diff options
| author | fredb <fredb> | 2002-03-23 22:48:09 +0000 |
|---|---|---|
| committer | fredb <fredb> | 2002-03-23 22:48:09 +0000 |
| commit | 293aa0ae27e3c2372b90efe8b54229f68b418cce (patch) | |
| tree | 842efb0a3d99e977a2c3eaf9308746ee748e83bc /www/wwwoffle/patches | |
| parent | 6f45a21face414983fbbd3d0daa04c0cd42bc99e (diff) | |
| download | pkgsrc-293aa0ae27e3c2372b90efe8b54229f68b418cce.tar.gz | |
Fix sprintf() overflow for long urls: sprintf() -> snprintf().
Diffstat (limited to 'www/wwwoffle/patches')
| -rw-r--r-- | www/wwwoffle/patches/patch-ab | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/www/wwwoffle/patches/patch-ab b/www/wwwoffle/patches/patch-ab new file mode 100644 index 00000000000..3a47da1c63c --- /dev/null +++ b/www/wwwoffle/patches/patch-ab @@ -0,0 +1,14 @@ +$NetBSD: patch-ab,v 1.5 2002/03/23 22:48:09 fredb Exp $ + +--- src/parse.c.orig Sun Jan 20 04:54:12 2002 ++++ src/parse.c +@@ -208,7 +208,8 @@ + else + strcat(url,"?"); + +- sprintf(url+strlen(url),"!%s:%s.%08lx",(*request_head)->method,MakeHash((*request_body)->content),time(NULL)); ++ if (snprintf(url+strlen(url),40,"!%s:%s.%08lx",(*request_head)->method,MakeHash((*request_body)->content),time(NULL)) >= 40) ++ {free(url);return(NULL);} + } + + return(url); |