#include "urldata.h"
#include "sendf.h"
+#define _MPRINTF_REPLACE /* use the internal *printf() functions */
#include <curl/mprintf.h>
#ifdef KRB4
va_list ap;
va_start(ap, fmt);
if(data->errorbuffer)
- vsprintf(data->errorbuffer, fmt, ap);
+ vsnprintf(data->errorbuffer, CURL_ERROR_SIZE, fmt, ap);
else /* no errorbuffer receives this, write to data->err instead */
vfprintf(data->err, fmt, ap);
va_end(ap);
if(data->resume_from) {
if(!data->bits.set_range) {
/* if it already was in use, we just skip this */
- sprintf(resumerange, "%d-", data->resume_from);
+ snprintf(resumerange, sizeof(resumerange), "%d-", data->resume_from);
data->range=strdup(resumerange); /* tell ourselves to fetch this range */
data->bits.rangestringalloc = TRUE; /* mark as allocated */
data->bits.set_range = 1; /* switch on range usage */
if(data->bits.proxy_user_passwd) {
char *authorization;
- sprintf(data->buffer, "%s:%s", data->proxyuser, data->proxypasswd);
+ snprintf(data->buffer, BUFSIZE, "%s:%s",
+ data->proxyuser, data->proxypasswd);
if(base64_encode(data->buffer, strlen(data->buffer),
&authorization) >= 0) {
data->ptr_proxyuserpwd =