- Avoid sprintf, even when checked copy'n'paste or changes lead to errors

author: Marcus Boerger <helly@php.net> 2007-02-24 02:17:47 +0000
committer: Marcus Boerger <helly@php.net> 2007-02-24 02:17:47 +0000
commit: 50ea26760da4e0fcf4980e739e1d0ed520de8d59 (patch)
tree: 888a32ce58864f5318a7f1072f8526c6a99212f9 /ext/odbc
parent: 3e262bd36989898ac01224f0a987e79f44d25b31 (diff)
download: php-git-50ea26760da4e0fcf4980e739e1d0ed520de8d59.tar.gz
1 files changed, 6 insertions, 7 deletions
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
index bb97e27c59..d82e0efaa1 100644
--- a/ext/odbc/php_odbc.c
+++ b/ext/odbc/php_odbc.c
@@ -544,9 +544,9 @@ PHP_MINFO_FUNCTION(odbc)
 
 	php_info_print_table_start();
 	php_info_print_table_header(2, "ODBC Support", "enabled");
-	sprintf(buf, "%ld", ODBCG(num_persistent));
+	snprintf(buf, sizeof(buf), "%ld", ODBCG(num_persistent));
 	php_info_print_table_row(2, "Active Persistent Links", buf);
-	sprintf(buf, "%ld", ODBCG(num_links));
+	snprintf(buf, sizeof(buf), "%ld", ODBCG(num_links));
 	php_info_print_table_row(2, "Active Links", buf);
 	php_info_print_table_row(2, "ODBC library", PHP_ODBC_TYPE);
 #ifndef PHP_WIN32
@@ -588,8 +588,8 @@ void odbc_sql_error(ODBC_SQL_ERROR_PARAMS)
 	 */
 	rc = SQLError(henv, conn, stmt, state, &error, errormsg, sizeof(errormsg)-1, &errormsgsize);
 	if (rc != SQL_SUCCESS && rc != SQL_SUCCESS_WITH_INFO) {
-		sprintf(state, "HY000");
-		sprintf(errormsg, "Failed to fetch error message");
+		snprintf(state, sizeof(state), "HY000");
+		snprintf(errormsg, sizeof(errormsg), "Failed to fetch error message");
 	}
 	if (conn_resource) {
 		memcpy(conn_resource->laststate, state, sizeof(state));
@@ -1162,7 +1162,7 @@ PHP_FUNCTION(odbc_cursor)
 						result->stmt, state, &error, errormsg,
 						sizeof(errormsg)-1, &errormsgsize);
 			if (!strncmp(state,"S1015",5)) {
-				sprintf(cursorname,"php_curs_%d", (int)result->stmt);
+				snprintf(cursorname, max_len+1, "php_curs_%d", (int)result->stmt);
 				if (SQLSetCursorName(result->stmt,cursorname,SQL_NTS) != SQL_SUCCESS) {
 					odbc_sql_error(result->conn_ptr, result->stmt, "SQLSetCursorName");
 					RETVAL_FALSE;
@@ -2155,8 +2155,7 @@ int odbc_sqlconnect(odbc_connection **conn, char *db, char *uid, char *pwd, int
 		if (strstr((char*)db, ";")) {
 			direct = 1;
 			if (uid && !strstr ((char*)db, "uid") && !strstr((char*)db, "UID")) {
-				ldb = (char*) emalloc(strlen(db) + strlen(uid) + strlen(pwd) + 12);
-				sprintf(ldb, "%s;UID=%s;PWD=%s", db, uid, pwd);
+				spprintf(&ldb, 0, "%s;UID=%s;PWD=%s", db, uid, pwd);
 			} else {
 				ldb_len = strlen(db)+1;
 				ldb = (char*) emalloc(ldb_len);
author	Marcus Boerger <helly@php.net>	2007-02-24 02:17:47 +0000
committer	Marcus Boerger <helly@php.net>	2007-02-24 02:17:47 +0000
commit	50ea26760da4e0fcf4980e739e1d0ed520de8d59 (patch)
tree	888a32ce58864f5318a7f1072f8526c6a99212f9 /ext/odbc
parent	3e262bd36989898ac01224f0a987e79f44d25b31 (diff)
download	php-git-50ea26760da4e0fcf4980e739e1d0ed520de8d59.tar.gz