From 206fa4323222f86097890a117ee41e51f291e49f Mon Sep 17 00:00:00 2001
From: antma <code@vysheng.ru>
Date: Fri, 10 Jan 2014 16:05:39 +0400
Subject: [PATCH] replace sprintf call with snprintf for downloaded part name

---
 queries.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/queries.c b/queries.c
index 5856f36..bf1af61 100644
--- a/queries.c
+++ b/queries.c
@@ -1822,11 +1822,16 @@ struct query_methods download_methods = {
 
 void load_next_part (struct download *D) {
   if (!D->offset) {
-    static char buf[1000];
+    static char buf[PATH_MAX];
+    int l;
     if (!D->id) {
-      sprintf (buf, "%s/download_%lld_%d", get_downloads_directory (), D->volume, D->local_id);
+      l = snprintf (buf, sizeof (buf), "%s/download_%lld_%d", get_downloads_directory (), D->volume, D->local_id);
     } else {
-      sprintf (buf, "%s/download_%lld", get_downloads_directory (), D->id);
+      l = snprintf (buf, sizeof (buf), "%s/download_%lld", get_downloads_directory (), D->id);
+    }
+    if (l >= (int) sizeof (buf)) {
+      logprintf ("Download filename is too long");
+      exit (1);
     }
     D->name = tstrdup (buf);
     struct stat st;