From 84657f1531c0da11a7ee11b7d3e553b79d15cd1b Mon Sep 17 00:00:00 2001
From: Axel Kohlmeyer <akohlmey@gmail.com>
Date: Thu, 6 Sep 2018 12:00:04 -0400
Subject: [PATCH] final pass at sprintf() buffer overflow prevention. also fix
 typo in previous commit

---
 src/REPLICA/neb.cpp             | 2 +-
 src/USER-SMD/pair_smd_tlsph.cpp | 4 ++--
 src/USER-SMD/pair_smd_ulsph.cpp | 4 ++--
 src/USER-SMTBQ/pair_smtbq.cpp   | 2 +-
 src/USER-UEF/dump_cfg_uef.cpp   | 4 +---
 5 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/REPLICA/neb.cpp b/src/REPLICA/neb.cpp
index 9a4de9ca0b..3963379356 100644
--- a/src/REPLICA/neb.cpp
+++ b/src/REPLICA/neb.cpp
@@ -549,7 +549,7 @@ void NEB::open(char *file)
   else {
 #ifdef LAMMPS_GZIP
     char gunzip[128];
-    snprintf(gunz128,ip,"gzip -c -d %s",file);
+    snprintf(gunzip,128,"gzip -c -d %s",file);
 
 #ifdef _WIN32
     fp = _popen(gunzip,"rb");
diff --git a/src/USER-SMD/pair_smd_tlsph.cpp b/src/USER-SMD/pair_smd_tlsph.cpp
index 09fe3b1180..ab6b7d2785 100644
--- a/src/USER-SMD/pair_smd_tlsph.cpp
+++ b/src/USER-SMD/pair_smd_tlsph.cpp
@@ -1684,8 +1684,8 @@ void PairTlsph::coeff(int narg, char **arg) {
                 } // end energy release rate failure criterion
 
                 else {
-                        sprintf(str, "unknown *KEYWORD: %s", arg[ioffset]);
-                        error->all(FLERR, str);
+                  snprintf(str,128,"unknown *KEYWORD: %s", arg[ioffset]);
+                  error->all(FLERR, str);
                 }
 
         }
diff --git a/src/USER-SMD/pair_smd_ulsph.cpp b/src/USER-SMD/pair_smd_ulsph.cpp
index ff3720b2ff..50af6e2356 100644
--- a/src/USER-SMD/pair_smd_ulsph.cpp
+++ b/src/USER-SMD/pair_smd_ulsph.cpp
@@ -1331,8 +1331,8 @@ void PairULSPH::coeff(int narg, char **arg) {
                         } // end *ARTIFICIAL_STRESS
 
                         else {
-                                sprintf(str, "unknown *KEYWORD: %s", arg[ioffset]);
-                                error->all(FLERR, str);
+                          snprintf(str,128, "unknown *KEYWORD: %s", arg[ioffset]);
+                          error->all(FLERR, str);
                         }
 
                 }
diff --git a/src/USER-SMTBQ/pair_smtbq.cpp b/src/USER-SMTBQ/pair_smtbq.cpp
index a8cce49749..c2690dc864 100644
--- a/src/USER-SMTBQ/pair_smtbq.cpp
+++ b/src/USER-SMTBQ/pair_smtbq.cpp
@@ -399,7 +399,7 @@ void PairSMTBQ::read_file(char *file)
   fp = force->open_potential(file);
   if ( fp  == NULL ) {
     char str[128];
-    sprintf(str,"Cannot open SMTBQ potential file %s",file);
+    snprintf(str,128,"Cannot open SMTBQ potential file %s",file);
     error->one(FLERR,str);
   }
 
diff --git a/src/USER-UEF/dump_cfg_uef.cpp b/src/USER-UEF/dump_cfg_uef.cpp
index 44af823332..58b3ec5a1f 100644
--- a/src/USER-UEF/dump_cfg_uef.cpp
+++ b/src/USER-UEF/dump_cfg_uef.cpp
@@ -90,9 +90,7 @@ void DumpCFGUef::write_header(bigint n)
   if (atom->peri_flag) scale = atom->pdscale;
   else if (unwrapflag == 1) scale = UNWRAPEXPAND;
 
-  char str[64];
-  sprintf(str,"Number of particles = %s\n",BIGINT_FORMAT);
-  fprintf(fp,str,n);
+  fprintf(fp,"Number of particles = " BIGINT_FORMAT "\n",n);
   fprintf(fp,"A = %g Angstrom (basic length-scale)\n",scale);
   // in box[][] columns are cell edges
   // in H0, rows are cell edges
-- 
GitLab