[zypp-devel] Re: [zypp-commit] r9315 - /trunk/sat-solver/src/solvable.c
* mlandres@svn.opensuse.org
+ p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3); + sprintf(p, "%s-%s.%s", n, e, a);
Shouldn't this be a 'snprintf' for security reasons ? Klaus -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org
Hi, On Mon, 31 Mar 2008, Klaus Kaempf wrote:
* mlandres@svn.opensuse.org
[Mar 31. 2008 14:31]: + p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3); + sprintf(p, "%s-%s.%s", n, e, a);
Shouldn't this be a 'snprintf' for security reasons ?
No need. The line just above that sprintf allocates exactly enough memory. Ciao, Michael. -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org
participants (2)
-
Klaus Kaempf
-
Michael Matz