Eliminate 'use of vulnerable sprintf' code defect in de_win test (cord)

* cord/tests/de_win.c (WinMain): Do not call sprintf() on RegisterClass
and CreateWindow failure; invoke de_error() with the immediate error
message strings (without the error code).

diff --git a/cord/tests/de_win.c b/cord/tests/de_win.c
index b36d864..0af00df 100644 (file)
--- a/cord/tests/de_win.c
+++ b/cord/tests/de_win.c
@@ -62,11 +62,7 @@ int APIENTRY WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
       wndclass.lpszClassName  = szAppName;
 
       if (RegisterClass (&wndclass) == 0) {
-          char buf[50];
-
-          sprintf(buf, "RegisterClass: error code: 0x%X",
-                  (unsigned)GetLastError());
-          de_error(buf);
+          de_error("RegisterClass error");
           return(0);
       }
    }
@@ -99,11 +95,7 @@ int APIENTRY WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
                         NULL,   /* Window class menu */
                         hInstance, NULL);
    if (hwnd == NULL) {
-        char buf[50];
-
-        sprintf(buf, "CreateWindow: error code: 0x%X",
-                (unsigned)GetLastError());
-        de_error(buf);
+        de_error("CreateWindow error");
         return(0);
    }