From 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 11 May 1998 06:38:36 +0000
Subject: changed to use slprintf() instead of sprintf() just about everywhere.
 I've implemented slprintf() as a bounds checked sprintf() using mprotect()
 and a non-writeable page.

This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
---
 source3/lib/charset.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'source3/lib/charset.c')

diff --git a/source3/lib/charset.c b/source3/lib/charset.c
index fe170bdcf5..d8ce38f396 100644
--- a/source3/lib/charset.c
+++ b/source3/lib/charset.c
@@ -203,7 +203,9 @@ static codepage_p load_client_codepage( int client_codepage )
   strcpy(codepage_file_name, CODEPAGEDIR);
   strcat(codepage_file_name, "/");
   strcat(codepage_file_name, "codepage.");
-  sprintf( &codepage_file_name[strlen(codepage_file_name)], "%03d",
+  slprintf(&codepage_file_name[strlen(codepage_file_name)], 
+	   sizeof(pstring)-(strlen(codepage_file_name)+1),
+	   "%03d",
            client_codepage);
 
   if(!file_exist(codepage_file_name,&st))
-- 
cgit