From 57fb117571560280226818d51411c1df2cab836c Mon Sep 17 00:00:00 2001
From: Vitaly Lavrov <vel21ripn@gmail.com>
Date: Fri, 26 Jan 2018 13:03:17 +0300
Subject: Fix buffer overflow in function ndpi_debug_printf()

---
 src/lib/ndpi_main.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib/ndpi_main.c')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 843a7ba1a..cfcef8c0b 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -1950,13 +1950,13 @@ void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *
 {
 #ifdef NDPI_ENABLE_DEBUG_MESSAGES
   va_list args;
-#define MAX_STR_LEN 120
+#define MAX_STR_LEN 250
   char str[MAX_STR_LEN];
   if(ndpi_str != NULL && log_level > NDPI_LOG_ERROR  &&
 	proto > 0 && proto < NDPI_MAX_SUPPORTED_PROTOCOLS &&
 	!NDPI_ISSET(&ndpi_str->debug_bitmask,proto)) return;
   va_start(args, format);
-  vsprintf(str, format, args);
+  vsnprintf(str,sizeof(str)-1, format, args);
   va_end(args);
 
   if (ndpi_str != NULL) {
-- 
cgit v1.2.3