(Franck Joncourt) patch to address sprintf() warnings for issue #60
authorMichael Rash <mbr@cipherdyne.org>
Sat, 4 May 2013 18:16:06 +0000 (14:16 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 4 May 2013 18:16:06 +0000 (14:16 -0400)
client/http_resolve_host.c
server/fw_util_iptables.c

index ada5bb1..45c01ab 100644 (file)
@@ -249,7 +249,7 @@ parse_url(char *res_url, struct url* url)
             return(-1);
         }
 
-        sprintf(url->port, "%u", port);
+        snprintf(url->port, sizeof(url->port)-1, "%u", port);
 
         /* Get the offset we need to skip the port portion when we
          * extract the hostname part.
@@ -308,6 +308,8 @@ resolve_ip_http(fko_cli_options_t *options)
     int     res;
     struct  url url;
 
+    memset(&url, 0, sizeof(url));
+
     if(options->resolve_url != NULL)
     {
         if(parse_url(options->resolve_url, &url) < 0)
index 6d7dda8..29a7cb7 100644 (file)
@@ -185,7 +185,7 @@ jump_rule_exists(const int chain_num)
     char    line_buf[CMD_BUFSIZE] = {0};
     FILE   *ipt;
 
-    sprintf(cmd_buf, "%s " IPT_LIST_RULES_ARGS,
+    snprintf(cmd_buf, CMD_BUFSIZE-1, "%s " IPT_LIST_RULES_ARGS,
         fwc.fw_command,
         fwc.chain[chain_num].table,
         fwc.chain[chain_num].from_chain