diff options
author | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
commit | 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch) | |
tree | 305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/smbd/message.c | |
parent | ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff) | |
download | samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.bz2 samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip |
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
Diffstat (limited to 'source3/smbd/message.c')
-rw-r--r-- | source3/smbd/message.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/smbd/message.c b/source3/smbd/message.c index 24477f31ff..b368c4d031 100644 --- a/source3/smbd/message.c +++ b/source3/smbd/message.c @@ -53,7 +53,7 @@ static void msg_deliver(void) } /* put it in a temporary file */ - sprintf(s,"%s/msg.XXXXXX",tmpdir()); + slprintf(s,sizeof(s)-1, "%s/msg.XXXXXX",tmpdir()); fstrcpy(name,(char *)mktemp(s)); fd = open(name,O_WRONLY|O_CREAT|O_TRUNC|O_EXCL,0600); |