[Spice-devel] [PATCH] Replace sprintf with snprintf use
Christophe Fergeau
cfergeau at redhat.com
Fri Mar 30 09:07:49 PDT 2012
The hotkey parser was generating a string with sprintf and data it got
from the controller socket (ie data which can have an arbitrary
length). Using sprintf there is a bad idea, replace it with snprintf.
---
client/hot_keys.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/client/hot_keys.cpp b/client/hot_keys.cpp
index f98a4bb..2d0b9db 100644
--- a/client/hot_keys.cpp
+++ b/client/hot_keys.cpp
@@ -140,7 +140,7 @@ void HotKeysParser::add_hotkey(const std::string& hotkey, const CommandsMap& com
if (commands_map.find(command_name) == commands_map.end()) {
char buf[1000];
- sprintf(buf, "invalid action bname %s", command_name.c_str());
+ snprintf(buf, sizeof(buf), "invalid action bname %s", command_name.c_str());
THROW(buf);
}
int command_id = commands_map.find(command_name)->second;
--
1.7.9.3
More information about the Spice-devel
mailing list