From: Ruben Beltran del Rio Date: Mon, 5 Feb 2024 20:03:59 +0000 (+0100) Subject: Use snprintf for safety X-Git-Tag: 1.0.1 X-Git-Url: https://git.r.bdr.sh/rbdr/ngx_http_office_hours_filter_module/commitdiff_plain/refs/tags/1.0.1 Use snprintf for safety --- diff --git a/ngx_http_office_hours_filter_module.c b/ngx_http_office_hours_filter_module.c index 6f169b9..49fe50f 100644 --- a/ngx_http_office_hours_filter_module.c +++ b/ngx_http_office_hours_filter_module.c @@ -11,7 +11,6 @@ * specific language governing permissions and limitations under the License. */ - #include #include #include @@ -48,7 +47,7 @@ typedef struct { static void *ngx_http_office_hours_create_conf(ngx_conf_t * cf); static char *ngx_http_office_hours_merge_conf(ngx_conf_t * cf, - void *parent, void *child); + void *parent, void *child); static ngx_int_t ngx_http_office_hours_init(ngx_conf_t * cf); /* Configuration Handler */ @@ -96,7 +95,6 @@ static ngx_command_t ngx_http_office_hours_commands[] = { ngx_null_command }; - /* Module Context */ static ngx_http_module_t ngx_http_office_hours_filter_module_ctx = { @@ -113,7 +111,6 @@ static ngx_http_module_t ngx_http_office_hours_filter_module_ctx = { ngx_http_office_hours_merge_conf /* Merge location configuration */ }; - /* Module Definition */ ngx_module_t ngx_http_office_hours_filter_module = { @@ -131,7 +128,6 @@ ngx_module_t ngx_http_office_hours_filter_module = { NGX_MODULE_V1_PADDING }; - /* * Main Header Filter * If the current time is within office hours, it goes to the next @@ -149,7 +145,6 @@ ngx_http_office_hours_header_filter(ngx_http_request_t * r) ngx_http_get_module_loc_conf(r, ngx_http_office_hours_filter_module); - if (conf->office_hours == NULL) { ngx_log_error(NGX_LOG_DEBUG, r->connection->log, 0, "Office hours disabled"); @@ -196,7 +191,6 @@ ngx_http_office_hours_body_filter(ngx_http_request_t * r, ngx_chain_t *in) ngx_http_get_module_loc_conf(r, ngx_http_office_hours_filter_module); - if (conf->office_hours == NULL) { ngx_log_error(NGX_LOG_DEBUG, r->connection->log, 0, "Office hours disabled"); @@ -282,7 +276,6 @@ static char *ngx_http_office_hours(ngx_conf_t * cf, ngx_command_t * cmd, return NGX_CONF_OK; } - /* * Config Creator * Initializes the configuration structure @@ -310,7 +303,7 @@ static void *ngx_http_office_hours_create_conf(ngx_conf_t * cf) */ static char *ngx_http_office_hours_merge_conf(ngx_conf_t * cf, - void *parent, void *child) + void *parent, void *child) { ngx_http_office_hours_conf_t *prev = parent; @@ -468,7 +461,6 @@ static ngx_str_t create_output_html(ngx_http_office_hours_conf_t * conf) ngx_uint_t i, seconds_of_day; ngx_uint_t ** parsed_office_hours; - output_buffer = malloc(1024 * sizeof(char)); parsed_office_hours = parse_office_hours(conf->office_hours); now = ngx_time(); @@ -552,13 +544,13 @@ static char * left_pad(unsigned int number) char * padding; padding = ""; - output_string = malloc(3 * sizeof(char)); + output_string = malloc(4 * sizeof(char)); if (number < 10) { padding = "0"; } - sprintf(output_string, "%s%u", padding, number); + snprintf(output_string, 4, "%s%u", padding, number); return output_string; }