thirdparty/vschannel: fix format string vulnerability (#10944)

pull/10950/head
Miccah 2021-07-24 15:37:34 -05:00 committed by GitHub
parent 1943da54a5
commit 76904719d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -757,7 +757,7 @@ static SECURITY_STATUS https_make_request(TlsContext *tls_ctx, CHAR *req, CHAR *
// Build HTTP request. Note that I'm assuming that this is less than // Build HTTP request. Note that I'm assuming that this is less than
// the maximum message size. If it weren't, it would have to be broken up. // the maximum message size. If it weren't, it would have to be broken up.
sprintf(pbMessage, req); sprintf(pbMessage, "%s", req);
cbMessage = (DWORD)strlen(pbMessage); cbMessage = (DWORD)strlen(pbMessage);