diff --git a/httperf/ChangeLog b/httperf/ChangeLog index c5d3ef7..3c0d7d1 100755 --- a/httperf/ChangeLog +++ b/httperf/ChangeLog @@ -2,6 +2,8 @@ * wsesslog.c changed a sprintf call to the more secure snprintf + *getopt.c changed a sprintf call to the more secure snprintf + 2007-01-20 Ted Bullock * Included the shell script autogen.sh to compile the necessary diff --git a/httperf/src/lib/getopt.c b/httperf/src/lib/getopt.c index 133daca..1b386c0 100755 --- a/httperf/src/lib/getopt.c +++ b/httperf/src/lib/getopt.c @@ -353,7 +353,7 @@ _getopt_initialize (optstring) file name wildcard expansion and therefore should not be considered as options. */ char var[100]; - sprintf (var, "_%d_GNU_nonoption_argv_flags_", getpid ()); + snprintf (var, sizeof(var), "_%d_GNU_nonoption_argv_flags_", getpid ()); nonoption_flags = getenv (var); if (nonoption_flags == NULL) nonoption_flags_len = 0;