changed sprintf to more secure snprintf to prevent vulnerability to buffer

overflow exploits.
author: Ed Beroset <beroset@mindspring.com> 2004-12-15 18:03:20 +0000
committer: Ed Beroset <beroset@mindspring.com> 2004-12-15 18:03:20 +0000
commit: fcc50aec8a16a881f1679843d64ca21acaf82cac (patch)
tree: 87487d9a8a6d6daf0f2a205cb07cd874fa15ad91 /labels.c
parent: 83b2809a03743310b4f44ab2d135776708ee9b25 (diff)
download: nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.tar.gz
nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.tar.bz2
nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/labels.c b/labels.c
index 74222f5..833ad84 100644
--- a/labels.c
+++ b/labels.c
@@ -221,7 +221,7 @@ if (pass0 == 1) {
 	slen += strlen(lpostfix);
 	slen++; /* room for that null char */
 	xsymbol = nasm_malloc(slen);
-	sprintf(xsymbol,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
+	snprintf(xsymbol,slen,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
 
 	ofmt->symdef (xsymbol, segment, offset, exi, 
 		special ? special : lptr->defn.special);
@@ -286,7 +286,7 @@ if (pass0 == 1 || (!is_norm && !isextrn && (segment&1))) {
 	slen += strlen(lpostfix);
 	slen++; /* room for that null char */
 	xsymbol = nasm_malloc(slen);
-	sprintf(xsymbol,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
+	snprintf(xsymbol,slen,"%s%s%s",lprefix,lptr->defn.label,lpostfix);
 
 	ofmt->symdef (xsymbol, segment, offset, exi, 
 		special ? special : lptr->defn.special);
author	Ed Beroset <beroset@mindspring.com>	2004-12-15 18:03:20 +0000
committer	Ed Beroset <beroset@mindspring.com>	2004-12-15 18:03:20 +0000
commit	fcc50aec8a16a881f1679843d64ca21acaf82cac (patch)
tree	87487d9a8a6d6daf0f2a205cb07cd874fa15ad91 /labels.c
parent	83b2809a03743310b4f44ab2d135776708ee9b25 (diff)
download	nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.tar.gz nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.tar.bz2 nasm-fcc50aec8a16a881f1679843d64ca21acaf82cac.zip