diff options
author | Steve Bennett <steveb@workware.net.au> | 2011-01-24 16:10:29 +1000 |
---|---|---|
committer | Steve Bennett <steveb@workware.net.au> | 2011-01-24 16:13:06 +1000 |
commit | c792c6c1957ebd5e617cdbfb26271f72d348fa12 (patch) | |
tree | 574d57a5692d144dc35fb2fbd6e5e2e24a4dfb6a | |
parent | bdc8eea02bdb053649bc896440b2ffd2d3efb04a (diff) | |
download | jimtcl-c792c6c1957ebd5e617cdbfb26271f72d348fa12.zip jimtcl-c792c6c1957ebd5e617cdbfb26271f72d348fa12.tar.gz jimtcl-c792c6c1957ebd5e617cdbfb26271f72d348fa12.tar.bz2 |
Use snprintf() to avoid buffer overflow
The only real potential overflow is parsing a bogus
unix domain socket path.
Signed-off-by: Steve Bennett <steveb@workware.net.au>
-rw-r--r-- | jim-aio.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -252,7 +252,7 @@ static int JimParseIpAddress(Jim_Interp *interp, const char *hostport, union soc static int JimParseDomainAddress(Jim_Interp *interp, const char *path, struct sockaddr_un *sa) { sa->sun_family = PF_UNIX; - strcpy(sa->sun_path, path); + snprintf(sa->sun_path, sizeof(sa->sun_path), "%s", path); return JIM_OK; } @@ -608,7 +608,7 @@ static int aio_cmd_accept(Jim_Interp *interp, int argc, Jim_Obj *const *argv) af->wEvent = NULL; af->eEvent = NULL; af->addr_family = serv_af->addr_family; - sprintf(buf, "aio.sockstream%ld", Jim_GetId(interp)); + snprintf(buf, sizeof(buf), "aio.sockstream%ld", Jim_GetId(interp)); Jim_CreateCommand(interp, buf, JimAioSubCmdProc, af, JimAioDelProc); Jim_SetResultString(interp, buf, -1); return JIM_OK; @@ -949,7 +949,7 @@ static int JimAioOpenCommand(Jim_Interp *interp, int argc, return JIM_ERR; } /* Get the next file id */ - sprintf(buf, "aio.handle%ld", Jim_GetId(interp)); + snprintf(buf, sizeof(buf), "aio.handle%ld", Jim_GetId(interp)); cmdname = buf; } |