diff options
| author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-07-19 08:25:39 +0000 |
|---|---|---|
| committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-07-19 08:25:39 +0000 |
| commit | 5db2d745164db6c375edd86a5bb28eeb6041d7c0 (patch) | |
| tree | e91a96aa41166abd1bd8c531fb548999fde63869 /hash.c | |
| parent | b693f0f55c7e67f6ef907492fb89d5788af1fe81 (diff) | |
| download | ruby-5db2d745164db6c375edd86a5bb28eeb6041d7c0.tar.gz ruby-5db2d745164db6c375edd86a5bb28eeb6041d7c0.tar.xz ruby-5db2d745164db6c375edd86a5bb28eeb6041d7c0.zip | |
* io.c (rb_io_inspect): replace sprintf() with "%s" format all
over the place by snprintf() to avoid integer overflow.
* sample/svr.rb: service can be stopped by ill-behaved client; use
tsvr.rb instead.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@8799 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'hash.c')
| -rw-r--r-- | hash.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -1820,7 +1820,7 @@ ruby_setenv(name, value) else unsetenv(name); #else /* WIN32 */ - + size_t len; int i=envix(name); /* where does it go? */ if (environ == origenviron) { /* need we copy environment? */ @@ -1853,9 +1853,10 @@ ruby_setenv(name, value) REALLOC_N(environ, char*, i+2); /* just expand it a bit */ environ[i+1] = 0; /* make sure it's null terminated */ } - environ[i] = ALLOC_N(char, strlen(name) + strlen(value) + 2); + len = strlen(name) + strlen(value) + 2; + environ[i] = ALLOC_N(char, len); #ifndef MSDOS - sprintf(environ[i],"%s=%s",name,value); /* all that work just for this */ + snprintf(environ[i],len,"%s=%s",name,value); /* all that work just for this */ #else /* MS-DOS requires environment variable names to be in uppercase */ /* [Tom Dinger, 27 August 1990: Well, it doesn't _require_ it, but |