FIXME: buffer overflow warning
This commit is contained in:
parent
24c4134df6
commit
25eb9ff35e
14
slstatus.c
14
slstatus.c
@ -78,17 +78,17 @@ setstatus(const char *str)
|
||||
static char *
|
||||
smprintf(const char *fmt, ...)
|
||||
{
|
||||
va_list fmtargs;
|
||||
char tmp[120];
|
||||
/* FIXME: This code should have
|
||||
bound checks, it is vulnerable to
|
||||
buffer overflows */
|
||||
va_list ap;
|
||||
char *ret = NULL;
|
||||
|
||||
va_start(fmtargs, fmt);
|
||||
snprintf(tmp, sizeof(tmp)-1, fmt, fmtargs);
|
||||
tmp[sizeof(tmp)] = '\0';
|
||||
if (asprintf(&ret, "%s", tmp) < 0)
|
||||
va_start(ap, fmt);
|
||||
if (vasprintf(&ret, fmt, ap) < 0)
|
||||
return NULL;
|
||||
|
||||
va_end(fmtargs);
|
||||
va_end(ap);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user