From f0fbd7b87e4b2e282c2cb7cd448214770d6af9bd Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Fri, 1 Jan 1999 04:48:49 +0000
Subject:    Some security, since we now have vsnprintf, I remade an old patch 
   with some extra ugly sprintfs fixed. More work in this area is    needed
 still.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Göran Thyni
---
 src/backend/utils/misc/trace.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/backend/utils/misc/trace.c')

diff --git a/src/backend/utils/misc/trace.c b/src/backend/utils/misc/trace.c
index 0f58a122dda..def34162f24 100644
--- a/src/backend/utils/misc/trace.c
+++ b/src/backend/utils/misc/trace.c
@@ -108,7 +108,7 @@ tprintf(int flag, const char *fmt,...)
 #ifdef ELOG_TIMESTAMPS
 	strcpy(line, tprintf_timestamp());
 #endif
-	vsprintf(line + TIMESTAMP_SIZE, fmt, ap);
+	vsnprintf(line + TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
 	va_end(ap);
 
 #ifdef USE_SYSLOG
@@ -138,7 +138,7 @@ tprintf1(const char *fmt, ... )
 #ifdef ELOG_TIMESTAMPS
 	strcpy(line, tprintf_timestamp());
 #endif
-	vsprintf(line+TIMESTAMP_SIZE, fmt, ap);
+	vsnprintf(line+TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
 	va_end(ap);
 
 #ifdef USE_SYSLOG
@@ -166,7 +166,7 @@ eprintf(const char *fmt,...)
 #ifdef ELOG_TIMESTAMPS
 	strcpy(line, tprintf_timestamp());
 #endif
-	vsprintf(line + TIMESTAMP_SIZE, fmt, ap);
+	vsnprintf(line + TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
 	va_end(ap);
 
 #ifdef USE_SYSLOG
@@ -344,7 +344,7 @@ read_pg_options(SIGNAL_ARGS)
 	    return;
 	}
 
-	sprintf(buffer, "%s/%s", DataDir, "pg_options");
+	snprintf(buffer, BUF_SIZE - 1, "%s/%s", DataDir, "pg_options");
 	if ((fd = open(buffer, O_RDONLY)) < 0)
 		return;
 
-- 
cgit v1.2.3