empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

(sendcmd): Don't overflow buf[]. The bug was fairly harmless, because

Browse source 
the overflowing data comes from the local user.
This commit is contained in:
Markus Armbruster 2007-12-14 06:01:13 +00:00
parent bac5345914
commit 92a14cca4d
1 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/client/expect.c
View file

@ -126,11 +126,14 @@ void
sendcmd(int s, char *cmd, char *arg) sendcmd(int s, char *cmd, char *arg)
{ {
char buf[128]; char buf[128];
int cc; int cc, len;
int len;
(void)sprintf(buf, "%s %s\n", cmd, arg != NULL ? arg : ""); len = snprintf(buf, sizeof(buf), "%s %s\n",
len = strlen(buf); cmd, arg != NULL ? arg : "");
if (len >= (int)sizeof(buf)) {
fprintf(stderr, "%s too long\n", cmd);
exit(1);
}
cc = write(s, buf, len); cc = write(s, buf, len);
if (cc < 0) { if (cc < 0) {
perror("sendcmd: write"); perror("sendcmd: write");