sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MdeModulePkg: For RegularExpressionDxe use 'sprintf_s' to replace 'sprintf'.

Browse Source 
Function 'sprintf' has potential buffer overflow risk. This patch use 'sprintf_s' to improve the code.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Yao Jiewen <Jiewen.Yao@intel.com>
Reviewed-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19582 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Qiu Shumin
2016-01-04 05:14:53 +00:00
committed by shenshushi
parent c9f46d31f4
commit 61e078ddcb
5 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c
View File

@@ -88,7 +88,7 @@ regerror(int posix_ecode, const regex_t* reg ARG_UNUSED, char* buf,
s = "";
}
else {
sprintf(tbuf, "undefined error code (%d)", posix_ecode);
sprintf_s(tbuf, sizeof(tbuf), "undefined error code (%d)", posix_ecode);
s = tbuf;
}