Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
tools
>
yup
> curl-7.15.5-CVE-2006-1061.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File curl-7.15.5-CVE-2006-1061.patch of Package yup
--- lib/tftp.c +++ lib/tftp.c @@ -271,7 +271,8 @@ /* If we are downloading, send an RRQ */ state->spacket.event = htons(TFTP_EVENT_RRQ); } - sprintf((char *)state->spacket.u.request.data, "%s%c%s%c", + snprintf((char *)state->spacket.u.request.data, + sizeof(state->spacket.u.request.data), "%s%c%s%c", filename, '\0', mode, '\0'); sbytes = 4 + (int)strlen(filename) + (int)strlen(mode); sbytes = sendto(state->sockfd, (void *)&state->spacket,
