diff --git a/swad_ID.c b/swad_ID.c index a60c7d34..2829f0bc 100644 --- a/swad_ID.c +++ b/swad_ID.c @@ -516,7 +516,9 @@ void ID_ShowFormChangeMyID (bool IShouldFillID) Lay_StartSection (ID_ID_SECTION_ID); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_ID,Acc_PutLinkToRemoveMyAccount, Hlp_PROFILE_Account,Box_NOT_CLOSABLE); @@ -546,7 +548,9 @@ void ID_ShowFormChangeOtherUsrID (void) Lay_StartSection (ID_ID_SECTION_ID); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_ID,NULL, Hlp_PROFILE_Account,Box_NOT_CLOSABLE); @@ -646,10 +650,10 @@ static void ID_ShowFormChangeUsrID (const struct UsrData *UsrDat, } /* User's ID */ - sprintf (Gbl.Title, - UsrDat->IDs.List[NumID].Confirmed ? Txt_ID_X_confirmed : - Txt_ID_X_not_confirmed, - UsrDat->IDs.List[NumID].ID); + snprintf (Gbl.Title,sizeof (Gbl.Title), + UsrDat->IDs.List[NumID].Confirmed ? Txt_ID_X_confirmed : + Txt_ID_X_not_confirmed, + UsrDat->IDs.List[NumID].ID); fprintf (Gbl.F.Out,"%s", UsrDat->IDs.List[NumID].Confirmed ? "USR_ID_C" : "USR_ID_NC", @@ -659,7 +663,9 @@ static void ID_ShowFormChangeUsrID (const struct UsrData *UsrDat, /* ID confirmed? */ if (UsrDat->IDs.List[NumID].Confirmed) { - sprintf (Gbl.Title,Txt_ID_X_confirmed,UsrDat->IDs.List[NumID].ID); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_ID_X_confirmed, + UsrDat->IDs.List[NumID].ID); fprintf (Gbl.F.Out,"\"%s\"", diff --git a/swad_MFU.c b/swad_MFU.c index b3479d0d..d9aa0aab 100644 --- a/swad_MFU.c +++ b/swad_MFU.c @@ -235,7 +235,9 @@ void MFU_WriteBigMFUActions (struct MFU_ListMFUActions *ListMFUActions) MFU_MAX_BYTES_TAB); Str_Copy (MenuStr,Title, MFU_MAX_BYTES_MENU); - sprintf (TabMenuStr,"%s > %s",TabStr,MenuStr); + snprintf (TabMenuStr,sizeof (TabMenuStr), + "%s > %s", + TabStr,MenuStr); /* Icon and text */ fprintf (Gbl.F.Out,"
  • "); @@ -296,7 +298,9 @@ void MFU_WriteSmallMFUActions (struct MFU_ListMFUActions *ListMFUActions) MFU_MAX_BYTES_TAB); Str_Copy (MenuStr,Title, MFU_MAX_BYTES_MENU); - sprintf (TabMenuStr,"%s > %s",TabStr,MenuStr); + snprintf (TabMenuStr,sizeof (TabMenuStr), + "%s > %s", + TabStr,MenuStr); /* Icon and text */ fprintf (Gbl.F.Out,"
  • "); diff --git a/swad_RSS.c b/swad_RSS.c index da5bc65c..9f98f52c 100644 --- a/swad_RSS.c +++ b/swad_RSS.c @@ -65,11 +65,15 @@ void RSS_UpdateRSSFileForACrs (struct Course *Crs) struct tm *tm; /***** Create RSS directory if not exists *****/ - sprintf (PathRelPublRSSDir,"%s/%s/%ld/%s",Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS,Crs->CrsCod,Cfg_RSS_FOLDER); + snprintf (PathRelPublRSSDir,sizeof (PathRelPublRSSDir), + "%s/%s/%ld/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS,Crs->CrsCod,Cfg_RSS_FOLDER); Fil_CreateDirIfNotExists (PathRelPublRSSDir); /***** Create RSS file *****/ - sprintf (PathRelPublRSSFile,"%s/%s",PathRelPublRSSDir,Cfg_RSS_FILE); + snprintf (PathRelPublRSSFile,sizeof (PathRelPublRSSFile), + "%s/%s", + PathRelPublRSSDir,Cfg_RSS_FILE); if ((FileRSS = fopen (PathRelPublRSSFile,"wb")) == NULL) Lay_ShowErrorAndExit ("Can not create RSS file."); diff --git a/swad_action.c b/swad_action.c index 3103500e..c81dca89 100644 --- a/swad_action.c +++ b/swad_action.c @@ -5241,12 +5241,12 @@ static void Act_StartFormInternal (Act_Action_t NextAction,bool PutParameterLoca } } -void Act_SetParamsForm (char ParamsStr[Act_MAX_BYTES_PARAMS_STR],Act_Action_t NextAction, +void Act_SetParamsForm (char ParamsStr[Act_MAX_BYTES_PARAMS_STR + 1],Act_Action_t NextAction, bool PutParameterLocationIfNoSesion) { - char ParamAction[Act_MAX_BYTES_PARAM_ACTION]; - char ParamSession[Act_MAX_BYTES_PARAM_SESSION]; - char ParamLocation[Act_MAX_BYTES_PARAM_LOCATION]; + char ParamAction[Act_MAX_BYTES_PARAM_ACTION + 1]; + char ParamSession[Act_MAX_BYTES_PARAM_SESSION + 1]; + char ParamLocation[Act_MAX_BYTES_PARAM_LOCATION + 1]; ParamAction[0] = '\0'; ParamSession[0] = '\0'; @@ -5294,7 +5294,7 @@ void Act_SetParamsForm (char ParamsStr[Act_MAX_BYTES_PARAMS_STR],Act_Action_t Ne Gbl.CurrentCty.Cty.CtyCod); } - snprintf (ParamsStr,Act_MAX_BYTES_PARAMS_STR, + snprintf (ParamsStr,Act_MAX_BYTES_PARAMS_STR + 1, "%s%s%s", ParamAction,ParamSession,ParamLocation); } @@ -5375,7 +5375,7 @@ void Act_LinkFormSubmitAnimated (const char *Title,const char *LinkStyle, /***************************** Get unique Id *********************************/ /*****************************************************************************/ -void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID]) +void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID + 1]) { static unsigned CountForThisExecution = 0; @@ -5384,7 +5384,7 @@ void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID]) So, Id uses: - a name for this execution (Gbl.UniqueNameEncrypted) - a number for each element in this execution (CountForThisExecution) *****/ - snprintf (UniqueId,Act_MAX_BYTES_ID, + snprintf (UniqueId,Act_MAX_BYTES_ID + 1, "id_%s_%u", Gbl.UniqueNameEncrypted, ++CountForThisExecution); diff --git a/swad_action.h b/swad_action.h index ff9df4e5..77f88ba7 100644 --- a/swad_action.h +++ b/swad_action.h @@ -67,7 +67,7 @@ typedef signed int Act_Action_t; // Must be a signed type, because -1 is used to #define Act_MAX_OPTIONS_IN_MENU_PER_TAB 13 -#define Act_MAX_BYTES_ID (32 + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 10 + 1) +#define Act_MAX_BYTES_ID (32 + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 10) #define Act_MAX_BYTES_PARAM_ACTION 256 #define Act_MAX_BYTES_PARAM_SESSION (256 + Cns_BYTES_SESSION_ID) @@ -1689,7 +1689,7 @@ void Act_LinkFormSubmitId (const char *Title,const char *LinkStyle, void Act_LinkFormSubmitAnimated (const char *Title,const char *LinkStyle, const char *OnSubmit); -void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID]); +void Act_SetUniqueId (char UniqueId[Act_MAX_BYTES_ID + 1]); void Act_AdjustActionWhenNoUsrLogged (void); void Act_AdjustCurrentAction (void); diff --git a/swad_alert.c b/swad_alert.c index ab7015ce..eb8c1ad2 100644 --- a/swad_alert.c +++ b/swad_alert.c @@ -116,7 +116,7 @@ void Ale_ShowAlertAndButton (Ale_AlertType_t AlertType,const char *Txt, void Ale_ShowAlertAndButton1 (Ale_AlertType_t AlertType,const char *Txt) { extern const char *Txt_Close; - char IdAlert[Act_MAX_BYTES_ID]; + char IdAlert[Act_MAX_BYTES_ID + 1]; static const bool AlertClosable[Ale_NUM_ALERT_TYPES] = { false, // Ale_NONE diff --git a/swad_box.c b/swad_box.c index afcd8cf8..32807423 100644 --- a/swad_box.c +++ b/swad_box.c @@ -114,7 +114,7 @@ static void Box_StartBoxInternal (const char *Width,const char *Title, { extern const char *Txt_Help; extern const char *Txt_Close; - char IdFrame[Act_MAX_BYTES_ID]; + char IdFrame[Act_MAX_BYTES_ID + 1]; /***** Start box container *****/ fprintf (Gbl.F.Out,"
    Year, Date->Month, Date->Day); break; case Dat_FORMAT_DD_MONTH_YYYY: - snprintf (StrDate,Cns_MAX_BYTES_DATE, + snprintf (StrDate,Cns_MAX_BYTES_DATE + 1, "%u %s %04u", Date->Day, Txt_MONTHS_SMALL_SHORT[Date->Month - 1], Date->Year); break; case Dat_FORMAT_MONTH_DD_YYYY: - snprintf (StrDate,Cns_MAX_BYTES_DATE, + snprintf (StrDate,Cns_MAX_BYTES_DATE + 1, "%s %u, %04u", Txt_MONTHS_SMALL_SHORT[Date->Month - 1], Date->Day, @@ -781,12 +781,12 @@ void Dat_GetBrowserTimeZone (char BrowserTimeZone[Dat_MAX_BYTES_TIME_ZONE + 1]) /* Convert from minutes to +-hh:mm */ // BrowserTimeZone must have space for strings in +hh:mm format (6 chars + \0) if (ClientUTCMinusLocal > 0) - snprintf (BrowserTimeZone,Dat_MAX_BYTES_TIME_ZONE, + snprintf (BrowserTimeZone,Dat_MAX_BYTES_TIME_ZONE + 1, "-%02u:%02u", (unsigned) ClientUTCMinusLocal / 60, (unsigned) ClientUTCMinusLocal % 60); else // ClientUTCMinusLocal <= 0 - snprintf (BrowserTimeZone,Dat_MAX_BYTES_TIME_ZONE, + snprintf (BrowserTimeZone,Dat_MAX_BYTES_TIME_ZONE + 1, "+%02u:%02u", (unsigned) (-ClientUTCMinusLocal) / 60, (unsigned) (-ClientUTCMinusLocal) % 60); diff --git a/swad_date.h b/swad_date.h index cadf0dc2..8ed84610 100644 --- a/swad_date.h +++ b/swad_date.h @@ -41,6 +41,8 @@ #define Dat_MAX_BYTES_TIME_ZONE 256 +#define Dat_MAX_BYTES_TIME (128 - 1) + /*****************************************************************************/ /******************************* Public types ********************************/ /*****************************************************************************/ diff --git a/swad_file.c b/swad_file.c index f0aa7488..d33a7921 100644 --- a/swad_file.c +++ b/swad_file.c @@ -75,15 +75,18 @@ void Fil_CreateFileForHTMLOutput (void) char PathHTMLOutputPriv[PATH_MAX + 1]; /***** Check if exists the directory for HTML output. If not exists, create it *****/ - sprintf (PathHTMLOutputPriv,"%s/%s",Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT); + snprintf (PathHTMLOutputPriv,sizeof (PathHTMLOutputPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT); Fil_CreateDirIfNotExists (PathHTMLOutputPriv); /***** Remove old files *****/ Fil_RemoveOldTmpFiles (PathHTMLOutputPriv,Cfg_TIME_TO_DELETE_HTML_OUTPUT,false); /***** Create a unique name for the file *****/ - sprintf (Gbl.HTMLOutput.FileName,"%s/%s.html", - PathHTMLOutputPriv,Gbl.UniqueNameEncrypted); + snprintf (Gbl.HTMLOutput.FileName,sizeof (Gbl.HTMLOutput.FileName), + "%s/%s.html", + PathHTMLOutputPriv,Gbl.UniqueNameEncrypted); /***** Open file for writing and reading *****/ if ((Gbl.F.Out = fopen (Gbl.HTMLOutput.FileName,"w+t")) == NULL) @@ -331,7 +334,9 @@ void Fil_CreateUpdateFile (const char CurrentName[PATH_MAX + 1], Str_Copy (NewName,CurrentName, PATH_MAX); NewName[LengthFileRoot] = '\0'; - sprintf (OldName,"%s%s",NewName,ExtensionOldName); + snprintf (OldName,PATH_MAX + 1, + "%s%s", + NewName,ExtensionOldName); Str_Concat (NewName,".new", PATH_MAX); @@ -477,7 +482,9 @@ void Fil_RemoveTree (const char *Path) if (strcmp (FileList[NumFile]->d_name,".") && strcmp (FileList[NumFile]->d_name,"..")) // Skip directories "." and ".." { - sprintf (PathFileRel,"%s/%s",Path,FileList[NumFile]->d_name); + snprintf (PathFileRel,sizeof (PathFileRel), + "%s/%s", + Path,FileList[NumFile]->d_name); Fil_RemoveTree (PathFileRel); } free ((void *) FileList[NumFile]); @@ -535,7 +542,9 @@ void Fil_RemoveOldTmpFiles (const char *Path,time_t TimeToRemove,bool RemoveDire if (strcmp (FileList[NumFile]->d_name,".") && strcmp (FileList[NumFile]->d_name,"..")) // Skip directories "." and ".." { - sprintf (Path2,"%s/%s",Path,FileList[NumFile]->d_name); + snprintf (Path2,sizeof (Path2), + "%s/%s", + Path,FileList[NumFile]->d_name); Fil_RemoveOldTmpFiles (Path2,TimeToRemove,true); // Recursive call } free ((void *) FileList[NumFile]); @@ -632,28 +641,48 @@ void Fil_WriteFileSizeBrief (double SizeInBytes, char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) - sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f B", + SizeInBytes); else if (SizeInBytes < Mi) - sprintf (FileSizeStr,"%.0f KiB",SizeInBytes / Ki); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f KiB", + SizeInBytes / Ki); else if (SizeInBytes < Gi) - sprintf (FileSizeStr,"%.0f MiB",SizeInBytes / Mi); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f MiB", + SizeInBytes / Mi); else if (SizeInBytes < Ti) - sprintf (FileSizeStr,"%.0f GiB",SizeInBytes / Gi); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f GiB", + SizeInBytes / Gi); else - sprintf (FileSizeStr,"%.0f TiB",SizeInBytes / Ti); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f TiB", + SizeInBytes / Ti); } void Fil_WriteFileSizeFull (double SizeInBytes, char FileSizeStr[Fil_MAX_BYTES_FILE_SIZE_STRING + 1]) { if (SizeInBytes < Ki) - sprintf (FileSizeStr,"%.0f B" ,SizeInBytes); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.0f B", + SizeInBytes); else if (SizeInBytes < Mi) - sprintf (FileSizeStr,"%.1f KiB",SizeInBytes / Ki); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.1f KiB", + SizeInBytes / Ki); else if (SizeInBytes < Gi) - sprintf (FileSizeStr,"%.1f MiB",SizeInBytes / Mi); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.1f MiB", + SizeInBytes / Mi); else if (SizeInBytes < Ti) - sprintf (FileSizeStr,"%.1f GiB",SizeInBytes / Gi); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.1f GiB", + SizeInBytes / Gi); else - sprintf (FileSizeStr,"%.1f TiB",SizeInBytes / Ti); + snprintf (FileSizeStr,Fil_MAX_BYTES_FILE_SIZE_STRING + 1, + "%.1f TiB", + SizeInBytes / Ti); } diff --git a/swad_forum.c b/swad_forum.c index ce195d92..c8b24ac7 100644 --- a/swad_forum.c +++ b/swad_forum.c @@ -1009,7 +1009,9 @@ static void For_ShowPostsOfAThread (Ale_AlertType_t AlertType,const char *Messag Ale_ShowAlert (AlertType,Message); /***** Start box *****/ - sprintf (FrameTitle,"%s: %s",Txt_Thread,Thr.Subject); + snprintf (FrameTitle,sizeof (FrameTitle), + "%s: %s", + Txt_Thread,Thr.Subject); Box_StartBox (NULL,FrameTitle,For_PutIconNewPost, Hlp_SOCIAL_Forums_posts,Box_NOT_CLOSABLE); @@ -1267,9 +1269,10 @@ static void For_ShowAForumPost (unsigned PstNum,long PstCod, Gbl.Forum.ForumSelected.ThrCod, PstCod); - sprintf (Gbl.Title,Enabled ? Txt_Post_X_allowed_Click_to_ban_it : - Txt_Post_X_banned_Click_to_unban_it, - PstNum); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Enabled ? Txt_Post_X_allowed_Click_to_ban_it : + Txt_Post_X_banned_Click_to_unban_it, + PstNum); fprintf (Gbl.F.Out,"", @@ -1282,9 +1285,10 @@ static void For_ShowAForumPost (unsigned PstNum,long PstCod, } else { - sprintf (Gbl.Title,Enabled ? Txt_Post_X_allowed : - Txt_Post_X_banned, - PstNum); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Enabled ? Txt_Post_X_allowed : + Txt_Post_X_banned, + PstNum); fprintf (Gbl.F.Out,"" "\"%s\"Location; @@ -2247,9 +2253,10 @@ void For_SetForumName (struct Forum *Forum, Ins.InsCod = Forum->Location; if (!Ins_GetDataOfInstitutionByCod (&Ins,Ins_GET_BASIC_DATA)) Lay_ShowErrorAndExit ("Institution not found."); - sprintf (ForumName,"%s%s",Ins.ShrtName, - UseHTMLEntities ? Txt_only_teachers : - Txt_only_teachers_NO_HTML[Language]); + snprintf (ForumName,For_MAX_BYTES_FORUM_NAME + 1, + "%s%s",Ins.ShrtName, + UseHTMLEntities ? Txt_only_teachers : + Txt_only_teachers_NO_HTML[Language]); break; case For_FORUM_CENTRE_USRS: Ctr.CtrCod = Forum->Location; @@ -2262,9 +2269,10 @@ void For_SetForumName (struct Forum *Forum, Ctr.CtrCod = Forum->Location; if (!Ctr_GetDataOfCentreByCod (&Ctr)) Lay_ShowErrorAndExit ("Centre not found."); - sprintf (ForumName,"%s%s",Ctr.ShrtName, - UseHTMLEntities ? Txt_only_teachers : - Txt_only_teachers_NO_HTML[Language]); + snprintf (ForumName,For_MAX_BYTES_FORUM_NAME + 1, + "%s%s",Ctr.ShrtName, + UseHTMLEntities ? Txt_only_teachers : + Txt_only_teachers_NO_HTML[Language]); break; case For_FORUM_DEGREE_USRS: Deg.DegCod = Forum->Location; @@ -2277,9 +2285,10 @@ void For_SetForumName (struct Forum *Forum, Deg.DegCod = Forum->Location; if (!Deg_GetDataOfDegreeByCod (&Deg)) Lay_ShowErrorAndExit ("Degree not found."); - sprintf (ForumName,"%s%s",Deg.ShrtName, - UseHTMLEntities ? Txt_only_teachers : - Txt_only_teachers_NO_HTML[Language]); + snprintf (ForumName,For_MAX_BYTES_FORUM_NAME + 1, + "%s%s",Deg.ShrtName, + UseHTMLEntities ? Txt_only_teachers : + Txt_only_teachers_NO_HTML[Language]); break; case For_FORUM_COURSE_USRS: Crs.CrsCod = Forum->Location; @@ -2292,9 +2301,10 @@ void For_SetForumName (struct Forum *Forum, Crs.CrsCod = Forum->Location; if (!Crs_GetDataOfCourseByCod (&Crs)) Lay_ShowErrorAndExit ("Course not found."); - sprintf (ForumName,"%s%s",Crs.ShrtName, - UseHTMLEntities ? Txt_only_teachers : - Txt_only_teachers_NO_HTML[Language]); + snprintf (ForumName,For_MAX_BYTES_FORUM_NAME + 1, + "%s%s",Crs.ShrtName, + UseHTMLEntities ? Txt_only_teachers : + Txt_only_teachers_NO_HTML[Language]); break; default: Str_Copy (ForumName,Txt_Unknown_FORUM, @@ -2575,7 +2585,9 @@ static void For_ShowForumThreadsHighlightingOneThread (long ThrCodHighlighted, Ale_ShowAlert (AlertType,Message); /***** Start box for threads of this forum *****/ - sprintf (FrameTitle,"%s: %s",Txt_Forum,ForumName); + snprintf (FrameTitle,sizeof (FrameTitle), + "%s: %s", + Txt_Forum,ForumName); Box_StartBox (NULL,FrameTitle,For_PutIconNewThread, Hlp_SOCIAL_Forums_threads,Box_NOT_CLOSABLE); @@ -3548,7 +3560,9 @@ static void For_GetThrData (struct ForumThread *Thr) Str_Copy (Thr->Subject,row[6], Cns_MAX_BYTES_SUBJECT); if (!Thr->Subject[0]) - sprintf (Thr->Subject,"[%s]",Txt_no_subject); + snprintf (Thr->Subject,sizeof (Thr->Subject), + "[%s]", + Txt_no_subject); /***** Free structure that stores the query result *****/ DB_FreeMySQLResult (&mysql_res); diff --git a/swad_game.c b/swad_game.c index 05f1fb65..a0b1e923 100644 --- a/swad_game.c +++ b/swad_game.c @@ -2889,7 +2889,9 @@ static void Gam_ListOneOrMoreQuestionsForEdition (struct Game *Game, { Gbl.RowEvenOdd = NumQst % 2; - sprintf (StrNumQst,"%u",NumQst + 1); + snprintf (StrNumQst,sizeof (StrNumQst), + "%u", + NumQst + 1); row = mysql_fetch_row (mysql_res); /* @@ -2924,7 +2926,9 @@ static void Gam_ListOneOrMoreQuestionsForEdition (struct Game *Game, /* Put icon to move up the question */ if (NumQst) { - sprintf (Gbl.Title,Txt_Move_up_X,StrNumQst); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Move_up_X, + StrNumQst); Lay_PutContextualLink (ActUp_GamQst,NULL,Gam_PutParamsOneQst, "up_on16x16.gif", Gbl.Title,NULL, @@ -2936,7 +2940,9 @@ static void Gam_ListOneOrMoreQuestionsForEdition (struct Game *Game, /* Put icon to move down the question */ if (NumQst + 1 < NumQsts) { - sprintf (Gbl.Title,Txt_Move_down_X,StrNumQst); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Move_down_X, + StrNumQst); Lay_PutContextualLink (ActDwnGamQst,NULL,Gam_PutParamsOneQst, "down_on16x16.gif", Gbl.Title,NULL, @@ -3204,13 +3210,15 @@ static void Gam_DrawBarNumUsrs (unsigned NumUsrs,unsigned MaxUsrs) /***** String with the number of users *****/ if (MaxUsrs) - sprintf (Gbl.Title,"%u (%u%% %s %u)", - NumUsrs, - (unsigned) ((((float) NumUsrs * 100.0) / (float) MaxUsrs) + 0.5), - Txt_of_PART_OF_A_TOTAL,MaxUsrs); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u (%u%% %s %u)", + NumUsrs, + (unsigned) ((((float) NumUsrs * 100.0) / (float) MaxUsrs) + 0.5), + Txt_of_PART_OF_A_TOTAL,MaxUsrs); else - sprintf (Gbl.Title,"0 (0%% %s %u)", - Txt_of_PART_OF_A_TOTAL,MaxUsrs); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "0 (0%% %s %u)", + Txt_of_PART_OF_A_TOTAL,MaxUsrs); /***** Draw bar with a with proportional to the number of clicks *****/ fprintf (Gbl.F.Out,"", @@ -3770,7 +3778,9 @@ static void Gam_ReceiveAndStoreUserAnswersToAGame (long GamCod) Lay_ShowErrorAndExit ("Error: wrong question code."); /* Get possible parameter with the user's answer */ - sprintf (ParamName,"Ans%010u",(unsigned) QstCod); + snprintf (ParamName,sizeof (ParamName), + "Ans%010u", + (unsigned) QstCod); // Lay_ShowAlert (Lay_INFO,ParamName); Par_GetParMultiToText (ParamName,StrAnswersIndexes, Gam_MAX_ANSWERS_PER_QUESTION * (10 + 1)); diff --git a/swad_global.c b/swad_global.c index 469099bf..18c88d61 100644 --- a/swad_global.c +++ b/swad_global.c @@ -135,16 +135,19 @@ void Gbl_InitializeGlobals (void) Gbl.Prefs.Menu = Mnu_MENU_DEFAULT; // Default menu Gbl.Prefs.Theme = The_THEME_DEFAULT; // Default theme Gbl.Prefs.IconSet = Ico_ICON_SET_DEFAULT; // Default icon set - sprintf (Gbl.Prefs.IconsURL,"%s/%s", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON); - sprintf (Gbl.Prefs.PathTheme,"%s/%s/%s/%s", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, - Cfg_ICON_FOLDER_THEMES, - The_ThemeId[Gbl.Prefs.Theme]); - sprintf (Gbl.Prefs.PathIconSet,"%s/%s/%s/%s", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, - Cfg_ICON_FOLDER_ICON_SETS, - Ico_IconSetId[Gbl.Prefs.IconSet]); + snprintf (Gbl.Prefs.IconsURL,sizeof (Gbl.Prefs.IconsURL), + "%s/%s", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON); + snprintf (Gbl.Prefs.PathTheme,sizeof (Gbl.Prefs.PathTheme), + "%s/%s/%s/%s", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, + Cfg_ICON_FOLDER_THEMES, + The_ThemeId[Gbl.Prefs.Theme]); + snprintf (Gbl.Prefs.PathIconSet,sizeof (Gbl.Prefs.PathIconSet), + "%s/%s/%s/%s", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, + Cfg_ICON_FOLDER_ICON_SETS, + Ico_IconSetId[Gbl.Prefs.IconSet]); Gbl.Session.NumSessions = 0; Gbl.Session.IsOpen = false; diff --git a/swad_group.c b/swad_group.c index 353bd938..96d8e002 100644 --- a/swad_group.c +++ b/swad_group.c @@ -1378,7 +1378,9 @@ static void Grp_ListGroupTypesForEdition (void) Txt_The_groups_will_not_automatically_open, Gbl.CurrentCrs.Grps.GrpTypes.LstGrpTypes[NumGrpTyp].MustBeOpened ? Txt_The_groups_will_automatically_open : Txt_The_groups_will_not_automatically_open); - sprintf (Id,"open_time_%u",UniqueId); + snprintf (Id,sizeof (Id), + "open_time_%u", + UniqueId); Dat_WriteFormClientLocalDateTimeFromTimeUTC (Id, "Open", Gbl.CurrentCrs.Grps.GrpTypes.LstGrpTypes[NumGrpTyp].OpenTimeUTC, @@ -1521,10 +1523,10 @@ static void Grp_ListGroupsForEdition (void) ActOpeGrp, Grp_GROUPS_SECTION_ID); Grp_PutParamGrpCod (Grp->GrpCod); - sprintf (Gbl.Title, - Grp->Open ? Txt_Group_X_open_click_to_close_it : - Txt_Group_X_closed_click_to_open_it, - Grp->GrpName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Grp->Open ? Txt_Group_X_open_click_to_close_it : + Txt_Group_X_closed_click_to_open_it, + Grp->GrpName); fprintf (Gbl.F.Out,"", @@ -1542,10 +1544,10 @@ static void Grp_ListGroupsForEdition (void) ActEnaFilZonGrp, Grp_GROUPS_SECTION_ID); Grp_PutParamGrpCod (Grp->GrpCod); - sprintf (Gbl.Title, - Grp->FileZones ? Txt_File_zones_of_the_group_X_enabled_click_to_disable_them : - Txt_File_zones_of_the_group_X_disabled_click_to_enable_them, - Grp->GrpName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Grp->FileZones ? Txt_File_zones_of_the_group_X_enabled_click_to_disable_them : + Txt_File_zones_of_the_group_X_disabled_click_to_enable_them, + Grp->GrpName); fprintf (Gbl.F.Out,"", @@ -2380,9 +2382,10 @@ static void Grp_WriteRowGrp (struct Group *Grp,bool Highlight) Rol_Role_t Role; /***** Write icon to show if group is open or closed *****/ - sprintf (Gbl.Title,Grp->Open ? Txt_Group_X_open : - Txt_Group_X_closed, - Grp->GrpName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Grp->Open ? Txt_Group_X_open : + Txt_Group_X_closed, + Grp->GrpName); fprintf (Gbl.F.Out," 0) // Degree selected { /* Select a course */ - sprintf (Gbl.Title,Gbl.CurrentCrs.Crs.CrsCod > 0 ? Txt_Select_create_course_in_X : - Txt_Select_or_create_one_course_in_X, - Gbl.CurrentDeg.Deg.ShrtName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Gbl.CurrentCrs.Crs.CrsCod > 0 ? Txt_Select_create_course_in_X : + Txt_Select_or_create_one_course_in_X, + Gbl.CurrentDeg.Deg.ShrtName); Hlp_ShowRowHelpWhatWouldYouLikeToDo (Gbl.Title, ActSeeCrs, Btn_CONFIRM_BUTTON,Txt_Courses); @@ -197,9 +201,10 @@ void Hlp_ShowHelpWhatWouldYouLikeToDo (void) else if (Gbl.CurrentCtr.Ctr.CtrCod > 0) // Centre selected { /* Select a degree */ - sprintf (Gbl.Title,Gbl.CurrentDeg.Deg.DegCod > 0 ? Txt_Select_or_create_another_degree_in_X : - Txt_Select_or_create_one_degree_in_X, - Gbl.CurrentCtr.Ctr.ShrtName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Gbl.CurrentDeg.Deg.DegCod > 0 ? Txt_Select_or_create_another_degree_in_X : + Txt_Select_or_create_one_degree_in_X, + Gbl.CurrentCtr.Ctr.ShrtName); Hlp_ShowRowHelpWhatWouldYouLikeToDo (Gbl.Title, ActSeeDeg, Btn_CONFIRM_BUTTON,Txt_Degrees); @@ -207,9 +212,10 @@ void Hlp_ShowHelpWhatWouldYouLikeToDo (void) else if (Gbl.CurrentIns.Ins.InsCod > 0) // Institution selected { /* Select a centre */ - sprintf (Gbl.Title,Gbl.CurrentCtr.Ctr.CtrCod > 0 ? Txt_Select_or_create_another_centre_in_X : - Txt_Select_or_create_one_centre_in_X, - Gbl.CurrentIns.Ins.ShrtName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Gbl.CurrentCtr.Ctr.CtrCod > 0 ? Txt_Select_or_create_another_centre_in_X : + Txt_Select_or_create_one_centre_in_X, + Gbl.CurrentIns.Ins.ShrtName); Hlp_ShowRowHelpWhatWouldYouLikeToDo (Gbl.Title, ActSeeCtr, Btn_CONFIRM_BUTTON,Txt_Centres); @@ -217,9 +223,10 @@ void Hlp_ShowHelpWhatWouldYouLikeToDo (void) else if (Gbl.CurrentCty.Cty.CtyCod > 0) // Country selected { /* Select an institution */ - sprintf (Gbl.Title,Gbl.CurrentIns.Ins.InsCod > 0 ? Txt_Select_or_create_another_institution_in_X : - Txt_Select_or_create_one_institution_in_X, - Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Gbl.CurrentIns.Ins.InsCod > 0 ? Txt_Select_or_create_another_institution_in_X : + Txt_Select_or_create_one_institution_in_X, + Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); Hlp_ShowRowHelpWhatWouldYouLikeToDo (Gbl.Title, ActSeeIns, Btn_CONFIRM_BUTTON,Txt_Institutions); @@ -244,8 +251,9 @@ void Hlp_ShowHelpWhatWouldYouLikeToDo (void) Btn_CONFIRM_BUTTON,Txt_Log_in); /* Sign up */ - sprintf (Gbl.Title,Txt_New_on_PLATFORM_Sign_up, - Cfg_PLATFORM_SHORT_NAME); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_New_on_PLATFORM_Sign_up, + Cfg_PLATFORM_SHORT_NAME); Hlp_ShowRowHelpWhatWouldYouLikeToDo (Gbl.Title, ActFrmMyAcc, Btn_CREATE_BUTTON,Txt_Create_account); diff --git a/swad_hierarchy.c b/swad_hierarchy.c index a1f6e29b..ce43f09e 100644 --- a/swad_hierarchy.c +++ b/swad_hierarchy.c @@ -543,12 +543,15 @@ void Hie_InitHierarchy (void) if (Gbl.CurrentCrs.Crs.CrsCod > 0) { /***** Paths of course directories *****/ - sprintf (Gbl.CurrentCrs.PathPriv,"%s/%s/%ld", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); - sprintf (Gbl.CurrentCrs.PathRelPubl,"%s/%s/%ld", - Cfg_PATH_SWAD_PUBLIC ,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); - sprintf (Gbl.CurrentCrs.PathURLPubl,"%s/%s/%ld", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); + snprintf (Gbl.CurrentCrs.PathPriv,sizeof (Gbl.CurrentCrs.PathPriv), + "%s/%s/%ld", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); + snprintf (Gbl.CurrentCrs.PathRelPubl,sizeof (Gbl.CurrentCrs.PathRelPubl), + "%s/%s/%ld", + Cfg_PATH_SWAD_PUBLIC ,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); + snprintf (Gbl.CurrentCrs.PathURLPubl,sizeof (Gbl.CurrentCrs.PathURLPubl), + "%s/%s/%ld", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod); /***** If any of the course directories does not exist, create it *****/ if (!Fil_CheckIfPathExists (Gbl.CurrentCrs.PathPriv)) diff --git a/swad_icon.c b/swad_icon.c index 7e48ebd2..79dd7a08 100644 --- a/swad_icon.c +++ b/swad_icon.c @@ -125,10 +125,11 @@ void Ico_ChangeIconSet (void) /***** Get param with icon set *****/ Gbl.Prefs.IconSet = Ico_GetParamIconSet (); - sprintf (Gbl.Prefs.PathIconSet,"%s/%s/%s/%s", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, - Cfg_ICON_FOLDER_ICON_SETS, - Ico_IconSetId[Gbl.Prefs.IconSet]); + snprintf (Gbl.Prefs.PathIconSet,sizeof (Gbl.Prefs.PathIconSet), + "%s/%s/%s/%s", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PUBLIC_ICON, + Cfg_ICON_FOLDER_ICON_SETS, + Ico_IconSetId[Gbl.Prefs.IconSet]); /***** Store icon set in database *****/ if (Gbl.Usrs.Me.Logged) diff --git a/swad_image.c b/swad_image.c index b22913ce..e0a6b712 100644 --- a/swad_image.c +++ b/swad_image.c @@ -197,7 +197,7 @@ void Img_PutImageUploader (int NumImgInForm,const char *ClassImgTitURL) extern const char *Txt_Image_title_attribution; extern const char *Txt_Link; struct ParamUploadImg ParamUploadImg; - char Id[Act_MAX_BYTES_ID]; + char Id[Act_MAX_BYTES_ID + 1]; /***** Set names of parameters depending on number of image in form *****/ Img_SetParamNames (&ParamUploadImg,NumImgInForm); @@ -361,10 +361,18 @@ void Img_SetParamNames (struct ParamUploadImg *ParamUploadImg,int NumImgInForm) } else // Several images in form ==> add suffix { - sprintf (ParamUploadImg->Action,"ImgAct%u",NumImgInForm); - sprintf (ParamUploadImg->File ,"ImgFil%u",NumImgInForm); - sprintf (ParamUploadImg->Title ,"ImgTit%u",NumImgInForm); - sprintf (ParamUploadImg->URL ,"ImgURL%u",NumImgInForm); + snprintf (ParamUploadImg->Action,sizeof (ParamUploadImg->Action), + "ImgAct%u", + NumImgInForm); + snprintf (ParamUploadImg->File ,sizeof (ParamUploadImg->File), + "ImgFil%u", + NumImgInForm); + snprintf (ParamUploadImg->Title ,sizeof (ParamUploadImg->Title), + "ImgTit%u", + NumImgInForm); + snprintf (ParamUploadImg->URL ,sizeof (ParamUploadImg->URL), + "ImgURL%u", + NumImgInForm); } } @@ -429,13 +437,15 @@ void Img_GetAndProcessImageFileFromForm (struct Image *Image,const char *ParamFi /***** Create private directories if not exist *****/ /* Create private directory for images if it does not exist */ - sprintf (PathImgPriv,"%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG); + snprintf (PathImgPriv,sizeof (PathImgPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG); Fil_CreateDirIfNotExists (PathImgPriv); /* Create temporary private directory for images if it does not exist */ - sprintf (PathImgPriv,"%s/%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP); + snprintf (PathImgPriv,sizeof (PathImgPriv), + "%s/%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP); Fil_CreateDirIfNotExists (PathImgPriv); /***** Remove old temporary private files *****/ @@ -444,18 +454,20 @@ void Img_GetAndProcessImageFileFromForm (struct Image *Image,const char *ParamFi /***** End the reception of original not processed image (it can be very big) into a temporary file *****/ Image->Status = Img_FILE_NONE; - sprintf (FileNameImgOrig,"%s/%s/%s/%s_original.%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, - Image->Name,PtrExtension); + snprintf (FileNameImgOrig,sizeof (FileNameImgOrig), + "%s/%s/%s/%s_original.%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, + Image->Name,PtrExtension); if (Fil_EndReceptionOfFile (FileNameImgOrig,Param)) // Success { Image->Status = Img_FILE_RECEIVED; /***** Convert original image to temporary JPEG processed file by calling to program that makes the conversion *****/ - sprintf (FileNameImgTmp,"%s/%s/%s/%s.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, - Image->Name); + snprintf (FileNameImgTmp,sizeof (FileNameImgTmp), + "%s/%s/%s/%s.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, + Image->Name); Img_ProcessImage (Image,FileNameImgOrig,FileNameImgTmp); Image->Status = Img_FILE_PROCESSED; @@ -475,12 +487,13 @@ static void Img_ProcessImage (struct Image *Image, char Command[1024 + PATH_MAX * 2]; int ReturnCode; - sprintf (Command,"convert %s -resize '%ux%u>' -quality %u %s", - FileNameImgOriginal, - Image->Width, - Image->Height, - Image->Quality, - FileNameImgProcessed); + snprintf (Command,sizeof (Command), + "convert %s -resize '%ux%u>' -quality %u %s", + FileNameImgOriginal, + Image->Width, + Image->Height, + Image->Quality, + FileNameImgProcessed); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running command to process image."); @@ -508,23 +521,26 @@ void Img_MoveImageToDefinitiveDirectory (struct Image *Image) char FileNameImg[PATH_MAX + 1]; // Full name of definitive processed file /***** Create subdirectory if it does not exist *****/ - sprintf (PathImgPriv,"%s/%s/%c%c", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, - Image->Name[0], - Image->Name[1]); + snprintf (PathImgPriv,sizeof (PathImgPriv), + "%s/%s/%c%c", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, + Image->Name[0], + Image->Name[1]); Fil_CreateDirIfNotExists (PathImgPriv); /***** Temporary processed file *****/ - sprintf (FileNameImgTmp,"%s/%s/%s/%s.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, - Image->Name); + snprintf (FileNameImgTmp,sizeof (FileNameImgTmp), + "%s/%s/%s/%s.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG,Cfg_FOLDER_IMG_TMP, + Image->Name); /***** Definitive processed file *****/ - sprintf (FileNameImg,"%s/%s/%c%c/%s.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, - Image->Name[0], - Image->Name[1], - Image->Name); + snprintf (FileNameImg,sizeof (FileNameImg), + "%s/%s/%c%c/%s.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, + Image->Name[0], + Image->Name[1], + Image->Name); /***** Move file *****/ if (rename (FileNameImgTmp,FileNameImg)) // Fail @@ -558,12 +574,15 @@ void Img_ShowImage (struct Image *Image, Brw_CreateDirDownloadTmp (); /***** Build private path to image *****/ - sprintf (FileNameImgPriv,"%s.jpg",Image->Name); - sprintf (FullPathImgPriv,"%s/%s/%c%c/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, - Image->Name[0], - Image->Name[1], - FileNameImgPriv); + snprintf (FileNameImgPriv,sizeof (FileNameImgPriv), + "%s.jpg", + Image->Name); + snprintf (FullPathImgPriv,sizeof (FullPathImgPriv), + "%s/%s/%c%c/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, + Image->Name[0], + Image->Name[1], + FileNameImgPriv); /***** Check if private image file exists *****/ if (Fil_CheckIfPathExists (FullPathImgPriv)) @@ -573,10 +592,11 @@ void Img_ShowImage (struct Image *Image, Brw_CreateTmpPublicLinkToPrivateFile (FullPathImgPriv,FileNameImgPriv); /***** Create URL pointing to symbolic link *****/ - sprintf (URL,"%s/%s/%s/%s", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_FILE_BROWSER_TMP, - Gbl.FileBrowser.TmpPubDir, - FileNameImgPriv); + snprintf (URL,sizeof (URL), + "%s/%s/%s/%s", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_FILE_BROWSER_TMP, + Gbl.FileBrowser.TmpPubDir, + FileNameImgPriv); /***** Show image *****/ /* Check if optional link is present */ @@ -621,11 +641,12 @@ void Img_RemoveImageFile (const char *ImageName) if (ImageName[0]) { /***** Build path to private file *****/ - sprintf (FullPathImgPriv,"%s/%s/%c%c/%s.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, - ImageName[0], - ImageName[1], - ImageName); + snprintf (FullPathImgPriv,sizeof (FullPathImgPriv), + "%s/%s/%c%c/%s.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_IMG, + ImageName[0], + ImageName[1], + ImageName); /***** Remove private file *****/ unlink (FullPathImgPriv); diff --git a/swad_info.c b/swad_info.c index 9b28b904..4828c80d 100644 --- a/swad_info.c +++ b/swad_info.c @@ -310,11 +310,12 @@ static void Inf_SetIHaveReadIntoDB (bool IHaveRead); static bool Inf_CheckPage (long CrsCod,Inf_InfoType_t InfoType); static bool Inf_CheckAndShowPage (void); -static void Inf_BuildPathPage (long CrsCod,Inf_InfoType_t InfoType,char *PathDir); +static void Inf_BuildPathPage (long CrsCod,Inf_InfoType_t InfoType,char PathDir[PATH_MAX + 1]); static bool Inf_CheckURL (long CrsCod,Inf_InfoType_t InfoType); static bool Inf_CheckAndShowURL (void); -static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType,char *PathFile); +static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType, + char PathFile[PATH_MAX + 1]); static void Inf_ShowPage (const char *URL); @@ -771,12 +772,16 @@ static bool Inf_CheckPage (long CrsCod,Inf_InfoType_t InfoType) /***** Open file with web page *****/ /* 1. Check if index.html exists */ - sprintf (PathRelFileHTML,"%s/index.html",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.html", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? return true; /* 2. If index.html does not exist, try index.htm */ - sprintf (PathRelFileHTML,"%s/index.htm",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.htm", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? return true; @@ -802,24 +807,30 @@ static bool Inf_CheckAndShowPage (void) /***** Open file with web page *****/ /* 1. Check if index.html exists */ - sprintf (PathRelFileHTML,"%s/index.html",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.html", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? { - sprintf (URL,"%s/%s/%ld/%s/index.html", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod, - Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); + snprintf (URL,sizeof (URL), + "%s/%s/%ld/%s/index.html", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod, + Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); Inf_ShowPage (URL); return true; } /* 2. If index.html does not exist, try index.htm */ - sprintf (PathRelFileHTML,"%s/index.htm",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.htm", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? { - sprintf (URL,"%s/%s/%ld/%s/index.htm", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod, - Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); + snprintf (URL,sizeof (URL), + "%s/%s/%ld/%s/index.htm", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod, + Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); Inf_ShowPage (URL); return true; @@ -832,11 +843,12 @@ static bool Inf_CheckAndShowPage (void) /* Build path inside a course for a given a info type to store web page file */ /*****************************************************************************/ -static void Inf_BuildPathPage (long CrsCod,Inf_InfoType_t InfoType,char *PathDir) +static void Inf_BuildPathPage (long CrsCod,Inf_InfoType_t InfoType,char PathDir[PATH_MAX + 1]) { - sprintf (PathDir,"%s/%s/%ld/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS,CrsCod, - Inf_FileNamesForInfoType[InfoType]); + snprintf (PathDir,PATH_MAX + 1, + "%s/%s/%ld/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS,CrsCod, + Inf_FileNamesForInfoType[InfoType]); } /*****************************************************************************/ @@ -860,13 +872,17 @@ int Inf_WritePageIntoHTMLBuffer (char **HTMLBuffer) /***** Open file with web page *****/ /* 1. Check if index.html exists */ - sprintf (PathRelFileHTML,"%s/index.html",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.html", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? FileExists = true; else { /* 2. If index.html not exists, try index.htm */ - sprintf (PathRelFileHTML,"%s/index.htm",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.htm", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) // TODO: Check if not empty? FileExists = true; } @@ -973,11 +989,13 @@ static bool Inf_CheckAndShowURL (void) /*** Build path inside a course for a given a info type to store URL file ****/ /*****************************************************************************/ -static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType,char *PathFile) +static void Inf_BuildPathURL (long CrsCod,Inf_InfoType_t InfoType, + char PathFile[PATH_MAX + 1]) { - sprintf (PathFile,"%s/%s/%ld/%s.url", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, - Inf_FileNamesForInfoType[InfoType]); + snprintf (PathFile,PATH_MAX + 1, + "%s/%s/%ld/%s.url", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, + Inf_FileNamesForInfoType[InfoType]); } /*****************************************************************************/ @@ -1844,7 +1862,7 @@ static bool Inf_CheckAndShowRichTxt (void) char PathFileHTML[PATH_MAX + 1]; FILE *FileMD; // Temporary Markdown file FILE *FileHTML; // Temporary HTML file - char MathJaxURL[PATH_MAX]; + char MathJaxURL[PATH_MAX + 1]; char Command[512 + PATH_MAX * 3]; // Command to call the program of preprocessing of photos int ReturnCode; bool ICanEdit = (Gbl.Usrs.Me.Role.Logged == Rol_TCH || @@ -1882,10 +1900,12 @@ static bool Inf_CheckAndShowRichTxt (void) /***** Store text into a temporary .md file in HTML output directory *****/ // TODO: change to another directory? /* Create a unique name for the .md file */ - sprintf (PathFileMD,"%s/%s/%s.md", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); - sprintf (PathFileHTML,"%s/%s/%s.md.html", // Do not use only .html because that is the output temporary file - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); + snprintf (PathFileMD,sizeof (PathFileMD), + "%s/%s/%s.md", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); + snprintf (PathFileHTML,sizeof (PathFileHTML), + "%s/%s/%s.md.html", // Do not use only .html because that is the output temporary file + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); /* Open Markdown file for writing */ if ((FileMD = fopen (PathFileMD,"wb")) == NULL) @@ -1900,8 +1920,9 @@ static bool Inf_CheckAndShowRichTxt (void) /***** Convert from Markdown to HTML *****/ #ifdef Cfg_MATHJAX_LOCAL // Use the local copy of MathJax - sprintf (MathJaxURL,"=%s/MathJax/MathJax.js?config=TeX-AMS-MML_HTMLorMML", - Cfg_URL_SWAD_PUBLIC); + snprintf (MathJaxURL,sizeof (MathJaxURL), + "=%s/MathJax/MathJax.js?config=TeX-AMS-MML_HTMLorMML", + Cfg_URL_SWAD_PUBLIC); #else // Use the MathJax Content Delivery Network (CDN) MathJaxURL[0] = '\0'; @@ -1909,14 +1930,15 @@ static bool Inf_CheckAndShowRichTxt (void) // --ascii uses only ascii characters in output // (uses numerical entities instead of UTF-8) // is mandatory in order to convert (with iconv) the UTF-8 output of pandoc to WINDOWS-1252 - sprintf (Command,"iconv -f WINDOWS-1252 -t UTF-8 %s" - " | " - "pandoc --ascii --mathjax%s -f markdown -t html5" - " | " - "iconv -f UTF-8 -t WINDOWS-1252 -o %s", - PathFileMD, - MathJaxURL, - PathFileHTML); + snprintf (Command,sizeof (Command), + "iconv -f WINDOWS-1252 -t UTF-8 %s" + " | " + "pandoc --ascii --mathjax%s -f markdown -t html5" + " | " + "iconv -f UTF-8 -t WINDOWS-1252 -o %s", + PathFileMD, + MathJaxURL, + PathFileHTML); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running command to convert from Markdown to HTML."); @@ -1969,8 +1991,9 @@ int Inf_WritePlainTextIntoHTMLBuffer (char **HTMLBuffer) if (TxtHTML[0]) { /***** Create a unique name for the file *****/ - sprintf (FileNameHTMLTmp,"%s/%s/%s_info.html", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); + snprintf (FileNameHTMLTmp,sizeof (FileNameHTMLTmp), + "%s/%s/%s_info.html", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); /***** Create a new temporary file for writing and reading *****/ if ((FileHTMLTmp = fopen (FileNameHTMLTmp,"w+b")) == NULL) @@ -2320,7 +2343,9 @@ void Inf_ReceivePagInfo (void) { Fil_RemoveTree (PathRelDirHTML); Fil_CreateDirIfNotExists (PathRelDirHTML); - sprintf (PathRelFileHTML,"%s/index.html",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.html", + PathRelDirHTML); if (Fil_EndReceptionOfFile (PathRelFileHTML,Param)) { Ale_ShowAlert (Ale_SUCCESS,Txt_The_HTML_file_has_been_received_successfully); @@ -2333,21 +2358,25 @@ void Inf_ReceivePagInfo (void) { Fil_RemoveTree (PathRelDirHTML); Fil_CreateDirIfNotExists (PathRelDirHTML); - sprintf (PathRelFileZIP,"%s/%s.zip", - Gbl.CurrentCrs.PathPriv, - Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); + snprintf (PathRelFileZIP,sizeof (PathRelFileZIP), + "%s/%s.zip", + Gbl.CurrentCrs.PathPriv, + Inf_FileNamesForInfoType[Gbl.CurrentCrs.Info.Type]); if (Fil_EndReceptionOfFile (PathRelFileZIP,Param)) { Ale_ShowAlert (Ale_SUCCESS,Txt_The_ZIP_file_has_been_received_successfully); /* Uncompress ZIP */ - sprintf (StrUnzip,"unzip -qq -o %s -d %s", - PathRelFileZIP,PathRelDirHTML); + snprintf (StrUnzip,sizeof (StrUnzip), + "unzip -qq -o %s -d %s", + PathRelFileZIP,PathRelDirHTML); if (system (StrUnzip) == 0) { /* Check if uploaded file is index.html or index.htm */ - sprintf (PathRelFileHTML,"%s/index.html",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.html", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) { Ale_ShowAlert (Ale_SUCCESS,Txt_The_ZIP_file_has_been_unzipped_successfully); @@ -2356,7 +2385,9 @@ void Inf_ReceivePagInfo (void) } else { - sprintf (PathRelFileHTML,"%s/index.htm",PathRelDirHTML); + snprintf (PathRelFileHTML,sizeof (PathRelFileHTML), + "%s/index.htm", + PathRelDirHTML); if (Fil_CheckIfPathExists (PathRelFileHTML)) { Ale_ShowAlert (Ale_SUCCESS,Txt_The_ZIP_file_has_been_unzipped_successfully); diff --git a/swad_institution.c b/swad_institution.c index 450f9a9a..3dbe00d8 100644 --- a/swad_institution.c +++ b/swad_institution.c @@ -248,7 +248,9 @@ void Ins_DrawInstitutionLogoAndNameWithLink (struct Instit *Ins,Act_Action_t Act Ins_PutParamInsCod (Ins->InsCod); /***** Link to action *****/ - sprintf (Gbl.Title,Txt_Go_to_X,Ins->FullName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Go_to_X, + Ins->FullName); Act_LinkFormSubmit (Gbl.Title,ClassLink,NULL); /***** Draw institution logo *****/ @@ -529,8 +531,9 @@ static void Ins_Configuration (bool PrintView) /* Form to go to see centres of this institution */ Act_StartFormGoTo (ActSeeCtr); Ins_PutParamInsCod (Gbl.CurrentIns.Ins.InsCod); - sprintf (Gbl.Title,Txt_Centres_of_INSTITUTION_X, - Gbl.CurrentIns.Ins.ShrtName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Centres_of_INSTITUTION_X, + Gbl.CurrentIns.Ins.ShrtName); Act_LinkFormSubmit (Gbl.Title,"DAT",NULL); fprintf (Gbl.F.Out,"%u", Ctr_GetNumCtrsInIns (Gbl.CurrentIns.Ins.InsCod)); @@ -670,7 +673,9 @@ static void Ins_ListInstitutions (void) unsigned NumIns; /***** Start box *****/ - sprintf (Gbl.Title,Txt_Institutions_of_COUNTRY_X,Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Institutions_of_COUNTRY_X, + Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); Box_StartBox (NULL,Gbl.Title,Ins_PutIconsListInstitutions, Hlp_COUNTRY_Institutions,Box_NOT_CLOSABLE); @@ -919,8 +924,9 @@ void Ins_EditInstitutions (void) Ins_GetListInstitutions (Gbl.CurrentCty.Cty.CtyCod,Ins_GET_EXTRA_DATA); /***** Start box *****/ - sprintf (Gbl.Title,Txt_Institutions_of_COUNTRY_X, - Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Institutions_of_COUNTRY_X, + Gbl.CurrentCty.Cty.Name[Gbl.Prefs.Language]); Box_StartBox (NULL,Gbl.Title,Ins_PutIconToViewInstitutions, Hlp_COUNTRY_Institutions,Box_NOT_CLOSABLE); @@ -1711,10 +1717,11 @@ void Ins_RemoveInstitution (void) Brw_RemoveInsFilesFromDB (Ins.InsCod); /***** Remove directories of the institution *****/ - sprintf (PathIns,"%s/%s/%02u/%u", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_INS, - (unsigned) (Ins.InsCod % 100), - (unsigned) Ins.InsCod); + snprintf (PathIns,sizeof (PathIns), + "%s/%s/%02u/%u", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_INS, + (unsigned) (Ins.InsCod % 100), + (unsigned) Ins.InsCod); Fil_RemoveTree (PathIns); /***** Remove institution *****/ @@ -2129,7 +2136,9 @@ static void Ins_ShowAlertAndButtonToGoToIns (void) if (Gbl.Inss.EditingIns.InsCod != Gbl.CurrentIns.Ins.InsCod) { /***** Alert with button to go to degree *****/ - sprintf (Gbl.Title,Txt_Go_to_X,Gbl.Inss.EditingIns.ShrtName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Go_to_X, + Gbl.Inss.EditingIns.ShrtName); Ale_ShowAlertAndButton (Gbl.Alert.Type,Gbl.Alert.Txt, ActSeeCtr,NULL,NULL,Ins_PutParamGoToIns, Btn_CONFIRM_BUTTON,Gbl.Title); @@ -2549,9 +2558,10 @@ unsigned Ins_ListInssFound (const char *Query) { /***** Start box and table *****/ /* Number of institutions found */ - sprintf (Gbl.Title,"%u %s", - NumInss,NumInss == 1 ? Txt_institution : - Txt_institutions); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u %s", + NumInss,NumInss == 1 ? Txt_institution : + Txt_institutions); Box_StartBoxTable (NULL,Gbl.Title,NULL, NULL,Box_NOT_CLOSABLE,2); diff --git a/swad_logo.c b/swad_logo.c index ee237ca2..398fe126 100644 --- a/swad_logo.c +++ b/swad_logo.c @@ -93,11 +93,12 @@ void Log_DrawLogo (Sco_Scope_t Scope,long Cod,const char *AltText, { Folder = Cfg_FOLDER_DEG; DegCod = Cod; - sprintf (PathLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (DegCod % 100), - (unsigned) DegCod, - (unsigned) DegCod); + snprintf (PathLogo,sizeof (PathLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (DegCod % 100), + (unsigned) DegCod, + (unsigned) DegCod); LogoFound = Fil_CheckIfPathExists (PathLogo); if (LogoFound) Cod = DegCod; @@ -111,11 +112,12 @@ void Log_DrawLogo (Sco_Scope_t Scope,long Cod,const char *AltText, CtrCod = Deg_GetCtrCodOfDegreeByCod (Cod); else CtrCod = Cod; - sprintf (PathLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (CtrCod % 100), - (unsigned) CtrCod, - (unsigned) CtrCod); + snprintf (PathLogo,sizeof (PathLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (CtrCod % 100), + (unsigned) CtrCod, + (unsigned) CtrCod); LogoFound = Fil_CheckIfPathExists (PathLogo); if (LogoFound) Cod = CtrCod; @@ -131,11 +133,12 @@ void Log_DrawLogo (Sco_Scope_t Scope,long Cod,const char *AltText, InsCod = Ctr_GetInsCodOfCentreByCod (Cod); else InsCod = Cod; - sprintf (PathLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (InsCod % 100), - (unsigned) InsCod, - (unsigned) InsCod); + snprintf (PathLogo,sizeof (PathLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (InsCod % 100), + (unsigned) InsCod, + (unsigned) InsCod); LogoFound = Fil_CheckIfPathExists (PathLogo); if (LogoFound) Cod = InsCod; @@ -206,11 +209,12 @@ void Log_PutIconToChangeLogo (Sco_Scope_t Scope) } /***** Check if logo exists *****/ - sprintf (PathLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod, - (unsigned) Cod); + snprintf (PathLogo,sizeof (PathLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod, + (unsigned) Cod); LogoExists = Fil_CheckIfPathExists (PathLogo); /***** Link for changing / uploading the logo *****/ @@ -264,11 +268,12 @@ void Log_RequestLogo (Sco_Scope_t Scope) } /***** Check if logo exists *****/ - sprintf (PathLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod, - (unsigned) Cod); + snprintf (PathLogo,sizeof (PathLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod, + (unsigned) Cod); if (Fil_CheckIfPathExists (PathLogo)) { /***** Form to remove photo *****/ @@ -347,22 +352,26 @@ void Log_ReceiveLogo (Sco_Scope_t Scope) } /***** Creates directories if not exist *****/ - sprintf (Path,"%s/%s", - Cfg_PATH_SWAD_PUBLIC,Folder); + snprintf (Path,sizeof (Path), + "%s/%s", + Cfg_PATH_SWAD_PUBLIC,Folder); Fil_CreateDirIfNotExists (Path); - sprintf (Path,"%s/%s/%02u", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100)); + snprintf (Path,sizeof (Path), + "%s/%s/%02u", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100)); Fil_CreateDirIfNotExists (Path); - sprintf (Path,"%s/%s/%02u/%u", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod); + snprintf (Path,sizeof (Path), + "%s/%s/%02u/%u", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod); Fil_CreateDirIfNotExists (Path); - sprintf (Path,"%s/%s/%02u/%u/logo", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod); + snprintf (Path,sizeof (Path), + "%s/%s/%02u/%u/logo", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod); Fil_CreateDirIfNotExists (Path); /***** Copy in disk the file received from stdin (really from Gbl.F.Tmp) *****/ @@ -386,11 +395,12 @@ void Log_ReceiveLogo (Sco_Scope_t Scope) else { /* End the reception of logo in a temporary file */ - sprintf (FileNameLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod, - (unsigned) Cod); + snprintf (FileNameLogo,sizeof (FileNameLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod, + (unsigned) Cod); if (!Fil_EndReceptionOfFile (FileNameLogo,Param)) Ale_ShowAlert (Ale_WARNING,"Error copying file."); } @@ -426,10 +436,11 @@ void Log_RemoveLogo (Sco_Scope_t Scope) } /***** Remove logo *****/ - sprintf (FileNameLogo,"%s/%s/%02u/%u/logo/%u.png", - Cfg_PATH_SWAD_PUBLIC,Folder, - (unsigned) (Cod % 100), - (unsigned) Cod, - (unsigned) Cod); + snprintf (FileNameLogo,sizeof (FileNameLogo), + "%s/%s/%02u/%u/logo/%u.png", + Cfg_PATH_SWAD_PUBLIC,Folder, + (unsigned) (Cod % 100), + (unsigned) Cod, + (unsigned) Cod); Fil_RemoveTree (FileNameLogo); } diff --git a/swad_mail.c b/swad_mail.c index 24c9b179..14d6c59e 100644 --- a/swad_mail.c +++ b/swad_mail.c @@ -1161,7 +1161,9 @@ void Mai_ShowFormChangeMyEmail (bool IMustFillEmail,bool IShouldConfirmEmail) Lay_StartSection (Mai_EMAIL_SECTION_ID); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_Email,Acc_PutLinkToRemoveMyAccount, Hlp_PROFILE_Account,Box_NOT_CLOSABLE); @@ -1191,7 +1193,9 @@ void Mai_ShowFormChangeOtherUsrEmail (void) Lay_StartSection (Mai_EMAIL_SECTION_ID); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_Email,NULL, Hlp_PROFILE_Account,Box_NOT_CLOSABLE); @@ -1323,7 +1327,9 @@ static void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe, /* Email confirmed? */ if (Confirmed) { - sprintf (Gbl.Title,Txt_Email_X_confirmed,row[0]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Email_X_confirmed, + row[0]); fprintf (Gbl.F.Out,"\"%s\"", @@ -1722,15 +1728,16 @@ bool Mai_SendMailMsgToConfirmEmail (void) fclose (Gbl.Msg.FileMail); /***** Call the script to send an email *****/ - sprintf (Command,"%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", - Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, - Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, - Cfg_AUTOMATIC_EMAIL_SMTP_PORT, - Cfg_AUTOMATIC_EMAIL_FROM, - Gbl.Config.SMTPPassword, - Gbl.Usrs.Me.UsrDat.Email, - Cfg_PLATFORM_SHORT_NAME,Txt_Confirmation_of_your_email_NO_HTML, - Gbl.Msg.FileNameMail); + snprintf (Command,sizeof (Command), + "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", + Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, + Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, + Cfg_AUTOMATIC_EMAIL_SMTP_PORT, + Cfg_AUTOMATIC_EMAIL_FROM, + Gbl.Config.SMTPPassword, + Gbl.Usrs.Me.UsrDat.Email, + Cfg_PLATFORM_SHORT_NAME,Txt_Confirmation_of_your_email_NO_HTML, + Gbl.Msg.FileNameMail); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running script to send email."); @@ -1894,8 +1901,9 @@ void Mai_ConfirmEmail (void) void Mai_CreateFileNameMail (void) { - sprintf (Gbl.Msg.FileNameMail,"%s/%s/%s_mail.txt", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); + snprintf (Gbl.Msg.FileNameMail,sizeof (Gbl.Msg.FileNameMail), + "%s/%s/%s_mail.txt", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_OUT,Gbl.UniqueNameEncrypted); if ((Gbl.Msg.FileMail = fopen (Gbl.Msg.FileNameMail,"wb")) == NULL) Lay_ShowErrorAndExit ("Can not open file to send email."); } diff --git a/swad_mark.c b/swad_mark.c index 740eed78..09706afa 100644 --- a/swad_mark.c +++ b/swad_mark.c @@ -25,9 +25,11 @@ /********************************** Headers **********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For PATH_MAX #include // For NULL #include // For malloc +#include // For asprintf #include // For string functions #include // For unlink @@ -628,9 +630,10 @@ void Mrk_ShowMyMarks (void) /***** Get the path of the file of marks *****/ Brw_SetFullPathInTree (Gbl.FileBrowser.Priv.PathInTreeUntilFilFolLnk, Gbl.FileBrowser.FilFolLnkName); - sprintf (PathPrivate,"%s/%s", - Gbl.FileBrowser.Priv.PathAboveRootFolder, - Gbl.FileBrowser.Priv.FullPathInTree); + snprintf (PathPrivate,sizeof (PathPrivate), + "%s/%s", + Gbl.FileBrowser.Priv.PathAboveRootFolder, + Gbl.FileBrowser.Priv.FullPathInTree); /***** Get number of rows of header or footer *****/ Mrk_GetNumRowsHeaderAndFooter (&Marks); @@ -670,8 +673,9 @@ void Mrk_ShowMyMarks (void) /***** Create temporal file to store my marks (in HTML) *****/ /* If the private directory does not exist, create it */ - sprintf (PathMarksPriv,"%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); + snprintf (PathMarksPriv,sizeof (PathMarksPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); Fil_CreateDirIfNotExists (PathMarksPriv); /* First of all, we remove the oldest temporary files. @@ -681,7 +685,9 @@ void Mrk_ShowMyMarks (void) Fil_RemoveOldTmpFiles (PathMarksPriv,Cfg_TIME_TO_DELETE_MARKS_TMP_FILES,false); /* Create a new temporary file *****/ - sprintf (FileNameUsrMarks,"%s/%s.html",PathMarksPriv,Gbl.UniqueNameEncrypted); + snprintf (FileNameUsrMarks,sizeof (FileNameUsrMarks), + "%s/%s.html", + PathMarksPriv,Gbl.UniqueNameEncrypted); if ((FileUsrMarks = fopen (FileNameUsrMarks,"wb")) == NULL) Lay_ShowErrorAndExit ("Can not open file for my marks."); @@ -811,18 +817,21 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], if (UsrDat.IDs.Num) { if (GrpCod > 0) - sprintf (PathMarks,"%s/%s/%ld/grp/%ld/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod,GrpCod, - FullPathInTreeFromDBMarksTable); + snprintf (PathMarks,sizeof (PathMarks), + "%s/%s/%ld/grp/%ld/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod,GrpCod, + FullPathInTreeFromDBMarksTable); else - sprintf (PathMarks,"%s/%s/%ld/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, - FullPathInTreeFromDBMarksTable); + snprintf (PathMarks,sizeof (PathMarks), + "%s/%s/%ld/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, + FullPathInTreeFromDBMarksTable); /***** Create temporal file to store my marks (in HTML) *****/ /* If the private directory does not exist, create it */ - sprintf (PathMarksPriv,"%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); + snprintf (PathMarksPriv,sizeof (PathMarksPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); Fil_CreateDirIfNotExists (PathMarksPriv); /* First of all, we remove the oldest temporary files. @@ -832,7 +841,9 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], Fil_RemoveOldTmpFiles (PathMarksPriv,Cfg_TIME_TO_DELETE_MARKS_TMP_FILES,false); /* Create a new temporary file *****/ - sprintf (FileNameUsrMarks,"%s/%s.html",PathMarksPriv,Gbl.UniqueNameEncrypted); + snprintf (FileNameUsrMarks,sizeof (FileNameUsrMarks), + "%s/%s.html", + PathMarksPriv,Gbl.UniqueNameEncrypted); if ((FileUsrMarks = fopen (FileNameUsrMarks,"wb"))) { /***** Get user's marks *****/ @@ -867,8 +878,9 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], else { fclose (FileUsrMarks); - if ((*ContentStr = (char *) malloc (9 + strlen (Gbl.Alert.Txt) + 3 + 1))) - sprintf (*ContentStr,"",Gbl.Alert.Txt); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_ShowErrorAndExit ("Not enough memory to store string."); } } else @@ -876,8 +888,9 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], Gbl.Alert.Type = Ale_WARNING; Str_Copy (Gbl.Alert.Txt,"Can not open file of marks.", // TODO: Need translation! Ale_MAX_BYTES_ALERT); - if ((*ContentStr = (char *) malloc (9 + strlen (Gbl.Alert.Txt) + 3 + 1))) - sprintf (*ContentStr,"",Gbl.Alert.Txt); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_ShowErrorAndExit ("Not enough memory to store string."); } unlink (FileNameUsrMarks); // File with marks is no longer necessary } @@ -886,8 +899,9 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], Gbl.Alert.Type = Ale_WARNING; Str_Copy (Gbl.Alert.Txt,"User's IDs not found!", // TODO: Need translation! Ale_MAX_BYTES_ALERT); - if ((*ContentStr = (char *) malloc (9 + strlen (Gbl.Alert.Txt) + 3 + 1))) - sprintf (*ContentStr,"",Gbl.Alert.Txt); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_ShowErrorAndExit ("Not enough memory to store string."); } } } diff --git a/swad_message.c b/swad_message.c index 24d00e95..2e0c7b44 100644 --- a/swad_message.c +++ b/swad_message.c @@ -620,7 +620,9 @@ void Msg_PutHiddenParamAnotherRecipient (const struct UsrData *UsrDat) { char NicknameWithArroba[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1]; - sprintf (NicknameWithArroba,"@%s",UsrDat->Nickname); + snprintf (NicknameWithArroba,sizeof (NicknameWithArroba), + "@%s", + UsrDat->Nickname); Par_PutHiddenParamString ("OtherRecipients",NicknameWithArroba); } @@ -2388,34 +2390,41 @@ static char *Msg_WriteNumMsgs (unsigned NumUnreadMsgs) if (Gbl.Msg.NumMsgs == 1) { if (NumUnreadMsgs) - sprintf (Gbl.Title,"1 %s, 1 %s", - Txt_message_received,Txt_unread_MESSAGE); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "1 %s, 1 %s", + Txt_message_received,Txt_unread_MESSAGE); else - sprintf (Gbl.Title,"1 %s", - Txt_message_received); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "1 %s", + Txt_message_received); } else { if (NumUnreadMsgs == 0) - sprintf (Gbl.Title,"%u %s", - Gbl.Msg.NumMsgs,Txt_messages_received); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u %s", + Gbl.Msg.NumMsgs,Txt_messages_received); else if (NumUnreadMsgs == 1) - sprintf (Gbl.Title,"%u %s, 1 %s", - Gbl.Msg.NumMsgs,Txt_messages_received, - Txt_unread_MESSAGE); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u %s, 1 %s", + Gbl.Msg.NumMsgs,Txt_messages_received, + Txt_unread_MESSAGE); else - sprintf (Gbl.Title,"%u %s, %u %s", - Gbl.Msg.NumMsgs,Txt_messages_received, - NumUnreadMsgs,Txt_unread_MESSAGES); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u %s, %u %s", + Gbl.Msg.NumMsgs,Txt_messages_received, + NumUnreadMsgs,Txt_unread_MESSAGES); } break; case Msg_MESSAGES_SENT: if (Gbl.Msg.NumMsgs == 1) - sprintf (Gbl.Title,"1 %s", - Txt_message_sent); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "1 %s", + Txt_message_sent); else - sprintf (Gbl.Title,"%u %s", - Gbl.Msg.NumMsgs,Txt_messages_sent); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "%u %s", + Gbl.Msg.NumMsgs,Txt_messages_sent); break; } @@ -3230,7 +3239,9 @@ bool Msg_WriteCrsOrgMsg (long CrsCod) Crs_PutParamCrsCod (Crs.CrsCod); fprintf (Gbl.F.Out,"
    " "("); - sprintf (Gbl.Title,Txt_Go_to_X,Crs.FullName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Go_to_X, + Crs.FullName); Act_LinkFormSubmit (Gbl.Title,"AUTHOR_TXT",NULL); fprintf (Gbl.F.Out,"%s)" "
    ", diff --git a/swad_network.c b/swad_network.c index 298a0b75..37d6c2fb 100644 --- a/swad_network.c +++ b/swad_network.c @@ -289,7 +289,9 @@ void Net_ShowFormMyWebsAndSocialNets (void) Lay_StartSection (Net_MY_WEBS_ID); /***** Start box and table *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBoxTable (StrRecordWidth, Txt_Webs_social_networks,Net_PutIconsWebsSocialNetworks, Hlp_PROFILE_Webs,Box_NOT_CLOSABLE,2); diff --git a/swad_nickname.c b/swad_nickname.c index e8709e6d..6a372b90 100644 --- a/swad_nickname.c +++ b/swad_nickname.c @@ -246,7 +246,9 @@ static void Nck_ShowFormChangeUsrNickname (const struct UsrData *UsrDat,bool Its NumNicks = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get nicknames of a user"); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_Nickname,Acc_PutLinkToRemoveMyAccount, Hlp_PROFILE_Account,Box_NOT_CLOSABLE); diff --git a/swad_notice.c b/swad_notice.c index e06f6de0..f8b78439 100644 --- a/swad_notice.c +++ b/swad_notice.c @@ -389,8 +389,9 @@ void Not_ShowNotices (Not_Listing_t TypeNoticesListing) if (TypeNoticesListing == Not_LIST_FULL_NOTICES) { /***** Start box *****/ - sprintf (StrWidth,"%upx", - Not_ContainerWidth[Not_LIST_FULL_NOTICES] + 50); + snprintf (StrWidth,sizeof (StrWidth), + "%upx", + Not_ContainerWidth[Not_LIST_FULL_NOTICES] + 50); Box_StartBox (StrWidth, Gbl.CurrentCrs.Notices.HighlightNotCod > 0 ? Txt_All_notices : Txt_Notices, @@ -442,8 +443,10 @@ void Not_ShowNotices (Not_Listing_t TypeNoticesListing) case Not_LIST_BRIEF_NOTICES: /***** Link to RSS file *****/ /* Create RSS file if not exists */ - sprintf (PathRelRSSFile,"%s/%s/%ld/%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS,Gbl.CurrentCrs.Crs.CrsCod,Cfg_RSS_FOLDER,Cfg_RSS_FILE); + snprintf (PathRelRSSFile,sizeof (PathRelRSSFile), + "%s/%s/%ld/%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_CRS, + Gbl.CurrentCrs.Crs.CrsCod,Cfg_RSS_FOLDER,Cfg_RSS_FILE); if (!Fil_CheckIfPathExists (PathRelRSSFile)) RSS_UpdateRSSFileForACrs (&Gbl.CurrentCrs.Crs); diff --git a/swad_notification.c b/swad_notification.c index 98c6e2c9..795b25cc 100644 --- a/swad_notification.c +++ b/swad_notification.c @@ -1747,16 +1747,17 @@ static void Ntf_SendPendingNotifByEMailToOneUsr (struct UsrData *ToUsrDat,unsign fclose (Gbl.Msg.FileMail); /***** Call the command to send an email *****/ - sprintf (Command,"%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", - Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, - Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, - Cfg_AUTOMATIC_EMAIL_SMTP_PORT, - Cfg_AUTOMATIC_EMAIL_FROM, - Gbl.Config.SMTPPassword, - ToUsrDat->Email, - Cfg_PLATFORM_SHORT_NAME, - Txt_Notifications_NO_HTML[ToUsrLanguage], - Gbl.Msg.FileNameMail); + snprintf (Command,sizeof (Command), + "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", + Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, + Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, + Cfg_AUTOMATIC_EMAIL_SMTP_PORT, + Cfg_AUTOMATIC_EMAIL_FROM, + Gbl.Config.SMTPPassword, + ToUsrDat->Email, + Cfg_PLATFORM_SHORT_NAME, + Txt_Notifications_NO_HTML[ToUsrLanguage], + Gbl.Msg.FileNameMail); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running script to send email."); diff --git a/swad_pagination.c b/swad_pagination.c index aee867d7..a69fc0b9 100644 --- a/swad_pagination.c +++ b/swad_pagination.c @@ -234,8 +234,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, Usr_PutParamOtherUsrCodEncrypted (); break; } - sprintf (Gbl.Title,Txt_Page_X_of_Y, - 1,Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + 1,Pagination->NumPags); Act_LinkFormSubmit (Gbl.Title,Font,NULL); } else @@ -257,7 +258,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, /***** Links to several pages start here *****/ if (Pagination->MoreThanOnePage) { - sprintf (LinkStyle,"PAG %s",Font); + snprintf (LinkStyle,sizeof (LinkStyle), + "PAG %s", + Font); /***** Possible link to page 1 *****/ if (Pagination->StartPage > 1) @@ -342,8 +345,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, Usr_PutParamOtherUsrCodEncrypted (); break; } - sprintf (Gbl.Title,Txt_Page_X_of_Y, - 1,Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + 1,Pagination->NumPags); Act_LinkFormSubmit (Gbl.Title,LinkStyle,NULL); fprintf (Gbl.F.Out,"1" ""); @@ -436,9 +440,10 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, Usr_PutParamOtherUsrCodEncrypted (); break; } - sprintf (Gbl.Title,Txt_Page_X_of_Y, - Pagination->LeftPage, - Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + Pagination->LeftPage, + Pagination->NumPags); Act_LinkFormSubmit (Gbl.Title,LinkStyle,NULL); fprintf (Gbl.F.Out,"%u", Pagination->LeftPage); @@ -452,8 +457,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, NumPage <= Pagination->EndPage; NumPage++) { - sprintf (Gbl.Title,Txt_Page_X_of_Y, - NumPage,Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + NumPage,Pagination->NumPags); if (!LinkToPagCurrent && NumPage == Pagination->CurrentPage) fprintf (Gbl.F.Out,"" "%u" @@ -634,8 +640,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, Usr_PutParamOtherUsrCodEncrypted (); break; } - sprintf (Gbl.Title,Txt_Page_X_of_Y, - Pagination->RightPage,Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + Pagination->RightPage,Pagination->NumPags); Act_LinkFormSubmit (Gbl.Title,LinkStyle,NULL); fprintf (Gbl.F.Out,"%u",Pagination->RightPage); Act_EndForm (); @@ -726,8 +733,9 @@ void Pag_WriteLinksToPages (Pag_WhatPaginate_t WhatPaginate, Usr_PutParamOtherUsrCodEncrypted (); break; } - sprintf (Gbl.Title,Txt_Page_X_of_Y, - Pagination->NumPags,Pagination->NumPags); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Page_X_of_Y, + Pagination->NumPags,Pagination->NumPags); Act_LinkFormSubmit (Gbl.Title,LinkStyle,NULL); fprintf (Gbl.F.Out,"%u",Pagination->NumPags); Act_EndForm (); diff --git a/swad_parameter.c b/swad_parameter.c index 81a84d9b..da78fe33 100644 --- a/swad_parameter.c +++ b/swad_parameter.c @@ -178,10 +178,12 @@ static void Par_GetBoundary (void) Lay_ShowErrorAndExit ("Delimiter string too long."); /***** Create boundary strings *****/ - sprintf (Gbl.Boundary.StrWithoutCRLF,"--%s", - PtrToBoundary); - sprintf (Gbl.Boundary.StrWithCRLF,"%c%c%s", - 0x0D,0x0A,Gbl.Boundary.StrWithoutCRLF); + snprintf (Gbl.Boundary.StrWithoutCRLF,sizeof (Gbl.Boundary.StrWithoutCRLF), + "--%s", + PtrToBoundary); + snprintf (Gbl.Boundary.StrWithCRLF,sizeof (Gbl.Boundary.StrWithCRLF), + "%c%c%s", + 0x0D,0x0A,Gbl.Boundary.StrWithoutCRLF); /***** Compute lengths *****/ Gbl.Boundary.LengthWithoutCRLF = strlen (Gbl.Boundary.StrWithoutCRLF); @@ -794,15 +796,17 @@ void Par_GetMainParameters (void) Gbl.Prefs.Theme = The_THEME_DEFAULT; /***** Set path of theme *****/ - sprintf (Path,"%s/%s/%s", - Gbl.Prefs.IconsURL,Cfg_ICON_FOLDER_THEMES,The_ThemeId[Gbl.Prefs.Theme]); + snprintf (Path,sizeof (Path), + "%s/%s/%s", + Gbl.Prefs.IconsURL,Cfg_ICON_FOLDER_THEMES,The_ThemeId[Gbl.Prefs.Theme]); Str_Copy (Gbl.Prefs.PathTheme,Path, PATH_MAX); /***** Set path of icon set *****/ - sprintf (Path,"%s/%s/%s", - Gbl.Prefs.IconsURL,Cfg_ICON_FOLDER_ICON_SETS, - Ico_IconSetId[Gbl.Prefs.IconSet]); + snprintf (Path,sizeof (Path), + "%s/%s/%s", + Gbl.Prefs.IconsURL,Cfg_ICON_FOLDER_ICON_SETS, + Ico_IconSetId[Gbl.Prefs.IconSet]); Str_Copy (Gbl.Prefs.PathIconSet,Path, PATH_MAX); } diff --git a/swad_password.c b/swad_password.c index 9fc95063..3645881a 100644 --- a/swad_password.c +++ b/swad_password.c @@ -473,16 +473,17 @@ int Pwd_SendNewPasswordByEmail (char NewRandomPlainPassword[Pwd_MAX_BYTES_PLAIN_ fclose (Gbl.Msg.FileMail); /***** Call the script to send an email *****/ - sprintf (Command,"%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", - Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, - Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, - Cfg_AUTOMATIC_EMAIL_SMTP_PORT, - Cfg_AUTOMATIC_EMAIL_FROM, - Gbl.Config.SMTPPassword, - Gbl.Usrs.Me.UsrDat.Email, - Cfg_PLATFORM_SHORT_NAME, - Txt_New_password_NO_HTML[Gbl.Usrs.Me.UsrDat.Prefs.Language], - Gbl.Msg.FileNameMail); + snprintf (Command,sizeof (Command), + "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"[%s] %s\" \"%s\"", + Cfg_COMMAND_SEND_AUTOMATIC_EMAIL, + Cfg_AUTOMATIC_EMAIL_SMTP_SERVER, + Cfg_AUTOMATIC_EMAIL_SMTP_PORT, + Cfg_AUTOMATIC_EMAIL_FROM, + Gbl.Config.SMTPPassword, + Gbl.Usrs.Me.UsrDat.Email, + Cfg_PLATFORM_SHORT_NAME, + Txt_New_password_NO_HTML[Gbl.Usrs.Me.UsrDat.Prefs.Language], + Gbl.Msg.FileNameMail); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running script to send email."); @@ -690,7 +691,9 @@ void Pwd_ShowFormChgMyPwd (void) Act_StartFormAnchor (ActChgPwd,Pwd_PASSWORD_SECTION_ID); /***** Start box *****/ - sprintf (StrRecordWidth,"%upx",Rec_RECORD_WIDTH); + snprintf (StrRecordWidth,sizeof (StrRecordWidth), + "%upx", + Rec_RECORD_WIDTH); Box_StartBox (StrRecordWidth,Txt_Password,NULL, Hlp_PROFILE_Password,Box_NOT_CLOSABLE); diff --git a/swad_photo.c b/swad_photo.c index 2fc54dad..eb7b4e15 100644 --- a/swad_photo.c +++ b/swad_photo.c @@ -609,24 +609,28 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr Act_Action_t NextAction; /***** Creates directories if not exist *****/ - sprintf (PathPhotosPriv,"%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO); + snprintf (PathPhotosPriv,sizeof (PathPhotosPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO); Fil_CreateDirIfNotExists (PathPhotosPriv); - sprintf (PathPhotosPriv,"%s/%s/%02u", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrDat->UsrCod % 100)); + snprintf (PathPhotosPriv,sizeof (PathPhotosPriv), + "%s/%s/%02u", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100)); Fil_CreateDirIfNotExists (PathPhotosPriv); /***** Create directories if not exists and remove old temporary files *****/ /* Create public directory for photos */ - sprintf (PathPhotosPubl,"%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO); + snprintf (PathPhotosPubl,sizeof (PathPhotosPubl), + "%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO); Fil_CreateDirIfNotExists (PathPhotosPubl); /* Create temporary directory for photos */ - sprintf (PathPhotosPubl,"%s/%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP); + snprintf (PathPhotosPubl,sizeof (PathPhotosPubl), + "%s/%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP); Fil_CreateDirIfNotExists (PathPhotosPubl); /* Remove old temporary files */ @@ -653,9 +657,10 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr } /* End the reception of photo in a temporary file */ - sprintf (FileNamePhotoTmp,"%s/%s/%s/%s.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, - Cfg_FOLDER_PHOTO_TMP,Gbl.UniqueNameEncrypted); + snprintf (FileNamePhotoTmp,sizeof (FileNamePhotoTmp), + "%s/%s/%s/%s.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, + Cfg_FOLDER_PHOTO_TMP,Gbl.UniqueNameEncrypted); if (!Fil_EndReceptionOfFile (FileNamePhotoTmp,Param)) { Ale_ShowAlert (Ale_WARNING,"Error copying file."); @@ -664,13 +669,16 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr /* Copy the original photo received to private directory. The purpose of this copy is only to have a backup used for researching better methods to detect faces in images */ - sprintf (PathRelPhoto,"%s/%s/%02u/%ld_original.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); + snprintf (PathRelPhoto,sizeof (PathRelPhoto), + "%s/%s/%02u/%ld_original.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); Fil_FastCopyOfFiles (FileNamePhotoTmp,PathRelPhoto); /***** Call to program that makes photo processing / face detection *****/ - sprintf (Command,Cfg_COMMAND_FACE_DETECTION,FileNamePhotoTmp); + snprintf (Command,sizeof (Command), + Cfg_COMMAND_FACE_DETECTION, + FileNamePhotoTmp); ReturnCode = system (Command); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running command to process photo and detect faces."); @@ -681,9 +689,10 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr { case 0: // Faces detected /***** Open text file with text for image map *****/ - sprintf (FileNameTxtMap,"%s/%s/%s/%s_map.txt", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, - Cfg_FOLDER_PHOTO_TMP,Gbl.UniqueNameEncrypted); + snprintf (FileNameTxtMap,sizeof (FileNameTxtMap), + "%s/%s/%s/%s_map.txt", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, + Cfg_FOLDER_PHOTO_TMP,Gbl.UniqueNameEncrypted); if ((FileTxtMap = fopen (FileNameTxtMap,"rb")) == NULL) Lay_ShowErrorAndExit ("Can not read text file with coordinates of detected faces."); @@ -805,7 +814,9 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr if (BackgroundCode == 1) { NumFace++; - sprintf (FormId,"form_%d",NumLastForm + NumFace); + snprintf (FormId,sizeof (FormId), + "form_%d", + NumLastForm + NumFace); fprintf (Gbl.F.Out,"\n", @@ -818,8 +829,10 @@ static bool Pho_ReceivePhotoAndDetectFaces (bool ItsMe,const struct UsrData *Usr fprintf (Gbl.F.Out,"\n"); /***** Show map photo *****/ - sprintf (FileNamePhotoMap,"%s/%s/%s/%s_map.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP,Gbl.UniqueNameEncrypted); + snprintf (FileNamePhotoMap,sizeof (FileNamePhotoMap), + "%s/%s/%s/%s_map.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP, + Gbl.UniqueNameEncrypted); fprintf (Gbl.F.Out,"
    " "UsrCod % 100),UsrDat->UsrCod); + snprintf (PathRelPhoto,sizeof (PathRelPhoto), + "%s/%s/%02u/%ld.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); Fil_FastCopyOfFiles (PathPhotoTmp,PathRelPhoto); /* Update public photo name in database */ @@ -1026,7 +1041,7 @@ void Pho_RemoveUsrFromTableClicksWithoutPhoto (long UsrCod) // Returns true if the photo can be shown and false if not. // Public photo means two different things depending on the user's type -bool Pho_ShowingUsrPhotoIsAllowed (struct UsrData *UsrDat,char *PhotoURL) +bool Pho_ShowingUsrPhotoIsAllowed (struct UsrData *UsrDat,char PhotoURL[PATH_MAX + 1]) { bool ICanSeePhoto; @@ -1044,7 +1059,7 @@ bool Pho_ShowingUsrPhotoIsAllowed (struct UsrData *UsrDat,char *PhotoURL) // Returns false if photo does not exist // Returns true if link is created successfully -bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char *PhotoURL) +bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char PhotoURL[PATH_MAX + 1]) { char PathPublPhoto[PATH_MAX + 1]; char PathPrivPhoto[PATH_MAX + 1]; @@ -1052,13 +1067,15 @@ bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char *PhotoURL) if (UsrDat->Photo[0]) { /***** Make path to public photo *****/ - sprintf (PathPublPhoto,"%s/%s/%s.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); + snprintf (PathPublPhoto,sizeof (PathPublPhoto), + "%s/%s/%s.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); /***** Make path to private photo from public directory *****/ - sprintf (PathPrivPhoto,"%s/%s/%02u/%ld.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); + snprintf (PathPrivPhoto,sizeof (PathPrivPhoto), + "%s/%s/%02u/%ld.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); /***** Create a symbolic link to the private photo, if not exists *****/ if (!Fil_CheckIfPathExists (PathPublPhoto)) @@ -1067,8 +1084,9 @@ bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char *PhotoURL) " to access to user's private photo"); /***** Create the public URL of the photo *****/ - sprintf (PhotoURL,"%s/%s/%s.jpg", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); + snprintf (PhotoURL,PATH_MAX + 1, + "%s/%s/%s.jpg", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); return true; } @@ -1085,12 +1103,13 @@ bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char *PhotoURL) // Returns false if photo does not exist // Returns true if photo exists -bool Pho_CheckIfPrivPhotoExists (long UsrCod,char *PathPrivRelPhoto) +bool Pho_CheckIfPrivPhotoExists (long UsrCod,char PathPrivRelPhoto[PATH_MAX + 1]) { /***** Make path to private photo *****/ - sprintf (PathPrivRelPhoto,"%s/%s/%02u/%ld.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrCod % 100),UsrCod); + snprintf (PathPrivRelPhoto,PATH_MAX + 1, + "%s/%s/%02u/%ld.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrCod % 100),UsrCod); return Fil_CheckIfPathExists (PathPrivRelPhoto); } @@ -1113,16 +1132,18 @@ bool Pho_RemovePhoto (struct UsrData *UsrDat) Pho_ClearPhotoName (UsrDat->UsrCod); /***** Remove public link *****/ - sprintf (PathPublPhoto,"%s/%s/%s.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); + snprintf (PathPublPhoto,sizeof (PathPublPhoto), + "%s/%s/%s.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); if (Fil_CheckIfPathExists (PathPublPhoto)) // Public link exists if (unlink (PathPublPhoto)) // Remove public link NumErrors++; /***** Remove photo *****/ - sprintf (PathPrivRelPhoto,"%s/%s/%02u/%ld.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); + snprintf (PathPrivRelPhoto,sizeof (PathPrivRelPhoto), + "%s/%s/%02u/%ld.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); if (Fil_CheckIfPathExists (PathPrivRelPhoto)) // Photo exists { if (unlink (PathPrivRelPhoto)) // Remove photo @@ -1130,9 +1151,10 @@ bool Pho_RemovePhoto (struct UsrData *UsrDat) } /***** Remove original photo *****/ - sprintf (PathPrivRelPhoto,"%s/%s/%02u/%ld_original.jpg", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, - (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); + snprintf (PathPrivRelPhoto,sizeof (PathPrivRelPhoto), + "%s/%s/%02u/%ld_original.jpg", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO, + (unsigned) (UsrDat->UsrCod % 100),UsrDat->UsrCod); if (Fil_CheckIfPathExists (PathPrivRelPhoto)) // Original photo exists if (unlink (PathPrivRelPhoto)) // Remove original photo NumErrors++; @@ -1188,8 +1210,9 @@ void Pho_UpdatePhotoName (struct UsrData *UsrDat) DB_QueryUPDATE (Query,"can not update the name of a user's photo"); /***** Remove the old symbolic link to photo *****/ - sprintf (PathPublPhoto,"%s/%s/%s.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); + snprintf (PathPublPhoto,sizeof (PathPublPhoto), + "%s/%s/%s.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,UsrDat->Photo); unlink (PathPublPhoto); // Remove public link /***** Update photo name in user's data *****/ @@ -1211,7 +1234,7 @@ void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, BrowserTabIs1stTab; // Only in main browser tab bool PutZoomCode = (Zoom == Pho_ZOOM) && // Make zoom BrowserTabIs1stTab; // Only in main browser tab - char IdCaption[Act_MAX_BYTES_ID]; + char IdCaption[Act_MAX_BYTES_ID + 1]; /***** Start form to go to public profile *****/ if (PutLinkToPublicProfile) @@ -1341,21 +1364,25 @@ void Pho_CalcPhotoDegree (void) Gbl.Stat.DegPhotos.TypeOfAverage = Pho_GetPhotoAvgTypeFromForm (); /***** Create public directories for average photos if not exist *****/ - sprintf (PathPhotosPublic,"%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO); + snprintf (PathPhotosPublic,sizeof (PathPhotosPublic), + "%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO); Fil_CreateDirIfNotExists (PathPhotosPublic); for (TypeOfAverage = (Pho_AvgPhotoTypeOfAverage_t) 0; TypeOfAverage < Pho_NUM_AVERAGE_PHOTO_TYPES; TypeOfAverage++) { - sprintf (DirAvgPhotosRelPath[TypeOfAverage],"%s/%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Pho_StrAvgPhotoDirs[TypeOfAverage]); + snprintf (DirAvgPhotosRelPath[TypeOfAverage], + sizeof (DirAvgPhotosRelPath[TypeOfAverage]), + "%s/%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO,Pho_StrAvgPhotoDirs[TypeOfAverage]); Fil_CreateDirIfNotExists (DirAvgPhotosRelPath[TypeOfAverage]); } /***** Creates private directory for lists of users' photos if not exists *****/ - sprintf (PathPhotosTmpPriv,"%s/%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP); + snprintf (PathPhotosTmpPriv,sizeof (PathPhotosTmpPriv), + "%s/%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP); Fil_CreateDirIfNotExists (PathPhotosTmpPriv); /***** Remove old private files used for lists *****/ @@ -1602,16 +1629,18 @@ static void Pho_ComputeAveragePhoto (long DegCod,Usr_Sex_t Sex,Rol_Role_t Role, *NumStds = *NumStdsWithPhoto = 0; /***** Build name for file with average photo *****/ - sprintf (PathRelAvgPhoto,"%s/%ld_%s.jpg", - DirAvgPhotosRelPath,DegCod,Usr_StringsSexDB[Sex]); + snprintf (PathRelAvgPhoto,sizeof (PathRelAvgPhoto), + "%s/%ld_%s.jpg", + DirAvgPhotosRelPath,DegCod,Usr_StringsSexDB[Sex]); /***** Remove old file if exists *****/ if (Fil_CheckIfPathExists (PathRelAvgPhoto)) // If file exists unlink (PathRelAvgPhoto); /***** Build names for text file with photo paths *****/ - sprintf (FileNamePhotoNames,"%s/%s/%s/%ld.txt", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP,DegCod); + snprintf (FileNamePhotoNames,sizeof (FileNamePhotoNames), + "%s/%s/%s/%ld.txt", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_PHOTO,Cfg_FOLDER_PHOTO_TMP,DegCod); if ((FilePhotoNames = fopen (FileNamePhotoNames,"wb")) == NULL) Lay_ShowErrorAndExit ("Can not open file to compute average photo."); @@ -1639,9 +1668,10 @@ static void Pho_ComputeAveragePhoto (long DegCod,Usr_Sex_t Sex,Rol_Role_t Role, /***** Call to program to calculate average photo *****/ if (*NumStdsWithPhoto) { - sprintf (StrCallToProgram,"%s %s %s", - Pho_StrAvgPhotoPrograms[TypeOfAverage], - FileNamePhotoNames,PathRelAvgPhoto); + snprintf (StrCallToProgram,sizeof (StrCallToProgram), + "%s %s %s", + Pho_StrAvgPhotoPrograms[TypeOfAverage], + FileNamePhotoNames,PathRelAvgPhoto); ReturnCode = system (StrCallToProgram); if (ReturnCode == -1) Lay_ShowErrorAndExit ("Error when running program that computes the average photo."); @@ -1969,8 +1999,6 @@ static void Pho_PutLinkToPrintViewOfDegreeStatsParams (void) /*************** Put a link to calculate the stats of degrees ****************/ /*****************************************************************************/ -#define Pho_MAX_BYTES_ESTIMATED_TIME (128 - 1) - static void Pho_PutLinkToCalculateDegreeStats (void) { extern const char *The_ClassFormBold[The_NUM_THEMES]; @@ -1982,7 +2010,7 @@ static void Pho_PutLinkToCalculateDegreeStats (void) unsigned NumDeg; struct Degree Deg; long EstimatedTimeToComputeAvgPhotoInMicroseconds; - char StrEstimatedTimeToComputeAvgPhoto[Pho_MAX_BYTES_ESTIMATED_TIME + 1]; + char StrEstimatedTimeToComputeAvgPhoto[Dat_MAX_BYTES_TIME + 1]; if ((Deg.DegCod = Pho_GetDegWithAvgPhotoLeastRecentlyUpdated ()) > 0) { @@ -2017,7 +2045,7 @@ static void Pho_PutLinkToCalculateDegreeStats (void) EstimatedTimeToComputeAvgPhotoInMicroseconds = Pho_GetTimeToComputeAvgPhoto (Degs.Lst[NumDeg].DegCod); if (EstimatedTimeToComputeAvgPhotoInMicroseconds == -1L) Str_Copy (StrEstimatedTimeToComputeAvgPhoto,Txt_unknown_TIME, - Pho_MAX_BYTES_ESTIMATED_TIME); + Dat_MAX_BYTES_TIME); else Sta_WriteTime (StrEstimatedTimeToComputeAvgPhoto, EstimatedTimeToComputeAvgPhotoInMicroseconds); @@ -2412,7 +2440,7 @@ static void Pho_ShowDegreeAvgPhotoAndStat (struct Degree *Deg, char PhotoURL[PATH_MAX + 1]; char PhotoCaption[1024 + Hie_MAX_BYTES_SHRT_NAME]; bool ShowDegPhoto; - char IdCaption[Act_MAX_BYTES_ID]; + char IdCaption[Act_MAX_BYTES_ID + 1]; /***** Initializations *****/ PhotoURL[0] = '\0'; @@ -2427,7 +2455,9 @@ static void Pho_ShowDegreeAvgPhotoAndStat (struct Degree *Deg, { Act_StartFormGoTo (ActSeeDegInf); Deg_PutParamDegCod (Deg->DegCod); - sprintf (Gbl.Title,Txt_Go_to_X,Deg->FullName); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Go_to_X, + Deg->FullName); Act_LinkFormSubmit (Gbl.Title,NULL,NULL); } @@ -2440,28 +2470,30 @@ static void Pho_ShowDegreeAvgPhotoAndStat (struct Degree *Deg, if (ShowDegPhoto) { - sprintf (PathRelAvgPhoto,"%s/%s/%s/%ld_%s.jpg", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, - Pho_StrAvgPhotoDirs[Gbl.Stat.DegPhotos.TypeOfAverage], - Deg->DegCod,Usr_StringsSexDB[Sex]); + snprintf (PathRelAvgPhoto,sizeof (PathRelAvgPhoto), + "%s/%s/%s/%ld_%s.jpg", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, + Pho_StrAvgPhotoDirs[Gbl.Stat.DegPhotos.TypeOfAverage], + Deg->DegCod,Usr_StringsSexDB[Sex]); if (Fil_CheckIfPathExists (PathRelAvgPhoto)) { - sprintf (PhotoURL,"%s/%s/%s/%ld_%s.jpg", - Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, - Pho_StrAvgPhotoDirs[Gbl.Stat.DegPhotos.TypeOfAverage], - Deg->DegCod,Usr_StringsSexDB[Sex]); - if (SeeOrPrint == Pho_DEGREES_SEE) + snprintf (PhotoURL,sizeof (PhotoURL), + "%s/%s/%s/%ld_%s.jpg", + Cfg_URL_SWAD_PUBLIC,Cfg_FOLDER_PHOTO, + Pho_StrAvgPhotoDirs[Gbl.Stat.DegPhotos.TypeOfAverage], + Deg->DegCod,Usr_StringsSexDB[Sex]); if (SeeOrPrint == Pho_DEGREES_SEE) { /***** Hidden div to pass user's name to Javascript *****/ - sprintf (PhotoCaption,"%s
    " - "%d %s (%s)
    " - "%d %s (%d%%)", - Deg->ShrtName, - NumStds,Txt_students_ABBREVIATION,Txt_SEX_PLURAL_abc[Sex], - NumStdsWithPhoto,Txt_photos, - NumStds > 0 ? (int) (((NumStdsWithPhoto * 100.0) / NumStds) + 0.5) : - 0); + snprintf (PhotoCaption,sizeof (PhotoCaption), + "%s
    " + "%d %s (%s)
    " + "%d %s (%d%%)", + Deg->ShrtName, + NumStds,Txt_students_ABBREVIATION,Txt_SEX_PLURAL_abc[Sex], + NumStdsWithPhoto,Txt_photos, + NumStds > 0 ? (int) (((NumStdsWithPhoto * 100.0) / NumStds) + 0.5) : + 0); Act_SetUniqueId (IdCaption); fprintf (Gbl.F.Out,"
    " "
    " diff --git a/swad_photo.h b/swad_photo.h index da13aebc..ac87cf77 100644 --- a/swad_photo.h +++ b/swad_photo.h @@ -104,9 +104,9 @@ void Pho_UpdateUsrPhoto2 (void); unsigned Pho_UpdateMyClicksWithoutPhoto (void); void Pho_RemoveUsrFromTableClicksWithoutPhoto (long UsrCod); -bool Pho_ShowingUsrPhotoIsAllowed (struct UsrData *UsrDat,char *PhotoURL); -bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char *PhotoURL); -bool Pho_CheckIfPrivPhotoExists (long UsrCod,char *PathPrivRelPhoto); +bool Pho_ShowingUsrPhotoIsAllowed (struct UsrData *UsrDat,char PhotoURL[PATH_MAX + 1]); +bool Pho_BuildLinkToPhoto (const struct UsrData *UsrDat,char PhotoURL[PATH_MAX + 1]); +bool Pho_CheckIfPrivPhotoExists (long UsrCod,char PathPrivRelPhoto[PATH_MAX + 1]); bool Pho_RemovePhoto (struct UsrData *UsrDat); void Pho_UpdatePhotoName (struct UsrData *UsrDat); void Pho_ShowUsrPhoto (const struct UsrData *UsrDat,const char *PhotoURL, diff --git a/swad_plugin.c b/swad_plugin.c index 21eed696..0136ac09 100644 --- a/swad_plugin.c +++ b/swad_plugin.c @@ -114,7 +114,9 @@ void Plg_ListPlugins (void) { Plg = &(Gbl.Plugins.Lst[NumPlg]); - sprintf (URL,"%s%s",Plg->URL,Gbl.Session.Id); + snprintf (URL,sizeof (URL), + "%s%s", + Plg->URL,Gbl.Session.Id); /* Plugin logo */ // TODO: Change plugin icons to 32x32 diff --git a/swad_profile.c b/swad_profile.c index bf6204d8..70d45e86 100644 --- a/swad_profile.c +++ b/swad_profile.c @@ -110,15 +110,17 @@ void Prf_SeeSocialProfiles (void) /************************** Get public profile URL ***************************/ /*****************************************************************************/ -char *Prf_GetURLPublicProfile (char *URL,const char *NicknameWithoutArroba) +char *Prf_GetURLPublicProfile (char URL[Cns_MAX_BYTES_WWW + 1], + const char *NicknameWithoutArroba) { extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; /***** Build URL using nickname *****/ - sprintf (URL,"%s/%s?usr=@%s", - Cfg_URL_SWAD_CGI, - Txt_STR_LANG_ID[Gbl.Prefs.Language], - NicknameWithoutArroba); + snprintf (URL,Cns_MAX_BYTES_WWW + 1, + "%s/%s?usr=@%s", + Cfg_URL_SWAD_CGI, + Txt_STR_LANG_ID[Gbl.Prefs.Language], + NicknameWithoutArroba); return URL; } @@ -379,7 +381,7 @@ void Prf_ShowDetailsUserProfile (const struct UsrData *UsrDat) unsigned NumCrssUsrIsStudent; unsigned NumFiles; unsigned NumPublicFiles; - char IdFirstClickTime[Act_MAX_BYTES_ID]; + char IdFirstClickTime[Act_MAX_BYTES_ID + 1]; /***** Start left list *****/ fprintf (Gbl.F.Out,"
    " @@ -754,8 +756,9 @@ static void Prf_ShowRanking (unsigned long Rank,unsigned long NumUsrs) extern const char *Txt_of_PART_OF_A_TOTAL; /***** Part of a total and end container *****/ - sprintf (Gbl.Title,"#%lu %s %lu", - Rank,Txt_of_PART_OF_A_TOTAL,NumUsrs); + snprintf (Gbl.Title,sizeof (Gbl.Title), + "#%lu %s %lu", + Rank,Txt_of_PART_OF_A_TOTAL,NumUsrs); /***** Rank in form to go to ranking *****/ Act_StartForm (ActSeeUseGbl); diff --git a/swad_profile.h b/swad_profile.h index 568f78f5..270fed15 100644 --- a/swad_profile.h +++ b/swad_profile.h @@ -51,7 +51,8 @@ struct UsrFigures void Prf_SeeSocialProfiles (void); -char *Prf_GetURLPublicProfile (char *URL,const char *NicknameWithoutArroba); +char *Prf_GetURLPublicProfile (char URL[Cns_MAX_BYTES_WWW + 1], + const char *NicknameWithoutArroba); void Prf_PutLinkMyPublicProfile (void); void Prf_PutLinkRequestAnotherUserProfile (void); void Prf_RequestUserProfile (void); diff --git a/swad_project.c b/swad_project.c index 6d014681..d4953972 100644 --- a/swad_project.c +++ b/swad_project.c @@ -1708,7 +1708,9 @@ static void Prj_ShowOneProjectMembersWithARole (const struct Project *Prj, fprintf (Gbl.F.Out,"" ""); Gbl.Prjs.PrjCod = Prj->PrjCod; // Used to pass project code as a parameter - sprintf (Gbl.Title,Txt_Add_USER,Txt_PROJECT_ROLES_SINGUL_abc[RoleInProject]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Add_USER, + Txt_PROJECT_ROLES_SINGUL_abc[RoleInProject]); Lay_PutContextualLink (ActionReqAddUsr[RoleInProject],NULL,Prj_PutCurrentParams, "plus64x64.png", Gbl.Title,NULL, @@ -1905,7 +1907,9 @@ static void Prj_ReqAnotherUsrID (Prj_RoleInProject_t RoleInProject) Lay_ShowErrorAndExit ("Code of project is missing."); /***** Start box *****/ - sprintf (Gbl.Title,Txt_Add_USER,Txt_PROJECT_ROLES_SINGUL_abc[RoleInProject]); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Add_USER, + Txt_PROJECT_ROLES_SINGUL_abc[RoleInProject]); Box_StartBox (NULL,Gbl.Title,NULL, Hlp_ASSESSMENT_Projects_add_user,Box_NOT_CLOSABLE); @@ -2794,9 +2798,10 @@ void Prj_RemoveProject (void) Brw_RemovePrjFilesFromDB (Prj.PrjCod); /***** Remove directory of the project *****/ - sprintf (PathRelPrj,"%s/%s/%ld/%s/%02u/%ld", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,Prj.CrsCod,Cfg_FOLDER_PRJ, - (unsigned) (Prj.PrjCod % 100),Prj.PrjCod); + snprintf (PathRelPrj,sizeof (PathRelPrj), + "%s/%s/%ld/%s/%02u/%ld", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,Prj.CrsCod,Cfg_FOLDER_PRJ, + (unsigned) (Prj.PrjCod % 100),Prj.PrjCod); Fil_RemoveTree (PathRelPrj); /***** Write message to show the change made *****/ diff --git a/swad_record.c b/swad_record.c index 3abf49c5..e6e359c7 100644 --- a/swad_record.c +++ b/swad_record.c @@ -666,8 +666,9 @@ void Rec_AskConfirmRemFieldWithRecords (unsigned NumRecords) Ale_MAX_BYTES_ALERT); else { - sprintf (Message_part2,Txt_this_field_is_filled_in_the_records_of_X_students, - NumRecords); + snprintf (Message_part2,sizeof (Message_part2), + Txt_this_field_is_filled_in_the_records_of_X_students, + NumRecords); Str_Concat (Gbl.Alert.Txt,Message_part2, Ale_MAX_BYTES_ALERT); } @@ -1071,7 +1072,9 @@ static void Rec_ListRecordsGsts (Rec_SharedRecordViewType_t TypeOfView) if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&UsrDat)) // Get from the database the data of the student { /* Start container for this user */ - sprintf (RecordSectionId,"record_%u",NumUsr); + snprintf (RecordSectionId,sizeof (RecordSectionId), + "record_%u", + NumUsr); Lay_StartSection (RecordSectionId); fprintf (Gbl.F.Out,"
    tm_CurrentTime)) != NULL) { /* Date and time as strings */ - sprintf (Report->CurrentTimeUTC.StrDate,"%04d-%02d-%02d", - 1900 + Report->tm_CurrentTime.tm_year, // year - 1 + Report->tm_CurrentTime.tm_mon, // month - Report->tm_CurrentTime.tm_mday); // day of the month - sprintf (Report->CurrentTimeUTC.StrTime,"%02d:%02d:%02d", - Report->tm_CurrentTime.tm_hour, // hours - Report->tm_CurrentTime.tm_min, // minutes - Report->tm_CurrentTime.tm_sec); // seconds + snprintf (Report->CurrentTimeUTC.StrDate, + sizeof (Report->CurrentTimeUTC.StrDate), + "%04d-%02d-%02d", + 1900 + Report->tm_CurrentTime.tm_year, // year + 1 + Report->tm_CurrentTime.tm_mon, // month + Report->tm_CurrentTime.tm_mday); // day of the month + snprintf (Report->CurrentTimeUTC.StrTime, + sizeof (Report->CurrentTimeUTC.StrTime), + "%02d:%02d:%02d", + Report->tm_CurrentTime.tm_hour, // hours + Report->tm_CurrentTime.tm_min, // minutes + Report->tm_CurrentTime.tm_sec); // seconds /* Date and time as unsigned */ Report->CurrentTimeUTC.Date = (1900 + Report->tm_CurrentTime.tm_year) * 10000 + @@ -362,43 +370,54 @@ static void Rep_CreateNewReportFile (struct Rep_Report *Report) char PathUniqueDirL[PATH_MAX + 1]; char PathUniqueDirR[PATH_MAX + 1]; char PathFileReport[PATH_MAX + 1]; + char Permalink[128 + + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + + NAME_MAX]; /***** Path for reports *****/ - sprintf (PathReports,"%s/%s", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_REP); + snprintf (PathReports,sizeof (PathReports), + "%s/%s", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_REP); Fil_CreateDirIfNotExists (PathReports); /***** Unique directory for the file with the report *****/ /* 1. Create a directory using the leftmost 2 chars of a unique name */ - sprintf (PathUniqueDirL,"%s/%s/%c%c", - Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_REP, - Gbl.UniqueNameEncrypted[0], - Gbl.UniqueNameEncrypted[1]); + snprintf (PathUniqueDirL,sizeof (PathUniqueDirL), + "%s/%s/%c%c", + Cfg_PATH_SWAD_PUBLIC,Cfg_FOLDER_REP, + Gbl.UniqueNameEncrypted[0], + Gbl.UniqueNameEncrypted[1]); Fil_CreateDirIfNotExists (PathUniqueDirL); /* 2. Create a directory using the rightmost 41 chars of a unique name */ - sprintf (PathUniqueDirR,"%s/%s", - PathUniqueDirL, - &Gbl.UniqueNameEncrypted[2]); + snprintf (PathUniqueDirR,sizeof (PathUniqueDirR), + "%s/%s", + PathUniqueDirL, + &Gbl.UniqueNameEncrypted[2]); if (mkdir (PathUniqueDirR,(mode_t) 0xFFF)) Lay_ShowErrorAndExit ("Can not create directory for report."); /***** Path of the public file with the report */ - sprintf (Report->FilenameReport,"%s_%06u_%06u.html", - Rep_FILENAME_ROOT,Report->CurrentTimeUTC.Date,Report->CurrentTimeUTC.Time); - sprintf (PathFileReport,"%s/%s", - PathUniqueDirR,Report->FilenameReport); + snprintf (Report->FilenameReport,sizeof (Report->FilenameReport), + "%s_%06u_%06u.html", + Rep_FILENAME_ROOT,Report->CurrentTimeUTC.Date,Report->CurrentTimeUTC.Time); + snprintf (PathFileReport,sizeof (PathFileReport), + "%s/%s", + PathUniqueDirR,Report->FilenameReport); if ((Gbl.F.Rep = fopen (PathFileReport,"wb")) == NULL) Lay_ShowErrorAndExit ("Can not create report file."); /***** Permalink *****/ - sprintf (Report->Permalink,"%s/%s/%c%c/%s/%s", - Cfg_URL_SWAD_PUBLIC, - Cfg_FOLDER_REP, - Gbl.UniqueNameEncrypted[0], - Gbl.UniqueNameEncrypted[1], - &Gbl.UniqueNameEncrypted[2], - Report->FilenameReport); + snprintf (Permalink,sizeof (Permalink), + "%s/%s/%c%c/%s/%s", + Cfg_URL_SWAD_PUBLIC, + Cfg_FOLDER_REP, + Gbl.UniqueNameEncrypted[0], + Gbl.UniqueNameEncrypted[1], + &Gbl.UniqueNameEncrypted[2], + Report->FilenameReport); + Str_Copy (Report->Permalink,Permalink, + Cns_MAX_BYTES_WWW); } /*****************************************************************************/ @@ -447,7 +466,9 @@ static void Rep_WriteHeader (const struct Rep_Report *Report) fprintf (Gbl.F.Rep,"
    "); /***** Main title *****/ - sprintf (Gbl.Title,Txt_Report_of_use_of_PLATFORM,Cfg_PLATFORM_SHORT_NAME); + snprintf (Gbl.Title,sizeof (Gbl.Title), + Txt_Report_of_use_of_PLATFORM, + Cfg_PLATFORM_SHORT_NAME); fprintf (Gbl.F.Rep,"

    %s

    " "