replaced vsprintf() with vsnprintf() to avoid buffer overflow exploit

2025-03-31 18:20:22 +08:00 · 2004-12-15 16:45:46 +00:00 · 2004-12-15 16:45:46 +00:00 · ec2e10cfea
commit ec2e10cfea
parent e0c059ab4e
1 changed files with 1 additions and 1 deletions
--- a/preproc.c
+++ b/preproc.c
@ -4086,7 +4086,7 @@ error(int severity, const char *fmt, ...)
 	return;

    va_start(arg, fmt);
-    vsprintf(buff, fmt, arg);
+    vsnprintf(buff, 1024, fmt, arg);
    va_end(arg);

    if (istk && istk->mstk && istk->mstk->name)