mirror of https://github.com/OpenTTD/OpenTTD.git
Cleanup: remove seprintf and vsnprintf
This commit is contained in:
parent
13cdf5fffa
commit
48dcb79145
|
@ -40,7 +40,7 @@
|
|||
#define strcat SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
||||
#define strncat SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
||||
|
||||
/* Use seprintf instead. */
|
||||
/* Use fmt::format instead. */
|
||||
#define sprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
||||
#define snprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
||||
|
||||
|
|
|
@ -90,10 +90,6 @@
|
|||
#if defined(__GNUC__) || (defined(__clang__) && !defined(_MSC_VER))
|
||||
# define NORETURN __attribute__ ((noreturn))
|
||||
# define CDECL
|
||||
# define __int64 long long
|
||||
/* Warn about functions using 'printf' format syntax. First argument determines which parameter
|
||||
* is the format string, second argument is start of values passed to printf. */
|
||||
# define WARN_FORMAT(string, args) __attribute__ ((format (printf, string, args)))
|
||||
# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)
|
||||
# define FINAL final
|
||||
# else
|
||||
|
@ -128,7 +124,6 @@
|
|||
#if defined(__WATCOMC__)
|
||||
# define NORETURN
|
||||
# define CDECL
|
||||
# define WARN_FORMAT(string, args)
|
||||
# define FINAL
|
||||
# define FALLTHROUGH
|
||||
# include <malloc.h>
|
||||
|
@ -170,7 +165,6 @@
|
|||
# endif
|
||||
|
||||
# define CDECL _cdecl
|
||||
# define WARN_FORMAT(string, args)
|
||||
# define FINAL final
|
||||
|
||||
/* fallthrough attribute, VS 2017 */
|
||||
|
|
|
@ -21,7 +21,6 @@
|
|||
#include <iomanip>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
# include <errno.h> // required by vsnprintf implementation for MSVC
|
||||
# define strncasecmp strnicmp
|
||||
#endif
|
||||
|
||||
|
@ -44,10 +43,7 @@
|
|||
# include "os/macosx/string_osx.h"
|
||||
#endif
|
||||
|
||||
/* The function vsnprintf is used internally to perform the required formatting
|
||||
* tasks. As such this one must be allowed, and makes sure it's terminated. */
|
||||
#include "safeguards.h"
|
||||
#undef vsnprintf
|
||||
|
||||
|
||||
/**
|
||||
|
@ -455,67 +451,6 @@ bool IsValidChar(WChar key, CharSetFilter afilter)
|
|||
}
|
||||
}
|
||||
|
||||
#ifdef _WIN32
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1900
|
||||
/**
|
||||
* Almost POSIX compliant implementation of \c vsnprintf for VC compiler.
|
||||
* The difference is in the value returned on output truncation. This
|
||||
* implementation returns size whereas a POSIX implementation returns
|
||||
* size or more (the number of bytes that would be written to str
|
||||
* had size been sufficiently large excluding the terminating null byte).
|
||||
*/
|
||||
int CDECL vsnprintf(char *str, size_t size, const char *format, va_list ap)
|
||||
{
|
||||
if (size == 0) return 0;
|
||||
|
||||
errno = 0;
|
||||
int ret = _vsnprintf(str, size, format, ap);
|
||||
|
||||
if (ret < 0) {
|
||||
if (errno != ERANGE) {
|
||||
/* There's a formatting error, better get that looked
|
||||
* at properly instead of ignoring it. */
|
||||
NOT_REACHED();
|
||||
}
|
||||
} else if ((size_t)ret < size) {
|
||||
/* The buffer is big enough for the number of
|
||||
* characters stored (excluding null), i.e.
|
||||
* the string has been null-terminated. */
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* The buffer is too small for _vsnprintf to write the
|
||||
* null-terminator at its end and return size. */
|
||||
str[size - 1] = '\0';
|
||||
return (int)size;
|
||||
}
|
||||
#endif /* _MSC_VER */
|
||||
|
||||
#endif /* _WIN32 */
|
||||
|
||||
/**
|
||||
* Safer implementation of snprintf; same as snprintf except:
|
||||
* - last instead of size, i.e. replace sizeof with lastof.
|
||||
* - return gives the amount of characters added, not what it would add.
|
||||
* @param str buffer to write to up to last
|
||||
* @param last last character we may write to
|
||||
* @param format the formatting (see snprintf)
|
||||
* @return the number of added characters
|
||||
*/
|
||||
int CDECL seprintf(char *str, const char *last, const char *format, ...)
|
||||
{
|
||||
ptrdiff_t diff = last - str;
|
||||
if (diff < 0) return 0;
|
||||
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, format);
|
||||
int ret = std::min(static_cast<int>(diff), vsnprintf(str, diff + 1, format, ap));
|
||||
|
||||
va_end(ap);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* UTF-8 handling routines */
|
||||
|
||||
|
|
|
@ -7,18 +7,6 @@
|
|||
|
||||
/**
|
||||
* @file string_func.h Functions related to low-level strings.
|
||||
*
|
||||
* @note Be aware of "dangerous" string functions; string functions that
|
||||
* have behaviour that could easily cause buffer overruns and such:
|
||||
* - strncpy: does not '\0' terminate when input string is longer than
|
||||
* the size of the output string. Use strecpy instead.
|
||||
* - [v]snprintf: returns the length of the string as it would be written
|
||||
* when the output is large enough, so it can be more than the size of
|
||||
* the buffer and than can underflow size_t (uint-ish) which makes all
|
||||
* subsequent snprintf alikes write outside of the buffer. Use
|
||||
* [v]seprintf instead; it will return the number of bytes actually
|
||||
* added so no [v]seprintf will cause outside of bounds writes.
|
||||
* - [v]sprintf: does not bounds checking: use [v]seprintf instead.
|
||||
*/
|
||||
|
||||
#ifndef STRING_FUNC_H
|
||||
|
@ -33,8 +21,6 @@
|
|||
char *strecpy(char *dst, const char *src, const char *last) NOACCESS(3);
|
||||
char *stredup(const char *src, const char *last = nullptr) NOACCESS(2);
|
||||
|
||||
int CDECL seprintf(char *str, const char *last, const char *format, ...) WARN_FORMAT(3, 4) NOACCESS(2);
|
||||
|
||||
std::string FormatArrayAsHex(span<const byte> data);
|
||||
|
||||
void StrMakeValidInPlace(char *str, const char *last, StringValidationSettings settings = SVS_REPLACE_WITH_QUESTION_MARK) NOACCESS(2);
|
||||
|
|
Loading…
Reference in New Issue