# HG changeset patch
# User reimar
# Date 1351710115 0
# Node ID 984b47eb6389e0a9f5670a3f7e627eff94f986ad
# Parent  fe44546ee423989493725ce133e58983cb34b47f
Use snprintf instead of sprintf.

No good reason beyond paranoia and Coverity complaining about it.
In a very theoretical, construed case the adds might overflow
or the environment might change in-between the getenv calls.

diff -r fe44546ee423 -r 984b47eb6389 stream/cookies.c
--- a/stream/cookies.c	Wed Oct 31 18:55:33 2012 +0000
+++ b/stream/cookies.c	Wed Oct 31 19:01:55 2012 +0000
@@ -205,11 +205,13 @@
     if (dir) {
 	while ((ent = readdir(dir)) != NULL) {
 	    if ((ent->d_name)[0] != '.') {
-		buf = malloc(strlen(getenv("HOME")) +
-                             sizeof("/.mozilla/default/") +
-                             strlen(ent->d_name) + sizeof("cookies.txt") + 1);
-		sprintf(buf, "%s/.mozilla/default/%s/cookies.txt",
-			 getenv("HOME"), ent->d_name);
+		const char *home = getenv("HOME");
+		unsigned len = strlen(home) +
+		               sizeof("/.mozilla/default/") +
+		               strlen(ent->d_name) + sizeof("cookies.txt") + 1;
+		buf = malloc(len);
+		snprintf(buf, len, "%s/.mozilla/default/%s/cookies.txt",
+			 home, ent->d_name);
 		list = load_cookies_from(buf, list);
 		free(buf);
 	    }