From 0d280ea457c8ee8809062266fa365c440d35ee6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= Date: Wed, 6 Apr 2011 16:31:06 +0200 Subject: [PATCH] config: use snprintf instead of sprintf MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Due to the preconditions, there should never be an error, but it pays to be paranoid. Signed-off-by: Carlos Martín Nieto --- src/config.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/config.c b/src/config.c index 0704f074d..41db3c5ca 100644 --- a/src/config.c +++ b/src/config.c @@ -648,7 +648,7 @@ static char *build_varname(const char *section, const char *name) static int parse_section_header_ext(const char *line, const char *base_name, char **section_name) { int buf_len, total_len, pos, rpos; - int c; + int c, ret; char *subsection, *first_quote, *last_quote; int error = GIT_SUCCESS; int quote_marks; @@ -713,7 +713,16 @@ static int parse_section_header_ext(const char *line, const char *base_name, cha goto out; } - sprintf(*section_name, "%s %s", base_name, subsection); + ret = snprintf(*section_name, total_len, "%s %s", base_name, subsection); + if (ret >= total_len) { + /* If this fails, we've checked the length wrong */ + error = GIT_ERROR; + goto out; + } else if (ret < 0) { + error = GIT_EOSERR; + goto out; + } + git__strntolower(*section_name, strchr(*section_name, ' ') - *section_name); out: