FIXME: buffer overflow warning

This commit is contained in:
Ali H. Fardan 2016-08-28 16:30:12 +03:00
parent 24c4134df6
commit 25eb9ff35e
1 changed files with 7 additions and 7 deletions

View File

@ -78,17 +78,17 @@ setstatus(const char *str)
static char *
smprintf(const char *fmt, ...)
{
va_list fmtargs;
char tmp[120];
/* FIXME: This code should have
bound checks, it is vulnerable to
buffer overflows */
va_list ap;
char *ret = NULL;
va_start(fmtargs, fmt);
snprintf(tmp, sizeof(tmp)-1, fmt, fmtargs);
tmp[sizeof(tmp)] = '\0';
if (asprintf(&ret, "%s", tmp) < 0)
va_start(ap, fmt);
if (vasprintf(&ret, fmt, ap) < 0)
return NULL;
va_end(fmtargs);
va_end(ap);
return ret;
}