DragonFly bugs List (threaded) for 2004-08
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

libftpio

From:	Christer Öberg <christer.oberg@xxxxxxxxxxxxx>
Date:	Mon, 16 Aug 2004 13:36:24 +0200

Hi,

There are a couple of overflows in ftpio.c

--- lib/libftpio/ftpio.c	2004-08-16 12:21:45.000000000 +0200
+++ lib/libftpio/ftpio.new.c	2004-08-16 12:21:10.000000000 +0200
@@ -204,7 +204,7 @@
     off_t size;
 
     check_passive(fp);
-    sprintf(p, "SIZE %s\r\n", name);
+    snprintf(p,sizeof(p), "SIZE %s\r\n", name);
     if (ftp->is_verbose)
 	fprintf(stderr, "Sending %s", p);
     if (writes(ftp->fd_ctrl, p))
@@ -230,7 +230,7 @@
     int i;
 
     check_passive(fp);
-    sprintf(p, "MDTM %s\r\n", name);
+    snprintf(p,sizeof(p), "MDTM %s\r\n", name);
     if (ftp->is_verbose)
 	fprintf(stderr, "Sending %s", p);
     if (writes(ftp->fd_ctrl, p))
@@ -465,9 +465,9 @@
     if ((name = index(cp ? cp : host, '/')) != NULL)
 	*(name++) = '\0';
     if (host_ret)
-	strcpy(host_ret, host);
+	strlcpy(host_ret, host,255);
     if (name && name_ret)
-	strcpy(name_ret, name);
+	strlcpy(name_ret, name,255);
     return SUCCESS;
 }
 
@@ -684,7 +684,7 @@
 
     va_list ap;
     va_start(ap, fmt);
-    (void)vsnprintf(p, sizeof p, fmt, ap);
+    (void)vsnprintf(p, sizeof(p) - 2, fmt, ap);
     va_end(ap);
 
     if (ftp->con_state == init)

Follow-Ups:
- Re: libftpio
  - From: Joerg Sonnenberger

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]