From 0dbd5a8797ed4bd18e8b883988fb62177eb0f73f Mon Sep 17 00:00:00 2001 From: Harin Vadodaria Date: Fri, 6 Nov 2015 16:41:55 +0530 Subject: Bug#21973610: BUFFER OVERFLOW ISSUES Description : Incorrect usage of sprintf/strcpy caused possible buffer overflow issues at various places. Solution : - Fixed mysql_plugin and mysqlshow - Fixed regex library issues Reviewed-By : Georgi Kodinov Reviewed-By : Venkata S Murthy Sidagam --- libmysql/conf_to_src.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'libmysql') diff --git a/libmysql/conf_to_src.c b/libmysql/conf_to_src.c index a5a7d23db0b..0e92388c93c 100644 --- a/libmysql/conf_to_src.c +++ b/libmysql/conf_to_src.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -118,7 +118,7 @@ print_arrays_for(char *set) { FILE *f; - sprintf(buf, "%s.conf", set); + snprintf(buf, sizeof(buf), "%s.conf", set); if ((f = fopen(buf, "r")) == NULL) { fprintf(stderr, "%s: can't read conf file for charset %s\n", prog, set); -- cgit v1.2.1