From e016103fa25167594b9ff5d410019f114b7a36fb Mon Sep 17 00:00:00 2001 From: Tobias Klauser Date: Sat, 23 May 2009 15:14:45 +0200 Subject: New upstream release 15.7a, fixing CVE-2009-0148 --- src/vpaccess.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/vpaccess.c') diff --git a/src/vpaccess.c b/src/vpaccess.c index cb56730..607cee1 100644 --- a/src/vpaccess.c +++ b/src/vpaccess.c @@ -30,7 +30,7 @@ DAMAGE. =========================================================================*/ -/* $Id: vpaccess.c,v 1.2 2000/05/03 22:02:10 petr Exp $ */ +/* $Id: vpaccess.c,v 1.3 2009/04/10 13:39:23 broeker Exp $ */ /* vpaccess - view path version of the access system call */ @@ -49,7 +49,7 @@ vpaccess(char *path, mode_t amode) if ((returncode = access(path, amode)) == -1 && path[0] != '/') { vpinit(NULL); for (i = 1; i < vpndirs; i++) { - (void) sprintf(buf, "%s/%s", vpdirs[i], path); + (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path); if ((returncode = access(buf, amode)) != -1) { break; } -- cgit v1.2.3-54-g00ecf