From af341158dbaba37e96ddf7463a04c8ed9d732e24 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 23 Aug 2002 08:29:44 +0000 Subject: bad bad bad snprintf() overflow the buffer if the string passed in with a %s didn't fit within the buffer! git-svn-id: svn://svn.rockbox.org/rockbox/trunk@1943 a1c6a512-1295-4272-9138-f99709370657 --- firmware/common/sprintf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'firmware') diff --git a/firmware/common/sprintf.c b/firmware/common/sprintf.c index 80bdda6336..c18a390b44 100644 --- a/firmware/common/sprintf.c +++ b/firmware/common/sprintf.c @@ -100,10 +100,10 @@ int vsnprintf (char *buf, int size, const char *fmt, va_list ap) if (width > 0) { width -= strlen (str); - while (width-- > 0 && buf < end) + while (width-- > 0 && bp < end) *bp++ = pad; } - while (*str != '\0' && buf < end) + while (*str != '\0' && bp < end) *bp++ = *str++; } else -- cgit v1.2.3