diff options
| author | Robert James Kaes <rjkaes@users.sourceforge.net> | 2001-01-15 17:06:19 +0000 |
|---|---|---|
| committer | Robert James Kaes <rjkaes@users.sourceforge.net> | 2001-01-15 17:06:19 +0000 |
| commit | 2f2d74e9f2629b2c396f21f9b591865fb59d159f (patch) | |
| tree | 8e2bddbc49701ea67513cc5e6dfabc97c30ffd7f /src | |
| parent | cc704ae7a73b21ea2c21b8e58953cdece62f81ac (diff) | |
| download | tinyproxy-2f2d74e9f2629b2c396f21f9b591865fb59d159f.tar.gz tinyproxy-2f2d74e9f2629b2c396f21f9b591865fb59d159f.zip | |
Fixed a potential security bug in http_err. There was a possibility of a
heap overflow exploit.
Diffstat (limited to '')
| -rw-r--r-- | src/utils.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/utils.c b/src/utils.c index 63f4dbb..fef9ff0 100644 --- a/src/utils.c +++ b/src/utils.c @@ -1,4 +1,4 @@ -/* $Id: utils.c,v 1.2 2000-09-12 00:01:29 rjkaes Exp $ +/* $Id: utils.c,v 1.3 2001-01-15 17:06:19 rjkaes Exp $ * * Misc. routines which are used by the various functions to handle strings * and memory allocation and pretty much anything else we can think of. Also, @@ -79,7 +79,7 @@ int httperr(struct conn_s *connptr, int err, char *msg) return -1; } - sprintf(connptr->output_message, premsg, err, msg, msg, err, msg, VERSION); + snprintf(connptr->output_message, MAXBUFFSIZE, premsg, err, msg, msg, err, msg, VERSION); return 0; } |