Bug#89172: apt: [PATCH] use library instead of char[]
Package: apt
Version: 0.5.3
Severity: wishlist
The following is a patch (against the current CVS) that replaces a few
uses of sprintf and strcat with the C++ string and ostringstream classes
(safer, more flexible, type-safe, blah blah...). If you're interested in
accepting this type of patch, let me know, and I'll continue to make them.
diff -ur apt.orig/cmdline/indexcopy.cc apt/cmdline/indexcopy.cc
--- apt.orig/cmdline/indexcopy.cc Tue Feb 20 01:03:17 2001
+++ apt/cmdline/indexcopy.cc Sat Mar 10 11:00:23 2001
@@ -112,9 +112,11 @@
return false;
// Open the output file
- char S[400];
- sprintf(S,"cdrom:[%s]/%s%s",Name.c_str(),(*I).c_str() + CDROM.length(),
- GetFileName());
+ string S = "cdrom:[";
+ S += Name;
+ S += "]/";
+ S += I->substr(CDROM.length());
+ S += GetFileName();
string TargetF = _config->FindDir("Dir::State::lists") + "partial/";
TargetF += URItoFileName(S);
if (_config->FindB("APT::CDROM::NoAct",false) == true)
@@ -229,7 +231,11 @@
return _error->Errno("rename","Failed to rename");
// Copy the release file
- sprintf(S,"cdrom:[%s]/%sRelease",Name.c_str(),(*I).c_str() + CDROM.length());
+ S = "cdrom:[";
+ S += Name;
+ S += "]/";
+ S += I->substr(CDROM.length());
+ S += "Release";
string TargetF = _config->FindDir("Dir::State::lists") + "partial/";
TargetF += URItoFileName(S);
if (FileExists(*I + "Release") == true)
@@ -380,8 +386,8 @@
*/
void IndexCopy::ConvertToSourceList(string CD,string &Path)
{
- char S[300];
- sprintf(S,"binary-%s",_config->Find("Apt::Architecture").c_str());
+ string S = "binary-";
+ S += _config->Find("Apt::Architecture");
// Strip the cdrom base path
Path = string(Path,CD.length());
diff -ur apt.orig/methods/http.cc apt/methods/http.cc
--- apt.orig/methods/http.cc Tue Mar 6 01:15:29 2001
+++ apt/methods/http.cc Sat Mar 10 11:11:00 2001
@@ -30,6 +30,8 @@
#include <apt-pkg/error.h>
#include <apt-pkg/hashes.h>
+#include <sstream>
+
#include <sys/stat.h>
#include <sys/time.h>
#include <utime.h>
@@ -47,6 +49,8 @@
/*}}}*/
+using namespace std;
+
string HttpMethod::FailFile;
int HttpMethod::FailFd = -1;
time_t HttpMethod::FailTime = 0;
@@ -599,18 +603,14 @@
URI Uri = Itm->Uri;
// The HTTP server expects a hostname with a trailing :port
- char Buf[1000];
- string ProperHost = Uri.Host;
+ ostringstream ProperHost(Uri.Host);
if (Uri.Port != 0)
{
- sprintf(Buf,":%u",Uri.Port);
- ProperHost += Buf;
+ ProperHost << ":" << Uri.Port;
}
- // Just in case.
- if (Itm->Uri.length() >= sizeof(Buf))
- abort();
-
+ ostringstream Req;
+
/* Build the request. We include a keep-alive header only for non-proxy
requests. This is to tweak old http/1.0 servers that do support keep-alive
but not HTTP/1.1 automatic keep-alive. Doing this with a proxy server
@@ -618,64 +618,68 @@
pass it on, HTTP/1.1 says the connection should default to keep alive
and we expect the proxy to do this */
if (Proxy.empty() == true)
- sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\nConnection: keep-alive\r\n",
- QuoteString(Uri.Path,"~").c_str(),ProperHost.c_str());
+ Req << "GET " << QuoteString(Uri.Path,"~") << " HTTP/1.1\r\nHost: "
+ << ProperHost.str() << "\r\nConnection: keep-alive\r\n";
else
{
/* Generate a cache control header if necessary. We place a max
cache age on index files, optionally set a no-cache directive
and a no-store directive for archives. */
- sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\n",
- Itm->Uri.c_str(),ProperHost.c_str());
+ Req << "GET " << Itm->Uri << " HTTP/1.1\r\nHost: "
+ << ProperHost.str() << "\r\n";
if (_config->FindB("Acquire::http::No-Cache",false) == true)
- strcat(Buf,"Cache-Control: no-cache\r\nPragma: no-cache\r\n");
+ Req << "Cache-Control: no-cache\r\nPragma: no-cache\r\n";
else
{
if (Itm->IndexFile == true)
- sprintf(Buf+strlen(Buf),"Cache-Control: max-age=%u\r\n",
- _config->FindI("Acquire::http::Max-Age",60*60*24));
+ Req << "Cache-Control: max-age="
+ << _config->FindI("Acquire::http::Max-Age",60*60*24)
+ << "\r\n";
else
{
if (_config->FindB("Acquire::http::No-Store",false) == true)
- strcat(Buf,"Cache-Control: no-store\r\n");
+ Req << "Cache-Control: no-store\r\n";
}
}
}
- string Req = Buf;
-
// Check for a partial file
struct stat SBuf;
if (stat(Itm->DestFile.c_str(),&SBuf) >= 0 && SBuf.st_size > 0)
{
// In this case we send an if-range query with a range header
- sprintf(Buf,"Range: bytes=%li-\r\nIf-Range: %s\r\n",(long)SBuf.st_size - 1,
- TimeRFC1123(SBuf.st_mtime).c_str());
- Req += Buf;
+ Req << "Range: bytes="
+ << SBuf.st_size - 1
+ << "-\r\nIf-Range: "
+ << TimeRFC1123(SBuf.st_mtime)
+ << "\r\n";
}
else
{
if (Itm->LastModified != 0)
{
- sprintf(Buf,"If-Modified-Since: %s\r\n",TimeRFC1123(Itm->LastModified).c_str());
- Req += Buf;
+ Req << "If-Modified-Since: "
+ << TimeRFC1123(Itm->LastModified)
+ << "\r\n";
}
}
if (Proxy.User.empty() == false || Proxy.Password.empty() == false)
- Req += string("Proxy-Authorization: Basic ") +
- Base64Encode(Proxy.User + ":" + Proxy.Password) + "\r\n";
+ Req << "Proxy-Authorization: Basic "
+ << Base64Encode(Proxy.User + ":" + Proxy.Password)
+ << "\r\n";
if (Uri.User.empty() == false || Uri.Password.empty() == false)
- Req += string("Authorization: Basic ") +
- Base64Encode(Uri.User + ":" + Uri.Password) + "\r\n";
+ Req << "Authorization: Basic "
+ << Base64Encode(Uri.User + ":" + Uri.Password)
+ << "\r\n";
- Req += "User-Agent: Debian APT-HTTP/1.3\r\n\r\n";
+ Req << "User-Agent: Debian APT-HTTP/1.3\r\n\r\n";
if (Debug == true)
- cerr << Req << endl;
+ cerr << Req.str() << endl;
- Out.Read(Req);
+ Out.Read(Req.str());
}
/*}}}*/
// HttpMethod::Go - Run a single loop /*{{{*/
-- System Information
Debian Release: testing/unstable
Versions of the packages apt depends on:
ii libc6 2.2.2-1 GNU C Library: Shared libraries and Timezone
ii libstdc++2.10- 2.95.3-6 The GNU stdc++ library
Reply to: