diff options
Diffstat (limited to 'core/src')
-rw-r--r-- | core/src/fxcodec/codec/fx_codec_png.cpp | 6 | ||||
-rw-r--r-- | core/src/fxcodec/libjpeg/fpdfapi_jerror.c | 4 | ||||
-rw-r--r-- | core/src/fxcrt/fx_basic_bstring.cpp | 10 |
3 files changed, 12 insertions, 8 deletions
diff --git a/core/src/fxcodec/codec/fx_codec_png.cpp b/core/src/fxcodec/codec/fx_codec_png.cpp index 0ddae7a7cd..8c26381514 100644 --- a/core/src/fxcodec/codec/fx_codec_png.cpp +++ b/core/src/fxcodec/codec/fx_codec_png.cpp @@ -50,8 +50,10 @@ static void _png_load_bmp_attribute(png_structp png_ptr, png_infop info_ptr, CFX png_timep t = NULL;
png_get_tIME(png_ptr, info_ptr, &t);
if (t) {
- FXSYS_memset32(pAttribute->m_strTime, 0, 20);
- FXSYS_sprintf((FX_LPSTR)pAttribute->m_strTime, "%4d:%2d:%2d %2d:%2d:%2d", t->year, t->month, t->day, t->hour, t->minute, t->second);
+ FXSYS_memset32(pAttribute->m_strTime, 0, sizeof(pAttribute->m_strTime));
+ FXSYS_snprintf((FX_LPSTR)pAttribute->m_strTime, sizeof(pAttribute->m_strTime), "%4d:%2d:%2d %2d:%2d:%2d",
+ t->year, t->month, t->day, t->hour, t->minute, t->second);
+ pAttribute->m_strTime[sizeof(pAttribute->m_strTime) - 1] = 0;
bTime = 1;
}
#endif
diff --git a/core/src/fxcodec/libjpeg/fpdfapi_jerror.c b/core/src/fxcodec/libjpeg/fpdfapi_jerror.c index 943ced798f..282f889ebd 100644 --- a/core/src/fxcodec/libjpeg/fpdfapi_jerror.c +++ b/core/src/fxcodec/libjpeg/fpdfapi_jerror.c @@ -177,9 +177,9 @@ format_message (j_common_ptr cinfo, char * buffer) /* Format the message into the passed buffer */ if (isstring) - FXSYS_sprintf(buffer, msgtext, err->msg_parm.s); + sprintf(buffer, msgtext, err->msg_parm.s); else - FXSYS_sprintf(buffer, msgtext, + sprintf(buffer, msgtext, err->msg_parm.i[0], err->msg_parm.i[1], err->msg_parm.i[2], err->msg_parm.i[3], err->msg_parm.i[4], err->msg_parm.i[5], diff --git a/core/src/fxcrt/fx_basic_bstring.cpp b/core/src/fxcrt/fx_basic_bstring.cpp index 5c8a2fa8f3..895c8e560e 100644 --- a/core/src/fxcrt/fx_basic_bstring.cpp +++ b/core/src/fxcrt/fx_basic_bstring.cpp @@ -676,10 +676,10 @@ void CFX_ByteString::FormatV(FX_LPCSTR lpszFormat, va_list argList) if (nWidth + nPrecision > 100) { nItemLen = nPrecision + nWidth + 128; } else { - double f; char pszTemp[256]; - f = va_arg(argList, double); - FXSYS_sprintf(pszTemp, "%*.*f", nWidth, nPrecision + 6, f ); + double f = va_arg(argList, double); + memset(pszTemp, 0, sizeof(pszTemp)); + FXSYS_snprintf(pszTemp, sizeof(pszTemp) - 1, "%*.*f", nWidth, nPrecision + 6, f); nItemLen = (FX_STRSIZE)FXSYS_strlen(pszTemp); } break; @@ -697,9 +697,11 @@ void CFX_ByteString::FormatV(FX_LPCSTR lpszFormat, va_list argList) } nMaxLen += nItemLen; } + nMaxLen += 32; // Fudge factor. GetBuffer(nMaxLen); if (m_pData) { - FXSYS_vsprintf(m_pData->m_String, lpszFormat, argListSave); + memset(m_pData->m_String, 0, nMaxLen); + FXSYS_vsnprintf(m_pData->m_String, nMaxLen - 1, lpszFormat, argListSave); ReleaseBuffer(); } va_end(argListSave); |