Cleanup uses of sprintf so we can deprecate it.
Change-Id: Ic66abfb547cd5551c47e03d604e65f83c84c597f
diff --git a/libs/androidfw/Asset.cpp b/libs/androidfw/Asset.cpp
index 4e14b13..2cfa666 100644
--- a/libs/androidfw/Asset.cpp
+++ b/libs/androidfw/Asset.cpp
@@ -69,7 +69,7 @@
res.append(cur->getAssetSource());
off64_t size = (cur->getLength()+512)/1024;
char buf[64];
- sprintf(buf, ": %dK\n", (int)size);
+ snprintf(buf, sizeof(buf), ": %dK\n", (int)size);
res.append(buf);
}
cur = cur->mNext;
diff --git a/libs/androidfw/BackupHelpers.cpp b/libs/androidfw/BackupHelpers.cpp
index 9300794..78e9d91 100644
--- a/libs/androidfw/BackupHelpers.cpp
+++ b/libs/androidfw/BackupHelpers.cpp
@@ -442,7 +442,7 @@
return 0;
}
-static void calc_tar_checksum(char* buf) {
+static void calc_tar_checksum(char* buf, size_t buf_size) {
// [ 148 : 8 ] checksum -- to be calculated with this field as space chars
memset(buf + 148, ' ', 8);
@@ -453,11 +453,13 @@
// Now write the real checksum value:
// [ 148 : 8 ] checksum: 6 octal digits [leading zeroes], NUL, SPC
- sprintf(buf + 148, "%06o", sum); // the trailing space is already in place
+ snprintf(buf + 148, buf_size - 148, "%06o", sum); // the trailing space is
+ // already in place
}
// Returns number of bytes written
-static int write_pax_header_entry(char* buf, const char* key, const char* value) {
+static int write_pax_header_entry(char* buf, size_t buf_size,
+ const char* key, const char* value) {
// start with the size of "1 key=value\n"
int len = strlen(key) + strlen(value) + 4;
if (len > 9) len++;
@@ -466,7 +468,7 @@
// since PATH_MAX is 4096 we don't expect to have to generate any single
// header entry longer than 9999 characters
- return sprintf(buf, "%d %s=%s\n", len, key, value);
+ return snprintf(buf, buf_size, "%d %s=%s\n", len, key, value);
}
// Wire format to the backup manager service is chunked: each chunk is prefixed by
@@ -550,8 +552,12 @@
// read/write up to this much at a time.
const size_t BUFSIZE = 32 * 1024;
char* buf = (char *)calloc(1,BUFSIZE);
- char* paxHeader = buf + 512; // use a different chunk of it as separate scratch
- char* paxData = buf + 1024;
+ const size_t PAXHEADER_OFFSET = 512;
+ const size_t PAXHEADER_SIZE = 512;
+ const size_t PAXDATA_SIZE = BUFSIZE - (PAXHEADER_SIZE + PAXHEADER_OFFSET);
+ char* const paxHeader = buf + PAXHEADER_OFFSET; // use a different chunk of
+ // it as separate scratch
+ char* const paxData = paxHeader + PAXHEADER_SIZE;
if (buf == NULL) {
ALOGE("Out of mem allocating transfer buffer");
@@ -630,21 +636,21 @@
// already preflighted
if (needExtended) {
char sizeStr[32]; // big enough for a 64-bit unsigned value in decimal
- char* p = paxData;
// construct the pax extended header data block
- memset(paxData, 0, BUFSIZE - (paxData - buf));
+ memset(paxData, 0, PAXDATA_SIZE);
// size header -- calc len in digits by actually rendering the number
// to a string - brute force but simple
+ int paxLen = 0;
snprintf(sizeStr, sizeof(sizeStr), "%lld", (long long)s.st_size);
- p += write_pax_header_entry(p, "size", sizeStr);
+ paxLen += write_pax_header_entry(paxData, PAXDATA_SIZE, "size", sizeStr);
// fullname was generated above with the ustar paths
- p += write_pax_header_entry(p, "path", fullname.string());
+ paxLen += write_pax_header_entry(paxData + paxLen, PAXDATA_SIZE - paxLen,
+ "path", fullname.string());
// Now we know how big the pax data is
- int paxLen = p - paxData;
// Now build the pax *header* templated on the ustar header
memcpy(paxHeader, buf, 512);
@@ -659,10 +665,10 @@
// [ 124 : 12 ] size of pax extended header data
memset(paxHeader + 124, 0, 12);
- snprintf(paxHeader + 124, 12, "%011o", (unsigned int)(p - paxData));
+ snprintf(paxHeader + 124, 12, "%011o", (unsigned int)paxLen);
// Checksum and write the pax block header
- calc_tar_checksum(paxHeader);
+ calc_tar_checksum(paxHeader, PAXHEADER_SIZE);
send_tarfile_chunk(writer, paxHeader, 512);
// Now write the pax data itself
@@ -671,7 +677,7 @@
}
// Checksum and write the 512-byte ustar file header block to the output
- calc_tar_checksum(buf);
+ calc_tar_checksum(buf, BUFSIZE);
send_tarfile_chunk(writer, buf, 512);
// Now write the file data itself, for real files. We honor tar's convention that
diff --git a/services/core/jni/com_android_server_connectivity_Vpn.cpp b/services/core/jni/com_android_server_connectivity_Vpn.cpp
index 2d0dfd2..70d8775 100644
--- a/services/core/jni/com_android_server_connectivity_Vpn.cpp
+++ b/services/core/jni/com_android_server_connectivity_Vpn.cpp
@@ -158,7 +158,7 @@
}
if (count) {
- sprintf(ifr4.ifr_name, "%s:%d", name, count);
+ snprintf(ifr4.ifr_name, sizeof(ifr4.ifr_name), "%s:%d", name, count);
}
if (ioctl(inet4, SIOCSIFADDR, &ifr4)) {
count = (errno == EINVAL) ? BAD_ARGUMENT : SYSTEM_ERROR;