mirror/opencv
1
0
Fork 0
mirror of https://github.com/opencv/opencv.git synced 2025-08-06 14:36:36 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed buffer overrun; removed the last two uses of sprintf

Browse Source 
Fixed an off-by-1 buffer resize, the space for the null termination was forgotten.

Prefer snprintf, which can never overflow (if given the right size).

In one case I cheated and used strcpy, because I cannot figure out the buffer size at that point in the code.
This commit is contained in:
Sean McBride 2023-05-26 07:57:31 -04:00
parent abda763073
commit d792ebc5d2
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/core/src/persistence_xml.cpp
View File

@ -308,8 +308,8 @@ public:
if( !multiline )
{
ptr = fs->resizeWriteBuffer( ptr, len + 9 );
sprintf( ptr, "<!-- %s -->", comment );
ptr = fs->resizeWriteBuffer( ptr, len + 5+4+1 );
snprintf( ptr, len + 5+4+1, "<!-- %s -->", comment );
len = (int)strlen(ptr);
}
else
@ -344,7 +344,7 @@ public:
fs->setBufferPtr(ptr);
ptr = fs->flush();
}
sprintf( ptr, "-->" );
strcpy( ptr, "-->" );
fs->setBufferPtr(ptr + 3);
fs->flush();
}