diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-10-08 13:39:29 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-10-08 15:13:46 +0200 |
commit | 8238ba9c5f10414a88f502bf3f5d5a42d632984c (patch) | |
tree | eeeb5d93d5435b83f678a54bdffd52d0c287c846 /lib/ftp.c | |
parent | 9885c9508ec757f7f658dab11658e4a3e643a420 (diff) | |
download | curl-8238ba9c5f10414a88f502bf3f5d5a42d632984c.tar.gz |
ftp: fix Curl_ftpsendf()
... it no longer takes printf() arguments since it was only really taken
advantage by one user and it was not written and used in a safe
way. Thus the 'f' is removed from the function name and the proto is
changed.
Although the current code wouldn't end up in badness, it was a risk that
future changes could end up springf()ing too large data or passing in a
format string inadvertently.
Diffstat (limited to 'lib/ftp.c')
-rw-r--r-- | lib/ftp.c | 10 |
1 files changed, 4 insertions, 6 deletions
@@ -4091,8 +4091,7 @@ static CURLcode ftp_do(struct connectdata *conn, bool *done) } -CURLcode Curl_ftpsendf(struct connectdata *conn, - const char *fmt, ...) +CURLcode Curl_ftpsend(struct connectdata *conn, const char *cmd) { ssize_t bytes_written; #define SBUF_SIZE 1024 @@ -4104,10 +4103,9 @@ CURLcode Curl_ftpsendf(struct connectdata *conn, enum protection_level data_sec = conn->data_prot; #endif - va_list ap; - va_start(ap, fmt); - write_len = vsnprintf(s, SBUF_SIZE-3, fmt, ap); - va_end(ap); + write_len = strlen(cmd); + if(write_len > (sizeof(s) -3)) + return CURLE_BAD_FUNCTION_ARGUMENT; strcpy(&s[write_len], "\r\n"); /* append a trailing CRLF */ write_len +=2; |