]> git.pld-linux.org Git - packages/lbreakout2.git/blame - lbreakout2-printf-security.patch
projects / packages / lbreakout2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- updated to 2.5beta-3 (fixes some sprintf buffer overflows itself)
[packages/lbreakout2.git] / lbreakout2-printf-security.patch
CommitLineData
030b7e22 1diff -Nur lbreakout2-2.5beta-3.orig/client/chart.c lbreakout2-2.5beta-3/client/chart.c
2--- lbreakout2-2.5beta-3.orig/client/chart.c 2003-05-25 11:37:05.000000000 +0200
3+++ lbreakout2-2.5beta-3/client/chart.c 2004-02-03 22:12:34.294996664 +0100
4@@ -119,7 +119,7 @@
5 char aux[4];
6 Set_Chart *chart = 0;
7 /* full file name */
8- sprintf( file_name, "%s/%s", path, CHART_FILE_NAME );
9+ snprintf( file_name, sizeof(file_name), "%s/%s", path, CHART_FILE_NAME );
10 /* clear chart list */
11 list_clear( charts );
12 /* open file */
13@@ -224,7 +224,7 @@
14 */
15 void chart_save()
16 {
17- char file_name[512];
18+ char file_name[640];
19 int i;
20 Set_Chart *chart = 0;
21 FILE *file = 0;
22diff -Nur lbreakout2-2.5beta-3.orig/client/client_handlers.c lbreakout2-2.5beta-3/client/client_handlers.c
23--- lbreakout2-2.5beta-3.orig/client/client_handlers.c 2003-06-18 10:46:13.000000000 +0200
24+++ lbreakout2-2.5beta-3/client/client_handlers.c 2004-02-03 22:12:34.296996360 +0100
25@@ -111,7 +111,7 @@
26
27 /* disconnect */
28 socket_print_stats( &client );
29- sprintf( buf, "disconnected from %s",
30+ snprintf( buf, sizeof(buf), "disconnected from %s",
31 net_addr_to_string(&client.remote_addr) );
32 client_add_chatter( buf, 1 );
33 buf[0] = MSG_DISCONNECT;
34@@ -146,7 +146,7 @@
35
36 /* extract ip and port and build a new socket out of it */
37 gui_edit_get_text( edit_server, server, 128, 0, -1 );
38- snprintf( config.server, 64, server );
39+ snprintf( config.server, 64, "%s", server );
40 if ( !net_build_addr( &newaddr, server, 0 ) ) {
41 client_printf_chatter( 1, "ERROR: address %s does not resolve", config.server );
42 return;
43@@ -562,7 +562,7 @@
44 event->type == GUI_KEY_RELEASED &&
45 event->key.keysym == SDLK_RETURN ) {
46 /* get message */
47- sprintf( buf, "<%s> ", client_name );
48+ snprintf( buf, sizeof(buf), "<%s> ", client_name );
49 gui_edit_get_text( edit_pausechatter,
50 buf+strlen(buf), MAX_CHATTER_SIZE + 1, 0,-1 );
51 /* clear chat edit */
52diff -Nur lbreakout2-2.5beta-3.orig/client/client_recv.c lbreakout2-2.5beta-3/client/client_recv.c
53--- lbreakout2-2.5beta-3.orig/client/client_recv.c 2003-05-29 21:05:39.000000000 +0200
54+++ lbreakout2-2.5beta-3/client/client_recv.c 2004-02-03 22:12:34.302995448 +0100
55@@ -79,7 +79,7 @@
56 va_start( args, format );
57 vsnprintf( buffer, 256, format, args );
58 va_end( args );
59- gui_label_set_text( label_info, buffer );
60+ gui_label_set_text( label_info, "%s", buffer );
61 gui_widget_show( dlg_info );
62 client_state = CLIENT_INFO;
63 }
64@@ -95,7 +95,7 @@
65 va_start( args, format );
66 vsnprintf( buffer, 256, format, args );
67 va_end( args );
68- gui_label_set_text( label_confirm, buffer );
69+ gui_label_set_text( label_confirm, "%s", buffer );
70 gui_widget_show( dlg_confirm );
71 }
72
73@@ -157,7 +157,7 @@
74 /* users */
75 case MSG_ADD_USER:
76 num = msg_read_int32();
77- snprintf( name, 16, msg_read_string() ); name[15] = 0;
78+ snprintf( name, 16, "%s", msg_read_string() ); name[15] = 0;
79 if ( msg_read_failed() ) break;
80 client_add_user( num, name );
81 gui_list_update(
82@@ -208,7 +208,7 @@
83 break;
84 case MSG_SET_CHANNEL:
85 /* we only need to update the name */
86- gui_label_set_text( label_channel, msg_read_string() );
87+ gui_label_set_text( label_channel, "%s", msg_read_string() );
88 handled = 1;
89 break;
90 /* challenge */
91@@ -223,8 +223,8 @@
92 client_transmit( CODE_BLUE, msglen, msgbuf );
93 break;
94 }
95- snprintf( mp_peer_name, 15, msg_read_string() );
96- snprintf( mp_levelset, 16, msg_read_string() );
97+ snprintf( mp_peer_name, 15, "%s", msg_read_string() );
98+ snprintf( mp_levelset, 16, "%s", msg_read_string() );
99 mp_diff = msg_read_int8();
100 mp_rounds = msg_read_int8();
101 mp_frags = msg_read_int8();
102diff -Nur lbreakout2-2.5beta-3.orig/client/comm.c lbreakout2-2.5beta-3/client/comm.c
103--- lbreakout2-2.5beta-3.orig/client/comm.c 2003-06-04 14:02:41.000000000 +0200
104+++ lbreakout2-2.5beta-3/client/comm.c 2004-02-03 22:12:34.304995144 +0100
105@@ -191,7 +191,7 @@
106 close_pause_chat();
107 /* break up game but wait for the stats */
108 set_state( CS_FATAL_ERROR );
109- display_text( chat_font_error, msg_read_string() );
110+ display_text( chat_font_error, "%s", msg_read_string() );
111 handled = 1;
112 break;
113 case MSG_LEVEL_DATA:
114@@ -209,7 +209,7 @@
115 break;
116 case MSG_ADD_USER:
117 i = msg_read_int32();
118- snprintf( name, 16, msg_read_string() ); name[15] = 0;
119+ snprintf( name, 16, "%s", msg_read_string() ); name[15] = 0;
120 if ( msg_read_failed() ) break;
121 client_add_user( i, name );
122 handled = 1;
123diff -Nur lbreakout2-2.5beta-3.orig/client/config.c lbreakout2-2.5beta-3/client/config.c
124--- lbreakout2-2.5beta-3.orig/client/config.c 2003-06-28 10:06:14.000000000 +0200
125+++ lbreakout2-2.5beta-3/client/config.c 2004-02-03 22:12:34.305994992 +0100
126@@ -37,7 +37,7 @@
127 /* check if config directory exists; if not create it and set config_dir */
128 void config_check_dir()
129 {
130- char level_dir[512];
131+ char level_dir[640];
132 snprintf( config.dir_name, sizeof(config.dir_name)-1, "%s/%s", (getenv( "HOME" )?getenv( "HOME" ):"."), CONFIG_DIR_NAME );
133 /* test and create .lgames */
134 if ( opendir( config.dir_name ) == 0 ) {
135@@ -126,7 +126,7 @@
136 void config_load( )
137 {
138 char *str;
139- char file_name[512];
140+ char file_name[640];
141 PData *pd;
142 /* set to defaults */
143 config_check_dir();
144@@ -202,7 +202,7 @@
145 void config_save( )
146 {
147 FILE *file = 0;
148- char file_name[512];
149+ char file_name[640];
150
151 sprintf( file_name, "%s/%s", config.dir_name, CONFIG_FILE_NAME );
152 if ( ( file = fopen( file_name, "w" ) ) == 0 )
153diff -Nur lbreakout2-2.5beta-3.orig/client/credit.c lbreakout2-2.5beta-3/client/credit.c
154--- lbreakout2-2.5beta-3.orig/client/credit.c 2003-05-23 21:21:44.000000000 +0200
155+++ lbreakout2-2.5beta-3/client/credit.c 2004-02-03 22:12:34.310994232 +0100
156@@ -41,7 +41,7 @@
157 credit_cur = 0; credit_alpha = 0; credit_status = 0;
158
159 /* string */
160- sprintf( credit_str, "%s (%i) - %s", name, level + 1, author );
161+ snprintf( credit_str, sizeof(credit_str), "%s (%i) - %s", name, level + 1, author );
162
163 /* position */
164 credit_w = stk_font_string_width( font, credit_str ) + 4;
165diff -Nur lbreakout2-2.5beta-3.orig/client/display.c lbreakout2-2.5beta-3/client/display.c
166--- lbreakout2-2.5beta-3.orig/client/display.c 2002-11-01 17:32:19.000000000 +0100
167+++ lbreakout2-2.5beta-3/client/display.c 2004-02-03 22:12:34.311994080 +0100
168@@ -116,7 +116,7 @@
169 void displays_show()
170 {
171 int i;
172- char str[64], numstr[10];
173+ char str[64], numstr[20];
174 Display *display;
175 if ( displays == 0 ) return;
176 list_reset( displays );
177diff -Nur lbreakout2-2.5beta-3.orig/client/editor.c lbreakout2-2.5beta-3/client/editor.c
178--- lbreakout2-2.5beta-3.orig/client/editor.c 2003-05-18 19:22:11.000000000 +0200
179+++ lbreakout2-2.5beta-3/client/editor.c 2004-02-03 22:12:34.314993624 +0100
180@@ -263,7 +263,7 @@
181 int x = BRICK_WIDTH, y = ( MAP_HEIGHT - 1 ) * BRICK_HEIGHT - 2;
182 int height = 10;
183 /* locartion */
184- sprintf( str, "Location: %s", edit_file_name );
185+ snprintf( str, sizeof(str), "Location: %s", edit_file_name );
186 mfont->align = STK_FONT_ALIGN_LEFT | STK_FONT_ALIGN_TOP;
187 stk_font_write( mfont, stk_display, x, y, STK_OPAQUE, str );
188 /* current level */
189@@ -278,15 +278,15 @@
190 }
191 else {
192 /* version */
193- sprintf( str, "Version: %s ", edit_version );
194+ snprintf( str, sizeof(str), "Version: %s ", edit_version );
195 stk_font_write( mfont, stk_display, stk_display->w - BRICK_WIDTH, y + height, STK_OPAQUE, str );
196 }
197 /* name and author */
198 mfont->align = STK_FONT_ALIGN_LEFT | STK_FONT_ALIGN_TOP;
199- sprintf( str, "Title: %s", edit_cur_level->name );
200+ snprintf( str, sizeof(str), "Title: %s", edit_cur_level->name );
201 stk_font_write( mfont, stk_display, BRICK_WIDTH + 2, ( MAP_HEIGHT - 5 ) * BRICK_HEIGHT + 5, STK_OPAQUE, str );
202 mfont->align = STK_FONT_ALIGN_RIGHT | STK_FONT_ALIGN_TOP;
203- sprintf( str, "Author: %s", edit_cur_level->author );
204+ snprintf( str, sizeof(str), "Author: %s", edit_cur_level->author );
205 stk_font_write( mfont, stk_display, stk_display->w - BRICK_WIDTH - 2, ( MAP_HEIGHT - 5 ) * BRICK_HEIGHT + 5, STK_OPAQUE, str );
206 }
207 /*
208@@ -389,7 +389,7 @@
209 edit_level_count = 0;
210 if ( ( file = fopen( edit_file_name, "rb" ) ) != 0 ) {
211 levelset_get_version( file, &version, &update );
212- sprintf( edit_version, "%i.%02i", version, update );
213+ snprintf( edit_version, sizeof(edit_version), "%i.%02i", version, update );
214 while ( ( level = level_load( file ) ) != 0 )
215 edit_levels[edit_level_count++] = level;
216 fclose( file );
217@@ -547,7 +547,7 @@
218 case BUTTON_VERSION:
219 if ( enter_string( font, "Levelset Version:", edit_version, 8 ) ) {
220 parse_version( edit_version, &version, &update );
221- sprintf( edit_version, "%i.%02i", version, update );
222+ snprintf( edit_version, sizeof(edit_version), "%i.%02i", version, update );
223 *full_update = 1;
224 }
225 break;
226@@ -639,12 +639,12 @@
227 strcpy( str, "" );
228 if ( edit_buttons[x][y] == BUTTON_EDIT_AUTHOR )
229 if ( enter_string( font, "Author's Name:", str, 24 ) ) {
230- snprintf( edit_cur_level->author, 31, str );
231+ snprintf( edit_cur_level->author, 31, "%s", str );
232 *full_update = 1;
233 }
234 if ( edit_buttons[x][y] == BUTTON_EDIT_NAME )
235 if ( enter_string( font, "Title:", str, 24 ) ) {
236- snprintf( edit_cur_level->name, 31, str );
237+ snprintf( edit_cur_level->name, 31, "%s", str );
238 *full_update = 1;
239 }
240 /* sel frame tile position */
241diff -Nur lbreakout2-2.5beta-3.orig/client/file.c lbreakout2-2.5beta-3/client/file.c
242--- lbreakout2-2.5beta-3.orig/client/file.c 2002-08-13 16:43:55.000000000 +0200
243+++ lbreakout2-2.5beta-3/client/file.c 2004-02-03 22:12:34.320992712 +0100
244@@ -469,13 +469,13 @@
245 if ( !strncmp( path + strlen( path ) - strlen( root ), root, strlen( root ) ) )
246 continue;
247 /* get stats */
248- sprintf( file_name, "%s/%s", path, dirent->d_name );
249+ snprintf( file_name, sizeof(file_name), "%s/%s", path, dirent->d_name );
250 if ( stat( file_name, &fstat ) == -1 ) continue;
251 /* check directory */
252 if ( S_ISDIR( fstat.st_mode ) ) {
253 if ( ( test_dir = opendir( file_name ) ) == 0 ) continue;
254 closedir( test_dir );
255- sprintf( file_name, "*%s", dirent->d_name );
256+ snprintf( file_name, sizeof(file_name), "*%s", dirent->d_name );
257 list_add( list, strdup( file_name ) );
258 }
259 else
260diff -Nur lbreakout2-2.5beta-3.orig/client/game.c lbreakout2-2.5beta-3/client/game.c
261--- lbreakout2-2.5beta-3.orig/client/game.c 2003-06-28 10:21:57.000000000 +0200
262+++ lbreakout2-2.5beta-3/client/game.c 2004-02-03 22:12:34.327991648 +0100
263@@ -163,7 +163,7 @@
264 if ( game->game_type == GT_LOCAL ) {
265 /* we put these displays to the old positions
266 at the top of the frame */
267- sprintf( str, "%s", player->name );
268+ snprintf( str, sizeof(str), "%s", player->name );
269 length = ( strlen( player->name ) ) * 8;
270 display_player[0] = displays_add( 402, 0,
271 length + 4, 16, str, player->lives, 0 );
272@@ -173,14 +173,14 @@
273 display_score[0]->use_alpha = 0;
274 } else {
275 /* wins */
276- sprintf( str, "%s ~x%i",
277+ snprintf( str, sizeof(str), "%s ~x%i",
278 game->paddles[0]->player->name,
279 game->paddles[0]->player->stats.wins );
280 length = strlen( str ) * 8;
281 display_player[0] = displays_add(
282 BRICK_WIDTH + 20, ( MAP_HEIGHT - 1 ) * BRICK_HEIGHT + 2,
283 length + 4, 16, str, 0, 0 );
284- sprintf( str, "%s ~x%i",
285+ snprintf( str, sizeof(str), "%s ~x%i",
286 game->paddles[1]->player->name,
287 game->paddles[1]->player->stats.wins );
288 length = strlen( str ) * 8;
289@@ -265,7 +265,7 @@
290 }
291 }
292
293- display_text( font, info );
294+ display_text( font, "%s", info );
295 stk_display_update( STK_UPDATE_ALL );
296 }
297
298diff -Nur lbreakout2-2.5beta-3.orig/client/manager.c lbreakout2-2.5beta-3/client/manager.c
299--- lbreakout2-2.5beta-3.orig/client/manager.c 2003-06-28 10:22:26.000000000 +0200
300+++ lbreakout2-2.5beta-3/client/manager.c 2004-02-03 22:12:34.330991192 +0100
301@@ -207,7 +207,7 @@
302 /* filter stuff */
303 if ( text->lines[i][0] == '*' ) continue;
304 /* add */
305- sprintf( file_name, "~%s", text->lines[i] );
306+ snprintf( file_name, sizeof(file_name), "~%s", text->lines[i] );
307 list_add( levelset_names, strdup( file_name ) );
308 }
309 delete_text( text );
310@@ -362,7 +362,7 @@
311 if ( ( file = levelset_open( levelset_names_local[config.levelset_id_local], "rb" ) ) ) {
312 levelset_get_version( file, &version, &update );
313 levelset_get_first_author( file, author );
314- sprintf( hint_levelset, "%s v%i.%02i#Author: %s",
315+ snprintf( hint_levelset, sizeof(hint_levelset), "%s v%i.%02i#Author: %s",
316 levelset_names_local[config.levelset_id_local],
317 version, update, author/*, HINT_LEVELSET_APPENDIX*/ );
318 hint_set_contents( item_levelset->hint, hint_levelset );
319diff -Nur lbreakout2-2.5beta-3.orig/client/theme.c lbreakout2-2.5beta-3/client/theme.c
320--- lbreakout2-2.5beta-3.orig/client/theme.c 2003-05-28 19:03:30.000000000 +0200
321+++ lbreakout2-2.5beta-3/client/theme.c 2004-02-03 22:12:34.337990128 +0100
322@@ -132,7 +132,7 @@
323 ====================================================================
324 */
325 static char theme_dir[512];
326-static char theme_path[512];
327+static char theme_path[640];
328 void theme_set_dir( char *name )
329 {
330 if ( name[0] == '~' )
331@@ -159,10 +159,10 @@
332 {
333 struct stat filestat;
334 SDL_Surface *surf = 0;
335- sprintf( theme_path, "%s/%s", theme_dir, name );
336+ snprintf( theme_path, sizeof(theme_path), "%s/%s", theme_dir, name );
337 if ( stat( theme_path, &filestat ) == -1 ||
338- ( surf = stk_surface_load( SDL_SWSURFACE | SDL_NONFATAL, theme_path ) ) == 0 )
339- surf = stk_surface_load( SDL_SWSURFACE, name );
340+ ( surf = stk_surface_load( SDL_SWSURFACE | SDL_NONFATAL, "%s", theme_path ) ) == 0 )
341+ surf = stk_surface_load( SDL_SWSURFACE, "%s", name );
342 return surf;
343 }
344 #ifdef AUDIO_ENABLED
345@@ -170,10 +170,10 @@
346 {
347 struct stat filestat;
348 StkSound *sound = 0;
349- sprintf( theme_path, "%s/%s", theme_dir, name );
350+ snprintf( theme_path, sizeof(theme_path), "%s/%s", theme_dir, name );
351 if ( stat( theme_path, &filestat ) == -1 ||
352- ( sound = stk_sound_load( -1, theme_path ) ) == 0 )
353- sound = stk_sound_load( -1, name );
354+ ( sound = stk_sound_load( -1, "%s", theme_path ) ) == 0 )
355+ sound = stk_sound_load( -1, "%s", name );
356 return sound;
357 }
358 #endif
359@@ -181,10 +181,10 @@
360 {
361 struct stat filestat;
362 StkFont *font = 0;
363- sprintf( theme_path, "%s/%s", theme_dir, name );
364+ snprintf( theme_path, sizeof(theme_path), "%s/%s", theme_dir, name );
365 if ( stat( theme_path, &filestat ) == -1 ||
366- ( font = stk_font_load( SDL_SWSURFACE | SDL_NONFATAL, theme_path ) ) == 0 )
367- font = stk_font_load( SDL_SWSURFACE, name );
368+ ( font = stk_font_load( SDL_SWSURFACE | SDL_NONFATAL, "%s", theme_path ) ) == 0 )
369+ font = stk_font_load( SDL_SWSURFACE, "%s", name );
370 if ( font )
371 SDL_SetColorKey( font->surface, SDL_SRCCOLORKEY,
372 stk_surface_get_pixel( font->surface, 0,0 ) );
373@@ -250,7 +250,7 @@
374 bkgnds = calloc( ORIG_BACK_COUNT, sizeof( SDL_Surface* ) );
375 for ( i = 0; i < ORIG_BACK_COUNT; i++ ) {
376 sprintf( theme_path, "back%i.png", i );
377- bkgnds[i] = stk_surface_load( SDL_SWSURFACE, theme_path );
378+ bkgnds[i] = stk_surface_load( SDL_SWSURFACE, "%s", theme_path );
379 }
380 bkgnd_count = ORIG_BACK_COUNT;
381 }
382@@ -309,7 +309,7 @@
383 if ( entry->d_name[0] == '.' )
384 continue;
385 /* full path */
386- sprintf( theme_path, "%s/%s", dir, entry->d_name );
387+ snprintf( theme_path, sizeof(theme_path), "%s/%s", dir, entry->d_name );
388 stat( theme_path, &estat );
389 if ( S_ISDIR( estat.st_mode ) ) {
390 /* ignore entry if it is a default theme */
391@@ -320,7 +320,7 @@
392 }
393 if ( i == -1 ) continue;
394 /* store it otherwise */
395- sprintf( name, "%s", entry->d_name );
396+ snprintf( name, sizeof(name), "%s", entry->d_name );
397 list_add( list, strdup( name ) );
398 }
399 }
400@@ -333,10 +333,10 @@
401 if ( entry->d_name[0] == '.' )
402 continue;
403 /* full path */
404- sprintf( theme_path, "%s/%s", dir, entry->d_name );
405+ snprintf( theme_path, sizeof(theme_path), "%s/%s", dir, entry->d_name );
406 stat( theme_path, &estat );
407 if ( S_ISDIR( estat.st_mode ) ) {
408- sprintf( name, "~%s", entry->d_name );
409+ snprintf( name, sizeof(name), "~%s", entry->d_name );
410 list_add( list, strdup( name ) );
411 }
412 }
413diff -Nur lbreakout2-2.5beta-3.orig/client/value.c lbreakout2-2.5beta-3/client/value.c
414--- lbreakout2-2.5beta-3.orig/client/value.c 2002-09-05 12:38:54.000000000 +0200
415+++ lbreakout2-2.5beta-3/client/value.c 2004-02-03 22:12:34.338989976 +0100
416@@ -33,7 +33,7 @@
417 {
418 switch ( value->type ) {
419 case VALUE_RANGE_INT: sprintf( value->val_str, "%i", *value->val_int ); break;
420- case VALUE_RANGE_STR: sprintf( value->val_str, "%s", value->names[*value->val_int] ); break;
421+ case VALUE_RANGE_STR: snprintf( value->val_str, 256, "%s", value->names[*value->val_int] ); break;
422 case VALUE_KEY:
423 if ( value->grab ) { strcpy( value->val_str, "???" ); break; }
424 switch ( *value->val_int ) {
425diff -Nur lbreakout2-2.5beta-3.orig/common/net.c lbreakout2-2.5beta-3/common/net.c
426--- lbreakout2-2.5beta-3.orig/common/net.c 2003-06-04 16:24:41.000000000 +0200
427+++ lbreakout2-2.5beta-3/common/net.c 2004-02-03 22:12:34.344989064 +0100
428@@ -275,7 +275,7 @@
429 sys_printf( "net_query_ip: unknown unix path\n" );
430 }
431 else
432- snprintf( str, sun->sun_path, len );*/
433+ snprintf( str, len, "%s", sun->sun_path );*/
434 break;
435 default:
436 snprintf( str, len, "unknown" );
437diff -Nur lbreakout2-2.5beta-3.orig/common/parser.c lbreakout2-2.5beta-3/common/parser.c
438--- lbreakout2-2.5beta-3.orig/common/parser.c 2002-07-31 17:06:08.000000000 +0200
439+++ lbreakout2-2.5beta-3/common/parser.c 2004-02-03 22:12:34.351988000 +0100
440@@ -96,7 +96,7 @@
441 FILE_READCHAR( file, c ); pos++;
442 if ( c == 10 ) line_count++;
443 }
444- sprintf( parser_error, "%s: %i: %s",
445+ snprintf( parser_error, sizeof(parser_error), "%s: %i: %s",
446 fname, line_count, error );
447 }
448
449@@ -283,7 +283,7 @@
450 if ( !file_read_token( file, PARSER_SYMBOLS, PARSER_SKIP_SYMBOLS, token ) )
451 return 0;
452 if ( is_symbol( token[0], PARSER_SYMBOLS ) ) {
453- sprintf( parser_sub_error, "parse error before '%s'", token );
454+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parse error before '%s'", token );
455 return 0;
456 }
457 pd = calloc( 1, sizeof( PData ) );
458@@ -299,7 +299,7 @@
459 goto failure;
460 if ( token[0] != PARSER_LIST_BEGIN ) {
461 if ( is_symbol( token[0], PARSER_SYMBOLS ) ) {
462- sprintf( parser_sub_error, "parse error before '%s'", token );
463+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parse error before '%s'", token );
464 goto failure;
465 }
466 else
467@@ -310,7 +310,7 @@
468 goto failure;
469 while ( token[0] != PARSER_LIST_END ) {
470 if ( is_symbol( token[0], PARSER_SYMBOLS ) ) {
471- sprintf( parser_sub_error, "parse error before '%s'", token );
472+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parse error before '%s'", token );
473 goto failure;
474 }
475 else
476@@ -337,7 +337,7 @@
477 }
478 break;
479 default:
480- sprintf( parser_sub_error, "parse error before '%s'", token );
481+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parse error before '%s'", token );
482 goto failure;
483 }
484 return pd;
485@@ -490,7 +490,7 @@
486 PData *top = 0;
487 /* open file */
488 if ( ( file = fopen( fname, "r" ) ) == 0 ) {
489- sprintf( parser_error, "%s: file not found", fname );
490+ snprintf( parser_error, sizeof(parser_error), "%s: file not found", fname );
491 return 0;
492 }
493 /* create top level pdata */
494@@ -579,7 +579,7 @@
495 for ( i = 0, list_reset( path ); i < path->count; i++ ) {
496 sub = list_next( path );
497 if ( !pd_next->entries ) {
498- sprintf( parser_sub_error, "%s: no subtrees", pd_next->name );
499+ snprintf( parser_sub_error, sizeof(parser_sub_error), "%s: no subtrees", pd_next->name );
500 goto failure;
501 }
502 list_reset( pd_next->entries ); found = 0;
503@@ -590,7 +590,7 @@
504 break;
505 }
506 if ( !found ) {
507- sprintf( parser_sub_error, "%s: subtree '%s' not found", pd_next->name, sub );
508+ snprintf( parser_sub_error, sizeof(parser_sub_error), "%s: subtree '%s' not found", pd_next->name, sub );
509 goto failure;
510 }
511 }
512@@ -598,7 +598,7 @@
513 *result = pd_next;
514 return 1;
515 failure:
516- sprintf( parser_error, "parser_get_pdata: %s/%s: %s", pd->name, name, parser_sub_error );
517+ snprintf( parser_error, sizeof(parser_error), "parser_get_pdata: %s/%s: %s", pd->name, name, parser_sub_error );
518 list_delete( path );
519 *result = 0;
520 return 0;
521@@ -608,12 +608,12 @@
522 PData *entry;
523 *result = 0;
524 if ( !parser_get_pdata( pd, name, &entry ) ) {
525- sprintf( parser_sub_error, "parser_get_entries:\n %s", parser_error );
526+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_entries:\n %s", parser_error );
527 strcpy( parser_error, parser_sub_error );
528 return 0;
529 }
530 if ( !entry->entries || entry->entries->count == 0 ) {
531- sprintf( parser_error, "parser_get_entries: %s/%s: no subtrees", pd->name, name );
532+ snprintf( parser_error, sizeof(parser_error), "parser_get_entries: %s/%s: no subtrees", pd->name, name );
533 return 0;
534 }
535 *result = entry->entries;
536@@ -624,12 +624,12 @@
537 PData *entry;
538 *result = 0;
539 if ( !parser_get_pdata( pd, name, &entry ) ) {
540- sprintf( parser_sub_error, "parser_get_values:\n %s", parser_error );
541+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_values:\n %s", parser_error );
542 strcpy( parser_error, parser_sub_error );
543 return 0;
544 }
545 if ( !entry->values || entry->values->count == 0 ) {
546- sprintf( parser_error, "parser_get_values: %s/%s: no values", pd->name, name );
547+ snprintf( parser_error, sizeof(parser_error), "parser_get_values: %s/%s: no values", pd->name, name );
548 return 0;
549 }
550 *result = entry->values;
551@@ -639,12 +639,12 @@
552 {
553 List *values;
554 if ( !parser_get_values( pd, name, &values ) ) {
555- sprintf( parser_sub_error, "parser_get_value:\n %s", parser_error );
556+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_value:\n %s", parser_error );
557 strcpy( parser_error, parser_sub_error );
558 return 0;
559 }
560 if ( index >= values->count ) {
561- sprintf( parser_error, "parser_get_value: %s/%s: index %i out of range (%i elements)",
562+ snprintf( parser_error, sizeof(parser_error), "parser_get_value: %s/%s: index %i out of range (%i elements)",
563 pd->name, name, index, values->count );
564 return 0;
565 }
566@@ -655,7 +655,7 @@
567 {
568 char *value;
569 if ( !parser_get_value( pd, name, &value, 0 ) ) {
570- sprintf( parser_sub_error, "parser_get_int:\n %s", parser_error );
571+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_int:\n %s", parser_error );
572 strcpy( parser_error, parser_sub_error );
573 return 0;
574 }
575@@ -666,7 +666,7 @@
576 {
577 char *value;
578 if ( !parser_get_value( pd, name, &value, 0 ) ) {
579- sprintf( parser_sub_error, "parser_get_double:\n %s", parser_error );
580+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_double:\n %s", parser_error );
581 strcpy( parser_error, parser_sub_error );
582 return 0;
583 }
584@@ -677,7 +677,7 @@
585 {
586 char *value;
587 if ( !parser_get_value( pd, name, &value, 0 ) ) {
588- sprintf( parser_sub_error, "parser_get_string:\n %s", parser_error );
589+ snprintf( parser_sub_error, sizeof(parser_sub_error), "parser_get_string:\n %s", parser_error );
590 strcpy( parser_error, parser_sub_error );
591 return 0;
592 }
593diff -Nur lbreakout2-2.5beta-3.orig/game/comm.c lbreakout2-2.5beta-3/game/comm.c
594--- lbreakout2-2.5beta-3.orig/game/comm.c 2003-06-28 08:30:15.000000000 +0200
595+++ lbreakout2-2.5beta-3/game/comm.c 2004-02-03 22:12:34.353987696 +0100
596@@ -484,8 +484,8 @@
597 {
598 char *ptr = msg + *pos;
599
600- snprintf( ptr, 16, level->name ); ptr[15] = 0; ptr += 16;
601- snprintf( ptr, 16, level->author); ptr[15] = 0; ptr += 16;
602+ snprintf( ptr, 16, "%s", level->name ); ptr[15] = 0; ptr += 16;
603+ snprintf( ptr, 16, "%s", level->author); ptr[15] = 0; ptr += 16;
604 memcpy( ptr, level->bricks, 252 ); ptr += 252;
605 memcpy( ptr, level->extras, 252 ); ptr += 252;
606
607@@ -497,8 +497,8 @@
608 {
609 char *ptr = msg + *pos;
610
611- snprintf( level->name, 16, ptr ); ptr += 16;
612- snprintf( level->author, 16, ptr ); ptr += 16;
613+ snprintf( level->name, 16, "%s", ptr ); ptr += 16;
614+ snprintf( level->author, 16, "%s", ptr ); ptr += 16;
615 memcpy( level->bricks, ptr, 252 ); ptr += 252;
616 memcpy( level->extras, ptr, 252 ); ptr += 252;
617
618diff -Nur lbreakout2-2.5beta-3.orig/game/game.c lbreakout2-2.5beta-3/game/game.c
619--- lbreakout2-2.5beta-3.orig/game/game.c 2003-06-28 10:03:41.000000000 +0200
620+++ lbreakout2-2.5beta-3/game/game.c 2004-02-03 22:12:34.354987544 +0100
621@@ -133,8 +133,8 @@
622 game->level_over = 0;
623
624 /* initiate level data */
625- snprintf( game->title, 32, level->name );
626- snprintf( game->author, 32, level->author );
627+ snprintf( game->title, 32, "%s", level->name );
628+ snprintf( game->author, 32, "%s", level->author );
629 bricks_init( game, game->game_type, level, game->diff->score_mod, game->rel_warp_limit );
630 if ( game->game_type == GT_LOCAL || game->brick_count > 0 )
631 game->level_type = LT_NORMAL;
632diff -Nur lbreakout2-2.5beta-3.orig/game/levels.c lbreakout2-2.5beta-3/game/levels.c
633--- lbreakout2-2.5beta-3.orig/game/levels.c 2003-05-19 09:46:39.000000000 +0200
634+++ lbreakout2-2.5beta-3/game/levels.c 2004-02-03 22:12:34.360986632 +0100
635@@ -174,7 +174,7 @@
636
637 if ( levels->count == 0 ) return 0;
638 set = salloc( 1, sizeof( LevelSet ) );
639- snprintf( set->name, 20, name );
640+ snprintf( set->name, 20, "%s", name );
641 set->levels = salloc( levels->count, sizeof( Level* ) );
642 set->count = levels->count;
643 set->version = version;
644@@ -326,10 +326,10 @@
645 if ( !strequal( "Level:", buffer ) ) goto failure;
646 /* author */
647 if ( !next_line( file, buffer ) ) goto failure;
648- snprintf( level->author, 31, buffer );
649+ snprintf( level->author, 31, "%s", buffer );
650 /* level name */
651 if ( !next_line( file, buffer ) ) goto failure;
652- snprintf( level->name, 31, buffer );
653+ snprintf( level->name, 31, "%s", buffer );
654 /* bricks: */
655 if ( !next_line( file, buffer ) ) goto failure;
656 if ( !strequal( "Bricks:", buffer ) ) goto failure;
657@@ -365,8 +365,8 @@
658 {
659 int i, j;
660 Level *level = calloc( 1, sizeof( Level ) );
661- snprintf( level->author, 31, author );
662- snprintf( level->name, 31, name );
663+ snprintf( level->author, 31, "%s", author );
664+ snprintf( level->name, 31, "%s", name );
665 /* empty arena */
666 for ( i = 0; i < EDIT_WIDTH; i++ )
667 for ( j = 0; j < EDIT_HEIGHT; j++ ) {
668diff -Nur lbreakout2-2.5beta-3.orig/gui/gui_edit.c lbreakout2-2.5beta-3/gui/gui_edit.c
669--- lbreakout2-2.5beta-3.orig/gui/gui_edit.c 2003-06-04 21:15:30.000000000 +0200
670+++ lbreakout2-2.5beta-3/gui/gui_edit.c 2004-02-03 22:12:34.362986328 +0100
671@@ -422,7 +422,7 @@
672 {
673 if ( widget->type != GUI_EDIT ) return;
674 /* copy text */
675- snprintf( widget->spec.edit.buffer, widget->spec.edit.size + 1, text );
676+ snprintf( widget->spec.edit.buffer, widget->spec.edit.size + 1, "%s", text );
677 widget->spec.edit.length = strlen( widget->spec.edit.buffer );
678 /* reset */
679 /* first character in first line */
680@@ -456,7 +456,7 @@
681 if ( length > limit )
682 length = limit;
683 if ( length )
684- snprintf( buffer, limit, widget->spec.edit.buffer );
685+ snprintf( buffer, limit, "%s", widget->spec.edit.buffer );
686 else
687 buffer[0] = 0;
688 return 1;
689diff -Nur lbreakout2-2.5beta-3.orig/gui/gui_label.c lbreakout2-2.5beta-3/gui/gui_label.c
690--- lbreakout2-2.5beta-3.orig/gui/gui_label.c 2003-06-04 18:55:10.000000000 +0200
691+++ lbreakout2-2.5beta-3/gui/gui_label.c 2004-02-03 22:12:34.368985416 +0100
692@@ -202,7 +202,7 @@
693 /* do the text */
694 if ( text )
695 widget->spec.label.text = strdup( text );
696- gui_label_set_text( widget, text );
697+ gui_label_set_text( widget, "%s", text );
698 /* done */
699 return widget;
700 }
701@@ -216,13 +216,13 @@
702 {
703 if ( widget->type != GUI_LABEL ) return;
704 widget->spec.label.font = font;
705- gui_label_set_text( widget, widget->spec.label.text );
706+ gui_label_set_text( widget, "%s", widget->spec.label.text );
707 }
708 void gui_label_set_align( GuiWidget *widget, int align )
709 {
710 if ( widget->type != GUI_LABEL ) return;
711 widget->spec.label.align = align;
712- gui_label_set_text( widget, widget->spec.label.text );
713+ gui_label_set_text( widget, "%s", widget->spec.label.text );
714 }
715 static char label_buffer[1024];
716 void gui_label_set_text( GuiWidget *widget, char *format, ... )
717diff -Nur lbreakout2-2.5beta-3.orig/gui/stk.c lbreakout2-2.5beta-3/gui/stk.c
718--- lbreakout2-2.5beta-3.orig/gui/stk.c 2003-04-23 20:47:58.000000000 +0200
719+++ lbreakout2-2.5beta-3/gui/stk.c 2004-02-03 22:18:00.292437520 +0100
720@@ -625,18 +625,19 @@
721 {
722 SDL_Surface *surface = 0;
723 SDL_Surface *converted_surface = 0;
724- char path[512], *ptr;
725+ char path[512], pathtmp[512], *ptr;
726 va_list args;
727
728+ va_start( args, format );
729+ vsnprintf( pathtmp, 511, format, args );
730+ va_end( args );
731 /* build full path */
732 memset( path, 0, 512 ); ptr = path;
733- if ( is_path_relative(format) && stk_surface_path ) {
734- sprintf( path, "%s/", stk_surface_path );
735+ if ( is_path_relative(pathtmp) && stk_surface_path ) {
736+ snprintf( path, sizeof(path), "%s/", stk_surface_path );
737 ptr = path + strlen( path );
738 }
739- va_start( args, format );
740- vsnprintf( ptr, 511 - (path-ptr), format, args );
741- va_end( args );
742+ snprintf(ptr, 511 - (path-ptr), "%s", pathtmp);
743 #ifdef STK_DEBUG
744 printf( "loading %s\n", path );
745 #endif
746@@ -1024,7 +1025,7 @@
747 vsnprintf( path, 511, format, args );
748 va_end( args );
749 /* load surface */
750- font->surface = stk_surface_load( flags, path );
751+ font->surface = stk_surface_load( flags, "%s", path );
752 if ( font == 0 ) {
753 if ( flags & SDL_NONFATAL ) {
754 fprintf( stderr, "%s\n", SDL_GetError() );
755@@ -1332,18 +1333,19 @@
756 {
757 StkSound *sound;
758 #ifdef AUDIO_ENABLED
759- char path[512], *ptr;
760+ char path[512], pathtmp[512], *ptr;
761 va_list args;
762
763+ va_start( args, format );
764+ vsnprintf( pathtmp, 511, format, args );
765+ va_end( args );
766 /* build full path */
767 memset( path, 0, 512 ); ptr = path;
768- if ( is_path_relative(format) && stk_audio_path ) {
769- sprintf( path, "%s/", stk_audio_path );
770+ if ( is_path_relative(pathtmp) && stk_audio_path ) {
771+ snprintf( path, sizeof(path), "%s/", stk_audio_path );
772 ptr = path + strlen( path );
773 }
774- va_start( args, format );
775- vsnprintf( ptr, 511 - (path-ptr), format, args );
776- va_end( args );
777+ snprintf( ptr, 511 - (path-ptr), "%s", pathtmp );
778 #ifdef STK_DEBUG
779 printf( "loading %s\n", path );
780 #endif
781diff -Nur lbreakout2-2.5beta-3.orig/server/server.c lbreakout2-2.5beta-3/server/server.c
782--- lbreakout2-2.5beta-3.orig/server/server.c 2003-06-04 17:39:47.000000000 +0200
783+++ lbreakout2-2.5beta-3/server/server.c 2004-02-03 22:12:34.383983136 +0100
784@@ -102,7 +102,7 @@
785 {
786 ServerChannel *channel = salloc( 1, sizeof( ServerChannel ) );
787
788- snprintf( channel->name, 20, name );
789+ snprintf( channel->name, 20, "%s", name );
790 channel->id = global_id++;
791 channel->users = list_create( LIST_AUTO_DELETE, LIST_NO_CALLBACK );
792
793@@ -140,7 +140,7 @@
794
795 /* add a dummy user to channel which can be challenged
796 * but does nothing else */
797- snprintf( user->name, 16, name );
798+ snprintf( user->name, 16, "%s", name );
799 user->id = global_id++;
800 user->dummy = 1;
801 net_build_addr( &addr, "localhost", 8000 );
802@@ -267,7 +267,7 @@
803 if ( user == 0 ) return;
804
805 snprintf( errbuf, 128, "You have been kicked! Reason: %s", reason );
806- send_info( user, MSG_ERROR, errbuf );
807+ send_info( user, MSG_ERROR, "%s", errbuf );
808
809 errbuf[0] = MSG_DISCONNECT;
810 socket_transmit( &user->socket, CODE_BLUE, 1, errbuf );
811@@ -443,8 +443,8 @@
812 if ( msg_read_int8() != MSG_CONNECT ) return;
813
814 protocol = msg_read_int8();
815- snprintf( name, 20, msg_read_string() ); name[19] = 0;
816- snprintf( pwd, 20, msg_read_string() ); pwd[19] = 0;
817+ snprintf( name, 20, "%s", msg_read_string() ); name[19] = 0;
818+ snprintf( pwd, 20, "%s", msg_read_string() ); pwd[19] = 0;
819 if ( msg_read_failed() ) {
820 sprintf( errbuf+1, "Login data corrupted, please retry." );
821 goto failure;
822@@ -493,7 +493,7 @@
823 user->admin = 1;
824 }
825 else
826- snprintf( user->name, 20, name );
827+ snprintf( user->name, 20, "%s", name );
828 socket_init( &user->socket, &net_sender_addr );
829 user->hidden = 1; /* don't get the ADD_USER message */
830 channel_add_user( main_channel, user );
831@@ -575,7 +575,7 @@
832 sprintf( buf, "search: %s: in channel %s: %s",
833 target->name, target_channel->name,
834 user->game?"playing":"chatting" );
835- send_info( user, MSG_SERVER_INFO, buf );
836+ send_info( user, MSG_SERVER_INFO, "%s", buf );
837 }
838 } else
839 if ( !strcmp( cmd, "version" ) ) {
840@@ -663,7 +663,7 @@
841 msg_write_int16( server_frame_delay );
842 broadcast_all( msglen, msgbuf );
843 }
844- send_info( user, MSG_SERVER_INFO, buf );
845+ send_info( user, MSG_SERVER_INFO, "%s", buf );
846 } else
847 if ( !strcmp( cmd, "kick" ) && user->admin ) {
848 if ( (name = list_next( args )) == 0 ) {
849@@ -792,7 +792,7 @@
850 }
851 break;
852 case MSG_ENTER_CHANNEL:
853- snprintf( name, 16, msg_read_string() );
854+ snprintf( name, 16, "%s", msg_read_string() );
855 if ( strchr( name, ' ' ) ) {
856 sprintf( errbuf, "Channel name must not contain blanks!" );
857 send_info( user, MSG_ERROR, errbuf );
858@@ -806,7 +806,7 @@
859 ctx.challenger = user;
860 id = msg_read_int32();
861 ctx.challenged = find_user_by_id( id );
862- snprintf( ctx.name, 20, msg_read_string() );
863+ snprintf( ctx.name, 20, "%s", msg_read_string() );
864 ctx.name[19] = 0;
865 ctx.diff = msg_read_int8();
866 ctx.rounds = msg_read_int8();
867@@ -1007,7 +1007,7 @@
868 }
869 if ( !strcmp( "-D", argv[i] ) )
870 if ( argv[i + 1] )
871- snprintf( datadir, 128, argv[i + 1] );
872+ snprintf( datadir, 128, "%s", argv[i + 1] );
873 if ( !strcmp( "-h", argv[i] ) || !strcmp( "--help", argv[i] ) )
874 display_help();
875 if ( !strcmp( "-m", argv[i] ) )
876@@ -1024,7 +1024,7 @@
877 }
878 if ( !strcmp( "-a", argv[i] ) )
879 if ( argv[i + 1] )
880- snprintf( admin_pwd, 15, argv[i + 1] );
881+ snprintf( admin_pwd, 15, "%s", argv[i + 1] );
882 }
883 }
884
885diff -Nur lbreakout2-2.5beta-3.orig/server/server_game.c lbreakout2-2.5beta-3/server/server_game.c
886--- lbreakout2-2.5beta-3.orig/server/server_game.c 2003-06-04 17:41:20.000000000 +0200
887+++ lbreakout2-2.5beta-3/server/server_game.c 2004-02-03 22:12:34.385982832 +0100
888@@ -224,8 +224,8 @@
889 game->set = find_levelset( ctx->name );
890 if ( game->set == 0 ) {
891 /* should never happen... */
892- sprintf( errbuf, "game_create_failed: no levelset '%s' found\n", ctx->name );
893- send_info( ctx->challenger, MSG_ERROR, errbuf );
894+ snprintf( errbuf, 128, "game_create_failed: no levelset '%s' found\n", ctx->name );
895+ send_info( ctx->challenger, MSG_ERROR, "%s", errbuf );
896 free( game );
897 return;
898 }
899@@ -236,7 +236,7 @@
900 if ( (game->game = game_create( GT_NETWORK, ctx->diff, 100/*no rel warp*/ )) == 0 ) {
901 /* send error to user */
902 snprintf( errbuf, 128, "game_create failed: out of memory" );
903- send_info( ctx->challenger, MSG_ERROR, errbuf );
904+ send_info( ctx->challenger, MSG_ERROR, "%s", errbuf );
905 free( game );
906 return;
907 }
Breakout/Arkanoid style arcade game
This page took 0.18834 seconds and 4 git commands to generate.