@@ -377,7 +377,7 @@ list_dbs(MYSQL *mysql,const char *wild)
377377 uint length , counter = 0 ;
378378 ulong rowcount = 0L ;
379379 char tables [NAME_LEN + 1 ], rows [NAME_LEN + 1 ];
380- char query [255 ];
380+ char query [NAME_LEN + 100 ];
381381 MYSQL_FIELD * field ;
382382 MYSQL_RES * result ;
383383 MYSQL_ROW row = NULL , rrow ;
@@ -444,7 +444,8 @@ list_dbs(MYSQL *mysql,const char *wild)
444444 MYSQL_ROW trow ;
445445 while ((trow = mysql_fetch_row (tresult )))
446446 {
447- sprintf (query ,"SELECT COUNT(*) FROM `%s`" ,trow [0 ]);
447+ my_snprintf (query , sizeof (query ),
448+ "SELECT COUNT(*) FROM `%s`" , trow [0 ]);
448449 if (!(mysql_query (mysql ,query )))
449450 {
450451 MYSQL_RES * rresult ;
@@ -500,7 +501,7 @@ list_tables(MYSQL *mysql,const char *db,const char *table)
500501{
501502 const char * header ;
502503 uint head_length , counter = 0 ;
503- char query [255 ], rows [NAME_LEN ], fields [16 ];
504+ char query [NAME_LEN + 100 ], rows [NAME_LEN ], fields [16 ];
504505 MYSQL_FIELD * field ;
505506 MYSQL_RES * result ;
506507 MYSQL_ROW row , rrow ;
@@ -585,7 +586,8 @@ list_tables(MYSQL *mysql,const char *db,const char *table)
585586 if (opt_verbose > 1 )
586587 {
587588 /* Print the count of rows for each table */
588- sprintf (query ,"SELECT COUNT(*) FROM `%s`" ,row [0 ]);
589+ my_snprintf (query , sizeof (query ), "SELECT COUNT(*) FROM `%s`" ,
590+ row [0 ]);
589591 if (!(mysql_query (mysql ,query )))
590592 {
591593 if ((rresult = mysql_store_result (mysql )))
@@ -645,13 +647,15 @@ list_tables(MYSQL *mysql,const char *db,const char *table)
645647static int
646648list_table_status (MYSQL * mysql ,const char * db ,const char * wild )
647649{
648- char query [1024 ],* end ;
650+ char query [NAME_LEN + 100 ];
651+ int len ;
649652 MYSQL_RES * result ;
650653 MYSQL_ROW row ;
651654
652- end = strxmov (query ,"show table status from `" ,db ,"`" ,NullS );
653- if (wild && wild [0 ])
654- strxmov (end ," like '" ,wild ,"'" ,NullS );
655+ len = sizeof (query );
656+ len -= my_snprintf (query , len , "show table status from `%s`" , db );
657+ if (wild && wild [0 ] && len )
658+ strxnmov (query + strlen (query ), len , " like '" , wild , "'" , NullS );
655659 if (mysql_query (mysql ,query ) || !(result = mysql_store_result (mysql )))
656660 {
657661 fprintf (stderr ,"%s: Cannot get status for db: %s, table: %s: %s\n" ,
@@ -683,7 +687,8 @@ static int
683687list_fields (MYSQL * mysql ,const char * db ,const char * table ,
684688 const char * wild )
685689{
686- char query [1024 ],* end ;
690+ char query [NAME_LEN + 100 ];
691+ int len ;
687692 MYSQL_RES * result ;
688693 MYSQL_ROW row ;
689694 ulong UNINIT_VAR (rows );
@@ -697,7 +702,7 @@ list_fields(MYSQL *mysql,const char *db,const char *table,
697702
698703 if (opt_count )
699704 {
700- sprintf (query ,"select count(*) from `%s`" , table );
705+ my_snprintf (query , sizeof ( query ), "select count(*) from `%s`" , table );
701706 if (mysql_query (mysql ,query ) || !(result = mysql_store_result (mysql )))
702707 {
703708 fprintf (stderr ,"%s: Cannot get record count for db: %s, table: %s: %s\n" ,
@@ -709,9 +714,11 @@ list_fields(MYSQL *mysql,const char *db,const char *table,
709714 mysql_free_result (result );
710715 }
711716
712- end = strmov (strmov (strmov (query ,"show /*!32332 FULL */ columns from `" ),table ),"`" );
713- if (wild && wild [0 ])
714- strxmov (end ," like '" ,wild ,"'" ,NullS );
717+ len = sizeof (query );
718+ len -= my_snprintf (query , len , "show /*!32332 FULL */ columns from `%s`" ,
719+ table );
720+ if (wild && wild [0 ] && len )
721+ strxnmov (query + strlen (query ), len , " like '" , wild , "'" , NullS );
715722 if (mysql_query (mysql ,query ) || !(result = mysql_store_result (mysql )))
716723 {
717724 fprintf (stderr ,"%s: Cannot list columns in db: %s, table: %s: %s\n" ,
@@ -732,7 +739,7 @@ list_fields(MYSQL *mysql,const char *db,const char *table,
732739 print_res_top (result );
733740 if (opt_show_keys )
734741 {
735- end = strmov ( strmov ( strmov ( query , "show keys from `" ), table ), "`" );
742+ my_snprintf ( query , sizeof ( query ), "show keys from `%s`" , table );
736743 if (mysql_query (mysql ,query ) || !(result = mysql_store_result (mysql )))
737744 {
738745 fprintf (stderr ,"%s: Cannot list keys in db: %s, table: %s: %s\n" ,
0 commit comments