Use sizeof in snprintf where possible, ensure UTF_BUFFER_BYTESIZE

This commit looks a lot bigger than it really is, I noticed a couple spots where with these issues so I ran a regex to find all possible occurrences and switched all that could be, after manually ensuring it was actually correct Using sizeof on the buffer (as long as the buffer is a char *array*, not a pointer!!) greatly reduces the chance of something having the wrong size because of a later change to the buffer, notably a couple snprintfs were missed in the UTF_BUFFER_BYTESIZE change
GerbilSoft · Apr 15, 2023 · 5aaac66 · 5aaac66
1 parent 439e063
commit 5aaac66
Show file tree

Hide file tree

Showing 20 changed files with 126 additions and 127 deletions.
diff --git a/arm9/source/common/screenshot.c b/arm9/source/common/screenshot.c
@@ -27,7 +27,7 @@ void CreateScreenshot(void) {
 
     fvx_rmkdir(OUTPUT_PATH);
     get_dstime(&dstime);
-    snprintf(filename, 64, OUTPUT_PATH "/snap_%02X%02X%02X%02X%02X%02X.png",
+    snprintf(filename, sizeof(filename), OUTPUT_PATH "/snap_%02X%02X%02X%02X%02X%02X.png",
         dstime.bcd_Y, dstime.bcd_M, dstime.bcd_D,
         dstime.bcd_h, dstime.bcd_m, dstime.bcd_s);
     filename[63] = '\0';

diff --git a/arm9/source/common/swkbd.c b/arm9/source/common/swkbd.c
@@ -81,7 +81,7 @@ static void DrawKey(const TouchBox* key, const bool pressed, const u32 uppercase
     if (key->id == KEY_TXTBOX) return;
 
     char keystr[16];
-    if (key->id >= 0x80) snprintf(keystr, 16, "%s", keystrs[key->id - 0x80]);
+    if (key->id >= 0x80) snprintf(keystr, sizeof(keystr), "%s", keystrs[key->id - 0x80]);
     else {
         keystr[0] = (uppercase) ? to_uppercase(key->id) : key->id;
         keystr[1] = 0;
@@ -269,7 +269,7 @@ bool ShowKeyboard(char* inputstr, const u32 max_size, const char *format, ...) {
     char str[512]; // arbitrary limit, should be more than enough
     va_list va;
     va_start(va, format);
-    vsnprintf(str, 512, format, va);
+    vsnprintf(str, sizeof(str), format, va);
     va_end(va);
     u32 str_width = GetDrawStringWidth(str);
     if (str_width < (24 * FONT_WIDTH_EXT)) str_width = 24 * FONT_WIDTH_EXT;

diff --git a/arm9/source/common/ui.c b/arm9/source/common/ui.c
@@ -882,8 +882,8 @@ u32 ShowSelectPrompt(int n, const char** options, const char *format, ...) {
 
         // show [n more]
         if (n - n_show - scroll > 0) {
-            char more_str[UTF_BUFFER_BYTESIZE(str_width / font_width)], temp_str[64];
-            snprintf(temp_str, 64, "   [%d more]", (n - (n_show-1) - scroll));
+            char more_str[UTF_BUFFER_BYTESIZE(str_width / font_width)], temp_str[UTF_BUFFER_BYTESIZE(64)];
+            snprintf(temp_str, sizeof(temp_str), STR_N_MORE, (n - (n_show-1) - scroll));
             ResizeString(more_str, temp_str, str_width / font_width, 8, false);
             DrawString(MAIN_SCREEN, more_str, x, yopt + (line_height+2)*(n_show-1), COLOR_LIGHTGREY, COLOR_STD_BG);
         }
@@ -977,8 +977,8 @@ u32 ShowFileScrollPrompt(int n, const DirEntry** options, bool hide_ext, const c
         }
         // show [n more]
         if (n - n_show - scroll > 0) {
-            char more_str[UTF_BUFFER_BYTESIZE(item_width / font_width)], temp_str[64];
-            snprintf(temp_str, 64, STR_N_MORE, (n - (n_show-1) - scroll));
+            char more_str[UTF_BUFFER_BYTESIZE(item_width / font_width)], temp_str[UTF_BUFFER_BYTESIZE(64)];
+            snprintf(temp_str, sizeof(temp_str), STR_N_MORE, (n - (n_show-1) - scroll));
             ResizeString(more_str, temp_str, item_width / font_width, 8, false);
             DrawString(MAIN_SCREEN, more_str, x, yopt + (line_height+2)*(n_show-1), COLOR_LIGHTGREY, COLOR_STD_BG);
         }
@@ -1265,7 +1265,7 @@ u64 ShowHexPrompt(u64 start_val, u32 n_digits, const char *format, ...) {
     va_list va;
 
     if (n_digits > 16) n_digits = 16;
-    snprintf(inputstr, 16 + 1, "%0*llX", (int) n_digits, start_val);
+    snprintf(inputstr, sizeof(inputstr), "%0*llX", (int) n_digits, start_val);
 
     va_start(va, format);
     if (ShowInputPrompt(inputstr, n_digits + 1, 0, alphabet, format, va)) {
@@ -1282,7 +1282,7 @@ u64 ShowNumberPrompt(u64 start_val, const char *format, ...) {
     u64 ret = 0;
     va_list va;
 
-    snprintf(inputstr, 20 + 1, "%llu", start_val);
+    snprintf(inputstr, sizeof(inputstr), "%llu", start_val);
 
     va_start(va, format);
     if (ShowInputPrompt(inputstr, 20 + 1, 1, alphabet, format, va)) {
@@ -1402,7 +1402,7 @@ bool ShowProgress(u64 current, u64 total, const char* opstr)
     const u32 text_pos_y = bar_pos_y + bar_height + 2;
     u32 prog_width = ((total > 0) && (current <= total)) ? (current * (bar_width-4)) / total : 0;
     u32 prog_percent = ((total > 0) && (current <= total)) ? (current * 100) / total : 0;
-    char tempstr[64];
+    char tempstr[UTF_BUFFER_BYTESIZE(64)];
     char progstr[UTF_BUFFER_BYTESIZE(64)];
 
     static u64 last_msec_elapsed = 0;
@@ -1427,11 +1427,11 @@ bool ShowProgress(u64 current, u64 total, const char* opstr)
     DrawRectangle(MAIN_SCREEN, bar_pos_x + 2 + prog_width, bar_pos_y + 2, (bar_width-4) - prog_width, bar_height - 4, COLOR_STD_BG);
 
     TruncateString(progstr, opstr, min(63, (bar_width / FONT_WIDTH_EXT) - 7), 8);
-    snprintf(tempstr, 64, "%s (%lu%%)", progstr, prog_percent);
+    snprintf(tempstr, sizeof(tempstr), "%s (%lu%%)", progstr, prog_percent);
     ResizeString(progstr, tempstr, bar_width / FONT_WIDTH_EXT, 8, false);
     DrawString(MAIN_SCREEN, progstr, bar_pos_x, text_pos_y, COLOR_STD_FONT, COLOR_STD_BG);
     if (sec_elapsed >= 1) {
-        snprintf(tempstr, 16, STR_ETA_N_MIN_N_SEC, sec_remain / 60, sec_remain % 60);
+        snprintf(tempstr, sizeof(tempstr), STR_ETA_N_MIN_N_SEC, sec_remain / 60, sec_remain % 60);
         ResizeString(progstr, tempstr, 16, 8, true);
         DrawString(MAIN_SCREEN, progstr, bar_pos_x + bar_width - 1 - (FONT_WIDTH_EXT * 16),
             bar_pos_y - line_height - 1, COLOR_STD_FONT, COLOR_STD_BG);

diff --git a/arm9/source/crypto/keydb.c b/arm9/source/crypto/keydb.c
@@ -152,7 +152,7 @@ u32 LoadKeyFromFile(void* key, u32 keyslot, char type, char* id)
     // load legacy slot0x??Key?.bin file instead
     if (!found && (type != 'I')) {
         char fname[64];
-        snprintf(fname, 64, "slot0x%02lXKey%s%s.bin", keyslot,
+        snprintf(fname, sizeof(fname), "slot0x%02lXKey%s%s.bin", keyslot,
             (type == 'X') ? "X" : (type == 'Y') ? "Y" : (type == 'I') ? "IV" : "", (id) ? id : "");
         found = (LoadSupportFile(fname, key, 16) == 16);
     }

diff --git a/arm9/source/filesys/fsdrive.c b/arm9/source/filesys/fsdrive.c
@@ -232,7 +232,7 @@ uint64_t GetFreeSpace(const char* path)
     FATFS* fsobj = GetMountedFSObject(path);
     if ((pdrv < 0) || !fsobj) return 0;
 
-    snprintf(fsname, 3, "%i:", pdrv);
+    snprintf(fsname, sizeof(fsname), "%i:", pdrv);
     if (f_getfree(fsname, &free_clusters, &fsptr) != FR_OK)
         return 0;
 

diff --git a/arm9/source/filesys/fsinit.c b/arm9/source/filesys/fsinit.c
@@ -21,7 +21,7 @@ bool InitExtFS() {
 
     for (u32 i = 1; i < NORM_FS; i++) {
         char fsname[8];
-        snprintf(fsname, 7, "%lu:", i);
+        snprintf(fsname, sizeof(fsname), "%lu:", i);
         if (fs_mounted[i]) continue;
         fs_mounted[i] = (f_mount(fs + i, fsname, 1) == FR_OK);
         if ((!fs_mounted[i] || !ramdrv_ready) && (i == NORM_FS - 1) && !(GetMountState() & IMG_NAND)) {
@@ -44,7 +44,7 @@ bool InitImgFS(const char* path) {
     u32 drv_i = NORM_FS - IMGN_FS;
     char fsname[8];
     for (; drv_i < NORM_FS; drv_i++) {
-        snprintf(fsname, 7, "%lu:", drv_i);
+        snprintf(fsname, sizeof(fsname), "%lu:", drv_i);
         if (!(DriveType(fsname)&DRV_IMAGE)) break;
     }
     // deinit virtual filesystem
@@ -58,7 +58,7 @@ bool InitImgFS(const char* path) {
     else if ((type&IMG_FAT) && (drv_i < NORM_FS - IMGN_FS + 1)) drv_i = NORM_FS - IMGN_FS + 1;
     // reinit image filesystem
     for (u32 i = NORM_FS - IMGN_FS; i < drv_i; i++) {
-        snprintf(fsname, 7, "%lu:", i);
+        snprintf(fsname, sizeof(fsname), "%lu:", i);
         fs_mounted[i] = (f_mount(fs + i, fsname, 1) == FR_OK);
     }
     return GetMountState();
@@ -71,7 +71,7 @@ void DeinitExtFS() {
     for (u32 i = NORM_FS - 1; i > 0; i--) {
         if (fs_mounted[i]) {
             char fsname[8];
-            snprintf(fsname, 7, "%lu:", i);
+            snprintf(fsname, sizeof(fsname), "%lu:", i);
             f_mount(NULL, fsname, 1);
             fs_mounted[i] = false;
         }
@@ -91,7 +91,7 @@ void DismountDriveType(u32 type) { // careful with this - no safety checks
     }
     for (u32 i = 0; i < NORM_FS; i++) {
         char fsname[8];
-        snprintf(fsname, 7, "%lu:", i);
+        snprintf(fsname, sizeof(fsname), "%lu:", i);
         if (!fs_mounted[i] || !(type & DriveType(fsname)))
             continue;
         f_mount(NULL, fsname, 1);

diff --git a/arm9/source/filesys/fsperm.c b/arm9/source/filesys/fsperm.c
@@ -21,7 +21,7 @@
 static u32 write_permissions = PERM_BASE;
 
 bool CheckWritePermissions(const char* path) {
-    char area_name[16];
+    char area_name[UTF_BUFFER_BYTESIZE(16)];
     int drvtype = DriveType(path);
     u32 perm;
 
@@ -64,7 +64,7 @@ bool CheckWritePermissions(const char* path) {
             if ((drvtype & DRV_CTRNAND) || (lvl == 2)) lvl = 3;
         }
         perm = perms[lvl];
-        snprintf(area_name, 16, STR_SYSNAND_LVL_N, lvl);
+        snprintf(area_name, sizeof(area_name), STR_SYSNAND_LVL_N, lvl);
     } else if (drvtype & DRV_EMUNAND) {
         static const u32 perms[] = { PERM_EMU_LVL0, PERM_EMU_LVL1 };
         u32 lvl = (drvtype & (DRV_ALIAS|DRV_CTRNAND)) ? 1 : 0;
@@ -74,34 +74,34 @@ bool CheckWritePermissions(const char* path) {
                 if (strncasecmp(path_f, path_lvl1[i], 256) == 0) lvl = 1;
         }
         perm = perms[lvl];
-        snprintf(area_name, 16, STR_EMUNAND_LVL_N, lvl);
+        snprintf(area_name, sizeof(area_name), STR_EMUNAND_LVL_N, lvl);
     } else if (drvtype & DRV_GAME) {
         perm = PERM_GAME;
-        snprintf(area_name, 16, "%s", STR_GAME_IMAGES);
+        snprintf(area_name, sizeof(area_name), "%s", STR_GAME_IMAGES);
     } else if (drvtype & DRV_CART) {
         perm = PERM_CART;
-        snprintf(area_name, 16, "%s", STR_GAMECART_SAVES);
+        snprintf(area_name, sizeof(area_name), "%s", STR_GAMECART_SAVES);
     } else if (drvtype & DRV_VRAM) {
         perm = PERM_VRAM;
-        snprintf(area_name, 16, "vram0");
+        snprintf(area_name, sizeof(area_name), "vram0");
     } else if (drvtype & DRV_XORPAD) {
         perm = PERM_XORPAD;
-        snprintf(area_name, 16, "XORpads");
+        snprintf(area_name, sizeof(area_name), "XORpads");
     } else if (drvtype & DRV_IMAGE) {
         perm = PERM_IMAGE;
-        snprintf(area_name, 16, "%s", STR_IMAGES);
+        snprintf(area_name, sizeof(area_name), "%s", STR_IMAGES);
     } else if (drvtype & DRV_MEMORY) {
         perm = PERM_MEMORY;
-        snprintf(area_name, 16, "%s", STR_MEMORY_AREAS);
+        snprintf(area_name, sizeof(area_name), "%s", STR_MEMORY_AREAS);
     } else if (strncasecmp(path_f, "0:/Nintendo 3DS", 15) == 0) { // this check could be better
         perm = PERM_SDDATA;
-        snprintf(area_name, 16, "%s", STR_SD_SYSTEM_DATA);
+        snprintf(area_name, sizeof(area_name), "%s", STR_SD_SYSTEM_DATA);
     } else if (drvtype & DRV_SDCARD) {
         perm = PERM_SDCARD;
-        snprintf(area_name, 16, "%s", STR_SD_CARD);
+        snprintf(area_name, sizeof(area_name), "%s", STR_SD_CARD);
     } else if (drvtype & DRV_RAMDRIVE) {
         perm = PERM_RAMDRIVE;
-        snprintf(area_name, 16, "%s", STR_RAM_DRIVE);
+        snprintf(area_name, sizeof(area_name), "%s", STR_RAM_DRIVE);
     } else {
         return false;
     }

diff --git a/arm9/source/filesys/fsutil.c b/arm9/source/filesys/fsutil.c
@@ -363,8 +363,8 @@ bool FileSetByte(const char* dest, u64 offset, u64 size, u8 fillbyte, u32* flags
 bool FileCreateDummy(const char* cpath, const char* filename, u64 size) {
     char npath[256]; // 256 is the maximum length of a full path
     if (!CheckWritePermissions(cpath)) return false;
-    if (filename) snprintf(npath, 255, "%s/%s", cpath, filename);
-    else snprintf(npath, 255, "%s", cpath);
+    if (filename) snprintf(npath, sizeof(npath), "%s/%s", cpath, filename);
+    else snprintf(npath, sizeof(npath), "%s", cpath);
 
     // create dummy file (fail if already existing)
     // then, expand the file size via cluster preallocation
@@ -381,7 +381,7 @@ bool FileCreateDummy(const char* cpath, const char* filename, u64 size) {
 bool DirCreate(const char* cpath, const char* dirname) {
     char npath[256]; // 256 is the maximum length of a full path
     if (!CheckWritePermissions(cpath)) return false;
-    snprintf(npath, 255, "%s/%s", cpath, dirname);
+    snprintf(npath, sizeof(npath), "%s/%s", cpath, dirname);
     if (fa_mkdir(npath) != FR_OK) return false;
     return (fa_stat(npath, NULL) == FR_OK);
 }
@@ -731,7 +731,7 @@ bool PathCopy(const char* destdir, const char* orig, u32* flags) {
     char dest[256]; // maximum path name length in FAT
     char* oname = strrchr(orig, '/');
     if (oname == NULL) return false; // not a proper origin path
-    snprintf(dest, 255, "%s/%s", destdir, (++oname));
+    snprintf(dest, sizeof(dest), "%s/%s", destdir, (++oname));
 
     // virtual destination special handling
     if (GetVirtualSource(destdir) & ~VRT_BDRI) {
@@ -747,7 +747,7 @@ bool PathCopy(const char* destdir, const char* orig, u32* flags) {
             }
             if (!ShowPrompt(true, STR_ENTRY_NOT_FOUND_PATH_INJECT_INTO_PATH_INSTEAD, dest, dvfile.name))
                 return false;
-            snprintf(dest, 255, "%s/%s", destdir, dvfile.name);
+            snprintf(dest, sizeof(dest), "%s/%s", destdir, dvfile.name);
         } else if (osize < dvfile.size) { // if origin is smaller than destination...
             char deststr[UTF_BUFFER_BYTESIZE(36)];
             char origstr[UTF_BUFFER_BYTESIZE(36)];
@@ -772,7 +772,7 @@ bool PathMove(const char* destdir, const char* orig, u32* flags) {
     char dest[256]; // maximum path name length in FAT
     char* oname = strrchr(orig, '/');
     if (oname == NULL) return false; // not a proper origin path
-    snprintf(dest, 255, "%s/%s", destdir, (++oname));
+    snprintf(dest, sizeof(dest), "%s/%s", destdir, (++oname));
 
     return PathMoveCopy(dest, orig, flags, true);
 }
@@ -838,7 +838,7 @@ bool FileSelectorWorker(char* result, const char* text, const char* path, const
 
                 if (!new_style) {
                     char temp_str[256];
-                    snprintf(temp_str, 256, "%s", entry->name);
+                    snprintf(temp_str, sizeof(temp_str), "%s", entry->name);
                     if (hide_ext && (entry->type == T_FILE)) {
                         char* dot = strrchr(temp_str, '.');
                         if (dot) *dot = '\0';

diff --git a/arm9/source/filesys/sddata.c b/arm9/source/filesys/sddata.c
@@ -276,7 +276,7 @@ bool SetupNandSdDrive(const char* path, const char* sd_path, const char* movable
     // build the alias path (id0)
     u32 sha256sum[8];
     sha_quick(sha256sum, sd_keyy[num], 0x10, SHA256_MODE);
-    snprintf(alias, 127, "%s/Nintendo 3DS/%08lX%08lX%08lX%08lX",
+    snprintf(alias, sizeof(alias), "%s/Nintendo 3DS/%08lX%08lX%08lX%08lX",
         sd_path, sha256sum[0], sha256sum[1], sha256sum[2], sha256sum[3]);
 
     // find the alias path (id1)

diff --git a/arm9/source/filesys/support.c b/arm9/source/filesys/support.c
@@ -17,7 +17,7 @@ bool CheckSupportFile(const char* fname)
     const char* base_paths[] = { SUPPORT_FILE_PATHS };
     for (u32 i = 0; i < countof(base_paths); i++) {
         char path[256];
-        snprintf(path, 256, "%s/%s", base_paths[i], fname);
+        snprintf(path, sizeof(path), "%s/%s", base_paths[i], fname);
         if (fvx_stat(path, NULL) == FR_OK)
             return true;
     }
@@ -40,7 +40,7 @@ size_t LoadSupportFile(const char* fname, void* buffer, size_t max_len)
     for (u32 i = 0; i < countof(base_paths); i++) {
         UINT len32;
         char path[256];
-        snprintf(path, 256, "%s/%s", base_paths[i], fname);
+        snprintf(path, sizeof(path), "%s/%s", base_paths[i], fname);
         if (fvx_qread(path, buffer, 0, max_len, &len32) == FR_OK)
             return len32;
     }
@@ -68,7 +68,7 @@ bool SaveSupportFile(const char* fname, void* buffer, size_t len)
     // write support file
     if (idx >= 0) {
         char path[256];
-        snprintf(path, 256, "%s/%s", base_paths[idx], fname);
+        snprintf(path, sizeof(path), "%s/%s", base_paths[idx], fname);
         fvx_unlink(path);
         if (fvx_qwrite(path, buffer, 0, len, NULL) == FR_OK)
             return true;

diff --git a/arm9/source/game/ips.c b/arm9/source/game/ips.c
@@ -113,7 +113,7 @@ UINT read24() {
 int ApplyIPSPatch(const char* patchName, const char* inName, const char* outName) {
     int error = IPS_INVALID;
     UINT outlen_min, outlen_max, outlen_min_mem;
-    snprintf(errName, 256, "%s", patchName);
+    snprintf(errName, sizeof(errName), "%s", patchName);
 
     if (fvx_open(&patchFile, patchName, FA_READ) != FR_OK) return displayError(IPS_INVALID_FILE_PATH);
     patchSize = fvx_size(&patchFile);