summaryrefslogtreecommitdiff
path: root/src/vpopen.c
diff options
context:
space:
mode:
authorTobias Klauser <tklauser@distanz.ch>2009-05-23 15:14:45 +0200
committerTobias Klauser <tklauser@distanz.ch>2009-05-24 12:17:09 +0200
commit911aae05b5d3ffd2543333e27cf06778381c7b3c (patch)
tree33330b37bf5ede3156f1a7984f1692073223e454 /src/vpopen.c
parent04b38c4c173cef3b1b12163f1cf5a9b3cef8cb4a (diff)
New upstream release 15.7a, fixing CVE-2009-014815.7a-1
Diffstat (limited to 'src/vpopen.c')
-rw-r--r--src/vpopen.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/vpopen.c b/src/vpopen.c
index 777f168..8812dba 100644
--- a/src/vpopen.c
+++ b/src/vpopen.c
@@ -39,7 +39,7 @@
#define OPENFLAG_READ 0
-static char const rcsid[] = "$Id: vpopen.c,v 1.4 2002/07/28 15:40:07 broeker Exp $";
+static char const rcsid[] = "$Id: vpopen.c,v 1.5 2009/04/10 13:39:23 broeker Exp $";
int
vpopen(char *path, int oflag)
@@ -52,7 +52,7 @@ vpopen(char *path, int oflag)
oflag == OPENFLAG_READ) {
vpinit(NULL);
for (i = 1; i < vpndirs; i++) {
- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
if ((returncode = myopen(buf, oflag, 0666)) != -1) {
break;
}