Security fixes
* src/alloc.c (garbage-collect): check return of snprintf
* src/doprnt.c (emacs_doprnt_smZ): ditto
* src/dumper.c (pdump_file_try): ditto
* src/dumper.c (pdump_load): ditto
* src/editfns.c (Fencode_time): ditto
* src/editfns.c (Fencode_btime): ditto
* src/editfns.c (current_time_zone): ditto
* src/ent/ent-float.c (vars_of_ent_float): ditto
* src/filelock.c (lock_file_1): ditto
* src/media/sound-arts.c (sound_arts_play): ditto
* src/mule/mule-ccl.c (ccl_driver): ditto
* src/opaque.c (print_opaque_ptr): ditto
* src/strftime.c (add_num_time_t): ditto
* src/casetab.c (print_case_table): use write_fmt_str instead of sprintf
* src/elhash.c (print_hash_table): ditto
* src/events/event-stream.c (print_timeout): ditto
* src/events/events.c (print_event): ditto
* src/media/sound-nas.c (sound_nas_print): ditto
* src/media/sound.c (print_audio_job): ditto
* src/opaque.c (print_opaque): ditto
* src/openssl.c (print_evp_pkey): ditto
* src/symbols.c (print_symbol_value_magic): ditto
* src/filelock.c (lock_file): Use snprintf instead of sprintf
* src/libsst.c (sst_set_ger): ditto
* src/libsst.c (sst_set_gr): ditto
* src/libsst.c (sst_set_gx): ditto
* src/libsst.c (sst_tones): ditto
* src/libsst.c (sst_dmtf): ditto
* src/print.c (float_to_string): ditto
* src/process-unix.c (allocate_pty_the_old_fashioned_way): ditto
* src/process-unix.c (unix_open_network_stream): ditto
* src/s/hpux.h (PTY_TTY_NAME_SPRINTF): ditto
* src/s/rtu.h (PTY_TTY_NAME_SPRINTF): ditto
* src/s/sco4.h (PTY_TTY_NAME_SPRINTF): ditto
* src/s/sco5.h (PTY_TTY_NAME_SPRINTF): ditto
* src/data.c (Fnumber_to_string): correct arguments to new buffer
size aware float_to_string and long_to_string
* src/doprnt.c (emacs_doprnt_number): correct arguments to new
buffer size aware long_to_string
* src/print.c (print_internal): ditto
* src/ui/redisplay.c (window_line_number): ditto
* src/ui/redisplay.c (decode_mode_spec): ditto
* src/ent/ent-float.c (print_float): correct arguments to new
buffer size aware float_to_string
* src/ent/ent-float.h: define new argument for float_to_string
* src/lisp.h: define new argument for long_to_string
* src/emacs.c (assert_failed): flush stderr to make sure assertion is written.
* src/print.c (float_to_string): rewrite so that it knows size and
does not overflow buf. Also uses snprintf instead of sprintf
* src/print.c (long_to_string): ditto.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
31 files changed: