Description: Fix buffer overflow when decoding code128 code_set_c
 A dual character string needs at least 3 bytes to be saved by sprintf. Saving
 it in a 2 byte buffer will cause the 0-delimiter to overwrite other data on the
 stack.
 .
 It is better to use snprintf to make sure that no data is written outside the
 allocated buffer and provide 3 byte for the buffer.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/exactimage/+bug/1425472
Author: Sven Eckelmann <sven@narfation.org>

---
diff --git a/bardecode/code128.hh b/bardecode/code128.hh
index e9bfadaa4efec36cf53d8b69cf45b73228a0c58b..e48b36f3555caf1d07744b3e9352ca14df16cf62 100644
--- a/bardecode/code128.hh
+++ b/bardecode/code128.hh
@@ -236,8 +236,9 @@ namespace BarDecode
         switch (code_set) {
         case code_set_c:
             if (c < 100) {
-                char str[2];
-                sprintf(str,"%02d",c);
+                char str[3];
+                snprintf(str,sizeof(str),"%02d",c);
+                str[sizeof(str) - 1] = '\0';
                 return std::string(str);
             } else {
                 return std::string(1,caux[c-96]);