Skip to content

Commit

Permalink
Merge pull request #1608 from stefanrueger/z-scanf-modifier
Browse files Browse the repository at this point in the history
Harden AVRDUDE against pre-C99 libraries
  • Loading branch information
stefanrueger authored Jan 8, 2024
2 parents 03d786e + 9053883 commit 2d872af
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 6 deletions.
6 changes: 3 additions & 3 deletions src/fileio.c
Original file line number Diff line number Diff line change
Expand Up @@ -1312,7 +1312,7 @@ FILE *fileio_fopenr(const char *fname) {

static FILEFMT couldbe(int first, unsigned char *line) {
int found;
size_t i, nxdigs, len;
unsigned long i, nxdigs, len;

// Check for ELF file
if(first && line[0] == 0177 && str_starts((char *) line+1, "ELF"))
Expand All @@ -1329,7 +1329,7 @@ static FILEFMT couldbe(int first, unsigned char *line) {

// Check for lines that look like Intel HEX
if(line[0] == ':' && len >= 11 && isxdigit(line[1]) && isxdigit(line[2])) {
nxdigs = sscanf((char *) line+1, "%2zx", &nxdigs) == 1? 2*nxdigs + 8: len;
nxdigs = sscanf((char *) line+1, "%2lx", &nxdigs) == 1? 2*nxdigs + 8: len;
for(found = 3+nxdigs <= len, i=0; found && i<nxdigs; i++)
if(!isxdigit(line[3+i]))
found = 0;
Expand All @@ -1339,7 +1339,7 @@ static FILEFMT couldbe(int first, unsigned char *line) {

// Check for lines that look like Motorola S-record
if(line[0] == 'S' && len >= 10 && isdigit(line[1]) && isxdigit(line[2]) && isxdigit(line[3])) {
nxdigs = sscanf((char *) line+2, "%2zx", &nxdigs) == 1? 2*nxdigs: len;
nxdigs = sscanf((char *) line+2, "%2lx", &nxdigs) == 1? 2*nxdigs: len;
for(found = 4+nxdigs <= len, i=0; found && i<nxdigs; i++)
if(!isxdigit(line[4+i]))
found = 0;
Expand Down
4 changes: 4 additions & 0 deletions src/main.c
Original file line number Diff line number Diff line change
Expand Up @@ -949,6 +949,10 @@ int main(int argc, char * argv [])
}
}

size_t ztest;
if(1 != sscanf("42", "%zi", &ztest) || ztest != 42 || 1)
pmsg_warning("Linked C library does not conform to C99; %s may not work as expected\n", progname);

/* search for system configuration file unless -C conffile was given */
if (strlen(sys_config) == 0) {
/*
Expand Down
4 changes: 2 additions & 2 deletions src/serbb_win32.c
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@ static int serbb_open(PROGRAMMER *pgm, const char *port) {
pmsg_error("cannot set com-state for %s\n", port);
return -1;
}
pmsg_debug("ser_open(): opened comm port %s, handle 0x%zx\n", port, (INT_PTR) hComPort);
pmsg_debug("ser_open(): opened comm port %s, handle 0x%lx\n", port, (long) (INT_PTR) hComPort);

pgm->fd.pfd = (void *)hComPort;

Expand All @@ -315,7 +315,7 @@ static void serbb_close(PROGRAMMER *pgm) {
pgm->setpin(pgm, PIN_AVR_RESET, 1);
CloseHandle (hComPort);
}
pmsg_debug("ser_close(): closed comm port handle 0x%zx\n", (INT_PTR) hComPort);
pmsg_debug("ser_close(): closed comm port handle 0x%lx\n", (long) (INT_PTR) hComPort);

hComPort = INVALID_HANDLE_VALUE;
}
Expand Down
2 changes: 1 addition & 1 deletion src/term.c
Original file line number Diff line number Diff line change
Expand Up @@ -473,7 +473,7 @@ static int cmd_write(const PROGRAMMER *pgm, const AVRPART *p, int argc, char *ar
// Allocate large enough data and allocation tags space
size_t bufsz = mem->size + 8 + maxstrlen(argc-3, argv+3)+1;
if(bufsz > INT_MAX) {
pmsg_error("(write) too large memory request (%zu)\n", bufsz);
pmsg_error("(write) too large memory request (%lu)\n", (unsigned long) bufsz);
return -1;
}
unsigned char *buf = calloc(bufsz, 1), *tags = calloc(bufsz, 1);
Expand Down

0 comments on commit 2d872af

Please sign in to comment.