From: David van Moolenbroek Date: Thu, 1 Oct 2009 16:54:56 +0000 (+0000) Subject: Fix syslog buffer overflow (Bug#270, reported by Kevin Jordan) X-Git-Tag: v3.1.5~50 X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/zlib_tech.html?a=commitdiff_plain;h=0c1ae1965e2ac6dfae6136e4025714b40a00f53b;p=minix.git Fix syslog buffer overflow (Bug#270, reported by Kevin Jordan) --- diff --git a/commands/syslogd/syslog.c b/commands/syslogd/syslog.c index caf2120e4..8db82df3c 100644 --- a/commands/syslogd/syslog.c +++ b/commands/syslogd/syslog.c @@ -139,7 +139,7 @@ void syslog(int lprty, const char *msg,...) len += sprintf(buff + len, "[%d]: ", LogPid); } va_start(ap, msg); - len += vsprintf(buff + len, msg, ap); + len += vsnprintf(buff + len, sizeof(buff) - len, msg, ap); va_end(ap); rc = write(nfd, buff, len); if ((rc != len && LogFlags & LOG_CONS) || LogFlags & LOG_PERROR) {