Remove last occurrence of potentially insecure function sprintf.

%d can return up to 11 characters. Move away from fixed buffer completely and
use our own safe function strprintf.
This commit is contained in:
Wladimir J. van der Laan 2012-09-03 08:23:34 +02:00
parent eaf00a3a5d
commit 9c80909452

View File

@ -1020,9 +1020,7 @@ void ThreadMapPort2(void* parg)
{ {
printf("ThreadMapPort started\n"); printf("ThreadMapPort started\n");
char port[6]; std::string port = strprintf("%d", GetListenPort());
sprintf(port, "%d", GetListenPort());
const char * multicastif = 0; const char * multicastif = 0;
const char * minissdpdpath = 0; const char * minissdpdpath = 0;
struct UPNPDev * devlist = 0; struct UPNPDev * devlist = 0;
@ -1065,23 +1063,23 @@ void ThreadMapPort2(void* parg)
#ifndef UPNPDISCOVER_SUCCESS #ifndef UPNPDISCOVER_SUCCESS
/* miniupnpc 1.5 */ /* miniupnpc 1.5 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0);
#else #else
/* miniupnpc 1.6 */ /* miniupnpc 1.6 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0, "0"); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0, "0");
#endif #endif
if(r!=UPNPCOMMAND_SUCCESS) if(r!=UPNPCOMMAND_SUCCESS)
printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n", printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n",
port, port, lanaddr, r, strupnperror(r)); port.c_str(), port.c_str(), lanaddr, r, strupnperror(r));
else else
printf("UPnP Port Mapping successful.\n"); printf("UPnP Port Mapping successful.\n");
int i = 1; int i = 1;
loop { loop {
if (fShutdown || !fUseUPnP) if (fShutdown || !fUseUPnP)
{ {
r = UPNP_DeletePortMapping(urls.controlURL, data.first.servicetype, port, "TCP", 0); r = UPNP_DeletePortMapping(urls.controlURL, data.first.servicetype, port.c_str(), "TCP", 0);
printf("UPNP_DeletePortMapping() returned : %d\n", r); printf("UPNP_DeletePortMapping() returned : %d\n", r);
freeUPNPDevlist(devlist); devlist = 0; freeUPNPDevlist(devlist); devlist = 0;
FreeUPNPUrls(&urls); FreeUPNPUrls(&urls);
@ -1092,16 +1090,16 @@ void ThreadMapPort2(void* parg)
#ifndef UPNPDISCOVER_SUCCESS #ifndef UPNPDISCOVER_SUCCESS
/* miniupnpc 1.5 */ /* miniupnpc 1.5 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0);
#else #else
/* miniupnpc 1.6 */ /* miniupnpc 1.6 */
r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype,
port, port, lanaddr, strDesc.c_str(), "TCP", 0, "0"); port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0, "0");
#endif #endif
if(r!=UPNPCOMMAND_SUCCESS) if(r!=UPNPCOMMAND_SUCCESS)
printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n", printf("AddPortMapping(%s, %s, %s) failed with code %d (%s)\n",
port, port, lanaddr, r, strupnperror(r)); port.c_str(), port.c_str(), lanaddr, r, strupnperror(r));
else else
printf("UPnP Port Mapping successful.\n");; printf("UPnP Port Mapping successful.\n");;
} }