From 88a4820dbff09d54d4e9e35a75ba727e554a957c Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <eighthave@users.sourceforge.net>
Date: Tue, 13 Nov 2012 04:40:01 +0000
Subject: fix security warning in bad use of snprintf()

svn path=/trunk/externals/jackx/; revision=16544
---
 jack-ports.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/jack-ports.c b/jack-ports.c
index 6c38141..b8d48bd 100644
--- a/jack-ports.c
+++ b/jack-ports.c
@@ -150,10 +150,11 @@ static void jackports_input(t_jackports *x, t_symbol *s,int argc, t_atom *argv)
 
                 if (t)
                 {
-                    s_port=gensym(strchr(ports[n],':')+1);
+                    s_port = gensym(strchr(ports[n], ':') + 1);
 
-
-                    snprintf(x->buffer,l-strlen(s_port->s_name),ports[n]);
+                    int clientlen = l - strlen(s_port->s_name) - 1;
+                    strncpy(x->buffer, ports[n], clientlen);
+                    x->buffer[clientlen] = '\0';
                     s_client = gensym(x->buffer);
 
                     SETSYMBOL(x->a_outlist,s_client);
@@ -179,10 +180,11 @@ static void jackports_input(t_jackports *x, t_symbol *s,int argc, t_atom *argv)
 
                 if (t)
                 {
-                    s_port=gensym(strchr(ports[n],':')+1);
-
+                    s_port = gensym(strchr(ports[n], ':') + 1);
 
-                    snprintf(x->buffer,l-strlen(s_port->s_name),ports[n]);
+                    int clientlen = l - strlen(s_port->s_name) - 1;
+                    strncpy(x->buffer, ports[n], clientlen);
+                    x->buffer[clientlen] = '\0';
                     s_client = gensym(x->buffer);
 
                     SETSYMBOL(x->a_outlist,s_client);
-- 
cgit v1.2.1