sFile, '/') + 1);
         av_dict_set(&ff->ofmtContext->metadata, "title", fileName, 0);
 
-        sprintf(localDateString, "%04d-%02d-%02d %02d:%02d:%02d", date->tm_year + 1900, date->tm_mon + 1, date->tm_mday, date->tm_hour, date->tm_min, date->tm_sec);
+        snprintf(localDateString, sizeof(localDateString), "%04d-%02d-%02d %02d:%02d:%02d", date->tm_year + 1900, date->tm_mon + 1, date->tm_mday, date->tm_hour, date->tm_min, date->tm_sec);
         av_dict_set(&ff->ofmtContext->metadata, "date", localDateString, 0);
     }
 
@@ -462,10 +462,10 @@ int record_start(RecordContext_t* recCtx)
 
     switch (recCtx->params.fileNaming) {
     case NAMING_CONTIGUOUS:
-        REC_filePathGet(sFile, recCtx->params.packPath, REC_packPREFIX, nbFileIndex, REC_packSnapTYPE);
+        REC_filePathGet(sFile, sizeof(sFile), recCtx->params.packPath, REC_packPREFIX, nbFileIndex, REC_packSnapTYPE);
         break;
     case NAMING_DATE:
-        sprintf(sFile, "%s%s.%s", recCtx->params.packPath, dateString, REC_packSnapTYPE);
+        snprintf(sFile, sizeof(sFile), "%s%s.%s", recCtx->params.packPath, dateString, REC_packSnapTYPE);
         break;
     }
     ret = record_takePicture(recCtx, sFile);
@@ -519,7 +519,7 @@ bool record_pack(RecordContext_t* recCtx)
     VencSpspps_t veHeader = { NULL, 0 };
     int  nbFileIndex = recCtx->nbFileIndex;
     char sFile[256];
-    REC_filePathGet(sFile, recCtx->params.packPath, REC_packPREFIX, nbFileIndex, recCtx->params.packType);
+    REC_filePathGet(sFile, sizeof(sFile), recCtx->params.packPath, REC_packPREFIX, nbFileIndex, recCtx->params.packType);
 
     FFPack_t* ff = ffpack_openFile(sFile, NULL);
     if( ff == NULL ) {
@@ -577,7 +577,7 @@ bool record_pack(RecordContext_t* recCtx)
 
     pthread_mutex_unlock(&recCtx->mutex);
 
-    REC_filePathGet(sFile, recCtx->params.packPath, REC_packPREFIX, nbFileIndex, REC_packSnapTYPE);
+    REC_filePathGet(sFile, sizeof(sFile), recCtx->params.packPath, REC_packPREFIX, nbFileIndex, REC_packSnapTYPE);
     record_takePicture(recCtx, sFile);
 
     return true;
@@ -888,7 +888,7 @@ void record_checkConf(RecordContext_t* recCtx, char* confSet)
         readlink("/proc/self/exe", sTemp, MAX_pathLEN);
         p = strrchr(sTemp,'/');
         *p = '\0';
-        sprintf(recCtx->confFile, "%s/%s", sTemp, REC_confFILE);
+        snprintf(recCtx->confFile, MAX_pathLEN, "%s/%s", sTemp, REC_confFILE);
     }
 }
 

src/record/record_definitions.h

@@ -91,8 +91,8 @@ extern "C" {
 #define REC_packTypesNUM    2
 #define REC_starFORMAT      "%u:%02u star\n"
 
-#define REC_filePathGet(BUFF, PATH, PREFIX, INDEX, FILEFMT) \
-    sprintf((BUFF), "%s%s%04d.%s", (PATH), (PREFIX), (INDEX), (FILEFMT));
+#define REC_filePathGet(BUFF, MAXLEN, PATH, PREFIX, INDEX, FILEFMT) \
+    snprintf((BUFF), (MAXLEN), "%s%s%04d.%s", (PATH), (PREFIX), (INDEX), (FILEFMT));
 
 #define ZeroMemory(p, size) memset(p, 0, size)
 

src/rtspLive/main.cpp

@@ -129,7 +129,7 @@ static int already_running(void)
         exit(1);
     }
     ftruncate(fd, 0);
-    sprintf(buf, "%ld", (long)getpid());
+    snprintf(buf, sizeof(buf), "%ld", (long)getpid());
     write(fd, buf, strlen(buf)+1);
     return(0);
 }
@@ -179,7 +179,7 @@ void live_checkConf(LiveContext_t* liveCtx, char* confSet)
         readlink("/proc/self/exe", sTemp, MAX_pathLEN);
         p = strrchr(sTemp,'/');
         *p = '\0';
-        sprintf(liveCtx->confFile, "%s/%s", sTemp, REC_confFILE);
+        snprintf(liveCtx->confFile, MAX_pathLEN, "%s/%s", sTemp, REC_confFILE);
     }
 }