src/notify.c: Fix printf() misuse

Make sure we actually copy the notification warning interval to the correct buffer instead of printing it to stdout (using an arbitrary format string). This makes sure the current warning interval is shown when editing the field and also eliminates a potential format string vulnerability. Spotted with "-Wformat-nonliteral". Signed-off-by: Lukas Fleischer <calcurse@cryptocrack.de>
2012-05-18 08:36:43 +02:00 · 2012-05-18 08:36:43 +02:00 · 162b871682
commit 162b871682
parent 9a85b790aa
1 changed files with 1 additions and 1 deletions
--- a/src/notify.c
+++ b/src/notify.c
@ -777,7 +777,7 @@ notify_config_bar (void)
        case '4':
          status_mesg (count_str, "");
          pthread_mutex_lock (&nbar.mutex);
-          printf (buf, "%d", nbar.cntdwn);
+          snprintf (buf, BUFSIZ, "%d", nbar.cntdwn);
          pthread_mutex_unlock (&nbar.mutex);
          if (updatestring (win[STA].p, &buf, 0, 1) == 0 &&
              is_all_digit (buf) && atoi (buf) >= 0 && atoi (buf) <= DAYINSEC)