From: Hubert Stachowiak <h.stachowiak@samsung.com>
Date: Mon, 24 Jul 2023 14:13:34 +0000 (+0200)
Subject: ecore_con_proxy_helper.c: use snprintf to avoid a buffer overflow
X-Git-Tag: accepted/tizen/unified/20230814.121015^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F70%2F296270%2F2;p=platform%2Fupstream%2Fefl.git

ecore_con_proxy_helper.c: use snprintf to avoid a buffer overflow

Change-Id: I3842fa3fcf95e9789720ca279f9b35af7850a84c
---

diff --git a/src/lib/ecore_con/ecore_con_proxy_helper.c b/src/lib/ecore_con/ecore_con_proxy_helper.c
index 01b9065..7b31faf 100644
--- a/src/lib/ecore_con/ecore_con_proxy_helper.c
+++ b/src/lib/ecore_con/ecore_con_proxy_helper.c
@@ -346,8 +346,11 @@ _efl_net_proxy_helper_url_req_send(const char *url, Ecore_Thread *eth)
         free(req);
         return -1;
      }
-   buf = alloca(strlen(url) + 256);
-   sprintf(buf, "P %i %s\n", req->id, url);
+   //TIZEN_ONLY(20230724) ecore_con_proxy_helper.c: use snprintf to avoid a buffer overflow
+   const size_t size = strlen(url) + 256;
+   buf = alloca(size);
+   snprintf(buf, size, "P %i %s\n", req->id, url);
+   //
    req->str = strdup(buf);
    if ((!req->str) || ecore_thread_check(eth))
      {