From 529efb88ebca9f5c2d67f6910d96357d89d48f34 Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Tue, 17 May 2016 10:20:44 +0900 Subject: [PATCH] Replace sprintf with snprintf Change-Id: I61320cda38a0cefd35750675119dfd2c88c57e82 Signed-off-by: Seonah Moon --- packaging/capi-network-http.spec | 2 +- src/http_header.c | 10 ++++++++-- test/http_test.c | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/packaging/capi-network-http.spec b/packaging/capi-network-http.spec index e586ffd..4ef03e8 100644 --- a/packaging/capi-network-http.spec +++ b/packaging/capi-network-http.spec @@ -1,6 +1,6 @@ Name: capi-network-http Summary: Http Framework -Version: 0.0.5 +Version: 0.0.6 Release: 0 Group: System/Network License: Apache-2.0 diff --git a/src/http_header.c b/src/http_header.c index 269e416..bdba24a 100644 --- a/src/http_header.c +++ b/src/http_header.c @@ -26,6 +26,7 @@ struct curl_slist* _get_header_list(http_transaction_h http_transaction) GHashTableIter iter; gpointer key = NULL; gpointer value = NULL; + int header_len = 0; if (!header->hash_table) return NULL; @@ -33,10 +34,15 @@ struct curl_slist* _get_header_list(http_transaction_h http_transaction) g_hash_table_iter_init(&iter, header->hash_table); while (g_hash_table_iter_next(&iter, &key, &value)) { - header_str = (gchar *)malloc(sizeof(gchar) * (strlen(key) + 1 + 1 + strlen(value) + 1)); - sprintf(header_str, "%s: %s", (gchar*)key, (gchar*)value); + header_len = sizeof(gchar) * (strlen(key) + 1 + 1 + strlen(value) + 1); + header_str = (gchar *)malloc(header_len); + if (header_str == NULL) + return NULL; + + snprintf(header_str, header_len, "%s: %s", (gchar*)key, (gchar*)value); DBG("Header Field: %s\n", header_str); header->header_list = curl_slist_append(header->header_list, header_str); + free(header_str); } diff --git a/test/http_test.c b/test/http_test.c index 32e1d27..1ad23f2 100644 --- a/test/http_test.c +++ b/test/http_test.c @@ -215,7 +215,7 @@ int test_simple_post(void) http_transaction_set_ready_to_write(transaction, TRUE); http_transaction_request_write_body(transaction, post_msg); - sprintf(field_value, "%d", (int)strlen(post_msg)); + snprintf(field_value, sizeof(field_value), "%d", (int)strlen(post_msg)); printf("[dbg] post size (%s)\n", field_value); http_transaction_header_add_field(transaction, "Content-Length", field_value); -- 2.34.1