Group :: System/Libraries
RPM: libcap
Navigation
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: libcap-1.10-alt-bound.patch
Download
Download
diff -uprk.orig libcap-1.10.orig/libcap/cap_text.c libcap-1.10/libcap/cap_text.c
--- libcap-1.10.orig/libcap/cap_text.c 2003-10-13 12:31:13 +0400
+++ libcap-1.10/libcap/cap_text.c 2003-10-13 12:34:33 +0400
@@ -16,8 +16,8 @@
#include <ctype.h>
#include <stdio.h>
-/* Maximum output text length (16 per cap) */
-#define CAP_TEXT_SIZE (16*__CAP_BITS)
+/* Maximum output text length (20 per cap) */
+#define CAP_TEXT_SIZE (20*__CAP_BITS)
#define LIBCAP_EFF 01
#define LIBCAP_INH 02
@@ -262,7 +262,7 @@ char *cap_to_text(cap_t caps, ssize_t *l
m = t;
/* blank is not a valid capability set */
- p = sprintf(buf, "=%s%s%s",
+ p = snprintf(buf, sizeof(buf), "=%s%s%s",
(m & LIBCAP_EFF) ? "e" : "",
(m & LIBCAP_INH) ? "i" : "",
(m & LIBCAP_PER) ? "p" : "" ) + buf;
@@ -273,9 +273,9 @@ char *cap_to_text(cap_t caps, ssize_t *l
for (n = 0; n != __CAP_BITS; n++)
if (getstateflags(caps, n) == t) {if (_cap_names[n])
- p += sprintf(p, "%s,", _cap_names[n]);
+ p += snprintf(p, sizeof(buf)-(p-buf), "%s,", _cap_names[n]);
else
- p += sprintf(p, "%d,", n);
+ p += snprintf(p, sizeof(buf)-(p-buf), "%d,", n);
if (p - buf > CAP_TEXT_SIZE) {errno = ERANGE;
return NULL;
@@ -284,13 +284,17 @@ char *cap_to_text(cap_t caps, ssize_t *l
p--;
n = t & ~m;
if (n)
- p += sprintf(p, "+%s%s%s",
+ p += snprintf(p, sizeof(buf)-(p-buf), "+%s%s%s",
(n & LIBCAP_EFF) ? "e" : "",
(n & LIBCAP_INH) ? "i" : "",
(n & LIBCAP_PER) ? "p" : "");
+ if (p - buf > CAP_TEXT_SIZE) {+ errno = ERANGE;
+ return NULL;
+ }
n = ~t & m;
if (n)
- p += sprintf(p, "-%s%s%s",
+ p += snprintf(p, sizeof(buf)-(p-buf), "-%s%s%s",
(n & LIBCAP_EFF) ? "e" : "",
(n & LIBCAP_INH) ? "i" : "",
(n & LIBCAP_PER) ? "p" : "");