From 8c92b5f7aef3b6a10c374c8f4733196fa5463385 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sun, 9 Jun 2024 19:38:14 +0200
Subject: [PATCH] TSRM: change uses of sprintf into snprintf

---
 TSRM/tsrm_win32.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/TSRM/tsrm_win32.c b/TSRM/tsrm_win32.c
index dc8f9fefa3a..39fb75c33dd 100644
--- a/TSRM/tsrm_win32.c
+++ b/TSRM/tsrm_win32.c
@@ -477,12 +477,13 @@ TSRM_API FILE *popen_ex(const char *command, const char *type, const char *cwd,
 		return NULL;
 	}
 
-	cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /s /c ")+2);
+	size_t cmd_buffer_size = strlen(command) + strlen(TWG(comspec)) + sizeof(" /s /c ") + 2;
+	cmd = malloc(cmd_buffer_size);
 	if (!cmd) {
 		return NULL;
 	}
 
-	sprintf(cmd, "%s /s /c \"%s\"", TWG(comspec), command);
+	snprintf(cmd, cmd_buffer_size, "%s /s /c \"%s\"", TWG(comspec), command);
 	cmdw = php_win32_cp_any_to_w(cmd);
 	if (!cmdw) {
 		free(cmd);