openjp2/j2k: replace sprintf calls with snprintf #1450
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
markmentovai
force-pushed
the
no_sprintf
branch
from
1648666
to
093ccb0
Compare
ibaoger
pushed a commit
to ibaoger/pdfium
that referenced
this pull request
Nov 7, 2022
This makes it possible to build PDFium without warnings using the macOS 13 SDK. Calls to sprintf are replaced with snprintf, passing appropriate buffer sizes. It doesn’t appear that any of the changed uses of sprintf were actually unsafe, so no behavior change is expected aside from SDK compatibility. The macOS 13 SDK deprecates sprintf as it’s difficult to use safely. The deprecation warning message is visible when building C++, but it is not normally visible when building plain C code due to a quirk in how sprintf is declared in the SDK. However, the deprecation message is visible when building plain C under Address Sanitizer (-fsanitize=address). This discrepancy was discovered at https://crbug.com/1381706 and reported to Apple with a copy at https://openradar.appspot.com/FB11761475. The macOS 13 SDK is packaged in Xcode 14.1, released on 2022-11-01. This also affects the iOS 16 SDK and other 2022-era Apple OS SDKs packaged in Xcode 14.0, released on 2022-09-12. This change affects libopenjpeg and libtiff. The patches here were submitted upstream at uclouvain/openjpeg#1450 and https://gitlab.com/libtiff/libtiff/-/merge_requests/408. Bug: chromium:1381706 Change-Id: I92ff8f897fe63b3dee14301cd15c791e0d4fb8cf Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/100790 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
This makes it possible to build j2k.c without warnings using the macOS 13 SDK. Calls to sprintf are replaced with snprintf, passing appropriate buffer sizes. It doesn’t appear that any of the changed uses of sprintf were actually unsafe, so no behavior change is expected aside from SDK compatibility. The macOS 13 SDK deprecates sprintf as it’s difficult to use safely. The deprecation warning message is visible when building C++, but it is not normally visible when building plain C code due to a quirk in how sprintf is declared in the SDK. However, the deprecation message is visible when building plain C under Address Sanitizer (-fsanitize=address). This discrepancy was discovered at https://crbug.com/1381706 and reported to Apple with a copy at https://openradar.appspot.com/FB11761475. The macOS 13 SDK is packaged in Xcode 14.1, released on 2022-11-01. This also affects the iOS 16 SDK and other 2022-era Apple OS SDKs packaged in Xcode 14.0, released on 2022-09-12. j2k.c is visible to the Chromium build via PDFium, and this change is needed to allow Chromium to move forward to the macOS 13 SDK. This change is limited to src/lib/openjp2. Other uses of sprintf were found throughout openjpeg.
mayeut
added a commit
to mayeut/openjpeg
that referenced
this pull request
Sep 24, 2023
With uclouvain#1450 which goes with 480cc9d "Remove support for non-C99 compilers (like VS2010) that don't support snprintf()", support for MSVC versions prior to vs2015 is dropped: https://stackoverflow.com/questions/2915672/snprintf-and-visual-studio-2010 This means that all supported MSVC versions do have `stdint.h` & `inttypes.h` now. For non windows platforms, those headers were already mandatory. Make them mandatory for all builds.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This makes it possible to build j2k.c without warnings using the macOS 13 SDK. Calls to
sprintfare replaced withsnprintf, passing appropriate buffer sizes.It doesn’t appear that any of the changed uses of
sprintfwere actually unsafe, so no behavior change is expected aside from SDK compatibility.The macOS 13 SDK deprecates
sprintfas it’s difficult to use safely. The deprecation warning message is visible when building C++, but it is not normally visible when building plain C code due to a quirk in howsprintfis declared in the SDK. However, the deprecation message is visible when building plain C under Address Sanitizer (-fsanitize=address). This discrepancy was discovered at https://crbug.com/1381706 and reported to Apple with a copy at https://openradar.appspot.com/FB11761475.The macOS 13 SDK is packaged in Xcode 14.1, released on 2022-11-01. This also affects the iOS 16 SDK and other 2022-era Apple OS SDKs packaged in Xcode 14.0, released on 2022-09-12.
j2k.c is visible to the Chromium build via PDFium, and this change is needed to allow Chromium to move forward to the macOS 13 SDK.
This change is limited to src/lib/openjp2. Other uses of
sprintfwere found throughout openjpeg.