summaryrefslogtreecommitdiffstats
path: root/lib/libc/locale/setrunelocale.c
diff options
context:
space:
mode:
authorjoerg <joerg@FreeBSD.org>1996-12-16 17:32:58 +0000
committerjoerg <joerg@FreeBSD.org>1996-12-16 17:32:58 +0000
commit971f474616993e9b2e653a649d0457ae5f2d1440 (patch)
tree5ecf058a45e73b7f913b30d3bd213de9e9221803 /lib/libc/locale/setrunelocale.c
parent9c54862a3510bbc916453d7fe374a0f6a715bed5 (diff)
downloadFreeBSD-src-971f474616993e9b2e653a649d0457ae5f2d1440.zip
FreeBSD-src-971f474616993e9b2e653a649d0457ae5f2d1440.tar.gz
Fix yet another buffer overflow. :-(
Vulnerable: all programs that use setlocale(LC_COLLATE), setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid binary i've found for this is w(1). Should go into 2.2.
Diffstat (limited to 'lib/libc/locale/setrunelocale.c')
-rw-r--r--lib/libc/locale/setrunelocale.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/libc/locale/setrunelocale.c b/lib/libc/locale/setrunelocale.c
index 228efe29..cf68a43 100644
--- a/lib/libc/locale/setrunelocale.c
+++ b/lib/libc/locale/setrunelocale.c
@@ -85,10 +85,8 @@ _xpg4_setrunelocale(encoding)
if (!_PathLocale)
return(EFAULT);
- (void) strcpy(name, _PathLocale);
- (void) strcat(name, "/");
- (void) strcat(name, encoding);
- (void) strcat(name, "/LC_CTYPE");
+ (void) snprintf(name, sizeof name, "%s/%s/LC_CTYPE",
+ _PathLocale, encoding);
if ((fp = fopen(name, "r")) == NULL)
return(ENOENT);
OpenPOWER on IntegriCloud