[postgis-tickets] r15481 - Check return from an sprintf
Sandro Santilli
strk at kbt.io
Mon Jul 10 10:51:14 PDT 2017
Author: strk
Date: 2017-07-10 10:51:13 -0700 (Mon, 10 Jul 2017)
New Revision: 15481
Modified:
trunk/loader/pgsql2shp-core.c
Log:
Check return from an sprintf
Would be dangerous with field names > 256 characters..
Modified: trunk/loader/pgsql2shp-core.c
===================================================================
--- trunk/loader/pgsql2shp-core.c 2017-07-10 17:29:03 UTC (rev 15480)
+++ trunk/loader/pgsql2shp-core.c 2017-07-10 17:51:13 UTC (rev 15481)
@@ -1558,7 +1558,11 @@
/* Issue warning if column has been renamed */
if (strcasecmp(dbffieldname, pgfieldname))
{
- snprintf(buf, 256, _("Warning, field %s renamed to %s\n"), pgfieldname, dbffieldname);
+ if ( snprintf(buf, 256, _("Warning, field %s renamed to %s\n"),
+ pgfieldname, dbffieldname) >= 256 )
+ {
+ buf[255] = '\0';
+ }
/* Note: we concatenate all warnings from the main loop as this is useful information */
strncat(state->message, buf, SHPDUMPERMSGLEN - strlen(state->message) - 1);
More information about the postgis-tickets
mailing list