use snprintf, strdup, ... where possible to make for safer operation -- Martin Pelikan

[rrdtool.git] / src / rrd_parsetime.c

diff --git a/src/rrd_parsetime.c b/src/rrd_parsetime.c
index 1b59f45..d854dfb 100644 (file)
--- a/src/rrd_parsetime.c
+++ b/src/rrd_parsetime.c
@@ -599,7 +599,7 @@ static char *tod(
         scc = scc_sv;
         sct = sct_sv;
         sc_tokid = sc_tokid_sv;
-        sprintf(sc_token, "%d", hour);
+        snprintf(sc_token, sc_len, "%d", hour);
         return TIME_OK;
     }
     if (sc_tokid == COLON) {
@@ -631,7 +631,7 @@ static char *tod(
         scc = scc_sv;
         sct = sct_sv;
         sc_tokid = sc_tokid_sv;
-        sprintf(sc_token, "%d", hour);
+        snprintf(sc_token, sc_len, "%d", hour);
         return TIME_OK;
     }
     ptv->tm.  tm_hour = hour;