Buffer Overflow from OpenBSD

rev 1.7 deraadt: buf oflow Obtained from: OpenBSD
author: imp <imp@FreeBSD.org> 1997-02-09 04:40:02 +0000
committer: imp <imp@FreeBSD.org> 1997-02-09 04:40:02 +0000
commit: cced79bd4c2b8c70d4e0cd695a83a05aa63e8696 (patch)
tree: dc1a018d36869ca2b9835a9bf592f32f5c37198c /libexec/rexecd
parent: b0ad700c810f7676f2b9da86da3bb2d811a1fafa (diff)
download: FreeBSD-src-cced79bd4c2b8c70d4e0cd695a83a05aa63e8696.zip
FreeBSD-src-cced79bd4c2b8c70d4e0cd695a83a05aa63e8696.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libexec/rexecd/rexecd.c b/libexec/rexecd/rexecd.c
index df415dc..163eefc 100644
--- a/libexec/rexecd/rexecd.c
+++ b/libexec/rexecd/rexecd.c
@@ -289,7 +289,7 @@ error(fmt, a1, a2, a3)
 	char buf[BUFSIZ];
 
 	buf[0] = 1;
-	(void) sprintf(buf+1, fmt, a1, a2, a3);
+	(void) snprintf(buf+1, sizeof(buf) - 1, fmt, a1, a2, a3);
 	(void) write(2, buf, strlen(buf));
 }
author	imp <imp@FreeBSD.org>	1997-02-09 04:40:02 +0000
committer	imp <imp@FreeBSD.org>	1997-02-09 04:40:02 +0000
commit	cced79bd4c2b8c70d4e0cd695a83a05aa63e8696 (patch)
tree	dc1a018d36869ca2b9835a9bf592f32f5c37198c /libexec/rexecd
parent	b0ad700c810f7676f2b9da86da3bb2d811a1fafa (diff)
download	FreeBSD-src-cced79bd4c2b8c70d4e0cd695a83a05aa63e8696.zip FreeBSD-src-cced79bd4c2b8c70d4e0cd695a83a05aa63e8696.tar.gz