From 49cc97565fbe2928388a1e437c44429097a504ae Mon Sep 17 00:00:00 2001
From: Aleksey Sanin <aleksey@src.gnome.org>
Date: Fri, 14 Jun 2002 17:07:10 +0000
Subject: replaced sprintf() with snprintf() to prevent possible buffer
 overflow

* DOCBparser.c HTMLparser.c debugXML.c encoding.c
nanoftp.c nanohttp.c parser.c tree.c uri.c xmlIO.c
xmllint.c xpath.c: replaced sprintf() with snprintf()
to prevent possible buffer overflow (the bug was pointed
out by Anju Premachandran)
---
 HTMLparser.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'HTMLparser.c')

diff --git a/HTMLparser.c b/HTMLparser.c
index 82202aa7..4a24d687 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -1572,7 +1572,7 @@ htmlEncodeEntities(unsigned char* out, int *outlen,
 	     */
 	    ent = htmlEntityValueLookup(c);
 	    if (ent == NULL) {
-		sprintf(nbuf, "#%u", c);
+		snprintf(nbuf, sizeof(nbuf), "#%u", c);
 		cp = nbuf;
 	    }
 	    else
-- 
cgit v1.2.3