52 lines
1.6 KiB
Plaintext
52 lines
1.6 KiB
Plaintext
$OpenBSD: patch-src_diffs_cpp,v 1.1.1.1 2001/03/20 14:29:32 wilfried Exp $
|
|
|
|
fixes multiple strcpy and sprintf instances to potentially
|
|
prevent buffer overruns
|
|
|
|
|
|
--- xxdiff/src/diffs.cpp.orig Thu Mar 15 11:57:11 2001
|
|
+++ xxdiff/src/diffs.cpp Thu Mar 15 13:20:06 2001
|
|
@@ -77,26 +77,26 @@ std::string buildTag(
|
|
{
|
|
char buf[ 1024 ];
|
|
char buf2[ 1024 ];
|
|
- ::strcpy( buf, tag );
|
|
+ ::strlcpy( buf, tag, sizeof(buf) );
|
|
|
|
// FIXME this could lead to a bug.
|
|
|
|
if ( useNumber ) {
|
|
- ::strcpy( buf2, buf );
|
|
- ::sprintf( buf, buf2, number );
|
|
+ ::strlcpy( buf2, buf, sizeof(buf2));
|
|
+ ::snprintf( buf, sizeof(buf), buf2, number );
|
|
}
|
|
if ( useString ) {
|
|
- ::strcpy( buf2, buf );
|
|
+ ::strlcpy( buf2, buf, sizeof(buf2) );
|
|
if ( useConditionals ) {
|
|
if ( nbFiles == 3 && ( number == 1 || number == 2 ) ) {
|
|
- ::sprintf( buf, buf2, conditional2.c_str() );
|
|
+ ::snprintf( buf, sizeof(buf), buf2, conditional2.c_str() );
|
|
}
|
|
else {
|
|
- ::sprintf( buf, buf2, conditional1.c_str() );
|
|
+ ::snprintf( buf, sizeof(buf), buf2, conditional1.c_str() );
|
|
}
|
|
}
|
|
else {
|
|
- ::sprintf( buf, buf2, file->getDisplayName() );
|
|
+ ::snprintf( buf, sizeof(buf), buf2, file->getDisplayName() );
|
|
}
|
|
}
|
|
|
|
@@ -727,7 +727,7 @@ bool XxDiffs::save(
|
|
std::string::size_type pos = tags[ii].find( "%d" );
|
|
if ( pos != std::string::npos ) {
|
|
char buf[12];
|
|
- ::sprintf( buf, "%d", ii+1 );
|
|
+ ::snprintf( buf, sizeof(buf), "%d", ii+1 );
|
|
tags[ii].replace( pos, 2, buf );
|
|
}
|
|
|