FPM: change uses of sprintf into snprintf

Author: nielsdos

sapi/fpm/fpm/fpm_conf.c

@@ -1262,7 +1262,7 @@ int fpm_conf_write_pid(void)
 			return -1;
 		}
 
-		len = sprintf(buf, "%d", (int) fpm_globals.parent_pid);
+		len = snprintf(buf, sizeof(buf), "%d", (int) fpm_globals.parent_pid);
 
 		if (len != write(fd, buf, len)) {
 			zlog(ZLOG_SYSERROR, "Unable to write to the PID file.");

sapi/fpm/fpm/fpm_env.c

@@ -32,10 +32,11 @@ int setenv(char *name, char *value, int clobber) /* {{{ */
 		return 0;
 	}
 
-	if ((cp = malloc(strlen(name) + strlen(value) + 2)) == 0) {
+	size_t length = strlen(name) + strlen(value) + 2;
+	if ((cp = malloc(length)) == 0) {
 		return 1;
 	}
-	sprintf(cp, "%s=%s", name, value);
+	snprintf(cp, length, "%s=%s", name, value);
 	return putenv(cp);
 }
 /* }}} */

sapi/fpm/fpm/fpm_php.c

@@ -165,7 +165,7 @@ static int fpm_php_set_fcgi_mgmt_vars(struct fpm_worker_pool_s *wp) /* {{{ */
 	char max_workers[10 + 1]; /* 4294967295 */
 	int len;
 
-	len = sprintf(max_workers, "%u", (unsigned int) wp->config->pm_max_children);
+	len = snprintf(max_workers, sizeof(max_workers), "%u", (unsigned int) wp->config->pm_max_children);
 
 	fcgi_set_mgmt_var("FCGI_MAX_CONNS", sizeof("FCGI_MAX_CONNS")-1, max_workers, len);
 	fcgi_set_mgmt_var("FCGI_MAX_REQS",  sizeof("FCGI_MAX_REQS")-1,  max_workers, len);

sapi/fpm/fpm/fpm_sockets.c

@@ -43,12 +43,12 @@ enum { FPM_GET_USE_SOCKET = 1, FPM_STORE_SOCKET = 2, FPM_STORE_USE_SOCKET = 3 };
 static int routemax = -1;
 #endif
 
-static inline void fpm_sockets_get_env_name(char *envname, unsigned idx) /* {{{ */
+static inline void fpm_sockets_get_env_name(char *envname, size_t envname_length, unsigned idx) /* {{{ */
 {
 	if (!idx) {
 		strcpy(envname, "FPM_SOCKETS");
 	} else {
-		sprintf(envname, "FPM_SOCKETS_%d", idx);
+		snprintf(envname, envname_length, "FPM_SOCKETS_%d", idx);
 	}
 }
 /* }}} */
@@ -70,7 +70,7 @@ static void fpm_sockets_cleanup(int which, void *arg) /* {{{ */
 		} else { /* on PARENT EXEC we want socket fds to be inherited through environment variable */
 			char fd[32];
 			char *tmpenv_value;
-			sprintf(fd, "%d", ls->sock);
+			snprintf(fd, sizeof(fd), "%d", ls->sock);
 
 			socket_set_buf = (i % FPM_ENV_SOCKET_SET_SIZE == 0 && i) ? 1 : 0;
 			tmpenv_value = realloc(env_value, p + (p ? 1 : 0) + strlen(ls->key) + 1 + strlen(fd) + socket_set_buf + 1);
@@ -104,10 +104,10 @@ static void fpm_sockets_cleanup(int which, void *arg) /* {{{ */
 
 	if (env_value) {
 		for (i = 0; i < socket_set_count; i++) {
-			fpm_sockets_get_env_name(envname, i);
+			fpm_sockets_get_env_name(envname, sizeof(envname), i);
 			setenv(envname, env_value + socket_set[i], 1);
 		}
-		fpm_sockets_get_env_name(envname, socket_set_count);
+		fpm_sockets_get_env_name(envname, sizeof(envname), socket_set_count);
 		unsetenv(envname);
 		free(env_value);
 	}
@@ -143,7 +143,8 @@ static int fpm_sockets_hash_op(int sock, struct sockaddr *sa, char *key, int typ
 			case FPM_AF_INET : {
 				key = alloca(INET6_ADDRSTRLEN+10);
 				inet_ntop(sa->sa_family, fpm_get_in_addr(sa), key, INET6_ADDRSTRLEN);
-				sprintf(key+strlen(key), ":%d", fpm_get_in_port(sa));
+				size_t key_length = strlen(key);
+				snprintf(key + key_length, INET6_ADDRSTRLEN + 10 - key_length, ":%d", fpm_get_in_port(sa));
 				break;
 			}
 
@@ -455,7 +456,7 @@ int fpm_sockets_init_main(void)
 
 	/* import inherited sockets */
 	for (i = 0; i < FPM_ENV_SOCKET_SET_MAX; i++) {
-		fpm_sockets_get_env_name(envname, i);
+		fpm_sockets_get_env_name(envname, sizeof(envname), i);
 		inherited = getenv(envname);
 		if (!inherited) {
 			break;

sapi/fpm/fpm/fpm_trace_pread.c

@@ -33,7 +33,7 @@ int fpm_trace_ready(pid_t pid) /* {{{ */
 {
 	char buf[128];
 
-	sprintf(buf, "/proc/%d/" PROC_MEM_FILE, (int) pid);
+	snprintf(buf, sizeof(buf), "/proc/%d/" PROC_MEM_FILE, (int) pid);
 	mem_file = open(buf, O_RDONLY);
 	if (0 > mem_file) {
 		zlog(ZLOG_SYSERROR, "failed to open %s", buf);

sapi/fpm/fpm/fpm_unix.c

@@ -533,14 +533,15 @@ int fpm_unix_init_child(struct fpm_worker_pool_s *wp) /* {{{ */
 			return -1;
 		}
 
-		new_con = malloc(strlen(con) + strlen(wp->config->apparmor_hat) + 3); // // + 0 Byte
+		size_t new_con_length = strlen(con) + strlen(wp->config->apparmor_hat) + 3; // // + 0 Byte
+		new_con = malloc(new_con_length);
 		if (!new_con) {
 			zlog(ZLOG_SYSERROR, "[pool %s] failed to allocate memory for apparmor hat change.", wp->config->name);
 			free(con);
 			return -1;
 		}
 
-		if (0 > sprintf(new_con, "%s//%s", con, wp->config->apparmor_hat)) {
+		if (0 > snprintf(new_con, new_con_length, "%s//%s", con, wp->config->apparmor_hat)) {
 			zlog(ZLOG_SYSERROR, "[pool %s] failed to construct apparmor confinement.", wp->config->name);
 			free(con);
 			free(new_con);