diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-02-10 22:33:19 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-02-10 22:33:19 +0000 |
| commit | b3211a85894b06bd3060a1e2b3b18c3fba536da9 (patch) | |
| tree | a8eaa3ca3b5cafa9bc42820f0ad9ddb05a2118eb /channels.c | |
| parent | 36d7bd00f9fe2b704e85d6f90da18835412b11e0 (diff) | |
- markus@cvs.openbsd.org 2001/02/08 21:58:28
[channels.c]
nuke sprintf, ok deraadt@
Diffstat (limited to 'channels.c')
| -rw-r--r-- | channels.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $"); +RCSID("$OpenBSD: channels.c,v 1.90 2001/02/08 21:58:28 markus Exp $"); #include <openssl/rsa.h> #include <openssl/dsa.h> @@ -2227,7 +2227,7 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *proto, const char *data) { u_int data_len = (u_int) strlen(data) / 2; - u_int i, value; + u_int i, value, len; char *new_data; int screen_number; const char *cp; @@ -2265,9 +2265,11 @@ x11_request_forwarding_with_spoofing(int client_session_id, x11_fake_data_len = data_len; /* Convert the fake data into hex. */ - new_data = xmalloc(2 * data_len + 1); + len = 2 * data_len + 1; + new_data = xmalloc(len); for (i = 0; i < data_len; i++) - sprintf(new_data + 2 * i, "%02x", (u_char) x11_fake_data[i]); + snprintf(new_data + 2 * i, len - 2 * i, + "%02x", (u_char) x11_fake_data[i]); /* Send the request packet. */ if (compat20) { |