From 52571d9201c7bef4dc5ebdf14a41db1f7baddc8e Mon Sep 17 00:00:00 2001
From: Ken Raeburn <raeburn@mit.edu>
Date: Thu, 12 Jul 2007 23:33:25 +0000
Subject: Avoid use of unchecked sprintf in libraries.  Use asprintf if the
 output buffer is allocated according to the size of data to be written, or
 snprintf otherwise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/gssapi/generic/disp_major_status.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'src/lib/gssapi/generic')

diff --git a/src/lib/gssapi/generic/disp_major_status.c b/src/lib/gssapi/generic/disp_major_status.c
index 218370d142..0648192a19 100644
--- a/src/lib/gssapi/generic/disp_major_status.c
+++ b/src/lib/gssapi/generic/disp_major_status.c
@@ -115,11 +115,8 @@ display_unknown(kind, value, buffer)
 {
    char *str;
 
-   if ((str =
-	(char *) xmalloc(strlen(unknown_error)+strlen(kind)+7)) == NULL)
-      return(0);
-
-   sprintf(str, unknown_error, kind, value);
+   if (asprintf(&str, unknown_error, kind, value) < 0)
+       return(0);
 
    buffer->length = strlen(str);
    buffer->value = str;
-- 
cgit