worked around the buffer overrun in smprintf()
This commit is contained in:
parent
1d257999ed
commit
94a62b864b
|
@ -78,14 +78,15 @@ setstatus(const char *str)
|
|||
static char *
|
||||
smprintf(const char *fmt, ...)
|
||||
{
|
||||
/* FIXME: This code should have
|
||||
bound checks, it is vulnerable to
|
||||
buffer overflows */
|
||||
va_list ap;
|
||||
char tmp[120];
|
||||
char *ret = NULL;
|
||||
|
||||
va_start(ap, fmt);
|
||||
if (vasprintf(&ret, fmt, ap) < 0)
|
||||
vsnprintf(tmp, sizeof(tmp)-1, fmt, ap);
|
||||
tmp[strlen(tmp)+1] = '\0';
|
||||
|
||||
if (asprintf(&ret, "%s", tmp) < 0)
|
||||
return NULL;
|
||||
|
||||
va_end(ap);
|
||||
|
|
Loading…
Reference in New Issue