diff options
author | Jeremy Allison <jra@samba.org> | 1998-05-12 00:55:32 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-05-12 00:55:32 +0000 |
commit | f888868f46a5418bac9ab528497136c152895305 (patch) | |
tree | cf72c864807b19e098a856aaec8daf334189ff84 /source3/web/cgi.c | |
parent | 9141acecdcebd9276107a500435e3d4545020056 (diff) | |
download | samba-f888868f46a5418bac9ab528497136c152895305.tar.gz samba-f888868f46a5418bac9ab528497136c152895305.tar.xz samba-f888868f46a5418bac9ab528497136c152895305.zip |
This is a security audit change of the main source.
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
Diffstat (limited to 'source3/web/cgi.c')
-rw-r--r-- | source3/web/cgi.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/source3/web/cgi.c b/source3/web/cgi.c index a1aa4d753dc..5958b0a4195 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -296,17 +296,17 @@ char *quotedup(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '<': - strcpy(d, "<"); + safe_strcpy(d, "<", len + n*6 - (d - ret)); d += 4; break; case '>': - strcpy(d, ">"); + safe_strcpy(d, ">", len + n*6 - (d - ret)); d += 4; break; case '&': - strcpy(d, "&"); + safe_strcpy(d, "&", len + n*6 - (d - ret)); d += 5; break; @@ -347,7 +347,7 @@ char *urlquote(char *s) for (i=0;i<len;i++) { if (strchr(qlist,s[i])) { - sprintf(d, "%%%02X", (int)s[i]); + slprintf(d, len + n*2 - (d - ret), "%%%02X", (int)s[i]); d += 3; } else { *d++ = s[i]; @@ -387,7 +387,7 @@ char *quotequotes(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '"': - strcpy(d, """); + safe_strcpy(d, """, len + n*6 - (d - ret)); d += 6; break; |