1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# DP: lintian finds “characte” in the source and tags it as a
# DP: spelling mistake, but it’s an artefact of GCC inlining
# DP: the strcpy call below; unify the way how err is produced
# DP: and use a secure string function while at it
--- a/src/init.c
+++ b/src/init.c
@@ -1568,12 +1568,17 @@
if (!action || !*action)
strcpy(err, "missing action field");
if (id && strlen(id) > sizeof(utproto.ut_id))
- sprintf(err, "id field too long (max %d characters)",
- (int)sizeof(utproto.ut_id));
+ snprintf(err, sizeof(err),
+ "%s field too long (max %d characters)",
+ "id", (int)sizeof(utproto.ut_id));
if (rlevel && strlen(rlevel) > 11)
- strcpy(err, "rlevel field too long (max 11 characters)");
+ snprintf(err, sizeof(err),
+ "%s field too long (max %d characters)",
+ "rlevel", 11);
if (process && strlen(process) > 127)
- strcpy(err, "process field too long (max 127 characters)");
+ snprintf(err, sizeof(err),
+ "%s field too long (max %d characters)",
+ "process", 127);
if (action && strlen(action) > 32)
strcpy(err, "action field too long");
if (err[0] != 0) {
|
