[conntrack-tools] fix unsecure usage of printf and include limits.h (PATH_MAX and INT_MAX)

Pablo Neira netfilter-cvslog-bounces at lists.netfilter.org
Sun Jun 15 22:14:49 CEST 2008 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=conntrack-tools.git;a=commit;h=dbd1a5ced2d144f330faba448e639b8dc9d6b009
commit dbd1a5ced2d144f330faba448e639b8dc9d6b009
Author:     Albin Tonerre <lutin at ubuntu.com>
AuthorDate: Sun Jun 15 22:01:52 2008 +0200
Commit:     Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sun Jun 15 22:01:52 2008 +0200

    fix unsecure usage of printf and include limits.h (PATH_MAX and INT_MAX)
       via  dbd1a5ced2d144f330faba448e639b8dc9d6b009 (commit)
      from  5dee97536258d3334b9c0ffeb59ec4ad076dc6c3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit dbd1a5ced2d144f330faba448e639b8dc9d6b009
Author: Albin Tonerre <lutin at ubuntu.com>
Date:   Sun Jun 15 22:01:52 2008 +0200

    fix unsecure usage of printf and include limits.h (PATH_MAX and INT_MAX)

-----------------------------------------------------------------------

 src/ignore_pool.c |    1 +
 src/local.c       |    2 +-
 src/main.c        |    1 +
 3 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/src/ignore_pool.c b/src/ignore_pool.c
index 027d628..2f951e8 100644
--- a/src/ignore_pool.c
+++ b/src/ignore_pool.c
@@ -25,6 +25,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 
 /* XXX: These should be configurable, better use a rb-tree */
 #define IGNORE_POOL_SIZE 128
diff --git a/src/local.c b/src/local.c
index e2c3599..4739e56 100644
--- a/src/local.c
+++ b/src/local.c
@@ -132,7 +132,7 @@ int do_local_client_step(int fd, void (*process)(char *buf))
 
 void local_step(char *buf)
 {
-	printf(buf);
+	printf("%s", buf);
 }
 
 int do_local_request(int request,
diff --git a/src/main.c b/src/main.c
index 2e1ccd8..084643c 100644
--- a/src/main.c
+++ b/src/main.c
@@ -26,6 +26,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <limits.h>
 
 struct ct_general_state st;
 union ct_state state;

More information about the netfilter-cvslog mailing list