WL#1597: sprintf -> snprintf (cleanup)
Affects: Server-7.1 — Status: Assigned — Priority: Medium
A recent security audit pinged us for using sprintf throughout the code. We need to resolve issues surrounding how we handle strings. So: All sprintf() should become my_snprintf(). All scanf() statements need to be scrutinized. All defined sizes need to be defined (no assumed sizes). We need to make sure and define strmov in a manner where it can no be overflowed.
Copyright (c) 2000, 2016, Oracle Corporation and/or its affiliates. All rights reserved.