diff options
author | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
commit | 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch) | |
tree | 305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/lib/util.c | |
parent | ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff) | |
download | samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.bz2 samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip |
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
Diffstat (limited to 'source3/lib/util.c')
-rw-r--r-- | source3/lib/util.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index 2f637e1495..ee87d48388 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -226,7 +226,7 @@ static void check_log_size(void) if (dbf && file_size(debugf) > maxlog) { pstring name; fclose(dbf); dbf = NULL; - sprintf(name,"%s.old",debugf); + slprintf(name,sizeof(name)-1,"%s.old",debugf); sys_rename(debugf,name); reopen_logs(); } @@ -313,7 +313,7 @@ va_dcl va_start(ap); format_str = va_arg(ap,char *); #endif - vsprintf(msgbuf, format_str, ap); + vslprintf(msgbuf, sizeof(msgbuf)-1,format_str, ap); va_end(ap); msgbuf[255] = '\0'; @@ -3839,7 +3839,7 @@ static char *automount_lookup(char *user_name) if (strcmp(user_name, last_key)) { - sprintf(buffer, "[%s=%s]%s.%s", "key", user_name, nis_map, nis_domain); + slprintf(buffer, sizeof(buffer)-1, "[%s=%s]%s.%s", "key", user_name, nis_map, nis_domain); DEBUG(5, ("NIS+ querystring: %s\n", buffer)); if (result = nis_list(buffer, RETURN_RESULT, NULL, NULL)) |