From: Michael Vogt <mvo@ubuntu.com>
Date: Wed, 8 Oct 2014 09:35:48 +0000 (+0200)
Subject: methods/rsh.cc: replace strcat with std::string
X-Git-Tag: 1.0.9.3~3
X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/180b693262d71381d650d10c3f95a5a70553f40f?hp=-c

methods/rsh.cc: replace strcat with std::string

Instead of using strcat use a C++ std::string to avoid overflowing
this buffer. Thanks to David Garfield

Closes: #76442
---

180b693262d71381d650d10c3f95a5a70553f40f
diff --git a/methods/rsh.cc b/methods/rsh.cc
index bd46d2515..0e949160b 100644
--- a/methods/rsh.cc
+++ b/methods/rsh.cc
@@ -218,17 +218,20 @@ bool RSHConn::WriteMsg(std::string &Text,bool Sync,const char *Fmt,...)
    va_list args;
    va_start(args,Fmt);
 
-   // sprintf the description
-   char S[512];
-   vsnprintf(S,sizeof(S) - 4,Fmt,args);
+   // sprintf into a buffer
+   char Tmp[1024];
+   vsnprintf(Tmp,sizeof(Tmp),Fmt,args);
    va_end(args);
 
+   // concat to create the real msg
+   std::string Msg;
    if (Sync == true)
-      strcat(S," 2> /dev/null || echo\n");
+      Msg = std::string(Tmp) + " 2> /dev/null || echo\n";
    else
-      strcat(S," 2> /dev/null\n");
+      Msg = std::string(Tmp) + " 2> /dev/null\n";
 
    // Send it off
+   const char *S = Msg.c_str();
    unsigned long Len = strlen(S);
    unsigned long Start = 0;
    while (Len != 0)