grep: use xsnprintf to format failure message

This looks at first glance like the sprintf can overflow our
buffer, but it's actually fine; the p->origin string is
something constant and small, like "command line" or "-e
option".

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/grep.c b/grep.c
index b58c7c6..6c68d5b 100644 (file)
--- a/grep.c
+++ b/grep.c
@@ -306,9 +306,9 @@ static NORETURN void compile_regexp_failed(const struct grep_pat *p,
        char where[1024];
 
        if (p->no)
-               sprintf(where, "In '%s' at %d, ", p->origin, p->no);
+               xsnprintf(where, sizeof(where), "In '%s' at %d, ", p->origin, p->no);
        else if (p->origin)
-               sprintf(where, "%s, ", p->origin);
+               xsnprintf(where, sizeof(where), "%s, ", p->origin);
        else
                where[0] = 0;