Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-libs/cracklib/files/cracklib-2.7-buffer-packer.patch
blob: 8585c79d6e9de0f18c6f5481ca0fd896f04d60c3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Fix a simple buffer overflow.

http://sourceforge.net/mailarchive/message.php?msg_id=11189809
http://bugs.gentoo.org/show_bug.cgi?id=85650

--- cracklib,2.7/cracklib/packlib.c
+++ cracklib,2.7/cracklib/packlib.c
@@ -33,9 +33,9 @@
 
     memset(&pdesc, '\0', sizeof(pdesc));
 
-    sprintf(iname, "%s.pwi", prefix);
-    sprintf(dname, "%s.pwd", prefix);
-    sprintf(wname, "%s.hwm", prefix);
+    snprintf(iname, STRINGSIZE, "%s.pwi", prefix);
+    snprintf(dname, STRINGSIZE, "%s.pwd", prefix);
+    snprintf(wname, STRINGSIZE, "%s.hwm", prefix);
 
     if (!(pdesc.dfp = fopen(dname, mode)))
     {