From 9700dc842a48b0c562ff70c13bde21dbe556a0c8 Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <dev@ddvo.net>
Date: Sat, 28 Sep 2024 08:31:25 +0200
Subject: [PATCH] fixup! fixup! replace various calls to sprintf() by
 BiO_snprintf() to avoid compiler warnings, e.g., on MacOS

---
 apps/lib/vms_term_sock.c | 10 +++++-----
 crypto/bio/bss_log.c     |  2 +-
 crypto/dso/dso_dl.c      | 13 ++++++-------
 crypto/dso/dso_win32.c   |  5 +----
 crypto/info.c            |  6 +++---
 test/conf_include_test.c |  2 +-
 6 files changed, 17 insertions(+), 21 deletions(-)

diff --git a/apps/lib/vms_term_sock.c b/apps/lib/vms_term_sock.c
index 86f50c3d9a60a4..219a978966c767 100644
--- a/apps/lib/vms_term_sock.c
+++ b/apps/lib/vms_term_sock.c
@@ -353,7 +353,7 @@ static int CreateSocketPair (int SocketFamily,
     /*
     ** Get the binary (64-bit) time of the specified timeout value
     */
-    sprintf (AscTimeBuff, "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
+    BIO_snprintf(AscTimeBuff, sizeof(AscTimeBuff), "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
     AscTimeDesc.dsc$w_length = strlen (AscTimeBuff);
     AscTimeDesc.dsc$a_pointer = AscTimeBuff;
     status = sys$bintim (&AscTimeDesc, BinTimeBuff);
@@ -567,10 +567,10 @@ static void LogMessage (char *msg, ...)
     /*
     ** Format the message buffer
     */
-    sprintf (MsgBuff, "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
-             LocTime->tm_mday, Month[LocTime->tm_mon],
-             (LocTime->tm_year + 1900), LocTime->tm_hour, LocTime->tm_min,
-             LocTime->tm_sec, pid, msg);
+    BIO_snprintf(MsgBuff, sizeof(MsgBuff), "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
+                 LocTime->tm_mday, Month[LocTime->tm_mon],
+                 (LocTime->tm_year + 1900), LocTime->tm_hour, LocTime->tm_min,
+                 LocTime->tm_sec, pid, msg);
 
     /*
     ** Get any variable arguments and add them to the print of the message
diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
index c22e603b04fc54..f587cab2f83368 100644
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -281,7 +281,7 @@ static void xsyslog(BIO *bp, int priority, const char *string)
         break;
     }
 
-    sprintf(pidbuf, "[%lu] ", GetCurrentProcessId());
+    BIO_snprintf(pidbuf, sizeof(pidbuf), "[%lu] ", GetCurrentProcessId());
     lpszStrings[0] = pidbuf;
     lpszStrings[1] = string;
 
diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c
index 4515239111dad9..5a2f8076c6b05a 100644
--- a/crypto/dso/dso_dl.c
+++ b/crypto/dso/dso_dl.c
@@ -229,13 +229,12 @@ static char *dl_name_converter(DSO *dso, const char *filename)
         ERR_raise(ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED);
         return NULL;
     }
-    if (transform) {
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s%s", filename, DSO_EXTENSION);
-        else
-            sprintf(translated, "%s%s", filename, DSO_EXTENSION);
-    } else
-        sprintf(translated, "%s", filename);
+    if (transform)
+            BIO_snprintf(translated, rsize,
+                         (DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0
+                         ? "lib%s%s" : "%s%s", filename, DSO_EXTENSION);
+    else
+        BIO_snprintf(translated, rsize, "%s", filename);
     return translated;
 }
 
diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c
index 43210e3d98287e..6fb06469cfebdd 100644
--- a/crypto/dso/dso_win32.c
+++ b/crypto/dso/dso_win32.c
@@ -458,10 +458,7 @@ static char *win32_name_converter(DSO *dso, const char *filename)
         ERR_raise(ERR_LIB_DSO, DSO_R_NAME_TRANSLATION_FAILED);
         return NULL;
     }
-    if (transform)
-        sprintf(translated, "%s.dll", filename);
-    else
-        sprintf(translated, "%s", filename);
+    BIO_snprintf(translated, len + 1, transform ? "%s.dll" : "%s", filename);
     return translated;
 }
 
diff --git a/crypto/info.c b/crypto/info.c
index 293eaacd47aa41..153460a71f27bd 100644
--- a/crypto/info.c
+++ b/crypto/info.c
@@ -190,10 +190,10 @@ DEFINE_RUN_ONCE_STATIC(init_info_strings)
 #endif
 #ifndef OPENSSL_NO_JITTER
         {
-            char jent_version_string[32];
+            char buf[32];
 
-            sprintf(jent_version_string, "JITTER (%d)", jent_version());
-            add_seeds_string(jent_version_string);
+            BIO_snprintf(buf, sizeof(buf), "JITTER (%d)", jent_version());
+            add_seeds_string(buf);
         }
 #endif
         seed_sources = seeds;
diff --git a/test/conf_include_test.c b/test/conf_include_test.c
index facf9603607848..4a28ddafe54c4a 100644
--- a/test/conf_include_test.c
+++ b/test/conf_include_test.c
@@ -186,7 +186,7 @@ static int test_check_overflow(void)
     char max[(sizeof(long) * 8) / 3 + 3];
     char *p;
 
-    p = max + sprintf(max, "0%ld", LONG_MAX) - 1;
+    p = max + BIO_snprintf(max, sizeof (max), "0%ld", LONG_MAX) - 1;
     setenv("FNORD", max, 1);
     if (!TEST_true(NCONF_get_number(NULL, "missing", "FNORD", &val))
             || !TEST_long_eq(val, LONG_MAX))