diff --git a/README.md b/README.md
index 6757e680b..596a7ddb4 100755
--- a/README.md
+++ b/README.md
@@ -145,6 +145,7 @@ For previous versions, please read:
## V3 changes
+* v3.0, 2019-12-11, For [#1229][bug #1229], fix the security risk in HDS. 3.0.69
* v3.0, 2019-12-05, Fix [#1506][bug #1501], support directly turn FLV timestamp to TS DTS. 3.0.68
* v3.0, 2019-11-30, [3.0 alpha3(3.0.67)][r3.0a3] released. 110864 lines.
* v3.0, 2019-12-01, Fix [#1501][bug #1501], use request coworker for origin cluster. 3.0.67
@@ -1510,6 +1511,7 @@ Winlin
[bug #1051]: https://github.com/ossrs/srs/issues/1051
[bug #1093]: https://github.com/ossrs/srs/issues/1093
[bug #1501]: https://github.com/ossrs/srs/issues/1501
+[bug #1229]: https://github.com/ossrs/srs/issues/1229
[bug #xxxxxxxxxxxxx]: https://github.com/ossrs/srs/issues/xxxxxxxxxxxxx
[exo #828]: https://github.com/google/ExoPlayer/pull/828
diff --git a/trunk/src/app/srs_app_hds.cpp b/trunk/src/app/srs_app_hds.cpp
index dc5d38a7f..3517fb84c 100644
--- a/trunk/src/app/srs_app_hds.cpp
+++ b/trunk/src/app/srs_app_hds.cpp
@@ -200,7 +200,7 @@ public:
inline void set_index(int idx)
{
char file_path[1024] = {0};
- sprintf(file_path, "%s/%s/%sSeg1-Frag%d", _srs_config->get_hds_path(req->vhost).c_str()
+ snprintf(file_path, 1024, "%s/%s/%sSeg1-Frag%d", _srs_config->get_hds_path(req->vhost).c_str()
, req->app.c_str(), req->stream.c_str(), idx);
path = file_path;
@@ -428,7 +428,7 @@ srs_error_t SrsHds::flush_mainfest()
srs_error_t err = srs_success;
char buf[1024] = {0};
- sprintf(buf, "\n"
+ snprintf(buf, 1024, "\n"
"\n\t"
"%s.f4m\n\t"
"live\n\t"
diff --git a/trunk/src/utest/srs_utest_core.cpp b/trunk/src/utest/srs_utest_core.cpp
index 0f8b44bb1..24da2ae9b 100644
--- a/trunk/src/utest/srs_utest_core.cpp
+++ b/trunk/src/utest/srs_utest_core.cpp
@@ -64,3 +64,9 @@ VOID TEST(CoreMacroseTest, Check)
#endif
}
+VOID TEST(CoreLogger, CheckVsnprintf)
+{
+ char buf[1024];
+ EXPECT_EQ(6, sprintf(buf, "%s", "Hello!"));
+}
+