From 4d2bf7f0f2feb2c6928204db218ff9384ac605ac Mon Sep 17 00:00:00 2001
From: Yann Collet <cyan@fb.com>
Date: Sat, 24 Feb 2024 23:03:40 -0800
Subject: [PATCH] removed sprintf usage from zstdcli.c

some static analyzers flag this standard C90 function as unsafe.
---
 programs/zstdcli.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/programs/zstdcli.c b/programs/zstdcli.c
index 85d0e12d7..1cb16ef50 100644
--- a/programs/zstdcli.c
+++ b/programs/zstdcli.c
@@ -318,7 +318,7 @@ static void usageAdvanced(const char* programName)
 
 static void badUsage(const char* programName, const char* parameter)
 {
-    DISPLAYLEVEL(1, "Incorrect parameter: %s\n", parameter);
+    DISPLAYLEVEL(1, "Incorrect parameter: %s \n", parameter);
     if (g_displayLevel >= 2) usage(stderr, programName);
 }
 
@@ -1148,7 +1148,6 @@ int main(int argCount, const char* argv[])
 
             argument++;
             while (argument[0]!=0) {
-                char shortArgument[3];
 
 #ifndef ZSTD_NOCOMPRESS
                 /* compression Level */
@@ -1281,9 +1280,11 @@ int main(int argCount, const char* argv[])
 
                     /* unknown command */
                 default :
-                    sprintf(shortArgument, "-%c", argument[0]);
-                    badUsage(programName, shortArgument);
-                    CLEAN_RETURN(1);
+                    {   char shortArgument[3] = {'-', 0, 0};
+                        shortArgument[1] = argument[0];
+                        badUsage(programName, shortArgument);
+                        CLEAN_RETURN(1);
+                    }
                 }
             }
             continue;
-- 
2.47.2