From 5638e8a10fea10bbbabd5ed948b65c2a2505448f Mon Sep 17 00:00:00 2001 From: Ralf Habacker Date: Sun, 1 Sep 2013 15:13:12 +0200 Subject: [PATCH 2/2] _dbus_verbose_real: Use snprintf for security reasons. --- dbus/dbus-internals.c | 30 ++++++++++++++++++++++++++---- 1 Datei geändert, 26 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-) diff --git a/dbus/dbus-internals.c b/dbus/dbus-internals.c index e248259..7808f77 100644 --- a/dbus/dbus-internals.c +++ b/dbus/dbus-internals.c @@ -414,13 +414,35 @@ _dbus_verbose_real ( va_start (args, format); #ifdef DBUS_USE_OUTPUT_DEBUG_STRING { - char buf[1024]; - strcpy(buf,module_name); + char buf[1024+1]; + char *p = buf; + int size = sizeof(buf); + int result = snprintf(p, size, "%s", module_name); + if (result >= size) + { + OutputDebugStringA("Error: The following output has been truncated !!"); + OutputDebugStringA(buf); + return; + } + size -= result; + p += result; #ifdef DBUS_CPP_SUPPORTS_VARIABLE_MACRO_ARGUMENTS - sprintf (buf+strlen(buf), "[%s(%d):%s] ",_dbus_file_path_extract_elements_from_tail(file,2),line,function); + result = snprintf (p, size, "[%s(%d):%s] ",_dbus_file_path_extract_elements_from_tail(file,2),line,function); + if (result >= size) + { + OutputDebugStringA("Error: The following output has been truncated !!"); + OutputDebugStringA(buf); + return; + } + size -= result; + p += result; #endif - vsprintf (buf+strlen(buf),format, args); + result = vsnprintf (p, size, format, args); va_end (args); + if (result >= size) + { + OutputDebugStringA("Error: The following output has been truncated !!"); + } OutputDebugStringA(buf); } #else -- 1.7.10.4