diff options
author | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
commit | 52571d9201c7bef4dc5ebdf14a41db1f7baddc8e (patch) | |
tree | 9f108e05e8881ea19954b4959fdca96d47daa615 /src/lib/krb5/krb/preauth2.c | |
parent | 57913ccc175061dd41e98914d50eda56dd9685c0 (diff) | |
download | krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.gz krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.xz krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.zip |
Avoid use of unchecked sprintf in libraries. Use asprintf if the
output buffer is allocated according to the size of data to be
written, or snprintf otherwise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/preauth2.c')
-rw-r--r-- | src/lib/krb5/krb/preauth2.c | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index f59b899c60..7be2becfeb 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -799,21 +799,21 @@ krb5_error_code pa_sam(krb5_context context, prompter_data, salt, s2kparams, as_key, gak_data))) return(ret); } - sprintf(name, "%.*s", - SAMDATA(sam_challenge->sam_type_name, "SAM Authentication", - sizeof(name) - 1)); + snprintf(name, sizeof(name), "%.*s", + SAMDATA(sam_challenge->sam_type_name, "SAM Authentication", + sizeof(name) - 1)); - sprintf(banner, "%.*s", - SAMDATA(sam_challenge->sam_challenge_label, - sam_challenge_banner(sam_challenge->sam_type), - sizeof(banner)-1)); + snprintf(banner, sizeof(banner), "%.*s", + SAMDATA(sam_challenge->sam_challenge_label, + sam_challenge_banner(sam_challenge->sam_type), + sizeof(banner)-1)); /* sprintf(prompt, "Challenge is [%s], %s: ", challenge, prompt); */ - sprintf(prompt, "%s%.*s%s%.*s", - sam_challenge->sam_challenge.length?"Challenge is [":"", - SAMDATA(sam_challenge->sam_challenge, "", 20), - sam_challenge->sam_challenge.length?"], ":"", - SAMDATA(sam_challenge->sam_response_prompt, "passcode", 55)); + snprintf(prompt, sizeof(prompt), "%s%.*s%s%.*s", + sam_challenge->sam_challenge.length?"Challenge is [":"", + SAMDATA(sam_challenge->sam_challenge, "", 20), + sam_challenge->sam_challenge.length?"], ":"", + SAMDATA(sam_challenge->sam_response_prompt, "passcode", 55)); response_data.data = response; response_data.length = sizeof(response); @@ -1064,20 +1064,20 @@ krb5_error_code pa_sam_2(krb5_context context, } } - sprintf(name, "%.*s", + snprintf(name, sizeof(name), "%.*s", SAMDATA(sc2b->sam_type_name, "SAM Authentication", sizeof(name) - 1)); - sprintf(banner, "%.*s", - SAMDATA(sc2b->sam_challenge_label, - sam_challenge_banner(sc2b->sam_type), - sizeof(banner)-1)); + snprintf(banner, sizeof(banner), "%.*s", + SAMDATA(sc2b->sam_challenge_label, + sam_challenge_banner(sc2b->sam_type), + sizeof(banner)-1)); - sprintf(prompt, "%s%.*s%s%.*s", - sc2b->sam_challenge.length?"Challenge is [":"", - SAMDATA(sc2b->sam_challenge, "", 20), - sc2b->sam_challenge.length?"], ":"", - SAMDATA(sc2b->sam_response_prompt, "passcode", 55)); + snprintf(prompt, sizeof(prompt), "%s%.*s%s%.*s", + sc2b->sam_challenge.length?"Challenge is [":"", + SAMDATA(sc2b->sam_challenge, "", 20), + sc2b->sam_challenge.length?"], ":"", + SAMDATA(sc2b->sam_response_prompt, "passcode", 55)); response_data.data = response; response_data.length = sizeof(response); |