- sprintf(xyz, "%s=%s", args[0], args[1]);
+ snprintf(xyz, len, "%s=%s", args[0], args[1]);
- sprintf(err, "[ERROR: %s]", rrd_get_error());
+ snprintf(err, len, "[ERROR: %s]", rrd_get_error());
- char *err =
- malloc((strlen(rrd_get_error()) +
- DS_NAM_SIZE) * sizeof(char));
- sprintf(err, "[ERROR: %s]", rrd_get_error());
+ const size_t len = strlen(rrd_get_error()) + DS_NAM_SIZE;
+ char *err = malloc(len);
+ snprintf(err, len, "[ERROR: %s]", rrd_get_error());
- char *err =
- malloc((strlen(rrd_get_error()) +
- DS_NAM_SIZE) * sizeof(char));
- sprintf(err, "[ERROR: %s]", rrd_get_error());
+ const size_t len = strlen(rrd_get_error()) + DS_NAM_SIZE;
+ char *err = malloc(len);
+ snprintf(err, len, "[ERROR: %s]", rrd_get_error());
} else if (cp && !strcmp(cp, "GET")) {
esp = getenv("QUERY_STRING");
if (esp && strlen(esp)) {
} else if (cp && !strcmp(cp, "GET")) {
esp = getenv("QUERY_STRING");
if (esp && strlen(esp)) {
printf("(offline mode: enter name=value pairs on standard input)\n");
memset(tmp, 0, sizeof(tmp));
while ((cp = fgets(tmp, 100, stdin)) != NULL) {
printf("(offline mode: enter name=value pairs on standard input)\n");
memset(tmp, 0, sizeof(tmp));
while ((cp = fgets(tmp, 100, stdin)) != NULL) {
- if (strlen(tmp)) {
- if (tmp[strlen(tmp) - 1] == '\n')
- tmp[strlen(tmp) - 1] = '&';
- if (length) {
- length += strlen(tmp);
- len = (length + 1) * sizeof(char);
+ if ((tmplen = strlen(tmp)) != 0) {
+ if (tmp[tmplen - 1] == '\n')
+ tmp[tmplen - 1] = '&';
+ length += tmplen;
+ len = (length + 1) * sizeof(char);
+ if ((unsigned) length > tmplen) {
- len =
- (strlen(result[k]->value) + (ip - esp) +
- 2) * sizeof(char);
- if ((sptr = (char *) malloc(len)) == NULL)
+ len = strlen(result[k]->value) + (ip - esp) + 2;
+ if ((sptr = (char *) calloc(len, sizeof(char))) == NULL)
- memset(sptr, 0, len);
- sprintf(sptr, "%s\n", result[k]->value);
- strncat(sptr, cp, ip - esp);
+ snprintf(sptr, len, "%s\n%s", result[k]->value, cp);