From 93b201d23be3167983826da750d7d1fe8c4c5d47 Mon Sep 17 00:00:00 2001 From: Robert James Kaes Date: Mon, 15 Jan 2001 17:11:57 +0000 Subject: Fixed more potential overflow bugs. --- src/reqs.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/reqs.c') diff --git a/src/reqs.c b/src/reqs.c index 01c8ab8..cea4249 100644 --- a/src/reqs.c +++ b/src/reqs.c @@ -1,4 +1,4 @@ -/* $Id: reqs.c,v 1.10 2000-11-23 04:46:25 rjkaes Exp $ +/* $Id: reqs.c,v 1.11 2001-01-15 17:11:57 rjkaes Exp $ * * This is where all the work in tinyproxy is actually done. Incoming * connections have a new thread created for them. The thread then @@ -170,12 +170,13 @@ static int process_method(struct conn_s *connptr) if (!uri->scheme || strcasecmp(uri->scheme, "http") != 0) { char *error_string; if (uri->scheme) { - error_string = malloc(strlen(uri->scheme) + 64); + int error_string_len = strlen(uri->scheme) + 64; + error_string = malloc(error_string_len); if (!error_string) { log(LOG_CRIT, "Out of Memory!"); return -1; } - sprintf(error_string, + snprintf(error_string, error_string_len, "Invalid scheme (%s). Only HTTP is allowed.", uri->scheme); } else { -- cgit v1.2.3