From 075e1f6e8ecafd8d9447b5a7afe7abb588bcf81e Mon Sep 17 00:00:00 2001 From: Youngbok Shin Date: Mon, 20 Mar 2017 12:18:25 +0900 Subject: [PATCH] replace sprintf() to snprintf() for better security Change-Id: I25508293e1daa8aeb95b9133298d088e2353b6c8 --- pkgmgr_font/src/font_service_register.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/pkgmgr_font/src/font_service_register.c b/pkgmgr_font/src/font_service_register.c index d36446a..78529a3 100755 --- a/pkgmgr_font/src/font_service_register.c +++ b/pkgmgr_font/src/font_service_register.c @@ -65,8 +65,8 @@ static const char* check_preloaded(const char *app_root_path) char tpk_path[MAX_FILE_LEN]; char wgt_path[MAX_FILE_LEN]; - sprintf(tpk_path, "%s/preloaded", app_root_path); - sprintf(wgt_path, "%s/res/wgt/preloaded", app_root_path); + snprintf(tpk_path, sizeof(tpk_path), "%s/preloaded", app_root_path); + snprintf(wgt_path, sizeof(wgt_path), "%s/res/wgt/preloaded", app_root_path); if ((access(tpk_path, F_OK) == 0) || (access(wgt_path, F_OK) == 0)) { @@ -139,8 +139,8 @@ static int symbolic_link(const char *srcpath, const char *destpath) goto FAIL; } - sprintf(srcdir,"%s/%s",srcpath,(char *) e->d_name); - sprintf(destdir,"%s/%s",destpath,(char *) e->d_name); + snprintf(srcdir, sizeof(srcdir), "%s/%s", srcpath, (char *)e->d_name); + snprintf(destdir, sizeof(destdir), "%s/%s", destpath, (char *)e->d_name); if (stat (srcdir, &statb) == -1) { DEBUG_ERROR("stat %s is failed \n",srcdir); @@ -277,8 +277,8 @@ static int move_path(const char *srcpath, const char *destpath) goto FAIL; } - sprintf(srcdir, "%s/%s", srcpath, (char *)e->d_name); - sprintf(destdir, "%s/%s", destpath, (char *)e->d_name); + snprintf(srcdir, sizeof(srcdir), "%s/%s", srcpath, (char *)e->d_name); + snprintf(destdir, sizeof(destdir), "%s/%s", destpath, (char *)e->d_name); if (stat(srcdir, &statb) == -1) { @@ -432,7 +432,7 @@ static int do_install(const char *parent, const char *appid, const char *rootpat return -1; } - sprintf(destdir,"%s/%s",parent,appid); + snprintf(destdir, sizeof(destdir), "%s/%s", parent, appid); ret = make_dir(destdir); if (ret < 0) { @@ -453,12 +453,12 @@ static int do_install(const char *parent, const char *appid, const char *rootpat goto FAIL; } - sprintf(path,"%s/shared/res", rootpath); + snprintf(path, sizeof(path), "%s/shared/res", rootpath); if (!strcmp(type,"wgt")) { char srcpath[MAX_FILE_LEN]; - sprintf(srcpath,"%s/res/wgt/shared/res", rootpath); + snprintf(srcpath, sizeof(srcpath), "%s/res/wgt/shared/res", rootpath); ret = move_path(srcpath, path); } @@ -513,7 +513,7 @@ static int do_uninstall(const char *deletedir) goto FAIL; } - sprintf(destfile,"%s/%s",deletedir,(char *) e->d_name); + snprintf(destfile, sizeof(destfile), "%s/%s", deletedir, (char *)e->d_name); if (lstat (destfile, &statb) == -1) { DEBUG_ERROR("lstat %s is failed \n",destfile); @@ -653,7 +653,7 @@ int COMMON_PKGMGR_PLUGIN_UPGRADE(const char *pkgid, const char *appid, GList *li goto FAIL; } - sprintf(deletedir,"%s/%s", dest_path, appid); + snprintf(deletedir, sizeof(deletedir), "%s/%s", dest_path, appid); if (access(deletedir, F_OK) == -1) { @@ -745,7 +745,7 @@ int COMMON_PKGMGR_PLUGIN_UNINSTALL(const char *pkgid, const char *appid, GList * /* It must contain "/" character at end of the delete dir path. * It prevents file path comparing issues when there are many similar path. */ - sprintf(deletedir,"%s/%s/", dest_path, appid); + snprintf(deletedir, sizeof(deletedir), "%s/%s/", dest_path, appid); //check if current using font is same with uninstall font deletedir_len = strlen(deletedir); -- 2.7.4