Message info
 
To:spice-devel@freedesktop.org From:Christophe Fergeau Subject:[Spice-devel] [PATCH] Replace sprintf with snprintf use Date:Fri, 30 Mar 2012 18:07:49 +0200
 

The hotkey parser was generating a string with sprintf and data it got
from the controller socket (ie data which can have an arbitrary
length). Using sprintf there is a bad idea, replace it with snprintf.
---
client/hot_keys.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/hot_keys.cpp b/client/hot_keys.cpp
index f98a4bb..2d0b9db 100644
--- a/client/hot_keys.cpp
+++ b/client/hot_keys.cpp
@@ -140,7 +140,7 @@ void HotKeysParser::add_hotkey(const std::string& hotkey, const CommandsMap& com

if (commands_map.find(command_name) == commands_map.end()) {
char buf[1000];
- sprintf(buf, "invalid action bname %s", command_name.c_str());
+ snprintf(buf, sizeof(buf), "invalid action bname %s", command_name.c_str());
THROW(buf);
}
int command_id = commands_map.find(command_name)->second;
--
1.7.9.3

_______________________________________________
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel