From e351c22ee8c4d8cef0f212831a00447bc0400601 Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Sat, 3 Mar 2018 10:10:32 +0100 Subject: [PATCH] jp3d: Replace sprintf() by snprintf() in volumetobin() This replaces the unsafe sprintf() invocation by the safer snprintf() one, with the correct buffer size to prevent buffer overflows. This fixes #1085. --- src/bin/jp3d/convert.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bin/jp3d/convert.c b/src/bin/jp3d/convert.c index 7d802445..23fd70b0 100644 --- a/src/bin/jp3d/convert.c +++ b/src/bin/jp3d/convert.c @@ -788,7 +788,7 @@ int volumetobin(opj_volume_t * volume, char *outfile) fclose(fdest); - sprintf(name, "%s.img", outfile); + snprintf(name, sizeof(name), "%s.img", outfile); fimgdest = fopen(name, "w"); if (!fimgdest) { fprintf(stdout, "[ERROR] Failed to open %s for writing\n", name);