31 Mar
2008
31 Mar
'08
12:55
Hi, On Mon, 31 Mar 2008, Klaus Kaempf wrote:
* mlandres@svn.opensuse.org
[Mar 31. 2008 14:31]: + p = pool_alloctmpspace(pool, strlen(n) + strlen(e) + strlen(a) + 3); + sprintf(p, "%s-%s.%s", n, e, a);
Shouldn't this be a 'snprintf' for security reasons ?
No need. The line just above that sprintf allocates exactly enough memory. Ciao, Michael. -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org