Fix misuse of "%*s" in sprintf strings

%*s takes the output length, not the input length. The intended specifier was %.*s in several places. Bug(s) introduced in 2bb31f05ee
2025-04-05 20:31:00 +08:00 · 2021-01-21 18:27:20 -05:00 · 2021-01-21 18:27:20 -05:00 · f1eac042b5
commit f1eac042b5
parent 848303f9f0
4 changed files with 4 additions and 4 deletions
--- a/src/libmdb/iconv.c
+++ b/src/libmdb/iconv.c
@ -191,7 +191,7 @@ mdb_ascii2unicode(MdbHandle *mdb, const char *src, size_t slen, char *dest, size
 #else
 	if (IS_JET3(mdb)) {
 		int count;
-		snprintf(out_ptr, len_out, "%*s%n", (int)len_in, in_ptr, &count);
+		snprintf(out_ptr, len_out, "%.*s%n", (int)len_in, in_ptr, &count);
 		dlen = count;
 	} else {
 		unsigned int i;
--- a/src/libmdb/props.c
+++ b/src/libmdb/props.c
@ -123,7 +123,7 @@ mdb_read_props(MdbHandle *mdb, GPtrArray *names, gchar *kkd, int len)
 		dsize = mdb_get_int16(kkd, pos + 6);
 		if (dsize < 0 || pos + 8 + dsize > len)
 			break;
-		value = g_strdup_printf("%*s", dsize, &kkd[pos+8]);
+		value = g_strdup_printf("%.*s", dsize, &kkd[pos+8]);
 		name = g_ptr_array_index(names,elem);
 		if (mdb_get_option(MDB_DEBUG_PROPS)) {
 			fprintf(stderr, "%02d ",i++);
--- a/src/odbc/odbc.c
+++ b/src/odbc/odbc.c
@ -1225,7 +1225,7 @@ SQLRETURN SQL_API SQLPrepare(

 	TRACE("SQLPrepare");

-	snprintf(stmt->query, sizeof(stmt->query), "%*s", sqllen, (char*)szSqlStr);
+	snprintf(stmt->query, sizeof(stmt->query), "%.*s", sqllen, (char*)szSqlStr);

 	return SQL_SUCCESS;
 }
--- a/src/sql/mdbsql.c
+++ b/src/sql/mdbsql.c
@ -486,7 +486,7 @@ mdb_sql_add_sarg(MdbSQL *sql, char *col_name, int op, char *constant)
 	** column definition can be checked for validity
 	*/
 	if (constant[0]=='\'') {
-		snprintf(node->value.s, sizeof(node->value.s), "%*s", (int)strlen(constant) - 2, &constant[1]);
+		snprintf(node->value.s, sizeof(node->value.s), "%.*s", (int)strlen(constant) - 2, &constant[1]);
 		node->val_type = MDB_TEXT;
 	} else if ((p=strchr(constant, '.'))) {
 		*p=localeconv()->decimal_point[0];