diff options
author | Daniel Stenberg <daniel@haxx.se> | 2013-03-06 13:27:51 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2013-03-07 11:08:05 +0100 |
commit | 7f963a19ecbceef5d7e95e677ccc089d04ef987f (patch) | |
tree | 459db8c1b5d5243e9b5e3ebfd3e8974131d321de /src/tool_operate.c | |
parent | 9ceee69ff7d6139de759a4f25051e0d661e0c2b0 (diff) |
checksrc: ban unsafe functions
The list of unsafe functions currently consists of sprintf, vsprintf,
strcat, strncat and gets.
Subsequently, some existing code needed updating to avoid warnings on
this.
Diffstat (limited to 'src/tool_operate.c')
-rw-r--r-- | src/tool_operate.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/tool_operate.c b/src/tool_operate.c index 5e73d86d4..3151f416f 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -805,18 +805,18 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[]) /* * Then append ? followed by the get fields to the url. */ - urlbuffer = malloc(strlen(this_url) + strlen(httpgetfields) + 3); - if(!urlbuffer) { - res = CURLE_OUT_OF_MEMORY; - goto show_error; - } if(pc) - sprintf(urlbuffer, "%s%c%s", this_url, sep, httpgetfields); + urlbuffer = aprintf("%s%c%s", this_url, sep, httpgetfields); else /* Append / before the ? to create a well-formed url if the url contains a hostname only */ - sprintf(urlbuffer, "%s/?%s", this_url, httpgetfields); + urlbuffer = aprintf("%s/?%s", this_url, httpgetfields); + + if(!urlbuffer) { + res = CURLE_OUT_OF_MEMORY; + goto show_error; + } Curl_safefree(this_url); /* free previous URL */ this_url = urlbuffer; /* use our new URL instead! */ |