diff -up sqlite-3.7.3/tool/lemon.c.lemparpath sqlite-3.7.3/tool/lemon.c --- sqlite-3.7.3/tool/lemon.c.lemparpath 2008-12-05 20:37:49.000000000 +0200 +++ sqlite-3.7.3/tool/lemon.c 2008-12-05 20:44:08.000000000 +0200 @@ -2369,7 +2369,7 @@ for(z=psp->filename, nBack=0; *z; z++){ if( *z=='\\' ) nBack++; } - sprintf(zLine, "#line %d ", psp->tokenlineno); + snprintf(zLine, sizeof zLine, "#line %d ", psp->tokenlineno); nLine = lemonStrlen(zLine); n += nLine + lemonStrlen(psp->filename) + nBack; } @@ -2953,7 +2953,7 @@ while( cfp ){ char buf[20]; if( cfp->dot==cfp->rp->nrhs ){ - sprintf(buf,"(%d)",cfp->rp->index); + snprintf(buf,sizeof buf,"(%d)",cfp->rp->index); fprintf(fp," %5s ",buf); }else{ fprintf(fp," "); @@ -3124,9 +3124,9 @@ cp = strrchr(lemp->filename,'.'); if( cp ){ - sprintf(buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename); + snprintf(buf,sizeof buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename); }else{ - sprintf(buf,"%s.lt",lemp->filename); + snprintf(buf,sizeof buf,"%s.lt",lemp->filename); } if( access(buf,004)==0 ){ tpltname = buf; @@ -3279,7 +3279,7 @@ while( n-- > 0 ){ c = *(zText++); if( c=='%' && n>0 && zText[0]=='d' ){ - sprintf(zInt, "%d", p1); + snprintf(zInt, sizeof zInt, "%d", p1); p1 = p2; strcpy(&z[used], zInt); used += lemonStrlen(&z[used]); @@ -3891,7 +3891,7 @@ /* Generate a table containing the symbolic name of every symbol */ for(i=0; insymbol; i++){ - sprintf(line,"\"%s\",",lemp->symbols[i]->name); + snprintf(line,sizeof line,"\"%s\",",lemp->symbols[i]->name); fprintf(out," %-15s",line); if( (i&3)==3 ){ fprintf(out,"\n"); lineno++; } } @@ -4057,7 +4057,7 @@ in = file_open(lemp,".h","rb"); if( in ){ for(i=1; interminal && fgets(line,LINESIZE,in); i++){ - sprintf(pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i); + snprintf(pattern,sizeof pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i); if( strcmp(line,pattern) ) break; } fclose(in);