From 7d05c2e5ed96410ac23b61db24c5bde9245738b8 Mon Sep 17 00:00:00 2001 From: Mikael Hallendal Date: Mon, 8 Jul 2002 11:35:14 +0000 Subject: Removed possibility of buffer overflow by using g_strdup_printf instead of 2002-07-08 Mikael Hallendal * src/yelp-info.c: (yelp_info_read_info_dir): Removed possibility of buffer overflow by using g_strdup_printf instead of strcpy. Fixes #87127. Thanks to Laavanya K R for finding and proposing a solution. --- ChangeLog | 7 +++++++ src/yelp-info.c | 16 ++++++++-------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index b9c99687..6a5c089b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2002-07-08 Mikael Hallendal + + * src/yelp-info.c: + (yelp_info_read_info_dir): Removed possibility of buffer overflow + by using g_strdup_printf instead of strcpy. Fixes #87127. Thanks + to Laavanya K R for finding and proposing a solution. + 2002-07-07 Glynn Foster * yelp.desktop.in (X-GNOME-DocPath): diff --git a/src/yelp-info.c b/src/yelp-info.c index 14c6bffc..86997862 100644 --- a/src/yelp-info.c +++ b/src/yelp-info.c @@ -58,7 +58,7 @@ yelp_info_read_info_dir (const char *basedir, GSList **info_list) while ((dent = readdir (dirh))) { char *ctmp = NULL; - char uribuf[128], titlebuf[128]; + char *str_uri, *title; if (dent->d_name[0] == '.') { continue; @@ -78,16 +78,16 @@ yelp_info_read_info_dir (const char *basedir, GSList **info_list) *ctmp = '\0'; - strcpy (titlebuf, dent->d_name); - strcat (titlebuf, " (info)"); + title = g_strdup_printf ("%s (info)", dent->d_name); - g_snprintf (uribuf, sizeof (uribuf), "info:%s", dent->d_name); - - uri = yelp_uri_new (uribuf); + str_uri = g_strdup_printf ("info:%s", dent->d_name); + uri = yelp_uri_new (str_uri); + g_free (str_uri); section = yelp_section_new (YELP_SECTION_DOCUMENT, - titlebuf, uri); - + title, uri); + g_free (title); + yelp_uri_unref (uri); *info_list = g_slist_prepend (*info_list, section); -- cgit v1.2.1