Fix bugs in file output, including buffer overflow

The file output routine was bugged and failed when no parameter was passed to the program. In addition, a glaring buffer overflow vulnerability was present in the code used to determine the file name. This commit fixes these bugs.
bwDraco · Oct 2, 2014 · 37bf49b · 37bf49b
1 parent 6c01280
commit 37bf49b
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -126,9 +126,10 @@ HI64 saves its output to a directory whose name is determined by the first
 parameter passed to it, prefixed by `data`. For example, if the parameter is
 `foo`, it will attempt to write output to the directory called `datafoo`. The
 name of the output file used is the same as the name by which the executable
-was invoked. If the target directory does not exist, the benchmark will not run.
-(This unusual output behavior was inherited from the original HINT code and will
-be changed in a future release to make the program easier to use.)
+was invoked. If no parameter is given, it will attempt to write to the directory
+named `data`. If the directory does not exist, the benchmark will not run. (This
+unusual output behavior was inherited from the original HINT code and will be
+changed in a future release to make the program easier to use.)
 
 The program runs until the `STOPRT` or `STOPTM` thresholds are reached. This
 generally means that the system will run out of memory and start swapping to

diff --git a/hi64.c b/hi64.c
@@ -74,7 +74,8 @@ int main(int argc, char *argv[])
 
     char*   suffix;       /* Suffix for data.suffix directory                 */
 
-    printf("\nHI64 System Benchmark, Version 0.1.0-pre1 (October 1, 2014)\n");
+    printf("\nHI64 System Benchmark, Version 0.1.0-pre1");
+    printf(" (October 1, 2014)\n");
     printf("Derived from HINT originally developed by");
     printf(" John L. Gustafson & Quinn O. Snell,\n");
     printf("Scalable Computing Laboratory, Iowa State University\n\n");
@@ -97,7 +98,7 @@ int main(int argc, char *argv[])
     if (argc>=2) {
       suffix=argv[1];
     }
-    sprintf(filnm,"data%s/%s",argv[1],argv[0]);
+    snprintf(filnm, 80, "data%s/%s", suffix, argv[0]);
     if ((curv = fopen(filnm, "w")) == NULL)
     {
         printf("Could not open data file\n");

diff --git a/hi64.h b/hi64.h
@@ -84,6 +84,7 @@
 
 /******************************************************************************/
 /*      Adjustable Defines                                                    */
+/*      See README.md for more detailed information.                          */
 /******************************************************************************/
 #define ADVANCE    1.2589  /* Multiplier. We use roughly 1 decibel step size. */
                            /* Closer to 1.0 takes longer to run, but might    */