Fixed _vsnprintf() to actually use the buffer size limit to prevent buffer overflows

Sorry, but I had to re indent and tabify this code, I could not read it because it was all screwed up before.

svn path=/trunk/; revision=2652

reactos/ntoskrnl/rtl/sprintf.c

@@ -1,4 +1,4 @@
-/* $Id: sprintf.c,v 1.6 2002/02/18 18:39:31 hbirr Exp $
+/* $Id: sprintf.c,v 1.7 2002/02/26 05:59:00 phreak Exp $
  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
@@ -149,6 +149,8 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
   for (str=buf ; *fmt ; ++fmt) {
     if (*fmt != '%') {
       *str++ = *fmt;
+      if( --cnt == 0 )
+	goto out;
       continue;
     }
 
@@ -210,27 +212,57 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
     case 'c': /* finished */
       if (!(flags & LEFT))
 	while (--field_width > 0)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       if (qualifier == 'l' || qualifier == 'w')
-				*str++ 
+	{
-				  = (unsigned char)(wchar_t) va_arg(args, int);
+	  *str++ = (unsigned char)(wchar_t) va_arg(args, int);
+	  if( --cnt == 0 )
+	    goto out;
+	}
       else
+	{
 	  *str++ = (unsigned char) va_arg(args, int);
+	  if( --cnt == 0 )
+	    goto out;
+	}
       while (--field_width > 0)
+	{
 	  *str++ = ' ';
+	  if( --cnt == 0 )
+	    goto out;
+	}
       continue;
 
     case 'C': /* finished */
       if (!(flags & LEFT))
 	while (--field_width > 0)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       if (qualifier == 'h')
+	{
 	  *str++ = (unsigned char) va_arg(args, int);
+	  if( --cnt == 0 )
+	    goto out;
+	}
       else
-				*str++ 
+	{
-				  = (unsigned char)(wchar_t) va_arg(args, int);
+	  *str++ = (unsigned char)(wchar_t) va_arg(args, int);
+	  if( --cnt == 0 )
+	    goto out;
+	}
       while (--field_width > 0)
+	{
 	  *str++ = ' ';
+	  if( --cnt == 0 )
+	    goto out;
+	}
       continue;
 
     case 's': /* finished */
@@ -244,11 +276,23 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 
 	if (!(flags & LEFT))
 	  while (len < field_width--)
+	    {
 	      *str++ = ' ';
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	for (i = 0; i < len; ++i)
+	  {
 	    *str++ = (unsigned char)(*sw++);
+	    if( --cnt == 0 )
+	      goto out;
+	  }
 	while (len < field_width--)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       } else {
                                 /* print ascii string */
 	s = va_arg(args, char *);
@@ -259,11 +303,23 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 
 	if (!(flags & LEFT))
 	  while (len < field_width--)
+	    {
 	      *str++ = ' ';
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	for (i = 0; i < len; ++i)
+	  {
 	    *str++ = *s++;
+	    if( --cnt == 0 )
+	      goto out;
+	  }
 	while (len < field_width--)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       }
       continue;
 
@@ -278,11 +334,23 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 
 	if (!(flags & LEFT))
 	  while (len < field_width--)
+	    {
 	      *str++ = ' ';
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	for (i = 0; i < len; ++i)
+	  {
 	    *str++ = *s++;
+	    if( --cnt == 0 )
+	      goto out;
+	  }
 	while (len < field_width--)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       } else {
                                 /* print unicode string */
 	sw = va_arg(args, wchar_t *);
@@ -293,11 +361,23 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 
 	if (!(flags & LEFT))
 	  while (len < field_width--)
+	    {
 	      *str++ = ' ';
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	for (i = 0; i < len; ++i)
+	  {
 	    *str++ = (unsigned char)(*sw++);
+	    if( --cnt == 0 )
+	      goto out;
+	  }
 	while (len < field_width--)
+	  {
 	    *str++ = ' ';
+	    if( --cnt == 0 )
+	      goto out;
+	  }
       }
       continue;
 
@@ -308,10 +388,18 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 	if ((pus == NULL) || (pus->Buffer == NULL)) {
 	  s = "<NULL>";
 	  while ((*s) != 0)
+	    {
 	      *str++ = *s++;
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	} else {
 	  for (i = 0; pus->Buffer[i] && i < pus->Length / sizeof(WCHAR); i++)
+	    {
 	      *str++ = (unsigned char)(pus->Buffer[i]);
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	}
       } else {
                                 /* print counted ascii string */
@@ -319,10 +407,18 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 	if ((pus == NULL) || (pus->Buffer == NULL)) {
 	  s = "<NULL>";
 	  while ((*s) != 0)
+	    {
 	      *str++ = *s++;
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	} else {
 	  for (i = 0; pus->Buffer[i] && i < pus->Length; i++)
+	    {
 	      *str++ = pus->Buffer[i];
+	      if( --cnt == 0 )
+		goto out;
+	    }
 	}
       }
       continue;
@@ -370,9 +466,17 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
 
     default:
       if (*fmt != '%')
+	{
 	  *str++ = '%';
+	  if( --cnt == 0 )
+	    goto out;
+	}
       if (*fmt)
+	{
 	  *str++ = *fmt;
+	  if( --cnt == 0 )
+	    goto out;
+	}
       else
 	--fmt;
       continue;
@@ -396,6 +500,7 @@ int _vsnprintf(char *buf, size_t cnt, const char *fmt, va_list args)
     }
     str = number(str, num, base, field_width, precision, flags);
   }
+ out:
   *str = '\0';
   return str-buf;
 }