mirror/nasm
2
0
Fork 0
mirror of https://github.com/netwide-assembler/nasm.git synced 2025-03-19 18:00:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

changed sprintf to more secure snprintf to prevent vulnerability to buffer

Browse Source 
overflow exploits.
This commit is contained in:
Ed Beroset 2004-12-15 18:03:20 +00:00
parent 83b2809a03
commit fcc50aec8a
2 changed files with 3 additions and 3 deletions

4
labels.c

@ -221,7 +221,7 @@ if (pass0 == 1) {
slen += strlen(lpostfix);
slen++; /* room for that null char */
xsymbol = nasm_malloc(slen);
sprintf(xsymbol,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
snprintf(xsymbol,slen,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
ofmt->symdef (xsymbol, segment, offset, exi,
special ? special : lptr->defn.special);
@ -286,7 +286,7 @@ if (pass0 == 1 || (!is_norm && !isextrn && (segment&1))) {
slen += strlen(lpostfix);
slen++; /* room for that null char */
xsymbol = nasm_malloc(slen);
sprintf(xsymbol,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
snprintf(xsymbol,slen,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
ofmt->symdef (xsymbol, segment, offset, exi,
special ? special : lptr->defn.special);

2
listing.c

@ -192,7 +192,7 @@ static void list_output (long offset, const void *data, unsigned long type)
else if (typ == OUT_RESERVE)
{
char q[20];
sprintf(q, "<res %08lX>", size);
snprintf(q, sizeof(q), "<res %08lX>", size);
list_out (offset, q);
}
}