1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
Make sure we don't overflow buffers if input is really big.
Also move the string array to local scope.
Patch by Mike Frysinger <vapier@gentoo.org>
--- str.c
+++ str.c
@@ -103,4 +103,11 @@
break;
}
+ else if(str2-str+1 >= lim)
+ {
+ fprintf(stderr, "String too large for buffer of %i chars; truncated\n", lim-1);
+ ret_val = FALSE;
+ *str2 = '\0';
+ break;
+ }
switch(*str2)
{
--- funct.c
+++ funct.c
@@ -88,5 +88,4 @@
}
-char string[128];
/* the date function */
@@ -97,4 +96,5 @@
struct tm *loc_time;
time_t lt;
+ char string[128];
lt = time(NULL);
@@ -102,5 +102,5 @@
str_esc(str, work_str, sizeof(work_str));
loc_time = localtime(<);
- strftime(string, 128, work_str, loc_time);
+ strftime(string, sizeof(string), work_str, loc_time);
printf("%s", string);
|
GitWeb
