Hi Eric,
On 22/09/10 02:47, Eric Leblond wrote:
> diff --git a/util/printpkt.c b/util/printpkt.c
> index 5250792..a800555 100644
> --- a/util/printpkt.c
> +++ b/util/printpkt.c
> @@ -106,91 +106,93 @@ struct ulogd_key printpkt_keys[] = {
> [KEY_SCTP_DPORT] = { .name = "sctp.dport", },
> };
>
> -static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
> +static int printpkt_proto(struct ulogd_key *res, char *buf, size_t bufsiz, int protocol)
> {
> char *buf_cur = buf;
> + char *end_buf = buf + bufsiz;
> +
>
> switch (protocol) {
> case IPPROTO_TCP:
> - buf_cur += sprintf(buf_cur, "PROTO=TCP ");
> + buf_cur += snprintf(buf_cur, bufsiz, "PROTO=TCP ");
If you have to fix this. snprintf can return -1 in case of error.
Moreover, it returns the number of bytes that would have been written if
there's space in the buffer. So you have to check if the return value is
higher that the remaining space in the buffer.
Have a look at the use of snprintf in libnetfilter_queue and
libnetfilter_log in nf*snprintf_xml() function for instance.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
