diff options
author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2013-02-16 10:42:23 -0800 |
---|---|---|
committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2013-02-16 10:42:23 -0800 |
commit | b687440c28c7da6ee0ae44514d20248db5161606 (patch) | |
tree | 4a8f5a579772d6762b11d7ba825a7f5edf8105b7 /src/XlibInt.c | |
parent | b092dabbd712d7b656abcf572d253b9b206c0237 (diff) | |
download | xorg-lib-libX11-b687440c28c7da6ee0ae44514d20248db5161606.tar.gz |
Convert more sprintf calls to snprintf
You could analyze most of these and quickly recognize that there was no
chance of buffer overflow already, but why make everyone spend time doing
that when we can just make it obviously safe?
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Diffstat (limited to 'src/XlibInt.c')
-rw-r--r-- | src/XlibInt.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/XlibInt.c b/src/XlibInt.c index e4d35fdc..c4368426 100644 --- a/src/XlibInt.c +++ b/src/XlibInt.c @@ -1432,7 +1432,7 @@ static int _XPrintDefaultError( mesg, BUFSIZ); (void) fprintf(fp, mesg, event->request_code); if (event->request_code < 128) { - sprintf(number, "%d", event->request_code); + snprintf(number, sizeof(number), "%d", event->request_code); XGetErrorDatabaseText(dpy, "XRequest", number, "", buffer, BUFSIZ); } else { for (ext = dpy->ext_procs; @@ -1452,7 +1452,7 @@ static int _XPrintDefaultError( fputs(" ", fp); (void) fprintf(fp, mesg, event->minor_code); if (ext) { - sprintf(mesg, "%s.%d", ext->name, event->minor_code); + snprintf(mesg, sizeof(mesg), "%s.%d", ext->name, event->minor_code); XGetErrorDatabaseText(dpy, "XRequest", mesg, "", buffer, BUFSIZ); (void) fprintf(fp, " (%s)", buffer); } @@ -1475,8 +1475,8 @@ static int _XPrintDefaultError( bext = ext; } if (bext) - sprintf(buffer, "%s.%d", bext->name, - event->error_code - bext->codes.first_error); + snprintf(buffer, sizeof(buffer), "%s.%d", bext->name, + event->error_code - bext->codes.first_error); else strcpy(buffer, "Value"); XGetErrorDatabaseText(dpy, mtype, buffer, "", mesg, BUFSIZ); |