HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: mariadb: Fix CVE-2021-27928.
[jackhill/guix/guix.git] / gnu / packages / patches / wordnet-CVE-2008-3908-pt1.patch
CommitLineData
c1dbd3a8
EF		 1Author: Anton Gladky <gladk@debian.org>
2LastChanged: Tue, 26 Feb 2013 20:40:25 +0100
3BugDebian: http://bugs.debian.org/700914
4Description: This patch was created by oCert according to
5 http://www.ocert.org/advisories/ocert-2008-014.html
6 and can be downloaded from
7 http://www.ocert.org/analysis/2008-014/wordnet.patch
8 Unfortunately the original patch had a problem which
9 caused 'wordnet test -synsn' to fail. The critical
10 part of the patch was removed from the whole patch
11 set and is moved to 51_overflows_memcpy.patch which
12 uses memcpy instead of the formerly used strcpy.
13
14--- a/lib/binsrch.c
15+++ b/lib/binsrch.c
16@@ -28,7 +28,7 @@ char *read_index(long offset, FILE *fp)
17 char *linep;
18
19 linep = line;
20- line[0] = '0';
21+ line[0] = '\0';
22
23 fseek( fp, offset, SEEK_SET );
24 fgets(linep, LINE_LEN, fp);
25@@ -58,6 +58,8 @@ char *bin_search(char *searchkey, FILE *
26 last_bin_search_offset = ftell( fp );
27 fgets(linep, LINE_LEN, fp);
28 length = (int)(strchr(linep, ' ') - linep);
29+ if (length > (sizeof(key) - 1))
30+ return(NULL);
31 strncpy(key, linep, length);
32 key[length] = '\0';
33 if(strcmp(key, searchkey) < 0) {
34@@ -110,6 +112,8 @@ static int bin_search_key(char *searchke
35 line[length++] = c;
36 if (getc(fp) == EOF) { /* only 1 line in file */
37 length = (int)(strchr(linep, ' ') - linep);
38+ if (length > (sizeof(key) - 1))
39+ return(0);
40 strncpy(key, linep, length);
41 key[length] = '\0';
42 if(strcmp(key, searchkey) > 0) {
43@@ -132,6 +136,8 @@ static int bin_search_key(char *searchke
44 if (fgets(linep, LINE_LEN, fp) != NULL) {
45 offset2 = ftell(fp); /* offset at start of next line */
46 length = (int)(strchr(linep, ' ') - linep);
47+ if (length > (sizeof(key) - 1))
48+ return(0);
49 strncpy(key, linep, length);
50 key[length] = '\0';
51 if(strcmp(key, searchkey) < 0) { /* further in file */
52--- a/lib/morph.c
53+++ b/lib/morph.c
54@@ -51,21 +51,21 @@ static struct {
55 char *str;
56 int strlen;
57 } prepositions[NUMPREPS] = {
58- "to", 2,
59- "at", 2,
60- "of", 2,
61- "on", 2,
62- "off", 3,
63- "in", 2,
64- "out", 3,
65- "up", 2,
66- "down", 4,
67- "from", 4,
68- "with", 4,
69- "into", 4,
70- "for", 3,
71- "about", 5,
72- "between", 7,
73+ { "to", 2 },
74+ { "at", 2 },
75+ { "of", 2 },
76+ { "on", 2 },
77+ { "off", 3 },
78+ { "in", 2 },
79+ { "out", 3 },
80+ { "up", 2 },
81+ { "down", 4 },
82+ { "from", 4 },
83+ { "with", 4 },
84+ { "into", 4 },
85+ { "for", 3 },
86+ { "about", 5 },
87+ { "between", 7 }
88 };
89
90 static FILE *exc_fps[NUMPARTS + 1];
91@@ -144,18 +144,19 @@ static int do_init(void)
92 } else
93 sprintf(searchdir, DEFAULTPATH);
94 #else
95- if ((env = getenv("WNSEARCHDIR")) != NULL)
96- strcpy(searchdir, env);
97- else if ((env = getenv("WNHOME")) != NULL)
98- sprintf(searchdir, "%s%s", env, DICTDIR);
99- else
100+ if ((env = getenv("WNSEARCHDIR")) != NULL) {
101+ snprintf(searchdir, sizeof(searchdir), "%s", env);
102+ } else if ((env = getenv("WNHOME")) != NULL) {
103+ snprintf(searchdir, sizeof(searchdir), "%s%s", env, DICTDIR);
104+ } else {
105 strcpy(searchdir, DEFAULTPATH);
106+ }
107 #endif
108
109 for (i = 1; i <= NUMPARTS; i++) {
110- sprintf(fname, EXCFILE, searchdir, partnames[i]);
111+ snprintf(fname, sizeof(fname), EXCFILE, searchdir, partnames[i]);
112 if ((exc_fps[i] = fopen(fname, "r")) == NULL) {
113- sprintf(msgbuf,
114+ snprintf(msgbuf, sizeof(msgbuf),
115 "WordNet library error: Can't open exception file(%s)\n\n",
116 fname);
117 display_message(msgbuf);
118@@ -178,13 +179,16 @@ char *morphstr(char *origstr, int pos)
119 int prep;
120 char *end_idx1, *end_idx2;
121 char *append;
122-
123+
124 if (pos == SATELLITE)
125 pos = ADJ;
126
127 /* First time through for this string */
128
129 if (origstr != NULL) {
130+ if (strlen(origstr) > WORDBUF - 1)
131+ return(NULL);
132+
133 /* Assume string hasn't had spaces substitued with '_' */
134 strtolower(strsubst(strcpy(str, origstr), ' ', '_'));
135 searchstr[0] = '\0';
136@@ -232,7 +236,7 @@ char *morphstr(char *origstr, int pos)
137 if (end_idx < 0) return(NULL); /* shouldn't do this */
138 strncpy(word, str + st_idx, end_idx - st_idx);
139 word[end_idx - st_idx] = '\0';
140- if(tmp = morphword(word, pos))
141+ if ((tmp = morphword(word, pos)) != NULL)
142 strcat(searchstr,tmp);
143 else
144 strcat(searchstr,word);
145@@ -240,7 +244,7 @@ char *morphstr(char *origstr, int pos)
146 st_idx = end_idx + 1;
147 }
148
149- if(tmp = morphword(strcpy(word, str + st_idx), pos))
150+ if ((tmp = morphword(strcpy(word, str + st_idx), pos)) != NULL)
151 strcat(searchstr,tmp);
152 else
153 strcat(searchstr,word);
154@@ -270,16 +274,15 @@ char *morphword(char *word, int pos)
155 {
156 int offset, cnt;
157 int i;
158- static char retval[WORDBUF];
159- char *tmp, tmpbuf[WORDBUF], *end;
160-
161- sprintf(retval,"");
162- sprintf(tmpbuf, "");
163- end = "";
164-
165+ static char retval[WORDBUF] = "";
166+ char *tmp, tmpbuf[WORDBUF] = "", *end = "";
167+
168 if(word == NULL)
169 return(NULL);
170
171+ if (strlen(word) > WORDBUF - 1)
172+ return(NULL);
173+
174 /* first look for word on exception list */
175
176 if((tmp = exc_lookup(word, pos)) != NULL)
177@@ -335,7 +338,10 @@ static char *wordbase(char *word, int en
178 {
179 char *pt1;
180 static char copy[WORDBUF];
181-
182+
183+ if (strlen(word) > WORDBUF - 1)
184+ return(NULL);
185+
186 strcpy(copy, word);
187 if(strend(copy,sufx[ender])) {
188 pt1=strchr(copy,'\0');
189@@ -368,13 +374,14 @@ static char *exc_lookup(char *word, int
190 {
191 static char line[WORDBUF], *beglp, *endlp;
192 char *excline;
193- int found = 0;
194
195 if (exc_fps[pos] == NULL)
196 return(NULL);
197
198 /* first time through load line from exception file */
199 if(word != NULL){
200+ if (strlen(word) > WORDBUF - 1)
201+ return(NULL);
202 if ((excline = bin_search(word, exc_fps[pos])) != NULL) {
203 strcpy(line, excline);
204 endlp = strchr(line,' ');
205@@ -403,6 +410,9 @@ static char *morphprep(char *s)
206 char word[WORDBUF], end[WORDBUF];
207 static char retval[WORDBUF];
208
209+ if (strlen(s) > WORDBUF - 1)
210+ return (NULL);
211+
212 /* Assume that the verb is the first word in the phrase. Strip it
213 off, check for validity, then try various morphs with the
214 rest of the phrase tacked on, trying to find a match. */
215@@ -410,7 +420,7 @@ static char *morphprep(char *s)
216 rest = strchr(s, '_');
217 last = strrchr(s, '_');
218 if (rest != last) { /* more than 2 words */
219- if (lastwd = morphword(last + 1, NOUN)) {
220+ if ((lastwd = morphword(last + 1, NOUN)) != NULL) {
221 strncpy(end, rest, last - rest + 1);
222 end[last-rest+1] = '\0';
223 strcat(end, lastwd);
224--- a/lib/search.c
225+++ b/lib/search.c
226@@ -13,6 +13,7 @@
227 #include <stdlib.h>
228 #include <string.h>
229 #include <assert.h>
230+#include <limits.h>
231
232 #include "wn.h"
233
234@@ -119,33 +120,22 @@ IndexPtr parse_index(long offset, int db
235 if ( !line )
236 line = read_index( offset, indexfps[dbase] );
237
238- idx = (IndexPtr)malloc(sizeof(Index));
239+ idx = (IndexPtr)calloc(1, sizeof(Index));
240 assert(idx);
241
242 /* set offset of entry in index file */
243 idx->idxoffset = offset;
244
245- idx->wd='\0';
246- idx->pos='\0';
247- idx->off_cnt=0;
248- idx->tagged_cnt = 0;
249- idx->sense_cnt=0;
250- idx->offset='\0';
251- idx->ptruse_cnt=0;
252- idx->ptruse='\0';
253-
254 /* get the word */
255 ptrtok=strtok(line," \n");
256
257- idx->wd = malloc(strlen(ptrtok) + 1);
258+ idx->wd = strdup(ptrtok);
259 assert(idx->wd);
260- strcpy(idx->wd, ptrtok);
261
262 /* get the part of speech */
263 ptrtok=strtok(NULL," \n");
264- idx->pos = malloc(strlen(ptrtok) + 1);
265+ idx->pos = strdup(ptrtok);
266 assert(idx->pos);
267- strcpy(idx->pos, ptrtok);
268
269 /* get the collins count */
270 ptrtok=strtok(NULL," \n");
271@@ -154,7 +144,12 @@ IndexPtr parse_index(long offset, int db
272 /* get the number of pointers types */
273 ptrtok=strtok(NULL," \n");
274 idx->ptruse_cnt = atoi(ptrtok);
275-
276+
277+ if (idx->ptruse_cnt < 0 || (unsigned int)idx->ptruse_cnt > UINT_MAX/sizeof(int)) {
278+ free_index(idx);
279+ return(NULL);
280+ }
281+
282 if (idx->ptruse_cnt) {
283 idx->ptruse = (int *) malloc(idx->ptruse_cnt * (sizeof(int)));
284 assert(idx->ptruse);
285@@ -173,9 +168,14 @@ IndexPtr parse_index(long offset, int db
286 /* get the number of senses that are tagged */
287 ptrtok=strtok(NULL," \n");
288 idx->tagged_cnt = atoi(ptrtok);
289-
290+
291+ if (idx->off_cnt < 0 || (unsigned long)idx->off_cnt > ULONG_MAX/sizeof(long)) {
292+ free_index(idx);
293+ return(NULL);
294+ }
295+
296 /* make space for the offsets */
297- idx->offset = (long *) malloc(idx->off_cnt * (sizeof(long)));
298+ idx->offset = (unsigned long *) malloc(idx->off_cnt * sizeof(long));
299 assert(idx->offset);
300
301 /* get the offsets */
302@@ -197,15 +197,21 @@ IndexPtr getindex(char *searchstr, int d
303 char strings[MAX_FORMS][WORDBUF]; /* vector of search strings */
304 static IndexPtr offsets[MAX_FORMS];
305 static int offset;
306-
307+
308 /* This works like strrok(): if passed with a non-null string,
309 prepare vector of search strings and offsets. If string
310 is null, look at current list of offsets and return next
311 one, or NULL if no more alternatives for this word. */
312
313 if (searchstr != NULL) {
314+ /* Bail out if the input is too long for us to handle */
315+ if (strlen(searchstr) > (WORDBUF - 1)) {
316+ strcpy(msgbuf, "WordNet library error: search term is too long\n");
317+ display_message(msgbuf);
318+ return(NULL);
319+ }
320
321- offset = 0;
322+ offset = 0;
323 strtolower(searchstr);
324 for (i = 0; i < MAX_FORMS; i++) {
325 strcpy(strings[i], searchstr);
326@@ -229,11 +235,11 @@ IndexPtr getindex(char *searchstr, int d
327 /* Get offset of first entry. Then eliminate duplicates
328 and get offsets of unique strings. */
329
330- if (strings[0][0] != NULL)
331+ if (strings[0] != NULL)
332 offsets[0] = index_lookup(strings[0], dbase);
333
334 for (i = 1; i < MAX_FORMS; i++)
335- if ((strings[i][0]) != NULL && (strcmp(strings[0], strings[i])))
336+ if (strings[i] != NULL && (strcmp(strings[0], strings[i])))
337 offsets[i] = index_lookup(strings[i], dbase);
338 }
339
340@@ -272,7 +278,7 @@ SynsetPtr read_synset(int dbase, long bo
341 SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
342 {
343 static char line[LINEBUF];
344- char tbuf[SMLINEBUF];
345+ char tbuf[SMLINEBUF] = "";
346 char *ptrtok;
347 char *tmpptr;
348 int foundpert = 0;
349@@ -286,33 +292,11 @@ SynsetPtr parse_synset(FILE *fp, int dba
350 if ((tmpptr = fgets(line, LINEBUF, fp)) == NULL)
351 return(NULL);
352
353- synptr = (SynsetPtr)malloc(sizeof(Synset));
354+ synptr = (SynsetPtr)calloc(1, sizeof(Synset));
355 assert(synptr);
356-
357- synptr->hereiam = 0;
358+
359 synptr->sstype = DONT_KNOW;
360- synptr->fnum = 0;
361- synptr->pos = '\0';
362- synptr->wcount = 0;
363- synptr->words = '\0';
364- synptr->whichword = 0;
365- synptr->ptrcount = 0;
366- synptr->ptrtyp = '\0';
367- synptr->ptroff = '\0';
368- synptr->ppos = '\0';
369- synptr->pto = '\0';
370- synptr->pfrm = '\0';
371- synptr->fcount = 0;
372- synptr->frmid = '\0';
373- synptr->frmto = '\0';
374- synptr->defn = '\0';
375- synptr->key = 0;
376- synptr->nextss = NULL;
377- synptr->nextform = NULL;
378 synptr->searchtype = -1;
379- synptr->ptrlist = NULL;
380- synptr->headword = NULL;
381- synptr->headsense = 0;
382
383 ptrtok = line;
384
385@@ -322,7 +306,7 @@ SynsetPtr parse_synset(FILE *fp, int dba
386
387 /* sanity check - make sure starting file offset matches first field */
388 if (synptr->hereiam != loc) {
389- sprintf(msgbuf, "WordNet library error: no synset at location %d\n",
390+ sprintf(msgbuf, "WordNet library error: no synset at location %ld\n",
391 loc);
392 display_message(msgbuf);
393 free(synptr);
394@@ -335,16 +319,20 @@ SynsetPtr parse_synset(FILE *fp, int dba
395
396 /* looking at POS */
397 ptrtok = strtok(NULL, " \n");
398- synptr->pos = malloc(strlen(ptrtok) + 1);
399+ synptr->pos = strdup(ptrtok);
400 assert(synptr->pos);
401- strcpy(synptr->pos, ptrtok);
402 if (getsstype(synptr->pos) == SATELLITE)
403 synptr->sstype = INDIRECT_ANT;
404
405 /* looking at numwords */
406 ptrtok = strtok(NULL, " \n");
407 synptr->wcount = strtol(ptrtok, NULL, 16);
408-
409+
410+ if (synptr->wcount < 0 || (unsigned int)synptr->wcount > UINT_MAX/sizeof(char *)) {
411+ free_syns(synptr);
412+ return(NULL);
413+ }
414+
415 synptr->words = (char **)malloc(synptr->wcount * sizeof(char *));
416 assert(synptr->words);
417 synptr->wnsns = (int *)malloc(synptr->wcount * sizeof(int));
418@@ -354,9 +342,8 @@ SynsetPtr parse_synset(FILE *fp, int dba
419
420 for (i = 0; i < synptr->wcount; i++) {
421 ptrtok = strtok(NULL, " \n");
422- synptr->words[i] = malloc(strlen(ptrtok) + 1);
423+ synptr->words[i] = strdup(ptrtok);
424 assert(synptr->words[i]);
425- strcpy(synptr->words[i], ptrtok);
426
427 /* is this the word we're looking for? */
428
429@@ -371,6 +358,12 @@ SynsetPtr parse_synset(FILE *fp, int dba
430 ptrtok = strtok(NULL," \n");
431 synptr->ptrcount = atoi(ptrtok);
432
433+ /* Should we check for long here as well? */
434+ if (synptr->ptrcount < 0 || (unsigned int)synptr->ptrcount > UINT_MAX/sizeof(int)) {
435+ free_syns(synptr);
436+ return(NULL);
437+ }
438+
439 if (synptr->ptrcount) {
440
441 /* alloc storage for the pointers */
442@@ -455,21 +448,23 @@ SynsetPtr parse_synset(FILE *fp, int dba
443 ptrtok = strtok(NULL," \n");
444 if (ptrtok) {
445 ptrtok = strtok(NULL," \n");
446- sprintf(tbuf, "");
447 while (ptrtok != NULL) {
448+ if (strlen(ptrtok) + strlen(tbuf) + 1 + 1 > sizeof(tbuf)) {
449+ free_syns(synptr);
450+ return(NULL);
451+ }
452 strcat(tbuf,ptrtok);
453 ptrtok = strtok(NULL, " \n");
454 if(ptrtok)
455 strcat(tbuf," ");
456 }
457- assert((1 + strlen(tbuf)) < sizeof(tbuf));
458- synptr->defn = malloc(strlen(tbuf) + 4);
459+ synptr->defn = malloc(strlen(tbuf) + 3);
460 assert(synptr->defn);
461 sprintf(synptr->defn,"(%s)",tbuf);
462 }
463
464 if (keyindexfp) { /* we have unique keys */
465- sprintf(tmpbuf, "%c:%8.8d", partchars[dbase], synptr->hereiam);
466+ sprintf(tmpbuf, "%c:%8.8ld", partchars[dbase], synptr->hereiam);
467 synptr->key = GetKeyForOffset(tmpbuf);
468 }
469
470@@ -635,7 +630,7 @@ static void traceptrs(SynsetPtr synptr,
471
472 if ((ptrtyp == PERTPTR || ptrtyp == PPLPTR) &&
473 synptr->pto[i] != 0) {
474- sprintf(tbuf, " (Sense %d)\n",
475+ snprintf(tbuf, sizeof(tbuf), " (Sense %d)\n",
476 cursyn->wnsns[synptr->pto[i] - 1]);
477 printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
478 SKIP_ANTS, PRINT_MARKER);
479@@ -656,7 +651,7 @@ static void traceptrs(SynsetPtr synptr,
480 traceptrs(cursyn, HYPERPTR, getpos(cursyn->pos), 0);
481 }
482 } else if (ptrtyp == ANTPTR && dbase != ADJ && synptr->pto[i] != 0) {
483- sprintf(tbuf, " (Sense %d)\n",
484+ snprintf(tbuf, sizeof(tbuf), " (Sense %d)\n",
485 cursyn->wnsns[synptr->pto[i] - 1]);
486 printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
487 SKIP_ANTS, PRINT_MARKER);
488@@ -817,7 +812,7 @@ static void tracenomins(SynsetPtr synptr
489
490 cursyn = read_synset(synptr->ppos[i], synptr->ptroff[i], "");
491
492- sprintf(tbuf, "#%d\n",
493+ snprintf(tbuf, sizeof(tbuf), "#%d\n",
494 cursyn->wnsns[synptr->pto[i] - 1]);
495 printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
496 SKIP_ANTS, SKIP_MARKER);
497@@ -989,12 +984,12 @@ void getexample(char *offset, char *wd)
498 char sentbuf[512];
499
500 if (vsentfilefp != NULL) {
501- if (line = bin_search(offset, vsentfilefp)) {
502+ if ((line = bin_search(offset, vsentfilefp)) != NULL) {
503 while(*line != ' ')
504 line++;
505
506 printbuffer(" EX: ");
507- sprintf(sentbuf, line, wd);
508+ snprintf(sentbuf, sizeof(sentbuf), line, wd);
509 printbuffer(sentbuf);
510 }
511 }
512@@ -1011,7 +1006,7 @@ int findexample(SynsetPtr synptr)
513 if (vidxfilefp != NULL) {
514 wdnum = synptr->whichword - 1;
515
516- sprintf(tbuf,"%s%%%-1.1d:%-2.2d:%-2.2d::",
517+ snprintf(tbuf, sizeof(tbuf), "%s%%%-1.1d:%-2.2d:%-2.2d::",
518 synptr->words[wdnum],
519 getpos(synptr->pos),
520 synptr->fnum,
521@@ -1124,7 +1119,7 @@ static void freq_word(IndexPtr index)
522 if (cnt >= 17 && cnt <= 32) familiar = 6;
523 if (cnt > 32 ) familiar = 7;
524
525- sprintf(tmpbuf,
526+ snprintf(tmpbuf, sizeof(tmpbuf),
527 "\n%s used as %s is %s (polysemy count = %d)\n",
528 index->wd, a_an[getpos(index->pos)], freqcats[familiar], cnt);
529 printbuffer(tmpbuf);
530@@ -1147,6 +1142,9 @@ void wngrep (char *word_passed, int pos)
531 }
532 rewind(inputfile);
533
534+ if (strlen(word_passed) + 1 > sizeof(word))
535+ return;
536+
537 strcpy (word, word_passed);
538 ToLowerCase(word); /* map to lower case for index file search */
539 strsubst (word, ' ', '_'); /* replace spaces with underscores */
540@@ -1169,7 +1167,7 @@ void wngrep (char *word_passed, int pos)
541 ((line[loc + wordlen] == '-') || (line[loc + wordlen] == '_')))
542 ) {
543 strsubst (line, '_', ' ');
544- sprintf (tmpbuf, "%s\n", line);
545+ snprintf (tmpbuf, sizeof(tmpbuf), "%s\n", line);
546 printbuffer (tmpbuf);
547 break;
548 }
549@@ -1683,9 +1681,8 @@ SynsetPtr traceptrs_ds(SynsetPtr synptr,
550 cursyn = read_synset(synptr->ppos[i],
551 synptr->ptroff[i],
552 "");
553- synptr->headword = malloc(strlen(cursyn->words[0]) + 1);
554+ synptr->headword = strdup(cursyn->words[0]);
555 assert(synptr->headword);
556- strcpy(synptr->headword, cursyn->words[0]);
557 synptr->headsense = cursyn->lexid[0];
558 free_synset(cursyn);
559 break;
560@@ -2013,7 +2010,7 @@ static int getsearchsense(SynsetPtr synp
561 strsubst(strcpy(wdbuf, synptr->words[whichword - 1]), ' ', '_');
562 strtolower(wdbuf);
563
564- if (idx = index_lookup(wdbuf, getpos(synptr->pos))) {
565+ if ((idx = index_lookup(wdbuf, getpos(synptr->pos))) != NULL) {
566 for (i = 0; i < idx->off_cnt; i++)
567 if (idx->offset[i] == synptr->hereiam) {
568 free_index(idx);
569@@ -2037,7 +2034,7 @@ static void printsynset(char *head, Syns
570 by flags */
571
572 if (offsetflag) /* print synset offset */
573- sprintf(tbuf + strlen(tbuf),"{%8.8d} ", synptr->hereiam);
574+ sprintf(tbuf + strlen(tbuf),"{%8.8ld} ", synptr->hereiam);
575 if (fileinfoflag) { /* print lexicographer file information */
576 sprintf(tbuf + strlen(tbuf), "<%s> ", lexfiles[synptr->fnum]);
577 prlexid = 1; /* print lexicographer id after word */
578@@ -2072,7 +2069,7 @@ static void printantsynset(SynsetPtr syn
579 tbuf[0] = '\0';
580
581 if (offsetflag)
582- sprintf(tbuf,"{%8.8d} ", synptr->hereiam);
583+ sprintf(tbuf,"{%8.8ld} ", synptr->hereiam);
584 if (fileinfoflag) {
585 sprintf(tbuf + strlen(tbuf),"<%s> ", lexfiles[synptr->fnum]);
586 prlexid = 1;
587--- a/lib/wnutil.c
588+++ b/lib/wnutil.c
589@@ -48,7 +48,7 @@ int wninit(void)
590 char *env;
591
592 if (!done) {
593- if (env = getenv("WNDBVERSION")) {
594+ if ((env = getenv("WNDBVERSION")) != NULL) {
595 wnrelease = strdup(env); /* set release */
596 assert(wnrelease);
597 }
598@@ -70,7 +70,7 @@ int re_wninit(void)
599
600 closefps();
601
602- if (env = getenv("WNDBVERSION")) {
603+ if ((env = getenv("WNDBVERSION")) != NULL) {
604 wnrelease = strdup(env); /* set release */
605 assert(wnrelease);
606 }
607@@ -149,25 +149,25 @@ static int do_init(void)
608 sprintf(searchdir, DEFAULTPATH);
609 #else
610 if ((env = getenv("WNSEARCHDIR")) != NULL)
611- strcpy(searchdir, env);
612+ snprintf(searchdir, sizeof(searchdir), "%s", env);
613 else if ((env = getenv("WNHOME")) != NULL)
614- sprintf(searchdir, "%s%s", env, DICTDIR);
615+ snprintf(searchdir, sizeof(searchdir), "%s%s", env, DICTDIR);
616 else
617 strcpy(searchdir, DEFAULTPATH);
618 #endif
619
620 for (i = 1; i < NUMPARTS + 1; i++) {
621- sprintf(tmpbuf, DATAFILE, searchdir, partnames[i]);
622+ snprintf(tmpbuf, sizeof(tmpbuf), DATAFILE, searchdir, partnames[i]);
623 if((datafps[i] = fopen(tmpbuf, "r")) == NULL) {
624- sprintf(msgbuf,
625+ snprintf(msgbuf, sizeof(msgbuf),
626 "WordNet library error: Can't open datafile(%s)\n",
627 tmpbuf);
628 display_message(msgbuf);
629 openerr = -1;
630 }
631- sprintf(tmpbuf, INDEXFILE, searchdir, partnames[i]);
632+ snprintf(tmpbuf, sizeof(tmpbuf), INDEXFILE, searchdir, partnames[i]);
633 if((indexfps[i] = fopen(tmpbuf, "r")) == NULL) {
634- sprintf(msgbuf,
635+ snprintf(msgbuf, sizeof(msgbuf),
636 "WordNet library error: Can't open indexfile(%s)\n",
637 tmpbuf);
638 display_message(msgbuf);
639@@ -178,35 +178,35 @@ static int do_init(void)
640 /* This file isn't used by the library and doesn't have to
641 be present. No error is reported if the open fails. */
642
643- sprintf(tmpbuf, SENSEIDXFILE, searchdir);
644+ snprintf(tmpbuf, sizeof(tmpbuf), SENSEIDXFILE, searchdir);
645 sensefp = fopen(tmpbuf, "r");
646
647 /* If this file isn't present, the runtime code will skip printint out
648 the number of times each sense was tagged. */
649
650- sprintf(tmpbuf, CNTLISTFILE, searchdir);
651+ snprintf(tmpbuf, sizeof(tmpbuf), CNTLISTFILE, searchdir);
652 cntlistfp = fopen(tmpbuf, "r");
653
654 /* This file doesn't have to be present. No error is reported if the
655 open fails. */
656
657- sprintf(tmpbuf, KEYIDXFILE, searchdir);
658+ snprintf(tmpbuf, sizeof(tmpbuf), KEYIDXFILE, searchdir);
659 keyindexfp = fopen(tmpbuf, "r");
660
661- sprintf(tmpbuf, REVKEYIDXFILE, searchdir);
662+ snprintf(tmpbuf, sizeof(tmpbuf), REVKEYIDXFILE, searchdir);
663 revkeyindexfp = fopen(tmpbuf, "r");
664
665- sprintf(tmpbuf, VRBSENTFILE, searchdir);
666+ snprintf(tmpbuf, sizeof(tmpbuf), VRBSENTFILE, searchdir);
667 if ((vsentfilefp = fopen(tmpbuf, "r")) == NULL) {
668- sprintf(msgbuf,
669+ snprintf(msgbuf, sizeof(msgbuf),
670 "WordNet library warning: Can't open verb example sentence file(%s)\n",
671 tmpbuf);
672 display_message(msgbuf);
673 }
674
675- sprintf(tmpbuf, VRBIDXFILE, searchdir);
676+ snprintf(tmpbuf, sizeof(tmpbuf), VRBIDXFILE, searchdir);
677 if ((vidxfilefp = fopen(tmpbuf, "r")) == NULL) {
678- sprintf(msgbuf,
679+ snprintf(msgbuf, sizeof(msgbuf),
680 "WordNet library warning: Can't open verb example sentence index file(%s)\n",
681 tmpbuf);
682 display_message(msgbuf);
683--- a/src/wn.c
684+++ b/src/wn.c
685@@ -131,7 +131,7 @@ static void printusage(), printlicense()
686 printsearches(char *, int, unsigned long);
687 static int error_message(char *);
688 \f
689-main(int argc,char *argv[])
690+int main(int argc,char *argv[])
691 {
692 display_message = error_message;
693
694@@ -228,14 +228,14 @@ static int do_search(char *searchword, i
695 printf("\n%s of %s %s\n%s",
696 label, partnames[pos], searchword, outbuf);
697
698- if (morphword = morphstr(searchword, pos))
699+ if ((morphword = morphstr(searchword, pos)) != NULL)
700 do {
701 outbuf = findtheinfo(morphword, pos, search, whichsense);
702 totsenses += wnresults.printcnt;
703 if (strlen(outbuf) > 0)
704 printf("\n%s of %s %s\n%s",
705 label, partnames[pos], morphword, outbuf);
706- } while (morphword = morphstr(NULL, pos));
707+ } while ((morphword = morphstr(NULL, pos)) != NULL);
708
709 return(totsenses);
710 }
jackhill's copy of GNU Guix: https://guix.gnu.org/