31 Mar
2008
31 Mar
'08
12:33
* mlandres@svn.opensuse.org <mlandres@svn.opensuse.org> [Mar 31. 2008 14:31]:
- p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3);
- sprintf(p, "%s-%s.%s", n, e, a);
Shouldn't this be a 'snprintf' for security reasons ? Klaus -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org