[WGID 101577] Replace sprintf with snprintf

Change-Id: Ieedbf043a3f9383644aed154a1527de8a68aabad
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>

diff --git a/include/http.h b/include/http.h
index 2e2a137..d5d1527 100644 (file)
--- a/include/http.h
+++ b/include/http.h
@@ -1008,7 +1008,7 @@ int http_transaction_get_http_auth_scheme(http_transaction_h http_transaction, h
  * @since_tizen 3.0
  * @remarks The @a realm should be freed using free().
  * @param[in]  http_transaction  The http transaction handle
- * @param[out] realm    The http realm value
+ * @param[out] realm    The http authentication realm value
  * @return 0 on success, otherwise negative error value
  * @retval  #HTTP_ERROR_NONE  Successful
  * @retval  #HTTP_ERROR_INVALID_PARAMETER  Invalid parameter

diff --git a/packaging/capi-network-http.spec b/packaging/capi-network-http.spec
index 9c52973..2db5826 100644 (file)
--- a/packaging/capi-network-http.spec
+++ b/packaging/capi-network-http.spec
@@ -1,6 +1,6 @@
 Name:          capi-network-http
 Summary:       Http Framework
-Version:       0.0.8
+Version:       0.0.9
 Release:       0
 Group:         System/Network
 License:       Apache-2.0

diff --git a/src/http_transaction.c b/src/http_transaction.c
index 9a0eed0..11689da 100644 (file)
--- a/src/http_transaction.c
+++ b/src/http_transaction.c
@@ -271,27 +271,31 @@ int _transaction_submit(gpointer user_data)
                gchar *user_name = NULL;
                gchar *password = NULL;
                gchar *credentials = NULL;
+               int credentials_len = 0;
 
                http_transaction_get_credentials(transaction, &user_name, &password);
-               credentials = (gchar *)malloc(sizeof(gchar) * (strlen(user_name) + 1 + strlen(password) + 1));
-               sprintf(credentials, "%s:%s", (gchar*)user_name, (gchar*)password);
-               free(user_name);
-               free(password);
+               credentials_len = sizeof(gchar) * (strlen(user_name) + 1 + strlen(password) + 1);
+               credentials = (gchar *)malloc(credentials_len);
+               if (credentials) {
+                       snprintf(credentials, credentials_len, "%s:%s", (gchar*)user_name, (gchar*)password);
+                       free(user_name);
+                       free(password);
 
-               http_transaction_get_http_auth_scheme(transaction, &auth_scheme);
+                       http_transaction_get_http_auth_scheme(transaction, &auth_scheme);
 
-               curl_auth_scheme = _get_http_curl_auth_scheme(auth_scheme);
+                       curl_auth_scheme = _get_http_curl_auth_scheme(auth_scheme);
 
-               if (transaction->proxy_auth_type) {
+                       if (transaction->proxy_auth_type) {
 
-                       curl_easy_setopt(transaction->easy_handle, CURLOPT_PROXYAUTH, curl_auth_scheme);
-                       curl_easy_setopt(transaction->easy_handle, CURLOPT_PROXYUSERPWD, credentials);
+                               curl_easy_setopt(transaction->easy_handle, CURLOPT_PROXYAUTH, curl_auth_scheme);
+                               curl_easy_setopt(transaction->easy_handle, CURLOPT_PROXYUSERPWD, credentials);
 
-               } else {
-                       curl_easy_setopt(transaction->easy_handle, CURLOPT_HTTPAUTH, curl_auth_scheme);
-                       curl_easy_setopt(transaction->easy_handle, CURLOPT_USERPWD, credentials);
+                       } else {
+                               curl_easy_setopt(transaction->easy_handle, CURLOPT_HTTPAUTH, curl_auth_scheme);
+                               curl_easy_setopt(transaction->easy_handle, CURLOPT_USERPWD, credentials);
+                       }
+                       free(credentials);
                }
-               free(credentials);
        }
        //LCOV_EXCL_STOP