36 lines
1.4 KiB
Plaintext
36 lines
1.4 KiB
Plaintext
$OpenBSD: patch-cgi_cgi_c,v 1.1 2005/10/28 12:48:49 markus Exp $
|
|
--- cgi/cgi.c.orig Tue Oct 25 10:50:41 2005
|
|
+++ cgi/cgi.c Tue Oct 25 10:52:15 2005
|
|
@@ -625,7 +625,7 @@ static void _launch_debugger (CGI *cgi,
|
|
|
|
if (!pid)
|
|
{
|
|
- sprintf(buffer, debugger, display, Argv0, myPid);
|
|
+ snprintf(buffer, sizeof(buffer), debugger, display, Argv0, myPid);
|
|
execl("/bin/sh", "sh", "-c", buffer, NULL);
|
|
}
|
|
else
|
|
@@ -1320,11 +1320,11 @@ NEOERR *cgi_output (CGI *cgi, STRING *st
|
|
{
|
|
if (use_gzip)
|
|
{
|
|
- /* I'm using sprintf instead of cgiwrap_writef since
|
|
+ /* I'm using snprintf instead of cgiwrap_writef since
|
|
* the wrapper writef might not handle values with
|
|
* embedded NULLs... though I should fix the python one
|
|
* now as well */
|
|
- sprintf(gz_buf, "%c%c%c%c%c%c%c%c%c%c", gz_magic[0], gz_magic[1],
|
|
+ snprintf(gz_buf, sizeof(gz_buf), "%c%c%c%c%c%c%c%c%c%c", gz_magic[0], gz_magic[1],
|
|
Z_DEFLATED, 0 /*flags*/, 0,0,0,0 /*time*/, 0 /*xflags*/,
|
|
OS_CODE);
|
|
err = cgiwrap_write(gz_buf, 10);
|
|
@@ -1336,7 +1336,7 @@ NEOERR *cgi_output (CGI *cgi, STRING *st
|
|
if (use_gzip)
|
|
{
|
|
/* write crc and len in network order */
|
|
- sprintf(gz_buf, "%c%c%c%c%c%c%c%c",
|
|
+ snprintf(gz_buf, sizeof(gz_buf), "%c%c%c%c%c%c%c%c",
|
|
(0xff & (crc >> 0)),
|
|
(0xff & (crc >> 8)),
|
|
(0xff & (crc >> 16)),
|