• Jeff King's avatar
    convert trivial sprintf / strcpy calls to xsnprintf · 5096d490
    Jeff King authored
    We sometimes sprintf into fixed-size buffers when we know
    that the buffer is large enough to fit the input (either
    because it's a constant, or because it's numeric input that
    is bounded in size). Likewise with strcpy of constant
    strings.
    
    However, these sites make it hard to audit sprintf and
    strcpy calls for buffer overflows, as a reader has to
    cross-reference the size of the array with the input. Let's
    use xsnprintf instead, which communicates to a reader that
    we don't expect this to overflow (and catches the mistake in
    case we do).
    Signed-off-by: default avatarJeff King <peff@peff.net>
    Signed-off-by: default avatarJunio C Hamano <gitster@pobox.com>
    5096d490
sideband.c 3.44 KB