sprintf_s1

Modified: trunk/reactos/subsys/system/explorer/utility/utility.h
Modified: trunk/reactos/subsys/system/explorer/utility/xmlstorage.cpp
Modified: trunk/reactos/subsys/system/explorer/utility/xmlstorage.h

--- trunk/reactos/subsys/system/explorer/utility/utility.h	2005-11-30 11:57:20 UTC (rev 19775)
+++ trunk/reactos/subsys/system/explorer/utility/utility.h	2005-11-30 14:02:55 UTC (rev 19776)
@@ -166,6 +166,7 @@

 #endif
 
 

+ // secure CRT functions

 #ifdef __STDC_WANT_SECURE_LIB__	// for VS 2005: _MSC_VER>=1400
 
 #undef _vsntprintf

--- trunk/reactos/subsys/system/explorer/utility/xmlstorage.cpp	2005-11-30 11:57:20 UTC (rev 19775)
+++ trunk/reactos/subsys/system/explorer/utility/xmlstorage.cpp	2005-11-30 14:02:55 UTC (rev 19776)
@@ -464,7 +464,7 @@

 std::string EncodeXMLString(const XS_String& str)
 {
 	LPCXSSTR s = str.c_str();

-	LPXSSTR buffer = (LPXSSTR)alloca(5*sizeof(XS_CHAR)*XS_len(s));	// worst case. "&"

+	LPXSSTR buffer = (LPXSSTR)alloca(6*sizeof(XS_CHAR)*XS_len(s));	// worst case """ / "'"

 	LPXSSTR o = buffer;
 
 	for(LPCXSSTR p=s; *p; ++p)
@@ -492,7 +492,7 @@

 		  default:
 			if ((unsigned)*p<20 && *p!='\t' && *p!='\r' && *p!='\n') {
 				char b[16];

-				sprintf(b, "&%d;", (unsigned)*p);

+				sprintf_s1(b, COUNTOF(b), "&%d;", (unsigned)*p);

 				for(const char*q=b; *q; )
 					*o++ = *q++;
 			} else

--- trunk/reactos/subsys/system/explorer/utility/xmlstorage.h	2005-11-30 11:57:20 UTC (rev 19775)
+++ trunk/reactos/subsys/system/explorer/utility/xmlstorage.h	2005-11-30 14:02:55 UTC (rev 19776)
@@ -71,6 +71,14 @@

 namespace XMLStorage {
 
 

+ // secure CRT functions
+#ifdef __STDC_WANT_SECURE_LIB__	// VS 2005
+#define sprintf_s1 sprintf_s
+#else
+#define sprintf_s1(b, l, f, p1) sprintf(b, f, p1)
+#endif
+
+

 #ifndef XS_String
 
 #ifdef XS_STRING_UTF8