From feb2dd283533f842c9b6e4cc2fcc7fd35638d5a0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 24 Jun 2004 11:54:11 +0000
Subject: Replaced all uses of sprintf() with the safer snprintf(). It is just
 a precaution to prevent mistakes to lead to buffer overflows.

---
 lib/escape.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/escape.c')

diff --git a/lib/escape.c b/lib/escape.c
index 600cece7c..00e2fae6e 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -68,7 +68,7 @@ char *curl_escape(const char *string, int length)
           ns = testing_ptr;
         }
       }
-      sprintf(&ns[strindex], "%%%02X", in);
+      snprintf(&ns[strindex], 4, "%%%02X", in);
 
       strindex+=3;
     }
-- 
cgit v1.2.3