Merged the fix for bug 158396 from the tip (rev. 3.27 and rev. 3.28) to

NSPRPUB_PRE_4_2_CLIENT_BRANCH.
author: wtc%netscape.com <devnull@localhost> 2002-08-09 01:46:31 +0000
committer: wtc%netscape.com <devnull@localhost> 2002-08-09 01:46:31 +0000
commit: 757dc2c1c5c083a755f53823e14a7f4144f7128f (patch)
tree: 89af8973730687385c939fbd1c7596eb8e8af2bb
parent: 0e1d79b0c8642cb629a3e4771cda0f847db5767a (diff)
download: nspr-hg-757dc2c1c5c083a755f53823e14a7f4144f7128f.tar.gz
1 files changed, 12 insertions, 6 deletions
diff --git a/pr/src/io/prlog.c b/pr/src/io/prlog.c
index 334fddcc..ac1c5492 100644
--- a/pr/src/io/prlog.c
+++ b/pr/src/io/prlog.c
@@ -194,13 +194,16 @@ void _PR_InitLog(void)
 
     ev = PR_GetEnv("NSPR_LOG_MODULES");
     if (ev && ev[0]) {
-        char module[64];
+        char module[64];  /* Security-Critical: If you change this
+                           * size, you must also change the sscanf
+                           * format string to be size-1.
+                           */
         PRBool isSync = PR_FALSE;
         PRIntn evlen = strlen(ev), pos = 0;
         PRInt32 bufSize = DEFAULT_BUF_SIZE;
         while (pos < evlen) {
             PRIntn level = 1, count = 0, delta = 0;
-            count = sscanf(&ev[pos], "%64[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789]%n:%d%n",
+            count = sscanf(&ev[pos], "%63[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789]%n:%d%n",
                            module, &delta, &level, &delta);
             pos += delta;
             if (count == 0) break;
@@ -232,7 +235,7 @@ void _PR_InitLog(void)
             /*found:*/
             count = sscanf(&ev[pos], " , %n", &delta);
             pos += delta;
-            if (count == -1) break;
+            if (count == EOF) break;
         }
         PR_SetLogBuffering(isSync ? bufSize : 0);
 
@@ -295,12 +298,15 @@ static void _PR_SetLogModuleLevel( PRLogModuleInfo *lm )
 
     ev = PR_GetEnv("NSPR_LOG_MODULES");
     if (ev && ev[0]) {
-        char module[64];
+        char module[64];  /* Security-Critical: If you change this
+                           * size, you must also change the sscanf
+                           * format string to be size-1.
+                           */
         PRIntn evlen = strlen(ev), pos = 0;
         while (pos < evlen) {
             PRIntn level = 1, count = 0, delta = 0;
 
-            count = sscanf(&ev[pos], "%64[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789]%n:%d%n",
+            count = sscanf(&ev[pos], "%63[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789]%n:%d%n",
                            module, &delta, &level, &delta);
             pos += delta;
             if (count == 0) break;
@@ -319,7 +325,7 @@ static void _PR_SetLogModuleLevel( PRLogModuleInfo *lm )
             }
             count = sscanf(&ev[pos], " , %n", &delta);
             pos += delta;
-            if (count == -1) break;
+            if (count == EOF) break;
         }
     }
 } /* end _PR_SetLogModuleLevel() */
author	wtc%netscape.com <devnull@localhost>	2002-08-09 01:46:31 +0000
committer	wtc%netscape.com <devnull@localhost>	2002-08-09 01:46:31 +0000
commit	757dc2c1c5c083a755f53823e14a7f4144f7128f (patch)
tree	89af8973730687385c939fbd1c7596eb8e8af2bb
parent	0e1d79b0c8642cb629a3e4771cda0f847db5767a (diff)
download	nspr-hg-757dc2c1c5c083a755f53823e14a7f4144f7128f.tar.gz