From: Belbo <belbo@gmx.de>
Date: Sun, 16 Jul 2017 16:31:24 +0000 (+0200)
Subject: Prevent buffer overflow in log functions
X-Git-Tag: 3.2d13~26^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=19ff6042cf979837149e8745265df65840432411;p=thirdparty%2Fshairport-sync.git

Prevent buffer overflow in log functions

die(), warn(), debug() and inform() write the string into a limited internal buffer first. They now use vsnprintf() instead of vsprintf() to prevent an overflow of that buffer.
---

diff --git a/common.c b/common.c
index 1bea3a91..2949ebbb 100644
--- a/common.c
+++ b/common.c
@@ -101,7 +101,7 @@ void die(const char *format, ...) {
   s[0] = 0;
   va_list args;
   va_start(args, format);
-  vsprintf(s, format, args);
+  vsnprintf(s, sizeof(s), format, args);
   va_end(args);
   daemon_log(LOG_EMERG, "fatal error: %s", s);
   shairport_shutdown();
@@ -113,7 +113,7 @@ void warn(const char *format, ...) {
   s[0] = 0;
   va_list args;
   va_start(args, format);
-  vsprintf(s, format, args);
+  vsnprintf(s, sizeof(s), format, args);
   va_end(args);
   daemon_log(LOG_WARNING, "%s", s);
 }
@@ -125,7 +125,7 @@ void debug(int level, const char *format, ...) {
   s[0] = 0;
   va_list args;
   va_start(args, format);
-  vsprintf(s, format, args);
+  vsnprintf(s, sizeof(s), format, args);
   va_end(args);
   daemon_log(LOG_DEBUG, "%s", s);
 }
@@ -135,7 +135,7 @@ void inform(const char *format, ...) {
   s[0] = 0;
   va_list args;
   va_start(args, format);
-  vsprintf(s, format, args);
+  vsnprintf(s, sizeof(s), format, args);
   va_end(args);
   daemon_log(LOG_INFO, "%s", s);
 }