From 24959aa103e5c8136cf1f5f902af34970c86db58 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Tue, 30 Jan 2024 21:27:34 -0500 Subject: [PATCH 1/2] Replaced various sprintf with snprintf snprintf is safer because the buffer length is specified, so can't be overrun. --- src/mat73.c | 4 ++-- tools/matdump.c | 8 ++++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/mat73.c b/src/mat73.c index 3a66ec41..f83366e5 100644 --- a/src/mat73.c +++ b/src/mat73.c @@ -1401,11 +1401,11 @@ Mat_VarWriteRef(hid_t id, matvar_t *matvar, enum matio_compression compression, err = MATIO_E_BAD_ARGUMENT; } else { char obj_name[64]; - sprintf(obj_name, "%llu", (unsigned long long)group_info.nlinks); + snprintf(obj_name, sizeof(obj_name), "%llu", (unsigned long long)group_info.nlinks); if ( NULL != matvar ) matvar->compression = compression; err = Mat_VarWriteNext73(*refs_id, matvar, obj_name, refs_id); - sprintf(obj_name, "/#refs#/%llu", (unsigned long long)group_info.nlinks); + snprintf(obj_name, sizeof(obj_name), "/#refs#/%llu", (unsigned long long)group_info.nlinks); H5Rcreate(ref, id, obj_name, H5R_OBJECT, -1); } return err; diff --git a/tools/matdump.c b/tools/matdump.c index 3154ff86..2c54afd6 100644 --- a/tools/matdump.c +++ b/tools/matdump.c @@ -538,8 +538,12 @@ print_whos(matvar_t *matvar) int cnt = 0; printf("%8" SIZE_T_FMTSTR, matvar->dims[0]); for ( i = 1; i < matvar->rank; i++ ) { - if ( ceil(log10((double)matvar->dims[i])) + 1 < 32 ) - cnt += sprintf(size + cnt, "x%" SIZE_T_FMTSTR, matvar->dims[i]); + if ( ceil(log10((double)matvar->dims[i])) + 1 < 32 ) { + cnt += snprintf(size + cnt, sizeof(size) - cnt, "x%" SIZE_T_FMTSTR, matvar->dims[i]); + if (cnt >= sizeof(size)) { + break; + } + } } printf("%-10s", size); } else { From eae9647804c9988ed6a28484719dce2fc06aafda Mon Sep 17 00:00:00 2001 From: tbeu Date: Tue, 6 Feb 2024 06:33:09 +0100 Subject: [PATCH 2/2] Use mat_snprintf --- Makefile.am | 4 +-- cmake/src.cmake | 2 +- cmake/test.cmake | 2 +- cmake/tools.cmake | 2 +- configure.ac | 1 + snprintf/Makefile.am | 30 +++++++++++++++++++ {src => snprintf}/snprintf.c | 0 src/Makefile.am | 8 +++-- src/mat73.c | 5 ++-- test/Makefile.am | 24 ++++++++------- test/test_snprintf.c | 2 +- tools/Makefile.am | 10 ++++--- tools/matdump.c | 11 ++++++- visual_studio/libmatio/libmatio.vcproj | 2 +- visual_studio/libmatio/libmatio.vcxproj | 2 +- .../libmatio/libmatio.vcxproj.filters | 2 +- visual_studio/matdump/matdump.vcproj | 4 +++ visual_studio/matdump/matdump.vcxproj | 1 + visual_studio/matdump/matdump.vcxproj.filters | 3 ++ 19 files changed, 86 insertions(+), 29 deletions(-) create mode 100644 snprintf/Makefile.am rename {src => snprintf}/snprintf.c (100%) diff --git a/Makefile.am b/Makefile.am index 28a6d52e..9d42c460 100644 --- a/Makefile.am +++ b/Makefile.am @@ -70,10 +70,10 @@ pkgconfig_DATA = matio.pc $(pkgconfig_DATA): config.status if NEED_GETOPT -GETOPT=getopt + GETOPT = getopt endif -SUBDIRS = src $(GETOPT) tools test documentation +SUBDIRS = snprintf src $(GETOPT) tools test documentation dosubst = sed -e 's,[@]PACKAGE[@],$(PACKAGE),g' \ -e 's,[@]VERSION[@],$(VERSION),g' \ diff --git a/cmake/src.cmake b/cmake/src.cmake index df9bc911..348d9877 100644 --- a/cmake/src.cmake +++ b/cmake/src.cmake @@ -20,8 +20,8 @@ set(MATIO_SOURCES ${PROJECT_SOURCE_DIR}/src/matvar_struct.c ${PROJECT_SOURCE_DIR}/src/mat4.c ${PROJECT_SOURCE_DIR}/src/mat5.c - ${PROJECT_SOURCE_DIR}/src/snprintf.c ${PROJECT_SOURCE_DIR}/src/read_data.c + ${PROJECT_SOURCE_DIR}/snprintf/snprintf.c ${PROJECT_SOURCE_DIR}/src/mat5.h ${PROJECT_SOURCE_DIR}/src/mat73.h ${PROJECT_SOURCE_DIR}/src/matio_private.h diff --git a/cmake/test.cmake b/cmake/test.cmake index 72aff40b..fe7caeec 100644 --- a/cmake/test.cmake +++ b/cmake/test.cmake @@ -5,7 +5,7 @@ if(NOT HAVE_GETOPT) endif() if(NOT HAVE_SNPRINTF OR UNIX) - add_executable(test_snprintf ${PROJECT_SOURCE_DIR}/test/test_snprintf.c) + add_executable(test_snprintf ${PROJECT_SOURCE_DIR}/test/test_snprintf.c ${PROJECT_SOURCE_DIR}/snprintf/snprintf.c) if(HAVE_LIBM) target_link_libraries(test_snprintf m) endif() diff --git a/cmake/tools.cmake b/cmake/tools.cmake index 6ce2288d..10138954 100644 --- a/cmake/tools.cmake +++ b/cmake/tools.cmake @@ -1,4 +1,4 @@ -add_executable(matdump ${PROJECT_SOURCE_DIR}/tools/matdump.c ) +add_executable(matdump ${PROJECT_SOURCE_DIR}/tools/matdump.c ${PROJECT_SOURCE_DIR}/snprintf/snprintf.c) target_link_libraries(matdump matio) if(NOT HAVE_GETOPT) target_link_libraries(matdump getopt) diff --git a/configure.ac b/configure.ac index ea703cb1..a62fb3fe 100644 --- a/configure.ac +++ b/configure.ac @@ -385,6 +385,7 @@ AC_SUBST([AUTOTEST], ['$(AUTOM4TE) --language=Autotest']) AC_CONFIG_FILES([Makefile \ matio.pc \ + snprintf/Makefile \ src/Makefile \ getopt/Makefile \ tools/Makefile \ diff --git a/snprintf/Makefile.am b/snprintf/Makefile.am new file mode 100644 index 00000000..96bc2ec9 --- /dev/null +++ b/snprintf/Makefile.am @@ -0,0 +1,30 @@ +## Makefile.am -- Process this file with automake to produce Makefile.in +## +## Copyright (c) 2015-2023, The matio contributors +## Copyright (c) 2005-2014, Christopher C. Hulbert +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions are met: +## +## 1. Redistributions of source code must retain the above copyright notice, this +## list of conditions and the following disclaimer. +## +## 2. Redistributions in binary form must reproduce the above copyright notice, +## this list of conditions and the following disclaimer in the documentation +## and/or other materials provided with the distribution. +## +## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +## AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +## DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +## SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +## CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +## OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +## + +noinst_LTLIBRARIES = libsnprintf.la +libsnprintf_la_SOURCES = snprintf.c diff --git a/src/snprintf.c b/snprintf/snprintf.c similarity index 100% rename from src/snprintf.c rename to snprintf/snprintf.c diff --git a/src/Makefile.am b/src/Makefile.am index 30dd94a3..41f73ee8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -38,19 +38,21 @@ if HAVE_ZLIB ZLIB_SRC = inflate.c endif +SNPRINTF_LIBS = $(top_builddir)/snprintf/libsnprintf.la + nodist_noinst_HEADERS = matioConfig.h nodist_include_HEADERS = matio_pubconf.h include_HEADERS = matio.h noinst_HEADERS = matio_private.h mat4.h mat5.h mat73.h \ read_data_impl.h safe-math.h lib_LTLIBRARIES = libmatio.la -libmatio_la_SOURCES = snprintf.c endian.c io.c $(ZLIB_SRC) read_data.c \ +libmatio_la_SOURCES = endian.c io.c $(ZLIB_SRC) read_data.c \ mat5.c mat4.c mat.c matvar_cell.c matvar_struct.c -libmatio_la_LIBADD = $(HDF5_LIBS) $(ZLIB_LIBS) +libmatio_la_LIBADD = $(HDF5_LIBS) $(ZLIB_LIBS) $(SNPRINTF_LIBS) libmatio_la_LDFLAGS = -no-undefined -export-symbols @srcdir@/matio.sym $(AM_LDFLAGS) if MAT73 - libmatio_la_SOURCES+= mat73.c + libmatio_la_SOURCES += mat73.c endif EXTRA_DIST = matio.sym diff --git a/src/mat73.c b/src/mat73.c index f83366e5..bf43551f 100644 --- a/src/mat73.c +++ b/src/mat73.c @@ -1401,11 +1401,12 @@ Mat_VarWriteRef(hid_t id, matvar_t *matvar, enum matio_compression compression, err = MATIO_E_BAD_ARGUMENT; } else { char obj_name[64]; - snprintf(obj_name, sizeof(obj_name), "%llu", (unsigned long long)group_info.nlinks); + mat_snprintf(obj_name, sizeof(obj_name), "%llu", (unsigned long long)group_info.nlinks); if ( NULL != matvar ) matvar->compression = compression; err = Mat_VarWriteNext73(*refs_id, matvar, obj_name, refs_id); - snprintf(obj_name, sizeof(obj_name), "/#refs#/%llu", (unsigned long long)group_info.nlinks); + mat_snprintf(obj_name, sizeof(obj_name), "/#refs#/%llu", + (unsigned long long)group_info.nlinks); H5Rcreate(ref, id, obj_name, H5R_OBJECT, -1); } return err; diff --git a/test/Makefile.am b/test/Makefile.am index 7da69c6a..7d29e4a5 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -405,27 +405,27 @@ TEST_DATAFILES = $(datasets_dir)/large_struct_compressed_le.mat \ $(results_dir)/write_struct_complex_2d_numeric-uint32.out \ $(results_dir)/write_struct_complex_2d_numeric-uint64.out if MAT73 -MAT73 = 1 + MAT73 = 1 else -MAT73 = 0 + MAT73 = 0 endif if HAVE_ZLIB -COMPRESSION_ZLIB = 1 + COMPRESSION_ZLIB = 1 else -COMPRESSION_ZLIB = 0 + COMPRESSION_ZLIB = 0 endif if EXTENDED_SPARSE -EXTENDED_SPARSE = 1 + EXTENDED_SPARSE = 1 else -EXTENDED_SPARSE = 0 + EXTENDED_SPARSE = 0 endif if IS_WIN32 -IS_WIN32 = 1 + IS_WIN32 = 1 else -IS_WIN32 = 0 + IS_WIN32 = 0 endif CHECK_ENVIRONMENT = GREP=$(GREP) MAT73=$(MAT73) MATLABEXE=$(MATLABEXE) \ @@ -439,10 +439,12 @@ EXTRA_DIST = $(TESTSUITE_AT) $(TESTSUITE) $(srcdir)/package.m4 \ $(TEST_DATAFILES) if NEED_GETOPT -GETOPT_CFLAGS = -I$(top_builddir)/getopt -GETOPT_LIBS = $(top_builddir)/getopt/libgetopt.la + GETOPT_CFLAGS = -I$(top_builddir)/getopt + GETOPT_LIBS = $(top_builddir)/getopt/libgetopt.la endif +SNPRINTF_LIBS = $(top_builddir)/snprintf/libsnprintf.la + AM_CFLAGS = -I$(top_srcdir)/src $(GETOPT_CFLAGS) $(HDF5_CFLAGS) $(ZLIB_CFLAGS) AM_LDFLAGS = $(FCLDFLAGS) TEST_LIBS = $(top_builddir)/src/libmatio.la $(GETOPT_LIBS) $(HDF5_LIBS) $(ZLIB_LIBS) @@ -455,6 +457,8 @@ test_mat_LDADD = $(TEST_LIBS) test_mat_LDFLAGS = $(TEST_LFLAGS) test_snprintf_SOURCES = test_snprintf.c +test_snprintf_LDADD = $(SNPRINTF_LIBS) +test_snprintf_LDFLAGS = -L$(top_builddir)/snprintf atconfig: $(top_builddir)/config.status cd $(top_builddir) && ./config.status tests/$@ diff --git a/test/test_snprintf.c b/test/test_snprintf.c index b7b574a4..704bd9d9 100644 --- a/test/test_snprintf.c +++ b/test/test_snprintf.c @@ -1,8 +1,8 @@ +#include "matioConfig.h" #include #include #include #include -#include "snprintf.c" #if !HAVE_SNPRINTF int rpl_snprintf(char *, size_t, const char *, ...); diff --git a/tools/Makefile.am b/tools/Makefile.am index 653e5c60..5d03ce3b 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -28,16 +28,18 @@ VPATH = @srcdir@ if NEED_GETOPT -GETOPT_CFLAGS = -I$(top_builddir)/getopt -GETOPT_LIBS = $(top_builddir)/getopt/libgetopt.la + GETOPT_CFLAGS = -I$(top_builddir)/getopt + GETOPT_LIBS = $(top_builddir)/getopt/libgetopt.la endif +SNPRINTF_LIBS = $(top_builddir)/snprintf/libsnprintf.la + AM_CFLAGS = -I$(top_srcdir)/src $(GETOPT_CFLAGS) $(HDF5_CFLAGS) $(ZLIB_CFLAGS) \ $(LT_CFLAGS) AM_LDFLAGS = $(LT_LDFLAGS) $(FCLDFLAGS) bin_PROGRAMS = matdump -matdump_SOURCES = matdump.c +matdump_SOURCES = matdump.c matdump_LDADD = $(top_builddir)/src/libmatio.la $(HDF5_LIBS) $(ZLIB_LIBS) \ - $(GETOPT_LIBS) + $(GETOPT_LIBS) $(SNPRINTF_LIBS) diff --git a/tools/matdump.c b/tools/matdump.c index 2c54afd6..17a2d8bf 100644 --- a/tools/matdump.c +++ b/tools/matdump.c @@ -25,6 +25,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "matioConfig.h" #include "matio.h" #include #include @@ -38,6 +39,14 @@ #define SIZE_T_FMTSTR "zu" #endif +/* snprintf.c */ +#if !HAVE_SNPRINTF +int rpl_snprintf(char *, size_t, const char *, ...); +#define mat_snprintf rpl_snprintf +#else +#define mat_snprintf snprintf +#endif /* !HAVE_SNPRINTF */ + static const char *optstring = "df:hvHV"; static struct option options[] = {{"data", no_argument, NULL, 'd'}, {"format", required_argument, NULL, 'f'}, @@ -539,7 +548,7 @@ print_whos(matvar_t *matvar) printf("%8" SIZE_T_FMTSTR, matvar->dims[0]); for ( i = 1; i < matvar->rank; i++ ) { if ( ceil(log10((double)matvar->dims[i])) + 1 < 32 ) { - cnt += snprintf(size + cnt, sizeof(size) - cnt, "x%" SIZE_T_FMTSTR, matvar->dims[i]); + cnt += mat_snprintf(size + cnt, sizeof(size) - cnt, "x%" SIZE_T_FMTSTR, matvar->dims[i]); if (cnt >= sizeof(size)) { break; } diff --git a/visual_studio/libmatio/libmatio.vcproj b/visual_studio/libmatio/libmatio.vcproj index ce05bb81..83b11dab 100644 --- a/visual_studio/libmatio/libmatio.vcproj +++ b/visual_studio/libmatio/libmatio.vcproj @@ -383,7 +383,7 @@ > diff --git a/visual_studio/libmatio/libmatio.vcxproj b/visual_studio/libmatio/libmatio.vcxproj index d67c4c94..3ca7b2b0 100644 --- a/visual_studio/libmatio/libmatio.vcxproj +++ b/visual_studio/libmatio/libmatio.vcxproj @@ -287,7 +287,7 @@ - + diff --git a/visual_studio/libmatio/libmatio.vcxproj.filters b/visual_studio/libmatio/libmatio.vcxproj.filters index ea616c9b..202dadae 100644 --- a/visual_studio/libmatio/libmatio.vcxproj.filters +++ b/visual_studio/libmatio/libmatio.vcxproj.filters @@ -45,7 +45,7 @@ Source Files - + Source Files diff --git a/visual_studio/matdump/matdump.vcproj b/visual_studio/matdump/matdump.vcproj index 3d4fb79f..531ed995 100644 --- a/visual_studio/matdump/matdump.vcproj +++ b/visual_studio/matdump/matdump.vcproj @@ -340,6 +340,10 @@ RelativePath="..\..\tools\matdump.c" > + + + diff --git a/visual_studio/matdump/matdump.vcxproj.filters b/visual_studio/matdump/matdump.vcxproj.filters index 37b94685..8e07553c 100644 --- a/visual_studio/matdump/matdump.vcxproj.filters +++ b/visual_studio/matdump/matdump.vcxproj.filters @@ -21,6 +21,9 @@ Source Files + + Source Files +