lib/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-08-01 10:06:59 +03:00
Code Activity

replaced sprintf() with snprintf() to prevent possible buffer overflow

Browse Source 
* DOCBparser.c HTMLparser.c debugXML.c encoding.c
nanoftp.c nanohttp.c parser.c tree.c uri.c xmlIO.c
xmllint.c xpath.c: replaced sprintf() with snprintf()
to prevent possible buffer overflow (the bug was pointed
out by Anju Premachandran)
This commit is contained in:
Aleksey Sanin
2002-06-14 17:07:10 +00:00
parent e059b891ef
commit 49cc97565f
13 changed files with 72 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
parser.c
View File

@ -5348,9 +5348,9 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
ctxt->sax->characters(ctxt->userData, out, 1);
} else {
if ((hex == 'x') || (hex == 'X'))
sprintf((char *)out, "#x%X", value);
snprintf((char *)out, sizeof(out), "#x%X", value);
else
sprintf((char *)out, "#%d", value);
snprintf((char *)out, sizeof(out), "#%d", value);
if ((ctxt->sax != NULL) && (ctxt->sax->reference != NULL) &&
(!ctxt->disableSAX))
ctxt->sax->reference(ctxt->userData, out);