Fix sprintf() overflow for long urls: sprintf() -> snprintf().

author: fredb <fredb> 2002-03-23 22:48:09 +0000
committer: fredb <fredb> 2002-03-23 22:48:09 +0000
commit: 293aa0ae27e3c2372b90efe8b54229f68b418cce (patch)
tree: 842efb0a3d99e977a2c3eaf9308746ee748e83bc /www
parent: 6f45a21face414983fbbd3d0daa04c0cd42bc99e (diff)
download: pkgsrc-293aa0ae27e3c2372b90efe8b54229f68b418cce.tar.gz
2 files changed, 16 insertions, 1 deletions
diff --git a/www/wwwoffle/distinfo b/www/wwwoffle/distinfo
index 1be0cd7fff4..f05d238f74f 100644
--- a/www/wwwoffle/distinfo
+++ b/www/wwwoffle/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.7 2002/03/10 22:14:30 fredb Exp $
+$NetBSD: distinfo,v 1.8 2002/03/23 22:48:09 fredb Exp $
 
 SHA1 (wwwoffle-2.7.tgz) = d898f6b15a34e55ddc49161278726a55b01ec377
 Size (wwwoffle-2.7.tgz) = 832728 bytes
 SHA1 (patch-aa) = 580868aed26f02378db32303f8a16fb178ca92dd
+SHA1 (patch-ab) = 30f40b7e4726692e7c2a75e5ee85a5f047911e36
diff --git a/www/wwwoffle/patches/patch-ab b/www/wwwoffle/patches/patch-ab
new file mode 100644
index 00000000000..3a47da1c63c
--- /dev/null
+++ b/www/wwwoffle/patches/patch-ab
@@ -0,0 +1,14 @@
+$NetBSD: patch-ab,v 1.5 2002/03/23 22:48:09 fredb Exp $
+
+--- src/parse.c.orig	Sun Jan 20 04:54:12 2002
++++ src/parse.c
+@@ -208,7 +208,8 @@
+     else
+        strcat(url,"?");
+ 
+-    sprintf(url+strlen(url),"!%s:%s.%08lx",(*request_head)->method,MakeHash((*request_body)->content),time(NULL));
++    if (snprintf(url+strlen(url),40,"!%s:%s.%08lx",(*request_head)->method,MakeHash((*request_body)->content),time(NULL)) >= 40)
++	{free(url);return(NULL);}
+    }
+ 
+  return(url);
author	fredb <fredb>	2002-03-23 22:48:09 +0000
committer	fredb <fredb>	2002-03-23 22:48:09 +0000
commit	293aa0ae27e3c2372b90efe8b54229f68b418cce (patch)
tree	842efb0a3d99e977a2c3eaf9308746ee748e83bc /www
parent	6f45a21face414983fbbd3d0daa04c0cd42bc99e (diff)
download	pkgsrc-293aa0ae27e3c2372b90efe8b54229f68b418cce.tar.gz