OK, let's try this again. Only you can prevent malicious buffer overruns!

author: Eric S. Raymond <esr@thyrsus.com> 2005-03-31 05:07:56 +0000
committer: Eric S. Raymond <esr@thyrsus.com> 2005-03-31 05:07:56 +0000
commit: 602849ac982c63a2de717f69058c3b0e63e64207 (patch)
tree: af61d5b327a42cbfb18247e4c420d157690cb637 /zodiac.c
parent: bb49dac05bb4598f86bbeea5c41c4c26221927e4 (diff)
download: gpsd-602849ac982c63a2de717f69058c3b0e63e64207.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/zodiac.c b/zodiac.c
index 09ade912..af25f2dc 100644
--- a/zodiac.c
+++ b/zodiac.c
@@ -272,7 +272,7 @@ static int zodiac_analyze(struct gps_device_t *session)
     int i, mask = 0;
     unsigned int id = (session->outbuffer[2] << 8) | session->outbuffer[3];
 
-    sprintf(session->gpsdata.tag, "%6d", id);    
+    snprintf(session->gpsdata.tag, sizeof(session->gpsdata.tag), "%6d", id);
     gpsd_report(5, "ID %d\n", id);
     switch (id) {
     case 1000:
@@ -281,7 +281,7 @@ static int zodiac_analyze(struct gps_device_t *session)
 	break;
     case 1002:
 	mask = handle1002(session);
-	sprintf(buf, "$PRWIZCH");
+	strcpy(buf, "$PRWIZCH");
 	for (i = 0; i < MAXCHANNELS; i++) {
 	    sprintf(buf+strlen(buf), ",%02d,%X", session->Zs[i], session->Zv[i]);
 	}
author	Eric S. Raymond <esr@thyrsus.com>	2005-03-31 05:07:56 +0000
committer	Eric S. Raymond <esr@thyrsus.com>	2005-03-31 05:07:56 +0000
commit	602849ac982c63a2de717f69058c3b0e63e64207 (patch)
tree	af61d5b327a42cbfb18247e4c420d157690cb637 /zodiac.c
parent	bb49dac05bb4598f86bbeea5c41c4c26221927e4 (diff)
download	gpsd-602849ac982c63a2de717f69058c3b0e63e64207.tar.gz