diff options
| author | Moritz Jodeit <moritz@cvs.openbsd.org> | 2007-09-17 07:07:24 +0000 |
|---|---|---|
| committer | Moritz Jodeit <moritz@cvs.openbsd.org> | 2007-09-17 07:07:24 +0000 |
| commit | 78bd82b79fdb80709642f906507dbf2b169271d9 (patch) | |
| tree | a44ce4d3fa6dd9758572d4125985c736db06c00c /lib/libc/yp | |
| parent | f75700d891f9b74d2f1c29a1ced7415b4916ea8f (diff) | |
Check snprintf(3) return value for error or truncation.
Mostly path construction, where truncation could be bad.
ok and input from deraadt@ millert@ ray@
Diffstat (limited to 'lib/libc/yp')
| -rw-r--r-- | lib/libc/yp/yp_bind.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/libc/yp/yp_bind.c b/lib/libc/yp/yp_bind.c index e1ef44433e4..fa8fa63531d 100644 --- a/lib/libc/yp/yp_bind.c +++ b/lib/libc/yp/yp_bind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: yp_bind.c,v 1.15 2005/08/05 13:02:16 espie Exp $ */ +/* $OpenBSD: yp_bind.c,v 1.16 2007/09/17 07:07:23 moritz Exp $ */ /* * Copyright (c) 1992, 1993, 1996 Theo de Raadt <deraadt@theos.com> * All rights reserved. @@ -106,8 +106,13 @@ _yp_dobind(const char *dom, struct dom_binding **ypdb) } again: if (ysd->dom_vers == 0) { - (void) snprintf(path, sizeof(path), "%s/%s.%d", + r = snprintf(path, sizeof(path), "%s/%s.%d", BINDINGDIR, dom, 2); + if (r < 0 || r >= sizeof(path)) { + if (new) + free(ysd); + return YPERR_BADARGS; + } if ((fd = open(path, O_RDONLY)) == -1) { /* * no binding file, YP is dead, or not yet fully |