From 421099f68e7b751fe3e3b8f849c1be44416f4013 Mon Sep 17 00:00:00 2001
From: K J <anticream39@yahoo.com>
Date: Tue, 12 Aug 2025 12:50:05 -0400
Subject: [PATCH] replace `vsprintf` with `vsnprintf` in `CONS_Printf`

fixes a buffer overrun that can occur when printing extremely long strings
crash found by Lat, cause diagnosed by X.Organic
---
 src/console.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/console.c b/src/console.c
index 267565829..3826b44ad 100644
--- a/src/console.c
+++ b/src/console.c
@@ -1252,7 +1252,7 @@ void CONS_Printf(const char *fmt, ...)
 		txt = malloc(8192);
 
 	va_start(argptr, fmt);
-	vsprintf(txt, fmt, argptr);
+	vsnprintf(txt, 8192, fmt, argptr);
 	va_end(argptr);
 
 	Lock_state();