From eee67a65e8336b05de504db07f3c9d93879f0ca8 Mon Sep 17 00:00:00 2001
From: Vincent Sanders <vince@kyllikki.org>
Date: Fri, 24 Aug 2018 11:49:56 +0100
Subject: remove warning by replacing sprintf snprintf

---
 content/handlers/html/form.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/content/handlers/html/form.c b/content/handlers/html/form.c
index 8ba99d4ab..4a9d7102d 100644
--- a/content/handlers/html/form.c
+++ b/content/handlers/html/form.c
@@ -972,6 +972,9 @@ static char *form_url_encode(struct form *form,
 
 		assert(url_err == NSERROR_OK);
 
+		/* resize string to allow for new key/value pair,
+		 *  equals, amphersand and terminator
+		 */
 		len1 = len + strlen(name) + strlen(value) + 2;
 		s2 = realloc(s, len1 + 1);
 		if (!s2) {
@@ -981,7 +984,8 @@ static char *form_url_encode(struct form *form,
 			return NULL;
 		}
 		s = s2;
-		sprintf(s + len, "%s=%s&", name, value);
+
+		snprintf(s + len, (len1 + 1) - len, "%s=%s&", name, value);
 		len = len1;
 		free(name);
 		free(value);
-- 
cgit v1.2.3