NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/45662: Overlapping buffer in lpd_command.c.
The following reply was made to PR bin/45662; it has been noted by GNATS.
From: David Laight <david%l8s.co.uk@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc:
Subject: Re: bin/45662: Overlapping buffer in lpd_command.c.
Date: Mon, 5 Dec 2011 18:12:50 +0000
On Sun, Nov 27, 2011 at 12:10:07PM +0000, Christian Biere wrote:
> The following reply was made to PR bin/45662; it has been noted by GNATS.
>
> From: Christian Biere <christianbiere%gmx.de@localhost>
> To: gnats-bugs%NetBSD.org@localhost
> Cc:
> Subject: Re: bin/45662: Overlapping buffer in lpd_command.c.
> Date: Sun, 27 Nov 2011 13:06:31 +0100
>
> I suggest just merging the two snprintf() calls instead to avoid
> any pointer arithmetic with the destination buffer.
>
> --- ldp_command.c.orig 2011-11-27 12:53:00.338002396 +0100
> +++ ldp_command.c 2011-11-27 12:57:08.228002423 +0100
> @@ -486,10 +486,9 @@ show_labels(int s, char *recvspace)
> if (p->state != LDP_PEER_ESTABLISHED)
> continue;
> SLIST_FOREACH(lm, &p->label_mapping_head, mappings) {
> - snprintf(sendspace, MAXSEND, "%s:%d",
> - inet_ntoa(p->ldp_id), lm->label);
> - snprintf(sendspace, MAXSEND, "%s\t%s/%d\n",
> - sendspace, inet_ntoa(lm->address), lm->prefix);
> + snprintf(sendspace, MAXSEND, "%s:%d\t%s/%d\n",
> + inet_ntoa(p->ldp_id), lm->label,
> + inet_ntoa(lm->address), lm->prefix);
inet_ntoa() will be using the same output buffer - so this
would print the same string twice.
David
--
David Laight: david%l8s.co.uk@localhost
Home |
Main Index |
Thread Index |
Old Index