diff options
| author | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 1998-05-11 06:38:36 +0000 |
| commit | 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch) | |
| tree | 305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/smbd/uid.c | |
| parent | ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff) | |
| download | samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.bz2 samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip | |
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
Diffstat (limited to 'source3/smbd/uid.c')
| -rw-r--r-- | source3/smbd/uid.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index a8e340e46f..749248ac86 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -420,7 +420,7 @@ int smbrun(char *cmd,char *outfile,BOOL shared) return(1); } - sprintf(syscmd,"%s %d %d \"(%s 2>&1) > %s\"", + slprintf(syscmd,sizeof(syscmd)-1,"%s %d %d \"(%s 2>&1) > %s\"", path,uid,gid,cmd, outfile?outfile:"/dev/null"); |