summaryrefslogtreecommitdiff
path: root/usr.sbin/lpr/common_source/displayq.c
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>1996-10-25 19:38:24 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>1996-10-25 19:38:24 +0000
commit54d9c030a9eb88aec5d7bca3eddad4a71b52ed1f (patch)
tree26398a3548b72884d9e7f88f1e303d772bd8ff91 /usr.sbin/lpr/common_source/displayq.c
parentcf129a78e19c51cae5e0dcb02628e09c4ef90191 (diff)
proactive bounds checking; help from millert
Diffstat (limited to 'usr.sbin/lpr/common_source/displayq.c')
-rw-r--r--usr.sbin/lpr/common_source/displayq.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.sbin/lpr/common_source/displayq.c b/usr.sbin/lpr/common_source/displayq.c
index 7a1282b8ee4..503a7c43f4f 100644
--- a/usr.sbin/lpr/common_source/displayq.c
+++ b/usr.sbin/lpr/common_source/displayq.c
@@ -225,13 +225,14 @@ displayq(format)
*/
if (nitems)
putchar('\n');
- (void) sprintf(line, "%c%s", format + '\3', RP);
+ (void) snprintf(line, sizeof line, "%c%s", format + '\3', RP);
cp = line;
- for (i = 0; i < requests; i++) {
+ for (i = 0; i < requests && cp-line+10 < sizeof line; i++) {
cp += strlen(cp);
(void) sprintf(cp, " %d", requ[i]);
}
- for (i = 0; i < users; i++) {
+ for (i = 0; i < users && cp-line+1+strlen(user[i]) <
+ sizeof line; i++) {
cp += strlen(cp);
*cp++ = ' ';
(void) strcpy(cp, user[i]);
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-17 06:08:08 +0000