From de5ce8de303634a6a0f5a45bef2b9e26e4641e49 Mon Sep 17 00:00:00 2001 From: sgunderson Date: Thu, 17 Aug 2000 21:12:51 +0000 Subject: [PATCH] list_readmes(): Allocate less memory, use snprintf() to avoid a buffer overflow from very long README-names and --enable-message. --- ftpd.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/ftpd.c b/ftpd.c index b36027b..a6e32f8 100644 --- a/ftpd.c +++ b/ftpd.c @@ -1584,28 +1584,28 @@ void list_readmes(struct conn * const c) const time_t now = time(NULL); int i; - if (glob("README*", 0, NULL, &pglob) == 0) { - for (i = 0; i < pglob.gl_pathc; i++) { - const char * const temp = pglob.gl_pathv[i]; - struct stat buf; - char str[2048]; + if (glob("README*", 0, NULL, &pglob) != 0) return; - char *tm; + for (i = 0; i < pglob.gl_pathc; i++) { + const char * const temp = pglob.gl_pathv[i]; + struct stat buf; + char str[256]; - if (stat(temp, &buf) == -1) continue; + char *tm; - /* remove trailing LF */ - tm = ctime(&buf.st_mtime); - tm[strlen(tm) - 1] = 0; + if (stat(temp, &buf) == -1) continue; - sprintf(str, "250-Please read the file %s\r\n" - "250-\tIt was last modified %s - %ld days ago\r\n", - temp, tm, - (now - buf.st_mtime) / 86400); - send(c->sock, str, strlen(str), 0); - } - globfree(&pglob); - } + /* remove trailing LF */ + tm = ctime(&buf.st_mtime); + tm[strlen(tm) - 1] = 0; + + snprintf(str, 256, "250-Please read the file %s\r\n" + "250-\tIt was last modified %s - %ld days ago\r\n", + temp, tm, + (now - buf.st_mtime) / 86400); + send(c->sock, str, strlen(str), 0); + } + globfree(&pglob); } #endif -- 2.39.2