changed to use slprintf() instead of sprintf() just about

everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
author: Andrew Tridgell <tridge@samba.org> 1998-05-11 06:38:36 +0000
committer: Andrew Tridgell <tridge@samba.org> 1998-05-11 06:38:36 +0000
commit: 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch)
tree: 305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/lib/pidfile.c
parent: ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff)
download: samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz
samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.xz
samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/lib/pidfile.c b/source3/lib/pidfile.c
index 6cad1436eb2..46d6a9d5b8c 100644
--- a/source3/lib/pidfile.c
+++ b/source3/lib/pidfile.c
@@ -37,7 +37,7 @@ void pidfile_create(char *name)
 	pstring pidFile;
 	int pid;
 
-	sprintf(pidFile, "%s/%s.pid", lp_lockdir(), name);
+	slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_lockdir(), name);
 
 	pid = pidfile_pid(name);
 	if (pid > 0 && process_exists(pid)) {
@@ -76,7 +76,7 @@ int pidfile_pid(char *name)
 	pstring pidFile;
 	unsigned ret;
 
-	sprintf(pidFile, "%s/%s.pid", lp_lockdir(), name);
+	slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_lockdir(), name);
 
 	f = fopen(pidFile, "r");
 	if (!f) {
author	Andrew Tridgell <tridge@samba.org>	1998-05-11 06:38:36 +0000
committer	Andrew Tridgell <tridge@samba.org>	1998-05-11 06:38:36 +0000
commit	3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch)
tree	305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/lib/pidfile.c
parent	ffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff)
download	samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.xz samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip