diff options
| author | Warner Losh <imp@FreeBSD.org> | 1998-06-09 04:17:29 +0000 |
|---|---|---|
| committer | Warner Losh <imp@FreeBSD.org> | 1998-06-09 04:17:29 +0000 |
| commit | 448b84a0e40e0a1938a76aa94d35d8ada3d095f4 (patch) | |
| tree | f520d497ca2aa4a48bb7e260967a540a78ced181 /usr.bin/systat/main.c | |
| parent | 9a1f6729af51ed5c6bb39411f2abd598dd04836b (diff) | |
| download | src-448b84a0e40e0a1938a76aa94d35d8ada3d095f4.tar.gz src-448b84a0e40e0a1938a76aa94d35d8ada3d095f4.zip | |
o Use snprintf rather than sprintf
o Add more checks for buffer overflows
o Use snprintf rather than strcat/cpy and have better checks for max
length exceeded.
Most of these changes are not exploitable buffer overruns, but it never
hurts to be safe.
Inspired by and obtained from: OpenBSD
Notes
Notes:
svn path=/head/; revision=36789
Diffstat (limited to 'usr.bin/systat/main.c')
| -rw-r--r-- | usr.bin/systat/main.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/systat/main.c b/usr.bin/systat/main.c index 7b5580547454..3a97aa379136 100644 --- a/usr.bin/systat/main.c +++ b/usr.bin/systat/main.c @@ -42,7 +42,7 @@ static char copyright[] = static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id: main.c,v 1.6 1997/08/13 06:45:10 charnier Exp $"; + "$Id: main.c,v 1.7 1997/08/26 10:59:26 charnier Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -258,7 +258,7 @@ error(fmt, va_alist) if (wnd) { getyx(stdscr, oy, ox); - (void) vsprintf(buf, fmt, ap); + (void) vsnprintf(buf, sizeof(buf), fmt, ap); clrtoeol(); standout(); mvaddstr(CMDLINE, 0, buf); |