The commit removes the usages of sprintf() function calls with '%s' in
the format string. And uses strncpy/strncat instead to ensure the
destination string buffers will not be accessed beyond their boundary.
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Add checks to ensure when the destination string buffer is of fixed
size, the strcpy/strcat functions calls will not access beyond the
boundary.
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Hao Wu
Yingke Liu
lgao4
vanjeff