Make WelsVsprintf use vsnprintf, to check the buffer size

Otherwise builds on platforms other than MSVC might be insecure. Use vsnprintf_s with the _TRUNCATE flag instead of vsprintf_s when using MSVC - this truncates the buffer instead of aborting the whole process in case it's too small.
2014-01-26 14:33:08 +02:00 · 2014-01-26 14:33:08 +02:00 · e42e82aa1f
commit e42e82aa1f
parent 33fe2b5883
1 changed files with 3 additions and 3 deletions
--- a/codec/common/crt_util_safe_x.cpp
+++ b/codec/common/crt_util_safe_x.cpp
@ -88,7 +88,7 @@ int32_t WelsStrnlen (const str_t* kpStr,  int32_t iMaxlen) {
 }
 int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
-  return vsprintf_s (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr);
+  return vsnprintf_s (pBuffer, iSizeOfBuffer, _TRUNCATE, kpFormat, pArgPtr);
 }
 WelsFileHandle* WelsFopen (const str_t* kpFilename,  const str_t* kpMode) {
@ -142,7 +142,7 @@ int32_t WelsStrnlen (const str_t* kpStr,  int32_t iMaxlen) {
 }
 int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
-  return vsprintf (pBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
+  return vsnprintf (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
 }
@ -210,7 +210,7 @@ int32_t WelsStrnlen (const str_t* kpString, int32_t iMaxlen) {
 #endif
 int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
-  return vsprintf (pBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
+  return vsnprintf (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
 }
 WelsFileHandle* WelsFopen (const str_t* kpFilename,  const str_t* kpMode) {