From 9d6e515df6804d5fca44bd3e5a00df0c12779e94 Mon Sep 17 00:00:00 2001 From: Huaxin Date: Sat, 25 May 2024 15:00:07 +0800 Subject: [PATCH] Replace sprintf with safer snprintf The sprintf function has been replaced with the safer snprintf function to prevent potential buffer overflow vulnerabilities and enhance security. --- src/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.c b/src/main.c index 0f85dca21..108bde0a8 100644 --- a/src/main.c +++ b/src/main.c @@ -132,7 +132,7 @@ static bool parse_args(int argc, char **args) strlen(prog_basename) + 5 + 1); assert(prof_out_file); - sprintf(prof_out_file, "%s/%s%s.prof", cwd_path, rel_path, + snprintf(prof_out_file, sizeof(prof_out_file), "%s/%s%s.prof", cwd_path, rel_path, prog_basename); } return true;