1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
Description: Add a couple of sprintf buffer overrun preventions
Author: Nick Leverton <nick@leverton.org>
Index: linux-igd-1.0+cvs20070630-libupnp6/gatedevice.c
===================================================================
--- linux-igd-1.0+cvs20070630-libupnp6.orig/gatedevice.c 2014-10-07 23:35:51.000000000 +0100
+++ linux-igd-1.0+cvs20070630-libupnp6/gatedevice.c 2014-10-07 23:35:52.000000000 +0100
@@ -465,7 +465,7 @@
if (result==1)
{
ScheduleMappingExpiration(new,ca_event->DevUDN,ca_event->ServiceID);
- sprintf(num, "%d", pmlist_Size());
+ snprintf(num, sizeof(num), "%d", pmlist_Size());
trace(3, "PortMappingNumberOfEntries: %d", pmlist_Size());
UpnpAddToPropertySet(&propSet, "PortMappingNumberOfEntries", num);
UpnpNotifyExt(deviceHandle, ca_event->DevUDN, ca_event->ServiceID, propSet);
@@ -668,7 +668,7 @@
if (result==1)
{
trace(2, "DeletePortMap: Proto:%s Port:%s\n",proto, ext_port);
- sprintf(num,"%d",pmlist_Size());
+ snprintf(num,sizeof(num), "%d",pmlist_Size());
UpnpAddToPropertySet(&propSet,"PortMappingNumberOfEntries", num);
UpnpNotifyExt(deviceHandle, ca_event->DevUDN,ca_event->ServiceID,propSet);
ixmlDocument_free(propSet);
@@ -791,7 +791,7 @@
event->mapping->expirationEventId = -1;
pmlist_Delete(event->mapping);
- sprintf(num, "%d", pmlist_Size());
+ snprintf(num, sizeof(num), "%d", pmlist_Size());
UpnpAddToPropertySet(&propSet, "PortMappingNumberOfEntries", num);
UpnpNotifyExt(deviceHandle, event->DevUDN, event->ServiceID, propSet);
ixmlDocument_free(propSet);
|
