From 5f4b10088fdb88ad4326211ebe9933b92d4f7eb7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 25 Sep 2001 22:21:52 +1000 Subject: [PATCH] - (djm) Avoid bad and unportable sprintf usage in compat code --- ChangeLog | 3 ++- openbsd-compat/inet_ntop.c | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8fea9bd89..39510264a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ - (djm) Pull in auth-krb5.c from OpenBSD CVS. NB. it is not currently used. - (djm) Sync $sysconfdir/moduli - (djm) Add AC_SYS_LARGEFILE configure test + - (djm) Avoid bad and unportable sprintf usage in compat code 20010923 - (bal) updated ssh.c to mirror minor getopts 'extern int' formating done @@ -6568,4 +6569,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1562 2001/09/25 06:39:35 djm Exp $ +$Id: ChangeLog,v 1.1563 2001/09/25 12:21:52 djm Exp $ diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c index bf3d97ade..2b8d31f8d 100644 --- a/openbsd-compat/inet_ntop.c +++ b/openbsd-compat/inet_ntop.c @@ -104,7 +104,8 @@ inet_ntop4(src, dst, size) static const char fmt[] = "%u.%u.%u.%u"; char tmp[sizeof "255.255.255.255"]; - if (sprintf(tmp, fmt, src[0], src[1], src[2], src[3]) > size) { + if (snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], + src[3]) > size) { errno = ENOSPC; return (NULL); } @@ -190,7 +191,8 @@ inet_ntop6(src, dst, size) tp += strlen(tp); break; } - tp += sprintf(tp, "%x", words[i]); + snprintf(tp, sizeof(tmp - (tp - tmp)), "%x", words[i]); + tp += strlen(tp); } /* Was it a trailing run of 0x00's? */ if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ))