mirrors/Nim
1
0
Fork 0
mirror of https://github.com/nim-lang/Nim.git synced 2026-04-19 05:50:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes #23304; uses snprintf instead of sprintf (#23322)

Browse Source 
fixes #23304

(cherry picked from commit dfd778d056)
This commit is contained in:
ringabout
2024-02-20 14:28:45 +08:00
committed by narimiran
parent 845be91df5
commit 6d38eafda1
4 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/system/ansi_c.nim
View File

@@ -187,6 +187,9 @@ proc c_sprintf*(buf, frmt: cstring): cint {.
importc: "sprintf", header: "<stdio.h>", varargs, noSideEffect.}
# we use it only in a way that cannot lead to security issues
proc c_snprintf*(buf: cstring, n: csize_t, frmt: cstring): cint {.
importc: "snprintf", header: "<stdio.h>", varargs, noSideEffect.}
when defined(zephyr) and not defined(zephyrUseLibcMalloc):
proc c_malloc*(size: csize_t): pointer {.
importc: "k_malloc", header: "<kernel.h>".}

2
lib/system/repr.nim
View File

@@ -17,7 +17,7 @@ proc reprFloat(x: float): string {.compilerproc.} = return $x
proc reprPointer(x: pointer): string {.compilerproc.} =
result = newString(60)
let n = c_sprintf(cast[cstring](addr result[0]), "%p", x)
let n = c_snprintf(cast[cstring](addr result[0]), csize_t(60), "%p", x)
setLen(result, n)
proc reprStrAux(result: var string, s: cstring; len: int) =