1// Copyright (C) 2016 The Qt Company Ltd.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3// Qt-Security score:critical reason:data-parser
4
5#include "qplatformdefs.h"
6
7#include "qbytearray.h"
8#include "qstring.h"
9
10#include <cerrno>
11#include <QtCore/q26numeric.h>
12
13#include "string.h"
14
15QT_BEGIN_NAMESPACE
16
17/*!
18 \macro QT_NO_QSNPRINTF
19 \since 6.8
20 \relates QByteArray
21
22 Defining this macro removes the availability of the qsnprintf() and
23 qvsnprintf() functions. See the functions' documentation for why you may
24 want to disable them.
25
26 \sa qsnprintf(), qvsnprintf().
27*/
28
29#if QT_DEPRECATED_SINCE(6, 9)
30
31#if !defined(QT_VSNPRINTF) || defined(Q_QDOC)
32
33/*!
34 \fn int qvsnprintf(char *str, size_t n, const char *fmt, va_list ap)
35 \relates QByteArray
36
37 \deprecated [6.9] Use C++11's \c{std::vsnprintf()} from \c{<cstdio>} instead.
38
39 A portable \c vsnprintf() function. Will call \c ::vsnprintf(), \c
40 ::_vsnprintf(), or \c ::vsnprintf_s depending on the system, or
41 fall back to an internal version.
42
43 \a fmt is the \c printf() format string. The result is put into
44 \a str, which is a buffer of at least \a n bytes.
45
46 The caller is responsible to call \c va_end() on \a ap.
47
48 \warning Since vsnprintf() shows different behavior on certain
49 platforms, you should not rely on the return value or on the fact
50 that you will always get a 0 terminated string back. There are also
51 differences in how \c{%a} (hex floats) and \c{%ls} (wide strings) are
52 handled on WebAssembly and Android.
53
54 Ideally, you should never call this function but use QString::asprintf()
55 instead.
56
57 \sa qsnprintf(), QString::asprintf()
58*/
59
60Q_CORE_EXPORT // QT_NO_QSNPRINTF is in effect
61int qvsnprintf(char *str, size_t n, const char *fmt, va_list ap)
62{
63 if (!str || !fmt)
64 return -1;
65
66 const QByteArray ba = QString::vasprintf(fmt, ap).toLocal8Bit();
67
68 const auto realSize = ba.size();
69 int result;
70 if constexpr (sizeof(int) != sizeof(realSize)) {
71 result = q26::saturate_cast<int>(realSize);
72 if (result != realSize) {
73 errno = EOVERFLOW;
74 return -1;
75 }
76 } else {
77 result = realSize;
78 }
79
80 if (n > 0) {
81 size_t blen = (std::min)(size_t(realSize), n - 1);
82 memcpy(str, ba.constData(), blen);
83 str[blen] = '\0'; // make sure str is always 0 terminated
84 }
85
86 return result;
87}
88
89#else
90
91QT_BEGIN_INCLUDE_NAMESPACE
92#include <stdio.h>
93QT_END_INCLUDE_NAMESPACE
94
95Q_CORE_EXPORT // QT_NO_QSNPRINTF is in effect
96int qvsnprintf(char *str, size_t n, const char *fmt, va_list ap)
97{
98 return QT_VSNPRINTF(s: str, maxlen: n, format: fmt, arg: ap);
99}
100
101#endif
102
103/*!
104 \fn int qsnprintf(char *str, size_t n, const char *fmt, ...)
105 \target bytearray-qsnprintf
106 \relates QByteArray
107
108 \deprecated [6.9] Use C++11's \c{std::snprintf()} from \c{<cstdio>} instead.
109
110 A portable snprintf() function, calls qvsnprintf.
111
112 \a fmt is the \c printf() format string. The result is put into
113 \a str, which is a buffer of at least \a n bytes.
114
115 \warning Call this function only when you know what you are doing
116 since it shows different behavior on certain platforms.
117 Use QString::asprintf() to format a string instead.
118
119 \sa qvsnprintf(), QString::asprintf()
120*/
121
122Q_CORE_EXPORT // QT_NO_QSNPRINTF is in effect
123int qsnprintf(char *str, size_t n, const char *fmt, ...)
124{
125 va_list ap;
126 va_start(ap, fmt);
127
128 QT_IGNORE_DEPRECATIONS(
129 int ret = qvsnprintf(str, n, fmt, ap);
130 )
131 va_end(ap);
132
133 return ret;
134}
135
136#endif // QT_DEPRECATED_SINCE(6, 9)
137
138QT_END_NAMESPACE
139

source code of qtbase/src/corelib/text/qvsnprintf.cpp