diff options
Diffstat (limited to 'source3/web')
-rw-r--r-- | source3/web/cgi.c | 10 | ||||
-rw-r--r-- | source3/web/startstop.c | 4 | ||||
-rw-r--r-- | source3/web/statuspage.c | 4 |
3 files changed, 9 insertions, 9 deletions
diff --git a/source3/web/cgi.c b/source3/web/cgi.c index a1aa4d753d..5958b0a419 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -296,17 +296,17 @@ char *quotedup(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '<': - strcpy(d, "<"); + safe_strcpy(d, "<", len + n*6 - (d - ret)); d += 4; break; case '>': - strcpy(d, ">"); + safe_strcpy(d, ">", len + n*6 - (d - ret)); d += 4; break; case '&': - strcpy(d, "&"); + safe_strcpy(d, "&", len + n*6 - (d - ret)); d += 5; break; @@ -347,7 +347,7 @@ char *urlquote(char *s) for (i=0;i<len;i++) { if (strchr(qlist,s[i])) { - sprintf(d, "%%%02X", (int)s[i]); + slprintf(d, len + n*2 - (d - ret), "%%%02X", (int)s[i]); d += 3; } else { *d++ = s[i]; @@ -387,7 +387,7 @@ char *quotequotes(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '"': - strcpy(d, """); + safe_strcpy(d, """, len + n*6 - (d - ret)); d += 6; break; diff --git a/source3/web/startstop.c b/source3/web/startstop.c index 7ac66f2180..63e5afead2 100644 --- a/source3/web/startstop.c +++ b/source3/web/startstop.c @@ -37,7 +37,7 @@ void start_smbd(void) return; } - sprintf(binfile,"%s/smbd", SBINDIR); + slprintf(binfile, sizeof(pstring) - 1, "%s/smbd", SBINDIR); become_daemon(); @@ -58,7 +58,7 @@ void start_nmbd(void) return; } - sprintf(binfile,"%s/nmbd", SBINDIR); + slprintf(binfile, sizeof(pstring) - 1, "%s/nmbd", SBINDIR); become_daemon(); diff --git a/source3/web/statuspage.c b/source3/web/statuspage.c index 9bcc99a6af..184f7e1f73 100644 --- a/source3/web/statuspage.c +++ b/source3/web/statuspage.c @@ -121,7 +121,7 @@ void status_page(void) pstrcpy(fname,lp_lockdir()); standard_sub_basic(fname); trim_string(fname,"","/"); - strcat(fname,"/STATUS..LCK"); + pstrcat(fname,"/STATUS..LCK"); f = fopen(fname,"r"); @@ -131,7 +131,7 @@ void status_page(void) if (crec.magic == 0x280267 && crec.cnum == -1 && process_exists(crec.pid)) { char buf[30]; - sprintf(buf,"kill_%d", crec.pid); + slprintf(buf,sizeof(buf)-1,"kill_%d", crec.pid); if (cgi_variable(buf)) { kill_pid(crec.pid); } |