fix unchecked snprintf(3) in page header printing:

the length of the title is unknown, and speed doesn't matter here,
so use asprintf/free rather than a static buffer

diff --git a/man_html.c b/man_html.c
index 973ae789c93fdf96dc7e0d040f0685c5cbb470f3..092c4c21104c05adc1b425ddbc7998cfbe56a49e 100644 (file)
--- a/man_html.c
+++ b/man_html.c
@@ -1,4 +1,4 @@
-/*     $Id: man_html.c,v 1.93 2014/04/20 16:46:04 schwarze Exp $ */
+/*     $Id: man_html.c,v 1.94 2014/04/20 20:18:12 schwarze Exp $ */

 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2013, 2014 Ingo Schwarze <schwarze@openbsd.org>
 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2013, 2014 Ingo Schwarze <schwarze@openbsd.org>


@@ -28,6 +28,7 @@
 #include <string.h>
 
 #include "mandoc.h"
 #include <string.h>
 
 #include "mandoc.h"

+#include "mandoc_aux.h"

 #include "out.h"
 #include "html.h"
 #include "man.h"
 #include "out.h"
 #include "html.h"
 #include "man.h"


@@ -300,9 +301,10 @@ a2width(const struct man_node *n, struct roffsu *su)
 static void
 man_root_pre(MAN_ARGS)
 {
 static void
 man_root_pre(MAN_ARGS)
 {

+       char             b[BUFSIZ];

        struct htmlpair  tag[3];
        struct tag      *t, *tt;
        struct htmlpair  tag[3];
        struct tag      *t, *tt;

-       char             b[BUFSIZ], title[BUFSIZ];
+       char            *title;

 
        b[0] = 0;
        if (man->vol)
 
        b[0] = 0;
        if (man->vol)


@@ -310,7 +312,7 @@ man_root_pre(MAN_ARGS)
 
        assert(man->title);
        assert(man->msec);
 
        assert(man->title);
        assert(man->msec);

-       snprintf(title, BUFSIZ - 1, "%s(%s)", man->title, man->msec);
+       mandoc_asprintf(&title, "%s(%s)", man->title, man->msec);

 
        PAIR_SUMMARY_INIT(&tag[0], "Document Header");
        PAIR_CLASS_INIT(&tag[1], "head");
 
        PAIR_SUMMARY_INIT(&tag[0], "Document Header");
        PAIR_CLASS_INIT(&tag[1], "head");


@@ -341,6 +343,7 @@ man_root_pre(MAN_ARGS)
        print_otag(h, TAG_TD, 2, tag);
        print_text(h, title);
        print_tagq(h, t);
        print_otag(h, TAG_TD, 2, tag);
        print_text(h, title);
        print_tagq(h, t);

+       free(title);

 }
 
 static void
 }
 
 static void

diff --git a/man_term.c b/man_term.c
index 9aab47077da1fc2bf0938975b2141835ffe6fac0..f3fc411483a308f9733d5af66dbf84d3607a4c3d 100644 (file)
--- a/man_term.c
+++ b/man_term.c
@@ -1,4 +1,4 @@
-/*     $Id: man_term.c,v 1.146 2014/04/20 16:46:04 schwarze Exp $ */
+/*     $Id: man_term.c,v 1.147 2014/04/20 20:18:12 schwarze Exp $ */

 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010-2014 Ingo Schwarze <schwarze@openbsd.org>
 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010-2014 Ingo Schwarze <schwarze@openbsd.org>


@@ -28,6 +28,7 @@
 #include <string.h>
 
 #include "mandoc.h"
 #include <string.h>
 
 #include "mandoc.h"

+#include "mandoc_aux.h"

 #include "out.h"
 #include "man.h"
 #include "term.h"
 #include "out.h"
 #include "man.h"
 #include "term.h"


@@ -1049,9 +1050,9 @@ print_man_nodelist(DECL_ARGS)
 static void
 print_man_foot(struct termp *p, const void *arg)
 {
 static void
 print_man_foot(struct termp *p, const void *arg)
 {

-       char            title[BUFSIZ];
-       size_t          datelen;
-       const struct man_meta *meta;
+       const struct man_meta   *meta;
+       char                    *title;
+       size_t                   datelen;

 
        meta = (const struct man_meta *)arg;
        assert(meta->title);
 
        meta = (const struct man_meta *)arg;
        assert(meta->title);


@@ -1071,11 +1072,12 @@ print_man_foot(struct termp *p, const void *arg)
        if ( ! p->mdocstyle) {
                term_vspace(p);
                term_vspace(p);
        if ( ! p->mdocstyle) {
                term_vspace(p);
                term_vspace(p);

-               snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+               mandoc_asprintf(&title, "%s(%s)",
+                   meta->title, meta->msec);

        } else if (meta->source) {
        } else if (meta->source) {

-               strlcpy(title, meta->source, BUFSIZ);
+               title = mandoc_strdup(meta->source);

        } else {
        } else {

-               title[0] = '\0';
+               title = mandoc_strdup("");

        }
        datelen = term_strlen(p, meta->date);
 
        }
        datelen = term_strlen(p, meta->date);
 


@@ -1111,14 +1113,16 @@ print_man_foot(struct termp *p, const void *arg)
 
        term_word(p, title);
        term_flushln(p);
 
        term_word(p, title);
        term_flushln(p);

+       free(title);

 }
 
 static void
 print_man_head(struct termp *p, const void *arg)
 {
 }
 
 static void
 print_man_head(struct termp *p, const void *arg)
 {

-       char            buf[BUFSIZ], title[BUFSIZ];
-       size_t          buflen, titlen;
-       const struct man_meta *meta;
+       char                     buf[BUFSIZ];
+       const struct man_meta   *meta;
+       char                    *title;
+       size_t                   buflen, titlen;

 
        meta = (const struct man_meta *)arg;
        assert(meta->title);
 
        meta = (const struct man_meta *)arg;
        assert(meta->title);


@@ -1132,7 +1136,7 @@ print_man_head(struct termp *p, const void *arg)
 
        /* Top left corner: manual title and section. */
 
 
        /* Top left corner: manual title and section. */
 

-       snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+       mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);

        titlen = term_strlen(p, title);
 
        p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;
        titlen = term_strlen(p, title);
 
        p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;


@@ -1183,4 +1187,5 @@ print_man_head(struct termp *p, const void *arg)
                term_vspace(p);
                term_vspace(p);
        }
                term_vspace(p);
                term_vspace(p);
        }

+       free(title);

 }
 }

diff --git a/mdoc_html.c b/mdoc_html.c
index 04d03f2b92b261b37e412c10e9f1257036020460..ac1e43b44a469f60cf699e53e13fdcb552975882 100644 (file)
--- a/mdoc_html.c
+++ b/mdoc_html.c
@@ -1,4 +1,4 @@
-/*     $Id: mdoc_html.c,v 1.188 2014/04/20 16:46:05 schwarze Exp $ */
+/*     $Id: mdoc_html.c,v 1.189 2014/04/20 20:18:12 schwarze Exp $ */

 /*
  * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2014 Ingo Schwarze <schwarze@openbsd.org>
 /*
  * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2014 Ingo Schwarze <schwarze@openbsd.org>


@@ -29,6 +29,7 @@
 #include <unistd.h>
 
 #include "mandoc.h"
 #include <unistd.h>
 
 #include "mandoc.h"

+#include "mandoc_aux.h"

 #include "out.h"
 #include "html.h"
 #include "mdoc.h"
 #include "out.h"
 #include "html.h"
 #include "mdoc.h"


@@ -514,9 +515,10 @@ mdoc_root_post(MDOC_ARGS)
 static int
 mdoc_root_pre(MDOC_ARGS)
 {
 static int
 mdoc_root_pre(MDOC_ARGS)
 {

+       char             b[BUFSIZ];

        struct htmlpair  tag[3];
        struct tag      *t, *tt;
        struct htmlpair  tag[3];
        struct tag      *t, *tt;

-       char             b[BUFSIZ], title[BUFSIZ];
+       char            *title;

 
        strlcpy(b, meta->vol, BUFSIZ);
 
 
        strlcpy(b, meta->vol, BUFSIZ);
 


@@ -526,7 +528,7 @@ mdoc_root_pre(MDOC_ARGS)
                strlcat(b, ")", BUFSIZ);
        }
 
                strlcat(b, ")", BUFSIZ);
        }
 

-       snprintf(title, BUFSIZ - 1, "%s(%s)", meta->title, meta->msec);
+       mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);

 
        PAIR_SUMMARY_INIT(&tag[0], "Document Header");
        PAIR_CLASS_INIT(&tag[1], "head");
 
        PAIR_SUMMARY_INIT(&tag[0], "Document Header");
        PAIR_CLASS_INIT(&tag[1], "head");


@@ -557,6 +559,8 @@ mdoc_root_pre(MDOC_ARGS)
        print_otag(h, TAG_TD, 2, tag);
        print_text(h, title);
        print_tagq(h, t);
        print_otag(h, TAG_TD, 2, tag);
        print_text(h, title);
        print_tagq(h, t);

+
+       free(title);

        return(1);
 }
 
        return(1);
 }
 

diff --git a/mdoc_term.c b/mdoc_term.c
index 8472b8f332e52caa46d9dcd701936700ddf9f514..fac902bcd93d60e060c28a77a78b9c20eefdbd7a 100644 (file)
--- a/mdoc_term.c
+++ b/mdoc_term.c
@@ -1,4 +1,4 @@
-/*     $Id: mdoc_term.c,v 1.265 2014/04/20 19:40:13 schwarze Exp $ */
+/*     $Id: mdoc_term.c,v 1.266 2014/04/20 20:18:12 schwarze Exp $ */

 /*
  * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010, 2012, 2013, 2014 Ingo Schwarze <schwarze@openbsd.org>
 /*
  * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010, 2012, 2013, 2014 Ingo Schwarze <schwarze@openbsd.org>


@@ -30,6 +30,7 @@
 #include <string.h>
 
 #include "mandoc.h"
 #include <string.h>
 
 #include "mandoc.h"

+#include "mandoc_aux.h"

 #include "out.h"
 #include "term.h"
 #include "mdoc.h"
 #include "out.h"
 #include "term.h"
 #include "mdoc.h"


@@ -441,9 +442,10 @@ print_mdoc_foot(struct termp *p, const void *arg)
 static void
 print_mdoc_head(struct termp *p, const void *arg)
 {
 static void
 print_mdoc_head(struct termp *p, const void *arg)
 {

-       char            buf[BUFSIZ], title[BUFSIZ];
-       size_t          buflen, titlen;
-       const struct mdoc_meta *meta;
+       char                     buf[BUFSIZ];
+       const struct mdoc_meta  *meta;
+       char                    *title;
+       size_t                   buflen, titlen;

 
        meta = (const struct mdoc_meta *)arg;
 
 
        meta = (const struct mdoc_meta *)arg;
 


@@ -473,7 +475,7 @@ print_mdoc_head(struct termp *p, const void *arg)
                strlcat(buf, ")", BUFSIZ);
        }
 
                strlcat(buf, ")", BUFSIZ);
        }
 

-       snprintf(title, BUFSIZ, "%s(%s)", meta->title, meta->msec);
+       mandoc_asprintf(&title, "%s(%s)", meta->title, meta->msec);

        titlen = term_strlen(p, title);
 
        p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;
        titlen = term_strlen(p, title);
 
        p->flags |= TERMP_NOBREAK | TERMP_NOSPACE;


@@ -508,6 +510,7 @@ print_mdoc_head(struct termp *p, const void *arg)
        p->flags &= ~TERMP_NOSPACE;
        p->offset = 0;
        p->rmargin = p->maxrmargin;
        p->flags &= ~TERMP_NOSPACE;
        p->offset = 0;
        p->rmargin = p->maxrmargin;

+       free(title);

 }
 
 static size_t
 }
 
 static size_t