diff options
author | Dan McGee <dan@archlinux.org> | 2011-10-13 19:53:56 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-10-13 22:16:10 +0200 |
commit | 86bc36412e2619e0e05d61cf6216ef68814cf1cd (patch) | |
tree | 134edcc935d085df5374b3b797d983628b6d6751 /lib/libalpm/signing.c | |
parent | 1ebe5dc1979e90c37d6534d6b1e0173a884326b1 (diff) | |
download | pacman-86bc36412e2619e0e05d61cf6216ef68814cf1cd.tar.gz pacman-86bc36412e2619e0e05d61cf6216ef68814cf1cd.tar.xz |
curl_gethost() potential bug fixups
This is in the realm of "probably not going to happen", but if someone
were to translate "disk" to a string longer than 256 characters, we
would have a smashed/corrupted stack due to our unchecked strcpy() call.
Rework the function to always length-check the value we copy into the
hostname buffer, and do it with memcpy rather than the more cumbersome
and unnecessary snprintf.
Finally, move the magic 256 value into a constant and pass it into the
function which is going to get inlined anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
0 files changed, 0 insertions, 0 deletions