From: Paul Barker <paul@paulbarker.me.uk>
Date: Sun, 6 Apr 2014 22:12:26 +0000 (+0100)
Subject: Use snprintf to print to zip->format_name
X-Git-Tag: v3.1.900a~307^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F72%2Fhead;p=thirdparty%2Flibarchive.git

Use snprintf to print to zip->format_name

zip->format_name is a fixed size character array so ensure that the number of
characters written to the array is appropriately limited.

Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
---

diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
index ab3c71e2e..dbe245e15 100644
--- a/libarchive/archive_read_support_format_zip.c
+++ b/libarchive/archive_read_support_format_zip.c
@@ -744,7 +744,7 @@ zip_read_local_file_header(struct archive_read *a, struct archive_entry *entry,
 		zip->end_of_entry = 1;
 
 	/* Set up a more descriptive format name. */
-	sprintf(zip->format_name, "ZIP %d.%d (%s)",
+	snprintf(zip->format_name, sizeof(zip->format_name), "ZIP %d.%d (%s)",
 	    version / 10, version % 10,
 	    compression_name(zip->entry->compression));
 	a->archive.archive_format_name = zip->format_name;