GitList

Browse code

Use snprintf instead of sprintf for get_ssl_library_version

This is avoid a warning/error (when using -Werror) under current macOS
of sprintf:

__deprecated_msg("This function is provided for compatibility
reasons only. Due to security concerns inherent in the design
of sprintf(3), it is highly recommended that you use snprintf(3)
instead.")

Change-Id: I3c6fd36eb9daee9244d6dc6d9f22de1c5cf9d039
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240325125052.14135-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28458.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 6a60d1bef424088df55f4d07efd45ce080fc7132)

Arne Schwabe authored on 2024/03/25 21:50:52
Showing 1 changed files

src/openvpn/ssl_mbedtls.c index 97c3cf2..08877f5 100644

src/openvpn/ssl_mbedtls.c

History View file @ 11ca69c

@@ -1613,7 +1613,7 @@ get_ssl_library_version(void)
 {
     static char mbedtls_version[30];
     unsigned int pv = mbedtls_version_get_number();
-    sprintf( mbedtls_version, "mbed TLS %d.%d.%d",
+    snprintf(mbedtls_version, sizeof(mbedtls_version), "mbed TLS %d.%d.%d",
              (pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff );
     return mbedtls_version;
 }

...	...	@@ -1613,7 +1613,7 @@ get_ssl_library_version(void)
1613	1613	{
1614	1614	static char mbedtls_version[30];
1615	1615	unsigned int pv = mbedtls_version_get_number();
1616		- sprintf( mbedtls_version, "mbed TLS %d.%d.%d",
	1616	+ snprintf(mbedtls_version, sizeof(mbedtls_version), "mbed TLS %d.%d.%d",
1617	1617	(pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff );
1618	1618	return mbedtls_version;
1619	1619	}