Change sprintf to snprintf for buffer overflow protection

[snark14.git] / tools / Display / SnarkDisplay.cpp

diff --git a/tools/Display/SnarkDisplay.cpp b/tools/Display/SnarkDisplay.cpp
index 2962ce902f1a7369579e793ee542c472b8992bea..a492c397755a589639bd477e5d79276e055148f2 100644 (file)
--- a/tools/Display/SnarkDisplay.cpp
+++ b/tools/Display/SnarkDisplay.cpp
@@ -49,7 +49,7 @@
 #include <qmessagebox.h>
 #include <qregexp.h> 
 
-char *myTag = "sd140707";
+const char *myTag = "sd140707";
 
 /* 
  *  Constructs a SnarkDisplay which is a child of 'parent', with the 
@@ -170,14 +170,14 @@ void SnarkDisplay::openRecfilFile() {
         freeDisplaywindows(numimages);
     }
     if (!recfilfilename.isEmpty()) {
-        sprintf(name, "%s", recfilfilename.latin1());
+        snprintf(name, sizeof(name)-1, "%s", recfilfilename.latin1());
         if (digrecfil.Open(name) != 0) {
             s.sprintf("Error!\nUnable to open file:\n%s\n", recfilfilename.latin1());
             QMessageBox::information(this, "SnarkDisplay", s);
             digrecfil.Close();
             return;
         } else {
-            sprintf(oldname, "%s", name);
+          snprintf(oldname, sizeof(oldname)-1, "%s", name);
             phantomexists = false;
             if (digrecfil.GetDimensions(&Dimensions) != 0) {
                 s.sprintf("%s is not a snark14 recfil\n", recfilfilename.latin1());
@@ -249,7 +249,7 @@ void SnarkDisplay::openRecfilFile() {
                         itname.sprintf("_");
                     else
                         itname.sprintf("%-40s", namephantom);
-                    sprintf(imagetitles[ni], "%s", itname.latin1());
+                    snprintf(imagetitles[ni], sizeof(imagetitles[ni])-1, "%s", itname.latin1());
                     imageindexes[ni][0] = i;
                     imageindexes[ni][1] = 0;
                     ni++;
@@ -269,7 +269,7 @@ void SnarkDisplay::openRecfilFile() {
                             itname.sprintf("%-*s_%-*s_%s_%04d_r_a", widthproj, nameprojection, widthexec, nameexecution, namealg, j + 1);
                         else
                             itname.sprintf("__%-*s_%4s_%04d_r_a", widthexec, nameexecution, namealg, j + 1);
-                        sprintf(imagetitles[ni], "%s", itname.latin1());
+                        snprintf(imagetitles[ni], sizeof(imagetitles[ni])-1, "%s", itname.latin1());
                         imageindexes[ni][0] = i;
                         imageindexes[ni][1] = j;
                         ni++;
@@ -461,7 +461,7 @@ void SnarkDisplay::openPrjfilFile() {
     fd.setSelection(QDir::currentDirPath());
     if (fd.exec() == QDialog::Accepted) {
         projfilfilename = fd.selectedFile();
-        sprintf(name, "%s", projfilfilename.latin1());
+        snprintf(name, sizeof(name)-1, "%s", projfilfilename.latin1());
         if (openprojfil) //*(JD 1/28/04)
             digprojfil.Close(); //(JD 1/28/04)
         if (digprojfil.Open(name) != 0) {
@@ -511,7 +511,7 @@ void SnarkDisplay::openEvalFile() {
     fd.setSelection(QDir::currentDirPath());
     if (fd.exec() == QDialog::Accepted) {
         evalfilename = fd.selectedFile();
-        sprintf(name, "%s", evalfilename.latin1());
+        snprintf(name, sizeof(name)-1, "%s", evalfilename.latin1());
         if (std::verbose >= 2) printf("\nname of eval file is:\n%s\n", name);
         if ((fp = fopen(name, "r")) == NULL) {
             s.sprintf("Error!\nUnable to open file:\n%s\n", evalfilename.latin1());