adamsgaard.dk

       tUse snprintf instead of sprintf for security reasons - cngf-pf - continuum model for granular flows with pore-pressure dynamics (renamed from 1d_fd_simple_shear)
 (HTM) git clone git://src.adamsgaard.dk/cngf-pf
 (DIR) Log
 (DIR) Files
 (DIR) Refs
 (DIR) README
 (DIR) LICENSE
       ---
 (DIR) commit 05b6c6a8eb96032d53f60ae53158a3870dc7cc5d
 (DIR) parent 374445d8f064c5aea4703a6f957795bea7425c95
 (HTM) Author: Anders Damsgaard <anders@adamsgaard.dk>
       Date:   Mon, 26 Aug 2019 10:32:26 +0200
       
       Use snprintf instead of sprintf for security reasons
       
       Diffstat:
         M main.c                              |       2 +-
         M parameter_defaults.h                |       2 +-
         M simulation.c                        |       7 ++++---
       
       3 files changed, 6 insertions(+), 5 deletions(-)
       ---
 (DIR) diff --git a/main.c b/main.c
       t@@ -268,7 +268,7 @@ main(int argc, char* argv[])
                                        "error: more than one simulation name specified\n");
                                return 1;
                        }
       -                sprintf(sim.name, "%s", argv[i]);
       +                snprintf(sim.name, sizeof(sim.name), "%s", argv[i]);
                }
        
                prepare_arrays(&sim);
 (DIR) diff --git a/parameter_defaults.h b/parameter_defaults.h
       t@@ -13,7 +13,7 @@ struct simulation init_sim(void)
        {
                struct simulation sim;
        
       -        sprintf(sim.name, DEFAULT_SIMULATION_NAME);
       +        snprintf(sim.name, sizeof(sim.name), DEFAULT_SIMULATION_NAME);
        
                sim.G = 9.81;
        
 (DIR) diff --git a/simulation.c b/simulation.c
       t@@ -63,12 +63,12 @@ check_float(const char name[], const double value, int* return_status)
        #endif
                if (isnan(value)) {
                        char message[100];
       -                sprintf(message, "%s is NaN", name);
       +                snprintf(message, sizeof(message), "%s is NaN", name);
                        warn_parameter_value(message, value, return_status);
                        *return_status = 1;
                } else if (isinf(value)) {
                        char message[100];
       -                sprintf(message, "%s is infinite", name);
       +                snprintf(message, sizeof(message), "%s is infinite", name);
                        warn_parameter_value(message, value, return_status);
                        *return_status = 1;
                }
       t@@ -471,7 +471,8 @@ write_output_file(struct simulation* sim, const int normalize)
                char outfile[200];
                FILE *fp;
        
       -        sprintf(outfile, "%s.output%05d.txt", sim->name, sim->n_file++);
       +        snprintf(outfile, sizeof(outfile), "%s.output%05d.txt",
       +                 sim->name, sim->n_file++);
        
                fp = fopen(outfile, "w");
                if (sim->fluid)