mirror of
https://github.com/samba-team/samba.git
synced 2025-08-03 04:22:09 +03:00
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes.
This commit is contained in:
Andrew Tridgell
@ -411,7 +411,7 @@ struct hostent *sys_gethostbyname(char *name)
|
||||
if((strlen(name) + strlen(domain)) >= sizeof(query))
|
||||
return(gethostbyname(name));
|
||||
|
||||
sprintf(query, "%s%s", name, domain);
|
||||
slprintf(query, sizeof(query)-1, "%s%s", name, domain);
|
||||
return(gethostbyname(query));
|
||||
#else /* REDUCE_ROOT_DNS_LOOKUPS */
|
||||
return(gethostbyname(name));
|
||||
|
||||
Reference in New Issue
Block a user