compiled/filter/ActiveFilter.cpp - Issue 29404594: Noissue - [emscripten] Replace sprintf() usage by safe alternatives

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: compiled/filter/ActiveFilter.cpp

Issue 29404594: Noissue - [emscripten] Replace sprintf() usage by safe alternatives (Closed) Base URL: https://hg.adblockplus.org/adblockpluscore

Patch Set: Created April 6, 2017, 8:40 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * This file is part of Adblock Plus <https://adblockplus.org/>,	2 * This file is part of Adblock Plus <https://adblockplus.org/>,

3 * Copyright (C) 2006-2017 eyeo GmbH	3 * Copyright (C) 2006-2017 eyeo GmbH

4 *	4 *

5 * Adblock Plus is free software: you can redistribute it and/or modify	5 * Adblock Plus is free software: you can redistribute it and/or modify

6 * it under the terms of the GNU General Public License version 3 as	6 * it under the terms of the GNU General Public License version 3 as

7 * published by the Free Software Foundation.	7 * published by the Free Software Foundation.

8 *	8 *

9 * Adblock Plus is distributed in the hope that it will be useful,	9 * Adblock Plus is distributed in the hope that it will be useful,

10 * but WITHOUT ANY WARRANTY; without even the implied warranty of	10 * but WITHOUT ANY WARRANTY; without even the implied warranty of

11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12 * GNU General Public License for more details.	12 * GNU General Public License for more details.

13 *	13 *

14 * You should have received a copy of the GNU General Public License	14 * You should have received a copy of the GNU General Public License

15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>.	15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>.

16 */	16 */

17	17

18 #include <cstdio>	18 #include <cstdio>

19	19

20 #include "ActiveFilter.h"	20 #include "ActiveFilter.h"

21 #include "../StringScanner.h"	21 #include "../StringScanner.h"

22	22

23 namespace	23 namespace

24 {	24 {

25 const DependentString DEFAULT_DOMAIN(u""_str);	25 const DependentString DEFAULT_DOMAIN(u""_str);

26	26

27 OwnedString to_string(unsigned int i)	27 OwnedString to_string(unsigned int i)

28 {	28 {

29 char buffer[11];	29 const std::size_t BUFFER_SIZE = 11;

30 int len = sprintf(buffer, "%u", i);	30 char buffer[BUFFER_SIZE];

	31 int len = snprintf(buffer, BUFFER_SIZE, "%u", i);

31	32

32 OwnedString result(len);	33 OwnedString result(len);
	hub 2017/04/06 10:31:23 From `man snprintf` From `man snprintf` Show quoted text > if the return value is greater than or equal to the size argument, the > string was too short and some of the printed characters were discarded. So we shouldn't use len to initialise result that way. Nor as a counter for iterating through the buffer. Wladimir Palant 2017/04/06 15:14:40 We have the same issue in the subscription classes Show quoted text On 2017/04/06 10:31:23, hub wrote: > From `man snprintf` > > > if the return value is greater than or equal to the size argument, the > > string was too short and some of the printed characters were discarded. > > So we shouldn't use len to initialise result that way. > Nor as a counter for iterating through the buffer. We have the same issue in the subscription classes. I think we should just avoid unnecessary buffers by writing our own conversion function that can deal with wide chars.
33 for (String::size_type i = 0; i < len; i++)	34 for (String::size_type i = 0; i < len; i++)

34 result[i] = buffer[i];	35 result[i] = buffer[i];

35 return result;	36 return result;

36 }	37 }

37 }	38 }

38	39

39 ActiveFilter::ActiveFilter(Type type, const String& text, bool ignoreTrailingDot )	40 ActiveFilter::ActiveFilter(Type type, const String& text, bool ignoreTrailingDot )

40 : Filter(type, text), mDisabled(false), mHitCount(0), mLastHit(0),	41 : Filter(type, text), mDisabled(false), mHitCount(0), mLastHit(0),

41 mIgnoreTrailingDot(ignoreTrailingDot)	42 mIgnoreTrailingDot(ignoreTrailingDot)

42 {	43 {

(...skipping 155 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
198 result.append(u'\n');	199 result.append(u'\n');

199 }	200 }

200 if (mLastHit)	201 if (mLastHit)

201 {	202 {

202 result.append(u"lastHit="_str);	203 result.append(u"lastHit="_str);

203 result.append(to_string(mLastHit));	204 result.append(to_string(mLastHit));

204 result.append(u'\n');	205 result.append(u'\n');

205 }	206 }

206 return result;	207 return result;

207 }	208 }

OLD	NEW

« no previous file with comments | « compiled/bindings.ipp ('k') | no next file » | no next file with comments »