1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
sprintf is seen as a security vulnerability, so we don't want to use it.
---
skel | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: b/skel
===================================================================
--- a/skel
+++ b/skel
@@ -424,11 +424,11 @@ static int fail(const char* fmt, ...)
int chars_left, used;
va_list ap; va_start(ap, fmt);
#ifdef FLEXML_yylineno
- used = sprintf(flexml_err_msg,
+ used = snprintf(flexml_err_msg,flexml_max_err_msg_size,
"Invalid XML (XML input line %d, state %d): ",
yylineno, YY_START);
#else
- used = sprintf(flexml_err_msg,
+ used = snprintf(flexml_err_msg,flexml_max_err_msg_size,
"Invalid XML (state %d): ",
YY_START);
#endif
|
