Utils: Replace stringtf with a type-safe version that can't overflow

pull/3190/head
Peter Keresztes Schmidt 2021-03-05 22:24:33 +01:00 committed by Peter Keresztes Schmidt
parent 9e77324de4
commit 0796a2262e
4 changed files with 16 additions and 34 deletions

View File

@ -2,6 +2,7 @@ target_compile_options(zm-warning-interface
INTERFACE
-Wall
-Wextra
-Wformat-security
-Wno-cast-function-type
-Wno-type-limits
-Wno-unused-parameter)

View File

@ -105,7 +105,7 @@ void RemoteCameraHttp::Initialise() {
request += stringtf( "User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION );
request += stringtf( "Host: %s\r\n", host.c_str());
if ( strcmp( config.http_version, "1.0" ) == 0 )
request += stringtf( "Connection: Keep-Alive\r\n" );
request += "Connection: Keep-Alive\r\n";
if ( !auth.empty() )
request += stringtf( "Authorization: Basic %s\r\n", auth64.c_str() );
request += "\r\n";
@ -362,7 +362,7 @@ int RemoteCameraHttp::GetResponse() {
request += stringtf( "User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION );
request += stringtf( "Host: %s\r\n", host.c_str());
if ( strcmp( config.http_version, "1.0" ) == 0 )
request += stringtf( "Connection: Keep-Alive\r\n" );
request += "Connection: Keep-Alive\r\n";
request += mAuthenticator->getAuthHeader( "GET", path.c_str() );
request += "\r\n";
@ -738,7 +738,7 @@ int RemoteCameraHttp::GetResponse() {
request += stringtf("User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION);
request += stringtf("Host: %s\r\n", host.c_str());
if ( strcmp(config.http_version, "1.0") == 0 )
request += stringtf("Connection: Keep-Alive\r\n");
request += "Connection: Keep-Alive\r\n";
request += mAuthenticator->getAuthHeader("GET", path.c_str());
request += "\r\n";

View File

@ -65,34 +65,6 @@ std::string replaceAll(std::string str, std::string from, std::string to) {
return str;
}
const std::string stringtf( const char *format, ... ) {
va_list ap;
char tempBuffer[8192];
std::string tempString;
va_start(ap, format);
vsnprintf(tempBuffer, sizeof(tempBuffer), format , ap);
va_end(ap);
tempString = tempBuffer;
return tempString;
}
const std::string stringtf(const std::string format, ...) {
va_list ap;
char tempBuffer[8192];
std::string tempString;
va_start(ap, format);
vsnprintf(tempBuffer, sizeof(tempBuffer), format.c_str(), ap);
va_end(ap);
tempString = tempBuffer;
return tempString;
}
bool startsWith(const std::string &haystack, const std::string &needle) {
return ( haystack.substr(0, needle.length()) == needle );
}

View File

@ -23,8 +23,9 @@
#include <chrono>
#include <ctime>
#include <memory>
#include <sys/time.h>
#include <stdexcept>
#include <string>
#include <sys/time.h>
#include <vector>
typedef std::vector<std::string> StringVector;
@ -33,8 +34,16 @@ std::string trimSpaces(const std::string &str);
std::string trimSet(std::string str, std::string trimset);
std::string replaceAll(std::string str, std::string from, std::string to);
const std::string stringtf( const char *format, ... );
const std::string stringtf( const std::string &format, ... );
template<typename... Args>
std::string stringtf(const std::string &format, Args... args) {
int size = snprintf(nullptr, 0, format.c_str(), args...) + 1; // Extra space for '\0'
if (size <= 0) {
throw std::runtime_error("Error during formatting.");
}
std::unique_ptr<char[]> buf(new char[size]);
snprintf(buf.get(), size, format.c_str(), args...);
return std::string(buf.get(), buf.get() + size - 1); // We don't want the '\0' inside
}
bool startsWith( const std::string &haystack, const std::string &needle );
StringVector split( const std::string &string, const std::string &chars, int limit=0 );