Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

[PATCH] fix a Buffer overrun possible for long command line arguments.

From: Toralf Förster <toralf.foerster () gmx de>
Date: Sun, 3 Aug 2014 20:20:04 +0200
cpotted by cppcheck

Signed-off-by: Toralf Förster <toralf.foerster () gmx de>
---
 epan/dissectors/dcerpc/idl2wrs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/epan/dissectors/dcerpc/idl2wrs.c b/epan/dissectors/dcerpc/idl2wrs.c
index 8c4f73b..89c1eb0 100644
--- a/epan/dissectors/dcerpc/idl2wrs.c
+++ b/epan/dissectors/dcerpc/idl2wrs.c
@@ -3184,7 +3184,7 @@ int main(int argc, char *argv[])
        eth_ft=fopen("ETH_FT", "w");
        eth_handoff=fopen("ETH_HANDOFF", "w");
 
-       sprintf(idlfile, "%s.cnf", argv[1]);
+       snprintf(idlfile, "%s.cnf", sizeof(idlfile)-4, argv[1]);
        fh=fopen(idlfile,"r");
        if(fh){
                readcnffile(fh);
-- 
2.0.4

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: