Replaced all uses of sprintf() with the safer snprintf(). It is just a

precaution to prevent mistakes to lead to buffer overflows.
2004-06-24 11:54:11 +00:00
parent 5e34f3dc01
commit feb2dd2835
13 changed files with 490 additions and 486 deletions
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -846,7 +846,7 @@ static CURLcode AddFormDataf(struct FormData **formp,
  char s[4096];
  va_list ap;
  va_start(ap, fmt);
-  vsprintf(s, fmt, ap);
+  vsnprintf(s, sizeof(s), fmt, ap);
  va_end(ap);

  return AddFormData(formp, FORM_DATA, s, 0, size);