replace remaining occurences of sprintf with snprintf

git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@102 f882894a-f735-0410-b71e-b25c423dba1c

1 files changed, 29 insertions, 32 deletions

diff --git a/plugins/check_http.c b/plugins/check_http.c
index 1b4bae34..306e4a2e 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -177,15 +177,14 @@ int errcode;
 #define HTTP_EXPECT "HTTP/1."
 #define HTTP_URL "/"
 
-time_t start_time, end_time;
 char timestamp[10] = "";
 int specify_port = FALSE;
 int server_port = HTTP_PORT;
 char server_port_text[6] = "";
 char server_type[6] = "http";
-char *server_address = NULL;
-char *host_name = NULL;
-char *server_url = NULL;
+/*@null@*/ char *server_address = NULL; 
+/*@null@*/ char *host_name = NULL;
+/*@null@*/ char *server_url = NULL;
 int server_url_length = 0;
 int server_expect_yn = 0;
 char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
@@ -200,8 +199,8 @@ int onredirect = STATE_OK;
 int use_ssl = FALSE;
 int verbose = FALSE;
 int sd;
-char *http_method = NULL;
-char *http_post_data = NULL;
+/*@null@*/ char *http_method = NULL;
+/*@null@*/ char *http_post_data = NULL;
 char buffer[MAX_INPUT_BUFFER];
 
 void print_usage (void);
@@ -223,9 +222,9 @@ main (int argc, char **argv)
 
 	if (strstr (timestamp, ":")) {
 		if (strstr (server_url, "?"))
-			sprintf (server_url, "%s&%s", server_url, timestamp);
+			server_url = ssprintf (server_url, "%s&%s", server_url, timestamp);
 		else
-			sprintf (server_url, "%s?%s", server_url, timestamp);
+			server_url = ssprintf (server_url, "%s?%s", server_url, timestamp);
 	}
 
 	if (display_html == TRUE)
@@ -233,9 +232,9 @@ main (int argc, char **argv)
 		        host_name, server_port, server_url);
 
 	/* initialize alarm signal handling, set socket timeout, start timer */
-	signal (SIGALRM, socket_timeout_alarm_handler);
-	alarm (socket_timeout);
-	time (&start_time);
+	(void) signal (SIGALRM, socket_timeout_alarm_handler);
+	(void) alarm (socket_timeout);
+	(void) time (&start_time);
 
 #ifdef HAVE_SSL
 	if (use_ssl && check_cert == TRUE) {
@@ -431,8 +430,8 @@ process_arguments (int argc, char **argv)
 		case 'r': /* regex */
 #ifdef HAVE_REGEX_H
 			cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
-			strncpy (regexp, optarg, MAX_INPUT_BUFFER - 1);
-			regexp[MAX_INPUT_BUFFER - 1] = 0;
+			strncpy (regexp, optarg, MAX_RE_SIZE - 1);
+			regexp[MAX_RE_SIZE - 1] = 0;
 			errcode = regcomp (&preg, regexp, cflags);
 			if (errcode != 0) {
 				regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
@@ -487,9 +486,7 @@ base64 (char *bin, int len)
 	int i = 0, j = 0;
 
 	char BASE64_END = '=';
-	char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-		"abcdefghijklmnopqrstuvwxyz"
-		"0123456789+/";
+	char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 
 	while (j < len - 2) {
 		buf[i++] = base64_table[bin[j] >> 2];
@@ -552,7 +549,7 @@ check_http (void)
 			return STATE_CRITICAL;
 		}
 
-		sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url);
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url);
 		if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 			ERR_print_errors_fp (stderr);
 			return STATE_CRITICAL;
@@ -560,7 +557,7 @@ check_http (void)
 
 		/* optionally send the host header info (not clear if it's usable) */
 		if (strcmp (host_name, "")) {
-			sprintf (buffer, "Host: %s\r\n", host_name);
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name);
 			if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
@@ -568,7 +565,7 @@ check_http (void)
 		}
 
 		/* send user agent */
-		sprintf (buffer, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
 		         clean_revstring (REVISION), PACKAGE_VERSION);
 		if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 			ERR_print_errors_fp (stderr);
@@ -578,7 +575,7 @@ check_http (void)
 		/* optionally send the authentication info */
 		if (strcmp (user_auth, "")) {
 			auth = base64 (user_auth, strlen (user_auth));
-			sprintf (buffer, "Authorization: Basic %s\r\n", auth);
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth);
 			if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
@@ -587,12 +584,12 @@ check_http (void)
 
 		/* optionally send http POST data */
 		if (http_post_data) {
-			sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n");
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n");
 			if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
 			}
-			sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
 			if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 				ERR_print_errors_fp (stderr);
 				return STATE_CRITICAL;
@@ -605,7 +602,7 @@ check_http (void)
 		}
 
 		/* send a newline so the server knows we're done with the request */
-		sprintf (buffer, "\r\n\r\n");
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n");
 		if (SSL_write (ssl, buffer, strlen (buffer)) == -1) {
 			ERR_print_errors_fp (stderr);
 			return STATE_CRITICAL;
@@ -618,19 +615,19 @@ check_http (void)
 			msg = ssprintf (msg, "Unable to open TCP socket");
 			terminate (STATE_CRITICAL, msg);
 		}
-		sprintf (buffer, "%s %s HTTP/1.0\r\n", http_method, server_url);
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url);
 		send (sd, buffer, strlen (buffer), 0);
 		
 
 
 		/* optionally send the host header info */
 		if (strcmp (host_name, "")) {
-			sprintf (buffer, "Host: %s\r\n", host_name);
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name);
 			send (sd, buffer, strlen (buffer), 0);
 		}
 
 		/* send user agent */
-		sprintf (buffer,
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, 
 		         "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
 		         clean_revstring (REVISION), PACKAGE_VERSION);
 		send (sd, buffer, strlen (buffer), 0);
@@ -638,23 +635,23 @@ check_http (void)
 		/* optionally send the authentication info */
 		if (strcmp (user_auth, "")) {
 			auth = base64 (user_auth, strlen (user_auth));
-			sprintf (buffer, "Authorization: Basic %s\r\n", auth);
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth);
 			send (sd, buffer, strlen (buffer), 0);
 		}
 
 		/* optionally send http POST data */
 		/* written by Chris Henesy <lurker@shadowtech.org> */
 		if (http_post_data) {
-			sprintf (buffer, "Content-Type: application/x-www-form-urlencoded\r\n");
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n");
 			send (sd, buffer, strlen (buffer), 0);
-			sprintf (buffer, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
+			snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
 			send (sd, buffer, strlen (buffer), 0);
 			http_post_data = strscat (http_post_data, "\r\n");
 			send (sd, http_post_data, strlen (http_post_data), 0);
 		}
 
 		/* send a newline so the server knows we're done with the request */
-		sprintf (buffer, "\r\n\r\n");
+		snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n");
 		send (sd, buffer, strlen (buffer), 0);
 #ifdef HAVE_SSL
 	}
@@ -993,8 +990,8 @@ check_certificate (X509 ** certificate)
 	stamp.tm_isdst = -1;
 
 	days_left = (mktime (&stamp) - time (NULL)) / 86400;
-	sprintf
-		(timestamp, "%02d/%02d/%04d %02d:%02d",
+	snprintf
+		(timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d",
 		 stamp.tm_mon + 1,
 		 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);