replaced sprintf() with snprintf() to prevent possible buffer overflow
* DOCBparser.c HTMLparser.c debugXML.c encoding.c
nanoftp.c nanohttp.c parser.c tree.c uri.c xmlIO.c
xmllint.c xpath.c: replaced sprintf() with snprintf()
to prevent possible buffer overflow (the bug was pointed
out by Anju Premachandran)
diff --git a/DOCBparser.c b/DOCBparser.c
index 3670c5a..1cb0ebf 100644
--- a/DOCBparser.c
+++ b/DOCBparser.c
@@ -2298,7 +2298,7 @@
*/
ent = docbEntityValueLookup(c);
if (ent == NULL) {
- sprintf(nbuf, "#%u", c);
+ snprintf(nbuf, sizeof(nbuf), "#%u", c);
cp = nbuf;
}
else