From 25eb9ff35e76312b09ff5613c9a3cc1275938680 Mon Sep 17 00:00:00 2001 From: "Ali H. Fardan" Date: Sun, 28 Aug 2016 16:30:12 +0300 Subject: FIXME: buffer overflow warning --- slstatus.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/slstatus.c b/slstatus.c index 90534d9..4dbe650 100644 --- a/slstatus.c +++ b/slstatus.c @@ -78,17 +78,17 @@ setstatus(const char *str) static char * smprintf(const char *fmt, ...) { - va_list fmtargs; - char tmp[120]; + /* FIXME: This code should have + bound checks, it is vulnerable to + buffer overflows */ + va_list ap; char *ret = NULL; - va_start(fmtargs, fmt); - snprintf(tmp, sizeof(tmp)-1, fmt, fmtargs); - tmp[sizeof(tmp)] = '\0'; - if (asprintf(&ret, "%s", tmp) < 0) + va_start(ap, fmt); + if (vasprintf(&ret, fmt, ap) < 0) return NULL; - va_end(fmtargs); + va_end(ap); return ret; } -- cgit v1.2.3