[Opensrf-commits] r1276 - trunk/src/srfsh

svn at svn.open-ils.org svn at svn.open-ils.org
Mon Mar 10 08:38:00 EDT 2008 

Author: miker
Date: 2008-03-10 08:04:57 -0400 (Mon, 10 Mar 2008)
New Revision: 1276

Modified:
   trunk/src/srfsh/srfsh.c
Log:
Patch from Scott McKellar:

This patch replaces several calls to fprintf() or printf() with calls
to fputs(), where we don't use conversion specifications.

Since fputs() doesn't have to parse the output text for conversions,
it should be marginally more efficient than fprintf() or printf().

More importantly: in one case the output text comes in part from an
input message, and may conceivably contain conversion specifications,
whether inadvertently or maliciously.  In that case, fprintf() would
look for non-existent parameters to format into the output, resulting
in undefined behavior.



Modified: trunk/src/srfsh/srfsh.c
===================================================================
--- trunk/src/srfsh/srfsh.c	2008-03-10 05:51:09 UTC (rev 1275)
+++ trunk/src/srfsh/srfsh.c	2008-03-10 12:04:57 UTC (rev 1276)
@@ -684,15 +684,15 @@
 
 	double end = get_timestamp_millis();
 
-	fprintf( less, resp_buffer->buf );
+	fputs( resp_buffer->buf, less );
 	buffer_free( resp_buffer );
-	fprintf( less, "\n------------------------------------\n");
+	fputs("\n------------------------------------\n", less);
 	if( osrf_app_session_request_complete( session, req_id ))
-		fprintf(less, "Request Completed Successfully\n");
+		fputs("Request Completed Successfully\n", less);
 
 
 	fprintf(less, "Request Time in seconds: %.6f\n", end - start );
-	fprintf(less, "------------------------------------\n");
+	fputs("------------------------------------\n", less);
 
 	pclose(less); 
 
@@ -758,7 +758,7 @@
 
 static int print_help( void ) {
 
-	printf(
+	fputs(
 			"---------------------------------------------------------------------------------\n"
 			"Commands:\n"
 			"---------------------------------------------------------------------------------\n"
@@ -804,8 +804,8 @@
 			"\n"
 			"Note: long output is piped through 'less'. To search in 'less', type: /<search>\n"
 			"---------------------------------------------------------------------------------\n"
-			"\n"
-			);
+			"\n",
+			stdout );
 
 	return 1;
 }

More information about the opensrf-commits mailing list