From 20d895473215641ecaedc72cde6a51fcbe11d577 Mon Sep 17 00:00:00 2001
From: antma <code@vysheng.ru>
Date: Fri, 10 Jan 2014 16:15:59 +0400
Subject: [PATCH] replace sprintf call with snprintf for open image command

---
 queries.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/queries.c b/queries.c
index bf1af61..e602f55 100644
--- a/queries.c
+++ b/queries.c
@@ -1764,12 +1764,15 @@ void end_load (struct download *D) {
   if (D->next == 1) {
     logprintf ("Done: %s\n", D->name);
   } else if (D->next == 2) {
-    static char buf[1000];
-    sprintf (buf, OPEN_BIN, D->name);
-    int x = system (buf);
-    if (x < 0) {
-      logprintf ("Can not open image viewer: %m\n");
-      logprintf ("Image is at %s\n", D->name);
+    static char buf[PATH_MAX];
+    if (snprintf (buf, sizeof (buf), OPEN_BIN, D->name) >= (int) sizeof (buf)) {
+      logprintf ("Open image command buffer overflow\n");
+    } else {
+      int x = system (buf);
+      if (x < 0) {
+        logprintf ("Can not open image viewer: %m\n");
+        logprintf ("Image is at %s\n", D->name);
+      }
     }
   }
   if (D->iv) {