29 Dec
2015
29 Dec
'15
5:11 p.m.
Dear Ben,
In message 1451399667-32519-1-git-send-email-ben.whitten@gmail.com you wrote:
From: Ben Whitten ben.whitten@gmail.com
With format-security errors turned on, GCC picks up the use of sprintf without a format parameter.
Thanks for detecting this, but...
ptr = sprintf(build_buf, tmp);
ptr = sprintf(build_buf, "%s", tmp);
...
ptr += sprintf(build_buf + ptr, tmp);
ptr += sprintf(build_buf + ptr, "%s", tmp);
... why should we use sprintf() here at all? I recommend to convert this into a plain strcpy().
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
Any fool can make things bigger, more complex, and more violent. It
takes a touch of genius - and a lot of courage - to move in the
opposite direction. - Albert Einstein