From 25eb9ff35e76312b09ff5613c9a3cc1275938680 Mon Sep 17 00:00:00 2001
From: "Ali H. Fardan" <raiz@firemail.cc>
Date: Sun, 28 Aug 2016 16:30:12 +0300
Subject: [PATCH] FIXME: buffer overflow warning

---
 slstatus.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/slstatus.c b/slstatus.c
index 90534d9..4dbe650 100644
--- a/slstatus.c
+++ b/slstatus.c
@@ -78,17 +78,17 @@ setstatus(const char *str)
 static char *
 smprintf(const char *fmt, ...)
 {
-	va_list fmtargs;
-	char tmp[120];
+	/* FIXME: This code should have
+	bound checks, it is vulnerable to
+	buffer overflows */
+	va_list ap;
 	char *ret = NULL;
 
-	va_start(fmtargs, fmt);
-	snprintf(tmp, sizeof(tmp)-1, fmt, fmtargs);
-	tmp[sizeof(tmp)] = '\0';
-	if (asprintf(&ret, "%s", tmp) < 0)
+	va_start(ap, fmt);
+	if (vasprintf(&ret, fmt, ap) < 0)
 		return NULL;
 
-	va_end(fmtargs);
+	va_end(ap);
 	return ret;
 }