Fix issue detected by static analysis tool

Use of vulnerable function 'sprintf'. This function is unsafe, use snprintf instead.

Change-Id: Ie3eba653e1a0986979b411814fbe19adc7da8504

diff --git a/receiver/src/ft.cpp b/receiver/src/ft.cpp
index 723c8f2..7fbbffb 100644 (file)
--- a/receiver/src/ft.cpp
+++ b/receiver/src/ft.cpp
@@ -211,7 +211,7 @@ static void _on_transfer_completed(sap_file_transaction_h file_transaction,
                 char thumb_path[PATH_MAX];
                 char *data_path = NULL;
                 data_path = app_get_shared_data_path();
-                sprintf(thumb_path, "%s/thumbnail/%s", data_path, incoming_file_name.c_str());
+                snprintf(thumb_path, sizeof(thumb_path), "%s/thumbnail/%s", data_path, incoming_file_name.c_str());
                 sticker_data.thumbnail_path = string(thumb_path);
 
                 if (data_path)
@@ -318,7 +318,7 @@ void accept_file()
 
     data_path = app_get_shared_data_path();
     LOGI("Path : %s", data_path);
-    sprintf(file_path, "%s/%s", data_path, incoming_file_name.c_str());
+    snprintf(file_path, sizeof(file_path), "%s/%s", data_path, incoming_file_name.c_str());
     LOGI("Receive filepath : %s", file_path);
     sticker_data.file_path = string(file_path);
 
@@ -346,7 +346,7 @@ static int _create_thumbnail_directory()
     char thumb_path[PATH_MAX];
     char *data_path = NULL;
     data_path = app_get_shared_data_path();
-    sprintf(thumb_path, "%s/thumbnail", data_path);
+    snprintf(thumb_path, sizeof(thumb_path), "%s/thumbnail", data_path);
 
     if (data_path)
         free(data_path);