mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
eliminate snprintf
The two cases where I introduced snprintf are either already safe for buffer overflow or can be made so with one extra statement, allowing sprintf. Signed-off-by: Andy Green <andy.green@linaro.org>
This commit is contained in:
parent
7a506ba5cb
commit
cecf5e73cf
2 changed files with 8 additions and 16 deletions
11
lib/client.c
11
lib/client.c
|
@ -710,8 +710,6 @@ libwebsockets_generate_client_handshake(struct libwebsocket_context *context,
|
|||
struct libwebsocket_extension *ext1;
|
||||
int ext_count = 0;
|
||||
#endif
|
||||
static const char magic_websocket_guid[] =
|
||||
"258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
|
||||
|
||||
/*
|
||||
* create the random key
|
||||
|
@ -841,12 +839,9 @@ libwebsockets_generate_client_handshake(struct libwebsocket_context *context,
|
|||
|
||||
/* prepare the expected server accept response */
|
||||
|
||||
#ifdef WIN32
|
||||
n = _snprintf(buf, sizeof(buf), "%s%s", key_b64, magic_websocket_guid);
|
||||
#else
|
||||
n = snprintf(buf, sizeof(buf), "%s%s", key_b64, magic_websocket_guid);
|
||||
#endif
|
||||
buf[sizeof(buf) - 1] = '\0';
|
||||
key_b64[39] = '\0'; /* enforce composed length below buf sizeof */
|
||||
n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", key_b64);
|
||||
|
||||
SHA1((unsigned char *)buf, n, (unsigned char *)hash);
|
||||
|
||||
lws_b64_encode_string(hash, 20,
|
||||
|
|
|
@ -56,14 +56,11 @@ handshake_0405(struct libwebsocket_context *context, struct libwebsocket *wsi)
|
|||
goto bail;
|
||||
}
|
||||
|
||||
// TODO: Use a truly platform independent snprintf implementation isntead! http://www.ijs.si/software/snprintf/ maybe?
|
||||
#ifdef WIN32
|
||||
n = _snprintf(
|
||||
#else
|
||||
n = snprintf(
|
||||
#endif
|
||||
(char *)context->service_buffer,
|
||||
sizeof(context->service_buffer),
|
||||
/*
|
||||
* since key length is restricted above (currently 128), cannot
|
||||
* overflow
|
||||
*/
|
||||
n = sprintf((char *)context->service_buffer,
|
||||
"%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11",
|
||||
lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY));
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue