Convert many uses of sprintf to snprintf or asprintf

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 26 insertions, 30 deletions

diff --git a/src/clients/ksu/authorization.c b/src/clients/ksu/authorization.c
index fa596230b8..0c90d27131 100644
--- a/src/clients/ksu/authorization.c
+++ b/src/clients/ksu/authorization.c
@@ -365,15 +365,13 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err)
     }else{
 	/* must be either full path or just the cmd name */
 	if (strchr(fcmd, '/')){
-	    err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char));
-	    sprintf(err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME);
+	    asprintf(&err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME);
 	    *out_err = err;
 	    return FALSE;
 	}
 
 #ifndef CMD_PATH
-	err = (char *) xcalloc(2*(strlen(fcmd) +200) ,sizeof(char));
-	sprintf(err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd);
+	asprintf(&err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd);
 	*out_err = err;
 	return FALSE;
 #else
@@ -386,8 +384,7 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err)
 	tc = get_first_token (path_ptr, &lp);
 
 	if (! tc){
-	    err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char));
-	    sprintf(err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n",  fcmd, KRB5_USERS_NAME);
+	    asprintf(&err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n",  fcmd, KRB5_USERS_NAME);
 	    *out_err = err;
 	    return FALSE;
 	}
@@ -395,8 +392,7 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err)
 	i=0;
 	do{
 	    if (*tc != '/'){  /* must be full path */
-		err = (char *) xcalloc((strlen(tc) +200) ,sizeof(char));
-		sprintf(err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME );
+		asprintf(&err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME );
 		*out_err = err;
 		return FALSE;
 	    }
@@ -707,17 +703,19 @@ static void auth_cleanup(users_fp, login_fp, princname)
 void init_auth_names(pw_dir)
     char *pw_dir;
 {
-    if (strlen (k5login_path) + 2 + strlen (KRB5_LOGIN_NAME) >= MAXPATHLEN) {
+    const char *sep;
+    int r1, r2;
+
+    sep = ((strlen(pw_dir) == 1) && (*pw_dir == '/')) ? "" : "/";
+    r1 = snprintf(k5login_path, sizeof(k5login_path), "%s%s%s",
+		  pw_dir, sep, KRB5_LOGIN_NAME);
+    r2 = snprintf(k5users_path, sizeof(k5users_path), "%s%s%s",
+		  pw_dir, sep, KRB5_USERS_NAME);
+    if (SNPRINTF_OVERFLOW(r1, sizeof(k5login_path)) ||
+	SNPRINTF_OVERFLOW(r2, sizeof(k5users_path))) {
 	fprintf (stderr,
 		 "home directory name `%s' too long, can't search for .k5login\n",
 		 pw_dir);
 	exit (1);
     }
-    if ((strlen(pw_dir) == 1) && (*pw_dir == '/')){
-	sprintf(k5login_path,"%s%s", pw_dir, KRB5_LOGIN_NAME);
-	sprintf(k5users_path,"%s%s", pw_dir, KRB5_USERS_NAME);
-    } else {
-	sprintf(k5login_path,"%s/%s", pw_dir, KRB5_LOGIN_NAME);
-	sprintf(k5users_path,"%s/%s", pw_dir, KRB5_USERS_NAME);
-    }
 }
diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c
index f19c169249..8b99177731 100644
--- a/src/clients/ksu/krb_auth_su.c
+++ b/src/clients/ksu/krb_auth_su.c
@@ -407,7 +407,7 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server,
     krb5_timestamp now;
     unsigned int pwsize;
     char password[255], *client_name, prompt[255];
-
+    int result;
 
     *zero_password = FALSE;	
     
@@ -442,13 +442,14 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server,
     } else
 	my_creds.times.renew_till = 0;
 
-    if (strlen (client_name) + 80 > sizeof (prompt)) {
+    result = snprintf(prompt, sizeof(prompt), "Kerberos password for %s: ",
+		      client_name);
+    if (SNPRINTF_OVERFLOW(result, sizeof(prompt))) {
 	fprintf (stderr,
 		 "principal name %s too long for internal buffer space\n",
 		 client_name);
 	return FALSE;
     }
-    (void) sprintf(prompt,"Kerberos password for %s: ", client_name);
     
     pwsize = sizeof(password);
     
diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 3329bd78ac..0aba56933d 100644
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -425,9 +425,9 @@ main (argc, argv)
 	   cache will be created.*/
 	
 	do {
-	    sprintf(cc_target_tag, "%s%ld.%d",
-		    KRB5_SECONDARY_CACHE,
-		    (long) target_uid, gen_sym());
+	    snprintf(cc_target_tag, KRB5_SEC_BUFFSIZE, "%s%ld.%d",
+		     KRB5_SECONDARY_CACHE,
+		     (long) target_uid, gen_sym());
 	    cc_target_tag_tmp = strchr(cc_target_tag, ':') + 1;
 	    
 	}while ( !stat ( cc_target_tag_tmp, &st_temp)); 
@@ -855,15 +855,16 @@ char *sh;
 static char * ontty()
 {
     char *p, *ttyname();
-    static char buf[MAXPATHLEN + 4];
+    static char buf[MAXPATHLEN + 5];
+    int result;
     
     buf[0] = 0;
     if ((p = ttyname(STDERR_FILENO))) {
-	if (strlen (p) > MAXPATHLEN) {
+	result = snprintf(buf, sizeof(buf), " on %s", p);
+	if (SNPRINTF_OVERFLOW(result, sizeof(buf))) {
 	    fprintf (stderr, "terminal name %s too long\n", p);
 	    exit (1);
 	}
-	sprintf(buf, " on %s", p);
     }
     return (buf);
 }
@@ -875,11 +876,7 @@ static int set_env_var(name, value)
 {
     char * env_var_buf;
     
-    /* allocate extra two spaces, one for the = and one for the \0 */  
-    env_var_buf = (char *) xcalloc(2 + strlen(name) + strlen(value),
-				   sizeof(char)); 
-    
-    sprintf(env_var_buf,"%s=%s",name, value);  
+    asprintf(&env_var_buf,"%s=%s",name, value);  
     return putenv(env_var_buf);
     
 }