CID:241 SECURE_CODING - risky usage of sprintf

author Nelson Ferreira <nelson.ferreira@ieee.org>

Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)

committer Nelson Ferreira <nelson.ferreira@ieee.org>

Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)
author Nelson Ferreira <nelson.ferreira@ieee.org>
Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)
committer Nelson Ferreira <nelson.ferreira@ieee.org>
Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)
diff --git a/lib-src/etags.c b/lib-src/etags.c

index 8e84d6a..37b270a 100644 (file)
--- a/lib-src/etags.c
+++ b/lib-src/etags.c
@@ -1338,7 +1338,7 @@ char *argv[];
                         default:
                                 continue;               /* the for loop */
                         }
-                       sprintf (cmd,
+                       snprintf (cmd, sizeof(cmd),
                                  "mv %s OTAGS;fgrep -v '\t%s\t' OTAGS >%s;rm OTAGS",
                                  tagfile, argbuffer[i].what, tagfile);
                         if (system (cmd) != EXIT_SUCCESS)
author	Nelson Ferreira <nelson.ferreira@ieee.org>
	Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)
committer	Nelson Ferreira <nelson.ferreira@ieee.org>
	Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)