replaced sprintf() with snprintf() to prevent possible buffer overflow * DOCBparser.c HTMLparser.c debugXML.c encoding.c nanoftp.c nanohttp.c parser.c tree.c uri.c xmlIO.c xmllint.c xpath.c: replaced sprintf() with snprintf() to prevent possible buffer overflow (the bug was pointed out by Anju Premachandran)

commit: 49cc97565fbe2928388a1e437c44429097a504ae [log] [tgz]
author: Aleksey Sanin <aleksey@src.gnome.org> Fri Jun 14 17:07:10 2002 +0000
committer: Aleksey Sanin <aleksey@src.gnome.org> Fri Jun 14 17:07:10 2002 +0000
tree: e96c37456485dd61090411351595f4fb820c73b0
parent: e059b891efee0c1834c8a02358eb57cca6587177 [diff] [blame]
diff --git a/parser.c b/parser.c
index fa0dd4a..2d08673 100644
--- a/parser.c
+++ b/parser.c

@@ -5348,9 +5348,9 @@
 		    ctxt->sax->characters(ctxt->userData, out, 1);
 	    } else {
 		if ((hex == 'x') || (hex == 'X'))
-		    sprintf((char *)out, "#x%X", value);
+		    snprintf((char *)out, sizeof(out), "#x%X", value);
 		else
-		    sprintf((char *)out, "#%d", value);
+		    snprintf((char *)out, sizeof(out), "#%d", value);
 		if ((ctxt->sax != NULL) && (ctxt->sax->reference != NULL) &&
 		    (!ctxt->disableSAX))
 		    ctxt->sax->reference(ctxt->userData, out);
commit	49cc97565fbe2928388a1e437c44429097a504ae	[log] [tgz]
author	Aleksey Sanin <aleksey@src.gnome.org>	Fri Jun 14 17:07:10 2002 +0000
committer	Aleksey Sanin <aleksey@src.gnome.org>	Fri Jun 14 17:07:10 2002 +0000
tree	e96c37456485dd61090411351595f4fb820c73b0
parent	e059b891efee0c1834c8a02358eb57cca6587177 [diff] [blame]