From dac02e257c92618d83e5bdef09121bf4563c98c1 Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Fri, 1 Apr 2016 16:54:43 +0000 Subject: [PATCH] [mod_status] use snprintf() instead of sprintf() From: Glenn Strauss git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3134 152afb58-edef-0310-8abb-c4023f1b3aa9 --- NEWS | 1 + src/mod_status.c | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 1cdc4383..d00f45f7 100644 --- a/NEWS +++ b/NEWS @@ -57,6 +57,7 @@ NEWS * [core] lighttpd -tt performs preflight startup checks (fixes #411) * [stat] mimetype.xattr-name global config option (fixes #2631) * [mod_webdav] allow Depth: Infinity lock on file (fixes #2296) + * [mod_status] use snprintf() instead of sprintf() - 1.4.39 - 2016-01-02 * [core] fix memset_s call (fixes #2698) diff --git a/src/mod_status.c b/src/mod_status.c index 90308ef5..82326281 100644 --- a/src/mod_status.c +++ b/src/mod_status.c @@ -368,7 +368,7 @@ static handler_t mod_status_handle_server_status_html(server *srv, connection *c mod_status_get_multiplier(&avg, &multiplier, 1024); - sprintf(buf, "%.2f", avg); + snprintf(buf, sizeof(buf), "%.2f", avg); buffer_append_string(b, buf); buffer_append_string_len(b, CONST_STR_LEN(" ")); if (multiplier) buffer_append_string_len(b, &multiplier, 1); @@ -393,7 +393,7 @@ static handler_t mod_status_handle_server_status_html(server *srv, connection *c mod_status_get_multiplier(&avg, &multiplier, 1024); - sprintf(buf, "%.2f", avg); + snprintf(buf, sizeof(buf), "%.2f", avg); buffer_append_string(b, buf); buffer_append_string_len(b, CONST_STR_LEN(" ")); if (multiplier) buffer_append_string_len(b, &multiplier, 1); @@ -428,7 +428,7 @@ static handler_t mod_status_handle_server_status_html(server *srv, connection *c mod_status_get_multiplier(&avg, &multiplier, 1024); - sprintf(buf, "%.2f", avg); + snprintf(buf, sizeof(buf), "%.2f", avg); buffer_append_string(b, buf); buffer_append_string_len(b, CONST_STR_LEN(" ")); if (multiplier) buffer_append_string_len(b, &multiplier, 1);