diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-07-17 23:41:11 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-07-17 23:41:11 +0000 |
| commit | 2d75283b5f8c3fd810002e9211b5b33d05c5e36a (patch) | |
| tree | f79b58dd01d78bcd3ed7a209d8bf92e834121071 | |
| parent | cabb04b1427b552b960fbaaa18ca3b4b30d6d810 (diff) | |
buffer overflow from dholland@hcs.HARVARD.EDU; could do with some cleanup?
| -rw-r--r-- | libexec/talkd/announce.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/libexec/talkd/announce.c b/libexec/talkd/announce.c index e6c0572cb21..6e7863c2be7 100644 --- a/libexec/talkd/announce.c +++ b/libexec/talkd/announce.c @@ -1,4 +1,4 @@ -/* $OpenBSD: announce.c,v 1.3 1996/07/17 23:17:08 deraadt Exp $ */ +/* $OpenBSD: announce.c,v 1.4 1996/07/17 23:41:10 deraadt Exp $ */ /* * Copyright (c) 1983 Regents of the University of California. @@ -35,7 +35,7 @@ #ifndef lint /*static char sccsid[] = "from: @(#)announce.c 5.9 (Berkeley) 2/26/91";*/ -static char rcsid[] = "$Id: announce.c,v 1.3 1996/07/17 23:17:08 deraadt Exp $"; +static char rcsid[] = "$Id: announce.c,v 1.4 1996/07/17 23:41:10 deraadt Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -160,28 +160,30 @@ print_mesg(tf, request, remote_machine) gettimeofday(&clock, &zone); clocktime = clock.tv_sec; localclock = localtime(&clocktime); - (void)sprintf(line_buf[i], " "); + (void)snprintf(line_buf[i], N_CHARS, " "); sizes[i] = strlen(line_buf[i]); max_size = max(max_size, sizes[i]); i++; - (void)sprintf(line_buf[i], "Message from Talk_Daemon@%s at %d:%02d ...", - hostname, localclock->tm_hour , localclock->tm_min ); + (void)snprintf(line_buf[i], N_CHARS, + "Message from Talk_Daemon@%s at %d:%02d ...", + hostname, localclock->tm_hour , localclock->tm_min ); sizes[i] = strlen(line_buf[i]); max_size = max(max_size, sizes[i]); i++; vis_user = (char *) malloc(strlen(request->l_name) * 4 + 1); strvis(vis_user, request->l_name, VIS_CSTYLE); - (void)sprintf(line_buf[i], "talk: connection requested by %s@%s.", + (void)snprintf(line_buf[i], N_CHARS, + "talk: connection requested by %s@%s.", vis_user, remote_machine); sizes[i] = strlen(line_buf[i]); max_size = max(max_size, sizes[i]); i++; - (void)sprintf(line_buf[i], "talk: respond with: talk %s@%s", + (void)snprintf(line_buf[i], N_CHARS, "talk: respond with: talk %s@%s", vis_user, remote_machine); sizes[i] = strlen(line_buf[i]); max_size = max(max_size, sizes[i]); i++; - (void)sprintf(line_buf[i], " "); + (void)snprintf(line_buf[i], N_CHARS, " "); sizes[i] = strlen(line_buf[i]); max_size = max(max_size, sizes[i]); i++; |