From patchwork Mon Mar 25 07:16:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3668 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:c315:b0:55c:c090:46f0 with SMTP id jk21csp2272854mab; Mon, 25 Mar 2024 00:16:46 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWIwzKH41zZkOzn0RSfh/lLxxbC0sHnoswwJ8tOx7eko5K11EFImbk4qaibnHbyLGcEdFsk2YSD7m3P+msRd1fep4rnr0w= X-Google-Smtp-Source: AGHT+IGlmw/VzqxxCjOWuoAGH3fms9mHzgbiokpnNParhF0+XuZZfw2cBkn042NP5cYqnhrdqcZJ X-Received: by 2002:a17:902:b702:b0:1df:fbc3:d130 with SMTP id d2-20020a170902b70200b001dffbc3d130mr6919763pls.1.1711351006373; Mon, 25 Mar 2024 00:16:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1711351006; cv=none; d=google.com; s=arc-20160816; b=AHVcq6QLciZw+pg+zTY1AD30cOUdH6AEzRzxavln4OpRJLjstnOibg5JSxTIXkEaeQ Egs1CfPWfVuJcZOl+O9Fxtd//ycX58BXpI+RFBxvxPuOOe4XEdEVWZp/LcZxPDCmhoZE q58VHO3Fc2gglwnuq63+LqVFZDKGOgPKctt7oUTqcXX2SM0E1ql1HK7Ap8mSL5fykDl9 m6O+G01P6FbTaRO+7Dk6t2CqoYNYYxM8WyIV0WPvfH6/kgE9injm6hnmgKyRjic0u/ff UhIqIXRzEFTSWhPgmztzv1PV1wU1jQmugHFS5jtuq0RVJSrC4JJ9qMX2vDm/tK243lPd V73A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=T5G1w3kFfzGtqgr7tiYAvxxDGT16JQ05raX8/Q5+W1E=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=sdOtYNxegjzCooGYzc5aIkKoFCiKS9hd8f9gnicCUchkSU0b7GNG0ODbtSP/odHKDp aPaepPFQU5HCRni1Y9hHuDKcBYB2mClQffS2l+aDkPN760LkLr4MkfBwi7ngLLslVj2o gFiiQ5uE9uCaM2loMRT/r06vkhKvJWYcRu2ZlD6C7H4x/JTmiwIms2yOaPT6CcKiMqGG McF1QaSCCI8gWb+pnxeVV7WYuv/gIbdny9bSv5xn67uMPTkUtIRhCJPO/kLG7XsR6TQX P+XNiagJtjmmU/8SjVEU1DH2DsHKTPJEAnLrAvdCPM/azgkMFBJ0f0dhChmHUpOi0zSs x2qA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QIrd74qU; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="T/xD1zQo"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id s8-20020a170902ea0800b001e083472790si4914442plg.459.2024.03.25.00.16.46 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 25 Mar 2024 00:16:46 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QIrd74qU; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="T/xD1zQo"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1roeZI-0003Xp-N4; Mon, 25 Mar 2024 07:16:28 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1roeZF-0003Xe-BY for openvpn-devel@lists.sourceforge.net; Mon, 25 Mar 2024 07:16:25 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=2JC9y0gJquc6nHYYAvMTjVnz+TfjWp+oo4J6ByOWbJ8=; b=QIrd74qU2slnOIZpt1XL6lLGqN 6ZT30H7g8p4etX+Hp5XP3tYjDnWNOdCxWtcfLebK8fyyb3MGYnXXiSKZkdABlGWZpuygpRi1I/lA5 nskAejzY9ELa8Qqw0UoBGNpbhjJWhMI/TL0932nUc1wDXafMUvju3jUwM4SoCqs5IU1s=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=2JC9y0gJquc6nHYYAvMTjVnz+TfjWp+oo4J6ByOWbJ8=; b=T/xD1zQoOrkQGlaGAn+QhX/5Pe BPaW52KEQAg1BC0AXXxuXdCH9k6sRtu7gZ4Ga0VTI+NPHe5UeW1Oa+UXaD/GW2ph0yyFToP1FQ+zu CYY35NTOyVmV9q2Yr/qTwU5d7BPUf9uvr+rK9SJDfnhSBHmsKdvRgnmcWG/QrGOdl0kE=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1roeZB-0000iz-E0 for openvpn-devel@lists.sourceforge.net; Mon, 25 Mar 2024 07:16:24 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 42P7GAXW013087 for ; Mon, 25 Mar 2024 08:16:10 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 42P7GAdF013086 for openvpn-devel@lists.sourceforge.net; Mon, 25 Mar 2024 08:16:10 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Mon, 25 Mar 2024 08:16:08 +0100 Message-ID: <20240325071608.13075-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.43.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe Old Microsoft versions did strange behaviour but according to the newly added unit test and https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating this is now standard conform [...] Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1roeZB-0000iz-E0 Subject: [Openvpn-devel] [PATCH v1] Remove openvpn_snprintf and similar functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1794481592878275347?= X-GMAIL-MSGID: =?utf-8?q?1794481592878275347?= From: Arne Schwabe Old Microsoft versions did strange behaviour but according to the newly added unit test and https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating this is now standard conforming and we can use the normal snprintf method. Microsoft own documentation to swprintf also says you nowadays need to define _CRT_NON_CONFORMING_SWPRINTFS to get to non-standard behaviour. Change-Id: I07096977e3b562bcb5d2c6f11673a4175b8e12ac Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/547 This mail reflects revision 1 of this Change. Signed-off-by line for the author was added as per our policy. Acked-by according to Gerrit (reflected above): Antonio Quartulli diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 66fd63f..3a8069c 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -279,32 +279,6 @@ return ret; } - -/* - * This is necessary due to certain buggy implementations of snprintf, - * that don't guarantee null termination for size > 0. - * - * Return false on overflow. - * - * This functionality is duplicated in src/openvpnserv/common.c - * Any modifications here should be done to the other place as well. - */ - -bool -openvpn_snprintf(char *str, size_t size, const char *format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vsnprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = 0; - } - return (len >= 0 && len < size); -} - /* * write a string to the end of a buffer that was * truncated by buf_printf diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 7c2f75a..27c3199 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -448,19 +448,6 @@ */ bool buf_puts(struct buffer *buf, const char *str); -/* - * Like snprintf but guarantees null termination for size > 0 - */ -bool openvpn_snprintf(char *str, size_t size, const char *format, ...) -#ifdef __GNUC__ -#if __USE_MINGW_ANSI_STDIO -__attribute__ ((format(gnu_printf, 3, 4))) -#else -__attribute__ ((format(__printf__, 3, 4))) -#endif -#endif -; - /* * remove/add trailing characters diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 5d05cc4..207f145 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -874,11 +874,11 @@ key_direction_state_init(&kds, key_direction); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Outgoing %s", name); init_key_ctx(&ctx->encrypt, &key2->keys[kds.out_key], kt, OPENVPN_OP_ENCRYPT, log_prefix); - openvpn_snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); + snprintf(log_prefix, sizeof(log_prefix), "Incoming %s", name); init_key_ctx(&ctx->decrypt, &key2->keys[kds.in_key], kt, OPENVPN_OP_DECRYPT, log_prefix); diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c806719 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -128,7 +128,7 @@ { char prefix[256]; - if (!openvpn_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) + if (!snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) { return mbed_log_err(flags, errval, func); } @@ -239,11 +239,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) { return false; } @@ -278,11 +278,11 @@ char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) + if (!snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; } - if (!openvpn_snprintf(footer, sizeof(footer), "-----END %s-----", name)) + if (!snprintf(footer, sizeof(footer), "-----END %s-----", name)) { return false; } diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c index 7de3991..0539ca5 100644 --- a/src/openvpn/dns.c +++ b/src/openvpn/dns.c @@ -349,11 +349,11 @@ if (j < 0) { - name_ok = openvpn_snprintf(name, sizeof(name), format, i); + name_ok = snprintf(name, sizeof(name), format, i); } else { - name_ok = openvpn_snprintf(name, sizeof(name), format, i, j); + name_ok = snprintf(name, sizeof(name), format, i, j); } if (!name_ok) diff --git a/src/openvpn/env_set.c b/src/openvpn/env_set.c index b13d01e..81ab59e 100644 --- a/src/openvpn/env_set.c +++ b/src/openvpn/env_set.c @@ -259,7 +259,7 @@ setenv_counter(struct env_set *es, const char *name, counter_type value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), counter_format, value); + snprintf(buf, sizeof(buf), counter_format, value); setenv_str(es, name, buf); } @@ -267,7 +267,7 @@ setenv_int(struct env_set *es, const char *name, int value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%d", value); + snprintf(buf, sizeof(buf), "%d", value); setenv_str(es, name, buf); } @@ -275,7 +275,7 @@ setenv_long_long(struct env_set *es, const char *name, long long value) { char buf[64]; - openvpn_snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); + snprintf(buf, sizeof(buf), "%" PRIi64, (int64_t)value); setenv_str(es, name, buf); } @@ -310,7 +310,7 @@ strcpy(tmpname, name); while (NULL != env_set_get(es, tmpname) && counter < 1000) { - ASSERT(openvpn_snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); + ASSERT(snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); counter++; } if (counter < 1000) diff --git a/src/openvpn/error.c b/src/openvpn/error.c index 245a2d5..ec65d5e 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -274,14 +274,14 @@ if ((flags & M_ERRNO) && e) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", - m1, openvpn_strerror(e, crt_error, &gc), e); + snprintf(m2, ERR_BUF_SIZE, "%s: %s (errno=%d)", + m1, openvpn_strerror(e, crt_error, &gc), e); SWAP; } if (flags & M_OPTERR) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); + snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); SWAP; } @@ -321,10 +321,10 @@ const struct virtual_output *vo = msg_get_virtual_output(); if (vo) { - openvpn_snprintf(m2, ERR_BUF_SIZE, "%s%s%s", - prefix, - prefix_sep, - m1); + snprintf(m2, ERR_BUF_SIZE, "%s%s%s", + prefix, + prefix_sep, + m1); virtual_output_print(vo, flags, m2); } } diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f2ce926..bce2e09 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -359,7 +359,7 @@ char *out = malloc(len); check_malloc_return(out); - openvpn_snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); + snprintf(out, len, "%s,%s,%s,%s", ce->remote, ce->remote_port, proto, status); *remote = out; } else diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 43c5507..89591ea 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -515,8 +515,8 @@ char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); - openvpn_snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); + snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); + snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); msg(M_CLIENT, ">BYTECOUNT:%s,%s", in, out); } @@ -528,8 +528,8 @@ char in[32]; char out[32]; /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, *bytes_in_total); - openvpn_snprintf(out, sizeof(out), counter_format, *bytes_out_total); + snprintf(in, sizeof(in), counter_format, *bytes_in_total); + snprintf(out, sizeof(out), counter_format, *bytes_out_total); msg(M_CLIENT, ">BYTECOUNT_CLI:%lu,%s,%s", mdac->cid, in, out); mdac->bytecount_last_update = now; } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 768332d..a9a44ba 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1427,7 +1427,7 @@ for (int i = 1; i <= opt_max; ++i) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", i); + snprintf(name, sizeof(name), "foreign_option_%d", i); const char *env_str = env_set_get(es, name); const char *value = strchr(env_str, '=') + 1; @@ -1482,7 +1482,7 @@ while (o->foreign_option_index < opt_max) { char name[32]; - openvpn_snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); + snprintf(name, sizeof(name), "foreign_option_%d", opt_max--); setenv_del(es, name); } } @@ -5671,8 +5671,8 @@ #ifndef ENABLE_SMALL { char script_name[100]; - openvpn_snprintf(script_name, sizeof(script_name), - "--%s script", type); + snprintf(script_name, sizeof(script_name), + "--%s script", type); if (check_cmd_access(*script, script_name, (in_chroot ? options->chroot_dir : NULL))) { diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index 35a02c2..418f6bb 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -201,7 +201,7 @@ CLEAR(token_resp); token_resp.defined = false; token_resp.nocache = true; - openvpn_snprintf( + snprintf( token_resp.username, sizeof(token_resp.username), "Please insert %s token", @@ -245,7 +245,7 @@ ASSERT(token!=NULL); - openvpn_snprintf(prompt, sizeof(prompt), "%s token", token->label); + snprintf(prompt, sizeof(prompt), "%s token", token->label); token_pass.defined = false; token_pass.nocache = true; @@ -719,7 +719,7 @@ id_resp.defined = false; id_resp.nocache = true; - openvpn_snprintf( + snprintf( id_resp.username, sizeof(id_resp.username), "Please specify PKCS#11 id to use" diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 9853dac..3d9d59e 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -564,9 +564,9 @@ { ++attempts; - if (!openvpn_snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, - prefix, (unsigned long) get_random(), - (unsigned long) get_random())) + if (!snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, + prefix, (unsigned long) get_random(), + (unsigned long) get_random())) { msg(M_WARN, "ERROR: temporary filename too long"); return NULL; diff --git a/src/openvpn/plugin.c b/src/openvpn/plugin.c index 2ad459c..944ce94 100644 --- a/src/openvpn/plugin.c +++ b/src/openvpn/plugin.c @@ -260,7 +260,7 @@ { char full[PATH_MAX]; - openvpn_snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); + snprintf(full, sizeof(full), "%s/%s", PLUGIN_LIBDIR, p->so_pathname); p->handle = dlopen(full, RTLD_NOW); } else @@ -409,7 +409,7 @@ gc_init(&gc); msg_fmt = gc_malloc(ERR_BUF_SIZE, false, &gc); - openvpn_snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); + snprintf(msg_fmt, ERR_BUF_SIZE, "PLUGIN %s: %s", name, format); x_msg_va(msg_flags, msg_fmt, arglist); gc_free(&gc); diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c index f706c1a..e3c3708 100644 --- a/src/openvpn/pool.c +++ b/src/openvpn/pool.c @@ -766,7 +766,7 @@ ifconfig_pool_handle h; in_addr_t local, remote; char buf[256]; - openvpn_snprintf(buf, sizeof(buf), "common-name-%d", i); + snprintf(buf, sizeof(buf), "common-name-%d", i); #ifdef DUP_CN cn = NULL; #else diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index c904301..8fd4744 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -582,9 +582,9 @@ { if (p->options.custom_headers[i].content) { - openvpn_snprintf(buf, sizeof(buf), "%s: %s", - p->options.custom_headers[i].name, - p->options.custom_headers[i].content); + snprintf(buf, sizeof(buf), "%s: %s", + p->options.custom_headers[i].name, + p->options.custom_headers[i].content); if (!strcasecmp(p->options.custom_headers[i].name, "Host")) { host_header_sent = true; @@ -592,8 +592,8 @@ } else { - openvpn_snprintf(buf, sizeof(buf), "%s", - p->options.custom_headers[i].name); + snprintf(buf, sizeof(buf), "%s", + p->options.custom_headers[i].name); if (!strncasecmp(p->options.custom_headers[i].name, "Host:", 5)) { host_header_sent = true; @@ -609,7 +609,7 @@ if (!host_header_sent) { - openvpn_snprintf(buf, sizeof(buf), "Host: %s", host); + snprintf(buf, sizeof(buf), "Host: %s", host); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -620,8 +620,8 @@ /* send User-Agent string if provided */ if (p->options.user_agent) { - openvpn_snprintf(buf, sizeof(buf), "User-Agent: %s", - p->options.user_agent); + snprintf(buf, sizeof(buf), "User-Agent: %s", + p->options.user_agent); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { @@ -667,10 +667,10 @@ else { /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -692,8 +692,8 @@ break; case HTTP_AUTH_BASIC: - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", - username_password_as_base64(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: Basic %s", + username_password_as_base64(p, &gc)); msg(D_PROXY, "Attempting Basic Proxy-Authorization"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -705,14 +705,14 @@ #if NTLM case HTTP_AUTH_NTLM2: /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", - ntlm_phase_1(p, &gc)); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", + ntlm_phase_1(p, &gc)); msg(D_PROXY, "Attempting NTLM Proxy-Authorization phase 1"); dmsg(D_SHOW_KEYS, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) @@ -773,7 +773,7 @@ char get[80]; CLEAR(buf2); - openvpn_snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); + snprintf(get, sizeof(get), "%%*s NTLM %%%zus", sizeof(buf2) - 1); nparms = sscanf(buf, get, buf2); /* check for "Proxy-Authenticate: NTLM TlRM..." */ @@ -795,10 +795,10 @@ /* now send the phase 3 reply */ /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", - host, - port, - p->options.http_version); + snprintf(buf, sizeof(buf), "CONNECT %s:%s HTTP/%s", + host, + port, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -809,7 +809,7 @@ } /* keep-alive connection */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + snprintf(buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); if (!send_line_crlf(sd, buf)) { goto error; @@ -829,7 +829,7 @@ msg(D_PROXY, "NTLM Proxy-Authorization phase 3 failed: received corrupted data from proxy server"); goto error; } - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); + snprintf(buf, sizeof(buf), "Proxy-Authorization: NTLM %s", np3); } msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -899,15 +899,15 @@ /* build the digest response */ - openvpn_snprintf(uri, sizeof(uri), "%s:%s", - host, - port); + snprintf(uri, sizeof(uri), "%s:%s", + host, + port); if (opaque) { const int len = strlen(opaque)+16; opaque_kv = gc_malloc(len, false, &gc); - openvpn_snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); + snprintf(opaque_kv, len, ", opaque=\"%s\"", opaque); } DigestCalcHA1(algor, @@ -928,10 +928,10 @@ response); /* format HTTP CONNECT message */ - openvpn_snprintf(buf, sizeof(buf), "%s %s HTTP/%s", - http_method, - uri, - p->options.http_version); + snprintf(buf, sizeof(buf), "%s %s HTTP/%s", + http_method, + uri, + p->options.http_version); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); @@ -948,17 +948,17 @@ } /* send digest response */ - openvpn_snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", - username, - realm, - nonce, - uri, - qop, - nonce_count, - cnonce, - response, - opaque_kv - ); + snprintf(buf, sizeof(buf), "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", + username, + realm, + nonce, + uri, + qop, + nonce_count, + cnonce, + response, + opaque_kv + ); msg(D_PROXY, "Send to HTTP proxy: '%s'", buf); if (!send_line_crlf(sd, buf)) { diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index 7d9f9b5..4ca3a12 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -354,7 +354,7 @@ fnlen = strlen(journal_dir) + strlen(t) + 2; jfn = (char *) malloc(fnlen); check_malloc_return(jfn); - openvpn_snprintf(jfn, fnlen, "%s/%s", journal_dir, t); + snprintf(jfn, fnlen, "%s/%s", journal_dir, t); dmsg(D_PS_PROXY_DEBUG, "PORT SHARE PROXY: client origin %s -> %s", jfn, f); fd = platform_open(jfn, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP); if (fd != -1) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 909d6d2..68bbcfd 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1621,11 +1621,11 @@ if (rgi) { - openvpn_snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); + snprintf(out, sizeof(out), "%s %s %s dev %s", network, netmask, gateway, rgi->iface); } else { - openvpn_snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); + snprintf(out, sizeof(out), "%s %s %s", network, netmask, gateway); } bool ret = management_android_control(management, "ROUTE", out); status = ret ? RTA_SUCCESS : RTA_ERROR; @@ -2000,7 +2000,7 @@ #elif defined (TARGET_ANDROID) char out[64]; - openvpn_snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); + snprintf(out, sizeof(out), "%s/%d %s", network, r6->netbits, device); status = management_android_control(management, "ROUTE6", out); diff --git a/src/openvpn/run_command.h b/src/openvpn/run_command.h index 52ab115..ccad307 100644 --- a/src/openvpn/run_command.h +++ b/src/openvpn/run_command.h @@ -66,8 +66,8 @@ { char msg[256]; - openvpn_snprintf(msg, sizeof(msg), - "WARNING: Failed running command (%s)", hook); + snprintf(msg, sizeof(msg), + "WARNING: Failed running command (%s)", hook); return openvpn_execve_check(a, es, flags | S_SCRIPT, msg); } diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 57eaee2..817a37f 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2982,11 +2982,11 @@ case AF_INET: if (flags & SA_IP_PORT) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s", name_prefix); } inet_ntop(AF_INET, &addr->addr.in4.sin_addr, buf, sizeof(buf)); @@ -2994,7 +2994,7 @@ if ((flags & SA_IP_PORT) && addr->addr.in4.sin_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in4.sin_port)); } break; @@ -3005,19 +3005,19 @@ struct in_addr ia; memcpy(&ia.s_addr, &addr->addr.in6.sin6_addr.s6_addr[12], sizeof(ia.s_addr)); - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip", name_prefix); inet_ntop(AF_INET, &ia, buf, sizeof(buf)); } else { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_ip6", name_prefix); inet_ntop(AF_INET6, &addr->addr.in6.sin6_addr, buf, sizeof(buf)); } setenv_str(es, name_buf, buf); if ((flags & SA_IP_PORT) && addr->addr.in6.sin6_port) { - openvpn_snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); + snprintf(name_buf, sizeof(name_buf), "%s_port", name_prefix); setenv_int(es, name_buf, ntohs(addr->addr.in6.sin6_port)); } break; diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index d842666..2cbe8a4 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -109,8 +109,8 @@ "Authentication not possible."); goto cleanup; } - openvpn_snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int) strlen(creds.username), - creds.username, (int) strlen(creds.password), creds.password); + snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int) strlen(creds.username), + creds.username, (int) strlen(creds.password), creds.password); size = send(sd, to_send, strlen(to_send), MSG_NOSIGNAL); if (size != strlen(to_send)) diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index b44ddd5..65a865e 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -1531,16 +1531,16 @@ char s2[256]; s1[0] = s2[0] = 0; - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s", - prefix, - mbedtls_ssl_get_version(ks_ssl->ctx), - mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s", + prefix, + mbedtls_ssl_get_version(ks_ssl->ctx), + mbedtls_ssl_get_ciphersuite(ks_ssl->ctx)); cert = mbedtls_ssl_get_peer_cert(ks_ssl->ctx); if (cert != NULL) { - openvpn_snprintf(s2, sizeof(s2), ", %u bit key", - (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); + snprintf(s2, sizeof(s2), ", %u bit key", + (unsigned int) mbedtls_pk_get_bitlen(&cert->pk)); } msg(D_HANDSHAKE, "%s%s", s1, s2); diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index 73ec9f5..968858e 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -198,8 +198,8 @@ size_t newlen = strlen(o->ncp_ciphers) + 1 + strlen(ciphername) + 1; char *ncp_ciphers = gc_malloc(newlen, false, &o->gc); - ASSERT(openvpn_snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, - ciphername)); + ASSERT(snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, + ciphername)); o->ncp_ciphers = ncp_ciphers; } diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 4383e98..d0df0e8 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -1774,7 +1774,7 @@ if (!biofp) { char fn[256]; - openvpn_snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); + snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); biofp = fopen(fn, "w"); ASSERT(biofp); biofp_last_open = time(NULL); @@ -2116,8 +2116,8 @@ #endif /* if OPENSSL_VERSION_NUMBER < 0x30000000L */ } - openvpn_snprintf(buf, buflen, "%d bits %s%s", - EVP_PKEY_bits(pkey), type, curve); + snprintf(buf, buflen, "%d bits %s%s", + EVP_PKEY_bits(pkey), type, curve); } /** @@ -2137,12 +2137,12 @@ int signature_nid = X509_get_signature_nid(cert); if (signature_nid != 0) { - openvpn_snprintf(sig, sizeof(sig), ", signature: %s", - OBJ_nid2sn(signature_nid)); + snprintf(sig, sizeof(sig), ", signature: %s", + OBJ_nid2sn(signature_nid)); } - openvpn_snprintf(buf, buflen, ", peer certificate: %s%s", - pkeybuf, sig); + snprintf(buf, buflen, ", peer certificate: %s%s", + pkeybuf, sig); EVP_PKEY_free(pkey); } @@ -2160,8 +2160,8 @@ char pkeybuf[128] = { 0 }; print_pkey_details(pkey, pkeybuf, sizeof(pkeybuf)); - openvpn_snprintf(buf, buflen, ", peer temporary key: %s", - pkeybuf); + snprintf(buf, buflen, ", peer temporary key: %s", + pkeybuf); EVP_PKEY_free(pkey); } @@ -2237,8 +2237,8 @@ return; } - openvpn_snprintf(buf, buflen, ", peer signing digest/type: %s %s", - peer_sig, peer_sig_type); + snprintf(buf, buflen, ", peer signing digest/type: %s %s", + peer_sig, peer_sig_type); } @@ -2261,11 +2261,11 @@ s1[0] = s2[0] = s3[0] = s4[0] = 0; ciph = SSL_get_current_cipher(ks_ssl->ssl); - openvpn_snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", - prefix, - SSL_get_version(ks_ssl->ssl), - SSL_CIPHER_get_version(ciph), - SSL_CIPHER_get_name(ciph)); + snprintf(s1, sizeof(s1), "%s %s, cipher %s %s", + prefix, + SSL_get_version(ks_ssl->ssl), + SSL_CIPHER_get_version(ciph), + SSL_CIPHER_get_name(ciph)); X509 *cert = SSL_get_peer_certificate(ks_ssl->ssl); if (cert) diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index c7d7799..ec7ff23 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -421,12 +421,12 @@ } /* export subject name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth); setenv_str(es, envname, subject); #if 0 /* export common name string as environmental variable */ - openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth); setenv_str(es, envname, common_name); #endif @@ -435,24 +435,24 @@ struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc); struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc)); - openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", - cert_depth); + snprintf(envname, sizeof(envname), "tls_digest_sha256_%d", + cert_depth); setenv_str(es, envname, format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc)); } /* export serial number as environmental variable */ serial = backend_x509_get_serial(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth); setenv_str(es, envname, serial); /* export serial number in hex as environmental variable */ serial = backend_x509_get_serial_hex(peer_cert, &gc); - openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); + snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth); setenv_str(es, envname, serial); gc_free(&gc); @@ -569,7 +569,7 @@ goto cleanup; } - if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) + if (!snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) { msg(D_HANDSHAKE, "VERIFY CRL: filename overflow"); goto cleanup; @@ -938,9 +938,9 @@ if (!check_auth_pending_method(multi->peer_info, pending_method)) { char buf[128]; - openvpn_snprintf(buf, sizeof(buf), - "Authentication failed, required pending auth " - "method '%s' not supported", pending_method); + snprintf(buf, sizeof(buf), + "Authentication failed, required pending auth " + "method '%s' not supported", pending_method); auth_set_client_reason(multi, buf); msg(M_INFO, "Client does not supported auth pending method " "'%s'", pending_method); diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index a801cd3..ca14ceb 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -86,8 +86,8 @@ char *serial = backend_x509_get_serial(cert, &gc); ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr)-1, "", *flags); - if (ret <= 0 && !openvpn_snprintf(errstr, sizeof(errstr), - "Could not retrieve error string, flags=%" PRIx32, *flags)) + if (ret <= 0 && !snprintf(errstr, sizeof(errstr), + "Could not retrieve error string, flags=%" PRIx32, *flags)) { errstr[0] = '\0'; } @@ -307,7 +307,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -431,13 +431,13 @@ if (0 == mbedtls_oid_get_attr_short_name(&name->oid, &shortname) ) { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", - cert_depth, shortname); + snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", + cert_depth, shortname); } else { - openvpn_snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", - cert_depth); + snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", + cert_depth); } for (i = 0; i < name->val.len; i++) diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c index ec3a7cf..7d41d4a 100644 --- a/src/openvpn/ssl_verify_openssl.c +++ b/src/openvpn/ssl_verify_openssl.c @@ -279,7 +279,7 @@ gc_free(&gc); return FAILURE; } - openvpn_snprintf(common_name, cn_len, "0x%s", serial); + snprintf(common_name, cn_len, "0x%s", serial); gc_free(&gc); } else @@ -454,7 +454,7 @@ name_expand_size = 64 + strlen(name); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); + snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name); setenv_str(es, name_expand, value); free(name_expand); } @@ -597,8 +597,8 @@ name_expand_size = 64 + strlen(objbuf); name_expand = (char *) malloc(name_expand_size); check_malloc_return(name_expand); - openvpn_snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, - objbuf); + snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth, + objbuf); string_mod(name_expand, CC_PRINT, CC_CRLF, '_'); string_mod((char *)buf, CC_PRINT, CC_CRLF, '_'); setenv_str_incr(es, name_expand, (char *)buf); diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 975d31f..8948938 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -574,8 +574,8 @@ } char metadata_type_str[4] = { 0 }; /* Max value: 255 */ - openvpn_snprintf(metadata_type_str, sizeof(metadata_type_str), - "%i", metadata_type); + snprintf(metadata_type_str, sizeof(metadata_type_str), + "%i", metadata_type); struct env_set *es = env_set_create(NULL); setenv_str(es, "script_type", "tls-crypt-v2-verify"); setenv_str(es, "metadata_type", metadata_type_str); diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index f550e9c..d01515d 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1114,8 +1114,8 @@ #elif defined(TARGET_ANDROID) char out6[64]; - openvpn_snprintf(out6, sizeof(out6), "%s/%d %d", - ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); + snprintf(out6, sizeof(out6), "%s/%d %d", + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); management_android_control(management, "IFCONFIG6", out6); #elif defined(TARGET_SOLARIS) argv_printf(&argv, "%s %s inet6 unplumb", IFCONFIG_PATH, ifname); @@ -1362,8 +1362,8 @@ top = "undef"; } - openvpn_snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, - ifconfig_remote_netmask, tun_mtu, top); + snprintf(out, sizeof(out), "%s %s %d %s", ifconfig_local, + ifconfig_remote_netmask, tun_mtu, top); management_android_control(management, "IFCONFIG", out); #elif defined(TARGET_SOLARIS) @@ -1912,7 +1912,7 @@ */ if (dev_node) { - openvpn_snprintf(tunname, sizeof(tunname), "%s", dev_node); + snprintf(tunname, sizeof(tunname), "%s", dev_node); } else { @@ -1926,10 +1926,10 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(tunname, sizeof(tunname), - "/dev/%s%d", dev, i); - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(tunname, sizeof(tunname), + "/dev/%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); if ((tt->fd = open(tunname, O_RDWR)) > 0) { dynamic_opened = true; @@ -1947,7 +1947,7 @@ */ else { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } } @@ -2002,8 +2002,8 @@ { for (int i = 0; i < 256; ++i) { - openvpn_snprintf(dynamic_name, sizeof(dynamic_name), - "%s%d", dev, i); + snprintf(dynamic_name, sizeof(dynamic_name), + "%s%d", dev, i); int ret = open_tun_dco(tt, ctx, dynamic_name); if (ret == 0) { @@ -2519,7 +2519,7 @@ tt->actual_name = (char *) malloc(32); check_malloc_return(tt->actual_name); - openvpn_snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); + snprintf(tt->actual_name, 32, "%s%d", dev_tuntap_type, ppa); if (tt->type == DEV_TYPE_TAP) { @@ -3509,7 +3509,7 @@ int i; for (i = 0; i<99; i++) { - openvpn_snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); + snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); if (access( tunname, F_OK ) < 0 && errno == ENOENT) { break; @@ -3520,7 +3520,7 @@ msg( M_FATAL, "cannot find unused tap device" ); } - openvpn_snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); + snprintf( dynamic_name, sizeof(dynamic_name), "tap%d", i ); dev = dynamic_name; } else /* name given, sanity check */ @@ -3536,7 +3536,7 @@ msg( M_FATAL, "TAP device name must be '--dev tapNNNN'" ); } - openvpn_snprintf(tunname, sizeof(tunname), "/dev/%s", dev); + snprintf(tunname, sizeof(tunname), "/dev/%s", dev); } /* pre-existing device? @@ -3956,8 +3956,8 @@ ADAPTER_KEY); } - openvpn_snprintf(unit_string, sizeof(unit_string), "%s\\%s", - ADAPTER_KEY, enum_name); + snprintf(unit_string, sizeof(unit_string), "%s\\%s", + ADAPTER_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4098,9 +4098,9 @@ NETWORK_CONNECTIONS_KEY); } - openvpn_snprintf(connection_string, sizeof(connection_string), - "%s\\%s\\Connection", - NETWORK_CONNECTIONS_KEY, enum_name); + snprintf(connection_string, sizeof(connection_string), + "%s\\%s\\Connection", + NETWORK_CONNECTIONS_KEY, enum_name); status = RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -4984,7 +4984,7 @@ DWORD index; ULONG aindex; wchar_t wbuf[256]; - openvpn_swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); + swprintf(wbuf, SIZE(wbuf), L"\\DEVICE\\TCPIP_%hs", guid); if (GetAdapterIndex(wbuf, &aindex) != NO_ERROR) { index = TUN_ADAPTER_INDEX_INVALID; @@ -5164,10 +5164,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -5208,10 +5208,10 @@ } /* Open Windows TAP-Windows adapter */ - openvpn_snprintf(device_path, sizeof(device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(device_path, sizeof(device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); hand = CreateFile( device_path, @@ -6607,10 +6607,10 @@ else { /* Open TAP-Windows */ - openvpn_snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", - USERMODEDEVICEDIR, - device_guid, - TAP_WIN_SUFFIX); + snprintf(tuntap_device_path, sizeof(tuntap_device_path), "%s%s%s", + USERMODEDEVICEDIR, + device_guid, + TAP_WIN_SUFFIX); path = tuntap_device_path; } diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c index 27d82c5..98955ba 100644 --- a/src/openvpn/win32.c +++ b/src/openvpn/win32.c @@ -885,8 +885,8 @@ char force_path[256]; char *sysroot = get_win_sys_path(); - if (!openvpn_snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", - sysroot, sysroot, sysroot)) + if (!snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", + sysroot, sysroot, sysroot)) { msg(M_WARN, "env_block: default path truncated to %s", force_path); } @@ -1483,26 +1483,11 @@ } bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...) -{ - va_list arglist; - int len = -1; - if (size > 0) - { - va_start(arglist, format); - len = vswprintf(str, size, format, arglist); - va_end(arglist); - str[size - 1] = L'\0'; - } - return (len >= 0 && len < size); -} - -bool get_openvpn_reg_value(const WCHAR *key, WCHAR *value, DWORD size) { WCHAR reg_path[256]; HKEY hkey; - openvpn_swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); + swprintf(reg_path, _countof(reg_path), L"SOFTWARE\\" PACKAGE_NAME); LONG status = RegOpenKeyExW(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &hkey); if (status != ERROR_SUCCESS) @@ -1528,7 +1513,7 @@ /* if we cannot find installation path from the registry, * use Windows directory as a fallback */ - openvpn_swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); + swprintf(install_path, _countof(install_path), L"%ls", ssl_fallback_dir); } if ((install_path[wcslen(install_path) - 1]) == L'\\') @@ -1553,7 +1538,7 @@ if (size == 0) { WCHAR val[MAX_PATH] = {0}; - openvpn_swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); + swprintf(val, _countof(val), L"%ls\\ssl\\%ls", install_path, ossl_env[i].value); _wputenv_s(ossl_env[i].name, val); } } diff --git a/src/openvpn/win32.h b/src/openvpn/win32.h index 974fe02d..fd75992 100644 --- a/src/openvpn/win32.h +++ b/src/openvpn/win32.h @@ -319,14 +319,6 @@ int openvpn_execve(const struct argv *a, const struct env_set *es, const unsigned int flags); -/* - * openvpn_swprintf() is currently only used by Windows code paths - * and when enabled for all platforms it will currently break older - * OpenBSD versions lacking vswprintf(3) support in their libc. - */ -bool -openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - /* Sleep that can be interrupted by signals and exit event */ void win32_sleep(const int n); diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c index c803323..283c95d 100644 --- a/src/openvpn/xkey_helper.c +++ b/src/openvpn/xkey_helper.c @@ -205,7 +205,7 @@ } else { - openvpn_snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "ECDSA,hashalg=%s", alg.mdname); } } else if (!strcmp(alg.keytype, "ED448") || !strcmp(alg.keytype, "ED25519")) @@ -229,8 +229,8 @@ /* For undigested message, add hashalg=digest parameter */ else { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", - "RSA_PKCS1_PADDING", alg.mdname); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s", + "RSA_PKCS1_PADDING", alg.mdname); } } else if (!strcmp(alg.padmode, "none") && (flags & MF_EXTERNAL_KEY_NOPADDING) @@ -240,8 +240,8 @@ } else if (!strcmp(alg.padmode, "pss") && (flags & MF_EXTERNAL_KEY_PSSPAD)) { - openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", - "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); + snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s", + "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen); } else { diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c index bd0a484..b6f934a 100644 --- a/src/openvpnserv/common.c +++ b/src/openvpnserv/common.c @@ -27,36 +27,6 @@ LPCTSTR service_instance = TEXT(""); static wchar_t win_sys_path[MAX_PATH]; -/* - * These are necessary due to certain buggy implementations of (v)snprintf, - * that don't guarantee null termination for size > 0. - */ -BOOL -openvpn_vswprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist) -{ - int len = -1; - if (size > 0) - { - len = vswprintf_s(str, size, format, arglist); - str[size - 1] = 0; - } - return (len >= 0 && (size_t)len < size); -} - -BOOL -openvpn_swprintf(LPTSTR str, size_t size, LPCTSTR format, ...) -{ - va_list arglist; - BOOL res = FALSE; - if (size > 0) - { - va_start(arglist, format); - res = openvpn_vswprintf(str, size, format, arglist); - va_end(arglist); - } - return res; -} - static DWORD GetRegString(HKEY key, LPCTSTR value, LPTSTR data, DWORD size, LPCTSTR default_value) { @@ -66,7 +36,7 @@ if (status == ERROR_FILE_NOT_FOUND && default_value) { size_t len = size/sizeof(data[0]); - if (openvpn_swprintf(data, len, default_value)) + if (swprintf(data, len, default_value)) { status = ERROR_SUCCESS; } @@ -93,7 +63,7 @@ TCHAR install_path[MAX_PATH]; TCHAR default_value[MAX_PATH]; - openvpn_swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); + swprintf(reg_path, _countof(reg_path), TEXT("SOFTWARE\\" PACKAGE_NAME "%ls"), service_instance); LONG status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, reg_path, 0, KEY_READ, &key); if (status != ERROR_SUCCESS) @@ -110,15 +80,15 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), - install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\bin\\openvpn.exe"), + install_path); error = GetRegString(key, TEXT("exe_path"), s->exe_path, sizeof(s->exe_path), default_value); if (error != ERROR_SUCCESS) { goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\config"), install_path); error = GetRegString(key, TEXT("config_dir"), s->config_dir, sizeof(s->config_dir), default_value); if (error != ERROR_SUCCESS) @@ -133,7 +103,7 @@ goto out; } - openvpn_swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); + swprintf(default_value, _countof(default_value), TEXT("%ls\\log"), install_path); error = GetRegString(key, TEXT("log_dir"), s->log_dir, sizeof(s->log_dir), default_value); if (error != ERROR_SUCCESS) { @@ -229,7 +199,7 @@ else { tmp[wcslen(tmp) - 2] = TEXT('\0'); /* remove CR/LF characters */ - openvpn_swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); + swprintf(buf, _countof(buf), TEXT("%ls (0x%x)"), tmp, error); } if (tmp) @@ -259,9 +229,9 @@ hEventSource = RegisterEventSource(NULL, APPNAME); if (hEventSource != NULL) { - openvpn_swprintf(msg[0], _countof(msg[0]), - TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, - (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); + swprintf(msg[0], _countof(msg[0]), + TEXT("%ls%ls%ls: %ls"), APPNAME, service_instance, + (flags & MSG_FLAGS_ERROR) ? TEXT(" error") : TEXT(""), err_msg); va_start(arglist, format); openvpn_vswprintf(msg[1], _countof(msg[1]), format, arglist); diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 452633c..efd3834 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -310,7 +310,7 @@ * Same format as error messages (3 line string) with error = 0 in * 0x%08x format, PID on line 2 and a description "Process ID" on line 3 */ - openvpn_swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); + swprintf(buf, _countof(buf), L"0x%08x\n0x%08x\n%ls", 0, pid, msg); WritePipeAsync(pipe, buf, (DWORD)(wcslen(buf) * 2), count, events); } @@ -384,9 +384,9 @@ if (!argv) { - openvpn_swprintf(errmsg, capacity, - L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", - GetLastError()); + swprintf(errmsg, capacity, + L"Cannot validate options: CommandLineToArgvW failed with error = 0x%08x", + GetLastError()); goto out; } @@ -406,8 +406,8 @@ if (!CheckOption(workdir, 2, argv_tmp, &settings)) { - openvpn_swprintf(errmsg, capacity, msg1, argv[0], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[0], workdir, + settings.ovpn_admin_group); } goto out; } @@ -423,13 +423,13 @@ { if (wcscmp(L"--config", argv[i]) == 0 && argc-i > 1) { - openvpn_swprintf(errmsg, capacity, msg1, argv[i+1], workdir, - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg1, argv[i+1], workdir, + settings.ovpn_admin_group); } else { - openvpn_swprintf(errmsg, capacity, msg2, argv[i], - settings.ovpn_admin_group); + swprintf(errmsg, capacity, msg2, argv[i], + settings.ovpn_admin_group); } goto out; } @@ -984,7 +984,7 @@ HANDLE wait_handles[2] = {rdns_semaphore, exit_event}; - openvpn_swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); + swprintf(ipcfg, MAX_PATH, L"%ls\\%ls", get_win_sys_path(), L"ipconfig.exe"); if (WaitForMultipleObjects(2, wait_handles, FALSE, timeout) == WAIT_OBJECT_0) { @@ -1063,7 +1063,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface $proto $action dns $if_name $addr [validate=no] @@ -1079,7 +1079,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); + swprintf(cmdline, ncmdline, fmt, proto, action, if_name, addr); if (IsWindows7OrGreater()) { @@ -1123,7 +1123,7 @@ } /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ip $action wins $if_name $static $addr @@ -1140,7 +1140,7 @@ goto out; } - openvpn_swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); + swprintf(cmdline, ncmdline, fmt, action, if_name, addr_static, addr); err = ExecCommand(argv0, cmdline, timeout); @@ -1166,7 +1166,7 @@ wchar_t *cmdline = NULL; int timeout = 10000; /* in msec */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"wbem\\wmic.exe"); const wchar_t *fmt; /* comma separated list must be enclosed in parenthesis */ @@ -1187,8 +1187,8 @@ return ERROR_OUTOFMEMORY; } - openvpn_swprintf(cmdline, ncmdline, fmt, if_index, action, - data ? data : L""); + swprintf(cmdline, ncmdline, fmt, if_index, action, + data ? data : L""); err = ExecCommand(argv0, cmdline, timeout); free(cmdline); @@ -1452,7 +1452,7 @@ wchar_t argv0[MAX_PATH]; /* Path of netsh */ - openvpn_swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); + swprintf(argv0, _countof(argv0), L"%ls\\%ls", get_win_sys_path(), L"netsh.exe"); /* cmd template: * netsh interface ipv4 set address name=$if_index source=dhcp @@ -1470,7 +1470,7 @@ return err; } - openvpn_swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); + swprintf(cmdline, ncmdline, fmt, dhcp->iface.index); err = ExecCommand(argv0, cmdline, timeout); @@ -1969,8 +1969,8 @@ goto out; } - openvpn_swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), - TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); + swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name), + TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"), service_instance, GetCurrentThreadId()); ovpn_pipe = CreateNamedPipe(ovpn_pipe_name, PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE | FILE_FLAG_OVERLAPPED, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, 1, 128, 128, 0, NULL); @@ -2002,8 +2002,8 @@ ReturnLastError(pipe, L"malloc"); goto out; } - openvpn_swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %lu", - sud.options, svc_pipe); + swprintf(cmdline, cmdline_size, L"openvpn %ls --msg-channel %lu", + sud.options, svc_pipe); if (!CreateEnvironmentBlock(&user_env, imp_token, FALSE)) { @@ -2078,8 +2078,8 @@ else if (exit_code != 0) { WCHAR buf[256]; - openvpn_swprintf(buf, _countof(buf), - L"OpenVPN exited with error: exit code = %lu", exit_code); + swprintf(buf, _countof(buf), + L"OpenVPN exited with error: exit code = %lu", exit_code); ReturnError(pipe, ERROR_OPENVPN_STARTUP, buf, 1, &exit_event); } Undo(&undo_lists); @@ -2173,7 +2173,7 @@ initialized = TRUE; } - openvpn_swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); + swprintf(pipe_name, _countof(pipe_name), TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service"), service_instance); pipe = CreateNamedPipe(pipe_name, flags, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_REJECT_REMOTE_CLIENTS, PIPE_UNLIMITED_INSTANCES, 1024, 1024, 0, NULL); diff --git a/src/openvpnserv/service.h b/src/openvpnserv/service.h index 3acf08c..6d0827d 100644 --- a/src/openvpnserv/service.h +++ b/src/openvpnserv/service.h @@ -81,12 +81,6 @@ VOID WINAPI ServiceStartInteractive(DWORD argc, LPTSTR *argv); -BOOL openvpn_vsntprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist); - -BOOL openvpn_sntprintf(LPTSTR str, size_t size, LPCTSTR format, ...); - -BOOL openvpn_swprintf(wchar_t *const str, const size_t size, const wchar_t *const format, ...); - DWORD GetOpenvpnSettings(settings_t *s); BOOL ReportStatusToSCMgr(SERVICE_STATUS_HANDLE service, SERVICE_STATUS *status); diff --git a/src/openvpnserv/validate.c b/src/openvpnserv/validate.c index 5f7acd7..9563fa5 100644 --- a/src/openvpnserv/validate.c +++ b/src/openvpnserv/validate.c @@ -68,7 +68,7 @@ /* convert fname to full path */ if (PathIsRelativeW(fname) ) { - openvpn_swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); + swprintf(tmp, _countof(tmp), L"%ls\\%ls", workdir, fname); config_file = tmp; } else diff --git a/tests/unit_tests/openvpn/test_buffer.c b/tests/unit_tests/openvpn/test_buffer.c index 52ffb54..c1d1538 100644 --- a/tests/unit_tests/openvpn/test_buffer.c +++ b/tests/unit_tests/openvpn/test_buffer.c @@ -354,6 +354,30 @@ assert_string_equal(buf, "There is a .'nice.' \"1234\" [.] year old .tree!"); } +static void +test_snprintf(void **state) +{ + /* we used to have a custom openvpn_snprintf function because some + * OS (the comment did not specify which) did not always put the + * null byte there. So we unit test this to be sure. + * + * This probably refers to the MSVC behaviour, see also + * https://stackoverflow.com/questions/7706936/is-snprintf-always-null-terminating + */ + + char buf[10] = { 'a' }; + assert_int_equal(snprintf(buf, sizeof(buf), "0123456789abcde"), 15); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'b', sizeof(buf)); + assert_int_equal(snprintf(buf, sizeof(buf), "- %d - %d -", 77, 88), 11); + assert_int_equal(buf[9], '\0'); + + memset(buf, 'c', sizeof(buf)); + assert_int_equal(snprintf(buf, sizeof(buf), "- %8.2f", 77.8899), 10); + assert_int_equal(buf[9], '\0'); +} + int main(void) { @@ -387,6 +411,7 @@ cmocka_unit_test(test_buffer_free_gc_two), cmocka_unit_test(test_buffer_gc_realloc), cmocka_unit_test(test_character_class), + cmocka_unit_test(test_snprintf) }; return cmocka_run_group_tests_name("buffer", tests, NULL, NULL); diff --git a/tests/unit_tests/openvpn/test_cryptoapi.c b/tests/unit_tests/openvpn/test_cryptoapi.c index 87f6208..98102ef 100644 --- a/tests/unit_tests/openvpn/test_cryptoapi.c +++ b/tests/unit_tests/openvpn/test_cryptoapi.c @@ -271,7 +271,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); ctx = find_certificate_in_store(select_string, user_store); if (ctx) { @@ -304,7 +304,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); + snprintf(select_string, sizeof(select_string), "SUBJ:%s", c->cname); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the common name. But the returned cert may not exactly match @@ -337,7 +337,7 @@ for (struct test_cert *c = certs; c->cert; c++) { - openvpn_snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); + snprintf(select_string, sizeof(select_string), "ISSUER:%s", c->issuer); ctx = find_certificate_in_store(select_string, user_store); /* In this case we expect a successful return as there is at least one valid * cert that matches the issuer. But the returned cert may not exactly match @@ -411,7 +411,7 @@ { continue; } - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (Load_CryptoAPI_certificate(select_string, &x509, &privkey) != 1) { fail_msg("Load_CryptoAPI_certificate failed: <%s>", c->friendly_name); @@ -446,7 +446,7 @@ SSL_CTX *ssl_ctx = SSL_CTX_new_ex(tls_libctx, NULL, SSLv23_client_method()); assert_non_null(ssl_ctx); - openvpn_snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); + snprintf(select_string, sizeof(select_string), "THUMB:%s", c->hash); if (!SSL_CTX_use_CryptoAPI_certificate(ssl_ctx, select_string)) { fail_msg("SSL_CTX_use_CryptoAPI_certificate failed: <%s>", c->friendly_name); diff --git a/tests/unit_tests/openvpn/test_pkcs11.c b/tests/unit_tests/openvpn/test_pkcs11.c index a48e404..84ebb29 100644 --- a/tests/unit_tests/openvpn/test_pkcs11.c +++ b/tests/unit_tests/openvpn/test_pkcs11.c @@ -161,7 +161,7 @@ } else if (flags & GET_USER_PASS_PASSWORD_ONLY) { - openvpn_snprintf(up->password, sizeof(up->password), "%s", PIN); + snprintf(up->password, sizeof(up->password), "%s", PIN); } else { @@ -204,8 +204,8 @@ { fail_msg("make tmpfile using template <%s> failed (error = %d)", softhsm2_conf_path, errno); } - openvpn_snprintf(config, sizeof(config), "directories.tokendir=%s/", - softhsm2_tokens_path); + snprintf(config, sizeof(config), "directories.tokendir=%s/", + softhsm2_tokens_path); assert_int_equal(write(fd, config, strlen(config)), strlen(config)); close(fd);