diff --git a/upnpsoap.c b/upnpsoap.c index c66ad6a..62c75c8 100644 --- a/upnpsoap.c +++ b/upnpsoap.c @@ -481,7 +481,7 @@ callback(void *args, int argc, char **argv, char **azColName) } } } - ret = sprintf(str_buf, "<item id=\"%s\" parentID=\"%s\" restricted=\"1\"", id, parent); + ret = snprintf(str_buf, 512, "<item id=\"%s\" parentID=\"%s\" restricted=\"1\"", id, parent); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; if( refID && (passed_args->filter & FILTER_REFID) ) { @@ -489,39 +489,39 @@ callback(void *args, int argc, char **argv, char **azColName) memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } - ret = sprintf(str_buf, ">" - "<dc:title>%s</dc:title>" - "<upnp:class>object.%s</upnp:class>", - title, class); + ret = snprintf(str_buf, 512, ">" + "<dc:title>%s</dc:title>" + "<upnp:class>object.%s</upnp:class>", + title, class); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; if( comment && (passed_args->filter & FILTER_DC_DESCRIPTION) ) { - ret = sprintf(str_buf, "<dc:description>%s</dc:description>", comment); + ret = snprintf(str_buf, 512, "<dc:description>%.384s</dc:description>", comment); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( creator && (passed_args->filter & FILTER_DC_CREATOR) ) { - ret = sprintf(str_buf, "<dc:creator>%s</dc:creator>", creator); + ret = snprintf(str_buf, 512, "<dc:creator>%s</dc:creator>", creator); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( date && (passed_args->filter & FILTER_DC_DATE) ) { - ret = sprintf(str_buf, "<dc:date>%s</dc:date>", date); + ret = snprintf(str_buf, 512, "<dc:date>%s</dc:date>", date); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( artist && (passed_args->filter & FILTER_UPNP_ARTIST) ) { - ret = sprintf(str_buf, "<upnp:artist>%s</upnp:artist>", artist); + ret = snprintf(str_buf, 512, "<upnp:artist>%s</upnp:artist>", artist); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( album && (passed_args->filter & FILTER_UPNP_ALBUM) ) { - ret = sprintf(str_buf, "<upnp:album>%s</upnp:album>", album); + ret = snprintf(str_buf, 512, "<upnp:album>%s</upnp:album>", album); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( genre && (passed_args->filter & FILTER_UPNP_GENRE) ) { - ret = sprintf(str_buf, "<upnp:genre>%s</upnp:genre>", genre); + ret = snprintf(str_buf, 512, "<upnp:genre>%s</upnp:genre>", genre); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } @@ -642,24 +642,24 @@ callback(void *args, int argc, char **argv, char **azColName) passed_args->size += ret; } } - ret = sprintf(str_buf, ">" - "<dc:title>%s</dc:title>" - "<upnp:class>object.%s</upnp:class>", - title, class); + ret = snprintf(str_buf, 512, ">" + "<dc:title>%s</dc:title>" + "<upnp:class>object.%s</upnp:class>", + title, class); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; if( creator && (passed_args->filter & FILTER_DC_CREATOR) ) { - ret = sprintf(str_buf, "<dc:creator>%s</dc:creator>", creator); + ret = snprintf(str_buf, 512, "<dc:creator>%s</dc:creator>", creator); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( genre && (passed_args->filter & FILTER_UPNP_GENRE) ) { - ret = sprintf(str_buf, "<upnp:genre>%s</upnp:genre>", genre); + ret = snprintf(str_buf, 512, "<upnp:genre>%s</upnp:genre>", genre); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; } if( artist && (passed_args->filter & FILTER_UPNP_ARTIST) ) { - ret = sprintf(str_buf, "<upnp:artist>%s</upnp:artist>", artist); + ret = snprintf(str_buf, 512, "<upnp:artist>%s</upnp:artist>", artist); memcpy(passed_args->resp+passed_args->size, &str_buf, ret+1); passed_args->size += ret; }