Fix non explloitable buffer overflows (since the largest packet processed

precludes it) to keep people from whining about it in the newsgroups and mailing lists.
author: imp <imp@FreeBSD.org> 1997-03-24 06:04:08 +0000
committer: imp <imp@FreeBSD.org> 1997-03-24 06:04:08 +0000
commit: 4ea8eab38651fc57371b7bf66f31863f8a23de5a (patch)
tree: db0f45d87eaa8b5efb7131ab1316d0f1d2646489 /libexec/tftpd/tftpd.c
parent: f5e1bde58d89c89bc11d5028e6f85b6624c876f4 (diff)
download: FreeBSD-src-4ea8eab38651fc57371b7bf66f31863f8a23de5a.zip
FreeBSD-src-4ea8eab38651fc57371b7bf66f31863f8a23de5a.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
index d1f737f..5fc430d 100644
--- a/libexec/tftpd/tftpd.c
+++ b/libexec/tftpd/tftpd.c
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id$
+ *	$Id: tftpd.c,v 1.7 1997/02/22 14:22:36 peter Exp $
  */
 
 #ifndef lint
@@ -422,7 +422,8 @@ validate_access(filep, mode)
 		 */
 		err = ENOTFOUND;
 		for (dirp = dirs; dirp->name != NULL; dirp++) {
-			sprintf(pathname, "%s/%s", dirp->name, filename);
+			snprintf(pathname, sizeof(pathname), "%s/%s",
+				dirp->name, filename);
 			if (stat(pathname, &stbuf) == 0 &&
 			    (stbuf.st_mode & S_IFMT) == S_IFREG) {
 				if ((stbuf.st_mode & S_IROTH) != 0) {
@@ -632,7 +633,7 @@ errtomsg(error)
 	for (pe = errmsgs; pe->e_code >= 0; pe++)
 		if (pe->e_code == error)
 			return pe->e_msg;
-	sprintf(buf, "error %d", error);
+	snprintf(buf, sizeof(buf), "error %d", error);
 	return buf;
 }
author	imp <imp@FreeBSD.org>	1997-03-24 06:04:08 +0000
committer	imp <imp@FreeBSD.org>	1997-03-24 06:04:08 +0000
commit	4ea8eab38651fc57371b7bf66f31863f8a23de5a (patch)
tree	db0f45d87eaa8b5efb7131ab1316d0f1d2646489 /libexec/tftpd/tftpd.c
parent	f5e1bde58d89c89bc11d5028e6f85b6624c876f4 (diff)
download	FreeBSD-src-4ea8eab38651fc57371b7bf66f31863f8a23de5a.zip FreeBSD-src-4ea8eab38651fc57371b7bf66f31863f8a23de5a.tar.gz