Cuneiform for Linux

sources/winc/_dlldummy.c: 2408: bad call to sprintf ?

Bug #1189749 reported by dcb
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Cuneiform for Linux
New
Undecided
Unassigned

Bug Description

I just got the GNU C compiler to say

    inlined from 'LT_GraphicsLinearRemovingConditionsOutput2' at /home/dcb/rpmbuild/BUILD/cuneiform-linux-1.1.0/cuneiform_src/Kern/rblock/sources/winc/_dlldummy.c:2408:10:
/usr/include/bits/stdio2.h:33:3: warning: call to __builtin___sprintf_chk will always overflow destination buffer [enabled by default]

Source code is

    sprintf (szTextBuffer,
            "%d+%d+%d=%d "
            "W %d H %d H/W %5.2f W/H %5.2f\n",
            p -> nLetters,
            p -> nRoots - p -> nLetters - p -> nDust,
            p -> nDust,
            p -> nRoots,
            p -> Rect.xRight - p -> Rect.xLeft + 1,
            p -> Rect.yBottom - p -> Rect.yTop + 1,
            (double) (p -> Rect.yBottom - p -> Rect.yTop + 1) /
            (p -> Rect.xRight - p -> Rect.xLeft + 1),
            (double) (p -> Rect.xRight - p -> Rect.xLeft + 1) /
            (p -> Rect.yBottom - p -> Rect.yTop + 1)
    );

At least 37 bytes are written into szTextBuffer by this call. but it
is only 32 bytes long. Suggest increase to 40 bytes or so.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.