Replace remaining occurrences of sprintf() with snprintf()

This (unsafe) function is deprecated in macOS 12 SDK and using it results in the warnings that are not worth suppressing -- instead, just stop using it and always use snprintf(), even when we know that we can't overflow the buffer.
SOCI · Aug 19, 2024 · b2172e4 · b2172e4
1 parent 1c792dc
commit b2172e4
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 5 deletions.
diff --git a/src/backends/postgresql/session.cpp b/src/backends/postgresql/session.cpp
@@ -134,7 +134,7 @@ void postgresql_session_backend::clean_up()
 std::string postgresql_session_backend::get_next_statement_name()
 {
     char nameBuf[20] = { 0 }; // arbitrary length
-    sprintf(nameBuf, "st_%d", ++statementCount_);
+    snprintf(nameBuf, sizeof(nameBuf), "st_%d", ++statementCount_);
     return nameBuf;
 }
 

diff --git a/src/core/soci-simple.cpp b/src/core/soci-simple.cpp
@@ -861,7 +861,8 @@ void resize_in_map(std::map<std::string, std::vector<T> > & m, int new_size)
 // helper for formatting date values
 char const * format_date(statement_wrapper & wrapper, std::tm const & d)
 {
-    std::sprintf(wrapper.date_formatted, "%d %d %d %d %d %d",
+    snprintf(wrapper.date_formatted, sizeof(wrapper.date_formatted),
+        "%d %d %d %d %d %d",
         d.tm_year + 1900, d.tm_mon + 1, d.tm_mday,
         d.tm_hour, d.tm_min, d.tm_sec);
 
@@ -2999,7 +3000,8 @@ SOCI_DECL char const * soci_get_use_date(statement_handle st, char const * name)
 
     // format is: "YYYY MM DD hh mm ss"
     std::tm const & d = wrapper->use_dates[name];
-    std::sprintf(wrapper->date_formatted, "%d %d %d %d %d %d",
+    snprintf(wrapper->date_formatted, sizeof(wrapper->date_formatted),
+        "%d %d %d %d %d %d",
         d.tm_year + 1900, d.tm_mon + 1, d.tm_mday,
         d.tm_hour, d.tm_min, d.tm_sec);
 

diff --git a/tests/odbc/test-odbc-postgresql.cpp b/tests/odbc/test-odbc-postgresql.cpp
@@ -50,7 +50,7 @@ class odbc_version
             char buf[128];
             // This uses the ODBC convention of padding the minor and release
             // versions with 0 and might be not appropriate in general.
-            std::sprintf(buf, "%u.%02u.%04u", major_, minor_, release_);
+            snprintf(buf, sizeof(buf), "%u.%02u.%04u", major_, minor_, release_);
             return buf;
         }
         else

diff --git a/tests/oracle/test-oracle.cpp b/tests/oracle/test-oracle.cpp
@@ -104,7 +104,7 @@ TEST_CASE("Oracle datetime", "[oracle][datetime]")
         for(int i = 100; i <= 2201; i = i + 50)
         {
             char t[10];
-            sprintf(t, "%04d", i);
+            snprintf(t, sizeof(t), "%04d", i);
 
             std::string date = std::string(t) + "-03-28 14:06:13";
             std::tm t1 {}, t2 {}, t4 {};