diff options
author | joshd <joshd@cvs.openbsd.org> | 1996-07-26 05:22:12 +0000 |
---|---|---|
committer | joshd <joshd@cvs.openbsd.org> | 1996-07-26 05:22:12 +0000 |
commit | 7284714cd6f9cc5a5ff17d2eb7ea7c5ddfbf6bea (patch) | |
tree | 8c6d50d1b95246503b37e2585d61c859cf45da8f | |
parent | 4892c176debecaa8b448d7694947f8a7433312c4 (diff) |
should not use sprintf unless input strings are of known value
Doesn't look to be exploitable.
-rw-r--r-- | usr.sbin/syslogd/syslogd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 9ac442243a6..1e453d76b1c 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -588,12 +588,12 @@ fprintlog(f, flags, msg) struct iovec iov[6]; struct iovec *v; int l; - char line[MAXLINE + 1], repbuf[80], greetings[200]; + char line[MAXLINE + 1], repbuf[80], greetings[500]; v = iov; if (f->f_type == F_WALL) { v->iov_base = greetings; - v->iov_len = sprintf(greetings, + v->iov_len = snprintf(greetings, 500, "\r\n\7Message from syslogd@%s at %.24s ...\r\n", f->f_prevhost, ctime(&now)); v++; |