commit 25eb9ff35e76312b09ff5613c9a3cc1275938680
parent 24c4134df6e0f7dc86e5f3c57342d2b60b1e5dab
Author: Ali H. Fardan <raiz@firemail.cc>
Date: Sun, 28 Aug 2016 16:30:12 +0300
FIXME: buffer overflow warning
Diffstat:
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/slstatus.c b/slstatus.c
@@ -78,17 +78,17 @@ setstatus(const char *str)
static char *
smprintf(const char *fmt, ...)
{
- va_list fmtargs;
- char tmp[120];
+ /* FIXME: This code should have
+ bound checks, it is vulnerable to
+ buffer overflows */
+ va_list ap;
char *ret = NULL;
- va_start(fmtargs, fmt);
- snprintf(tmp, sizeof(tmp)-1, fmt, fmtargs);
- tmp[sizeof(tmp)] = '\0';
- if (asprintf(&ret, "%s", tmp) < 0)
+ va_start(ap, fmt);
+ if (vasprintf(&ret, fmt, ap) < 0)
return NULL;
- va_end(fmtargs);
+ va_end(ap);
return ret;
}
