kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/games/xboing/patches/patch-ae
snj 8494207f32 strcpy and sprintf are evil, don't use them. Inspired by similar changes 
in Debian.  This fixes several locally exploitable vulnerabilities.
2004-02-28 18:36:38 +00:00

13 lines
509 B
Text
Raw Blame History

$NetBSD: patch-ae,v 1.1 2004/02/28 18:36:38 snj Exp $
--- demo.c.orig 2004-02-28 10:06:20.000000000 -0800
+++ demo.c 2004-02-28 10:06:41.000000000 -0800
@@ -154,7 +154,7 @@ static void DoBlocks(display, window)
/* Construct the demo level filename */
if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
- sprintf(levelPath, "%s/demo.data", str);
+ snprintf(levelPath, sizeof(levelPath), "%s/demo.data", str);
else
sprintf(levelPath, "%s/demo.data", LEVEL_INSTALL_DIR);
Reference in a new issue View git blame Copy permalink