On Tue, Nov 04, 2003 at 03:45:10PM +0000, Steve Kemp wrote:
> Please apply the following patch:
>
> --- config.cpp-orig 2003-11-04 15:36:58.000000000 +0000
> +++ config.cpp 2003-11-04 15:37:06.000000000 +0000
> @@ -92,7 +92,7 @@
> #else
> if(getenv("HOME") == NULL)
> return 1;
> - sprintf(str,"%s/%s",getenv("HOME"),CONFIGFILE);
> + snprintf(str,sizeof(str)-1,"%s/%s",getenv("HOME"),CONFIGFILE);
> #endif
>
> cf = fopen(str,"r");
The return value from snprintf() should be checked, otherwise you won't
notice truncation.
Cheers,
--
Colin Watson [EMAIL PROTECTED]
