diff options
author | Aleksey Sanin <aleksey@src.gnome.org> | 2002-06-14 17:07:10 +0000 |
---|---|---|
committer | Aleksey Sanin <aleksey@src.gnome.org> | 2002-06-14 17:07:10 +0000 |
commit | 49cc97565fbe2928388a1e437c44429097a504ae (patch) | |
tree | e96c37456485dd61090411351595f4fb820c73b0 /nanoftp.c | |
parent | e059b891efee0c1834c8a02358eb57cca6587177 (diff) | |
download | libxml2-49cc97565fbe2928388a1e437c44429097a504ae.tar.gz |
replaced sprintf() with snprintf() to prevent possible buffer overflow
* DOCBparser.c HTMLparser.c debugXML.c encoding.c
nanoftp.c nanohttp.c parser.c tree.c uri.c xmlIO.c
xmllint.c xpath.c: replaced sprintf() with snprintf()
to prevent possible buffer overflow (the bug was pointed
out by Anju Premachandran)
Diffstat (limited to 'nanoftp.c')
-rw-r--r-- | nanoftp.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -780,7 +780,7 @@ xmlNanoFTPSendUser(void *ctx) { int res; if (ctxt->user == NULL) - sprintf(buf, "USER anonymous\r\n"); + snprintf(buf, sizeof(buf), "USER anonymous\r\n"); else snprintf(buf, sizeof(buf), "USER %s\r\n", ctxt->user); buf[sizeof(buf) - 1] = 0; @@ -835,7 +835,7 @@ xmlNanoFTPQuit(void *ctx) { int len; int res; - sprintf(buf, "QUIT\r\n"); + snprintf(buf, sizeof(buf), "QUIT\r\n"); len = strlen(buf); #ifdef DEBUG_FTP xmlGenericError(xmlGenericErrorContext, "%s", buf); /* Just to be consistent, even though we know it can't have a % in it */ @@ -1257,7 +1257,7 @@ xmlNanoFTPGetConnection(void *ctx) { dataAddr.sin_family = AF_INET; if (ctxt->passive) { - sprintf(buf, "PASV\r\n"); + snprintf(buf, sizeof(buf), "PASV\r\n"); len = strlen(buf); #ifdef DEBUG_FTP xmlGenericError(xmlGenericErrorContext, "%s", buf); @@ -1546,7 +1546,7 @@ xmlNanoFTPList(void *ctx, ftpListCallback callback, void *userData, ctxt->dataFd = xmlNanoFTPGetConnection(ctxt); if (ctxt->dataFd == -1) return(-1); - sprintf(buf, "LIST -L\r\n"); + snprintf(buf, sizeof(buf), "LIST -L\r\n"); } else { if (filename[0] != '/') { if (xmlNanoFTPCwd(ctxt, ctxt->path) < 1) @@ -1651,7 +1651,7 @@ xmlNanoFTPGetSocket(void *ctx, const char *filename) { if (ctxt->dataFd == -1) return(-1); - sprintf(buf, "TYPE I\r\n"); + snprintf(buf, sizeof(buf), "TYPE I\r\n"); len = strlen(buf); #ifdef DEBUG_FTP xmlGenericError(xmlGenericErrorContext, "%s", buf); |