diff options
| author | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
| commit | 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch) | |
| tree | 305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/smbd/trans2.c | |
| parent | ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff) | |
| download | samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.bz2 samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip | |
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
Diffstat (limited to 'source3/smbd/trans2.c')
| -rw-r--r-- | source3/smbd/trans2.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index af70064ef4..fb45efcc0b 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -772,7 +772,7 @@ static int call_trans2findfirst(char *inbuf, char *outbuf, int bufsize, int cnum send_trans2_replies( outbuf, bufsize, params, 10, pdata, PTR_DIFF(p,pdata)); if ((! *directory) && dptr_path(dptr_num)) - sprintf(directory,"(%s)",dptr_path(dptr_num)); + slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); DEBUG(4,("%s %s mask=%s directory=%s cnum=%d dirtype=%d numentries=%d\n", timestring(), @@ -985,7 +985,7 @@ resume_key = %d resume name = %s continue=%d level = %d\n", send_trans2_replies( outbuf, bufsize, params, 8, pdata, PTR_DIFF(p,pdata)); if ((! *directory) && dptr_path(dptr_num)) - sprintf(directory,"(%s)",dptr_path(dptr_num)); + slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); DEBUG(3,("%s %s mask=%s directory=%s cnum=%d dirtype=%d numentries=%d\n", timestring(), |