sprintf -> snprintf conversion

Hello, cfe-dev!

I'm using LLVM/Clang on OpenBSD. This project proactively advocates
usage of 'secure' C apis, especially related to memory bounds
checking. Thus using functions like sprintf/strcpy/etc usually spits
out a linker warning in base toolchain:

/home/proger/dev/llvm/Debug+Asserts/lib/libclangFrontend.a(DocumentXML.o)(.text+0xc65): In function `clang::DocumentXML::escapeString(char const*, unsigned long)':
/home/proger/dev/llvm/tools/clang/lib/Frontend/DocumentXML.cpp:107: warning: sprintf() is often misused, please use snprintf()

I've done some conversions from sprintf to snprintf, please commit those.

Thanks!

snprintf.diff (6.34 KB)

Apple also recommends avoiding those:
<http://developer.apple.com/library/ios/documentation/Security/
Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/
doc/uid/TP40002577-SW10>

I've filed a bug recommending that the static analyzer flag their usage:
<http://llvm.org/bugs/show_bug.cgi?id=5988>

hth,

Please send that patch to llvmdev, since it doesn't appear to touch
any clang-specific code.

-Eli

Actually, it does. I'm reattaching the diff without the llvm bits.
However, thanks for your hint, I'll do it in a moment.

snprintf.clang.diff (1.43 KB)

Thanks, committed as r118478.

  - Doug