Convert many uses of sprintf to snprintf or asprintf

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970

5 files changed, 25 insertions, 25 deletions

diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
index 00f26b129..125310f13 100644
--- a/src/kadmin/cli/kadmin.c
+++ b/src/kadmin/cli/kadmin.c
@@ -134,9 +134,9 @@ static char *strdur(duration)
     minutes = duration / 60;
     duration %= 60;
     seconds = duration;
-    sprintf(out, "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
-	    days, days == 1 ? "day" : "days",
-	    hours, minutes, seconds);
+    snprintf(out, sizeof(out), "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
+	     days, days == 1 ? "day" : "days",
+	     hours, minutes, seconds);
     return out;
 }
 
@@ -794,11 +794,12 @@ void kadmin_cpw(argc, argv)
     } else if (argc == 1) {
 	unsigned int i = sizeof (newpw) - 1;
 
-	sprintf(prompt1, "Enter password for principal \"%.900s\"",
-		*argv);
-	sprintf(prompt2,
-		"Re-enter password for principal \"%.900s\"",
-		*argv);
+	snprintf(prompt1, sizeof(prompt1),
+		 "Enter password for principal \"%.900s\"",
+		 *argv);
+	snprintf(prompt2, sizeof(prompt2),
+		 "Re-enter password for principal \"%.900s\"",
+		 *argv);
 	retval = krb5_read_password(context, prompt1, prompt2,
 				    newpw, &i);
 	if (retval) {
@@ -1228,11 +1229,12 @@ void kadmin_addprinc(argc, argv)
     } else if (pass == NULL) {
 	unsigned int sz = sizeof (newpw) - 1;
 
-	sprintf(prompt1, "Enter password for principal \"%.900s\"",
-		canon);
-	sprintf(prompt2,
-		"Re-enter password for principal \"%.900s\"",
-		canon);
+	snprintf(prompt1, sizeof(prompt1),
+		 "Enter password for principal \"%.900s\"",
+		 canon);
+	snprintf(prompt2, sizeof(prompt2),
+		 "Re-enter password for principal \"%.900s\"",
+		 canon);
 	retval = krb5_read_password(context, prompt1, prompt2,
 				    newpw, &sz);
 	if (retval) {
@@ -1513,14 +1515,14 @@ void kadmin_getprinc(argc, argv)
 
 	    if (krb5_enctype_to_string(key_data->key_data_type[0],
 				       enctype, sizeof(enctype)))
-		sprintf(enctype, "<Encryption type 0x%x>",
-			key_data->key_data_type[0]);
+		snprintf(enctype, sizeof(enctype), "<Encryption type 0x%x>",
+			 key_data->key_data_type[0]);
 	    printf("Key: vno %d, %s, ", key_data->key_data_kvno, enctype);
 	    if (key_data->key_data_ver > 1) {
 		if (krb5_salttype_to_string(key_data->key_data_type[1],
 					    salttype, sizeof(salttype)))
-		    sprintf(salttype, "<Salt type 0x%x>",
-			    key_data->key_data_type[1]);
+		    snprintf(salttype, sizeof(salttype), "<Salt type 0x%x>",
+			     key_data->key_data_type[1]);
 		printf("%s\n", salttype);
 	    } else
 		printf("no salt\n");
diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c
index c02b40287..894edf364 100644
--- a/src/kadmin/dbutil/kadm5_create.c
+++ b/src/kadmin/dbutil/kadm5_create.c
@@ -145,8 +145,7 @@ static char *build_name_with_realm(char *name, char *realm)
 {
      char *n;
 
-     n = (char *) malloc(strlen(name) + strlen(realm) + 2);
-     sprintf(n, "%s@%s", name, realm);
+     asprintf(&n, "%s@%s", name, realm);
      return n;
 }
 
diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c
index a9106debc..4c4408c6e 100644
--- a/src/kadmin/ktutil/ktutil_funcs.c
+++ b/src/kadmin/ktutil/ktutil_funcs.c
@@ -161,7 +161,8 @@ krb5_error_code ktutil_add(context, list, princ_str, kvno,
 	    goto cleanup;
 	}
 
-	sprintf(promptstr, "Password for %.1000s", princ_str);
+	snprintf(promptstr, sizeof(promptstr), "Password for %.1000s",
+		 princ_str);
         retval = krb5_read_password(context, promptstr, NULL, password.data,
 				    &password.length);
 	if (retval)
diff --git a/src/kadmin/passwd/xm_kpasswd.c b/src/kadmin/passwd/xm_kpasswd.c
index a55b052c3..2f0bdf9c2 100644
--- a/src/kadmin/passwd/xm_kpasswd.c
+++ b/src/kadmin/passwd/xm_kpasswd.c
@@ -116,7 +116,7 @@ motif_com_err (whoami, code, fmt, args)
     }
   if (fmt)
     {
-      vsprintf(buf + strlen(buf), fmt, args);
+      vsnprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), fmt, args);
     }
 
   XtVaSetValues(scroll_text, XmNvalue, buf, NULL);
@@ -321,7 +321,7 @@ display_intro_message(fmt_string, arg_string)
   XmString xmstr;
   char buf[1024];
 
-  sprintf(buf, fmt_string, arg_string);
+  snprintf(buf, sizeof(buf), fmt_string, arg_string);
 
   xmstr = XmStringCreateLtoR(buf, XmSTRING_DEFAULT_CHARSET);
   XtVaSetValues(main_lbl, XmNlabelString, xmstr, NULL);
diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c
index f0b704f1a..50f7b8c52 100644
--- a/src/kadmin/server/ipropd_svc.c
+++ b/src/kadmin/server/ipropd_svc.c
@@ -601,12 +601,10 @@ kiprop_get_adm_host_srv_name(krb5_context context,
     if (ret = kadm5_get_master(context, realm, &host))
 	return (ret);
 
-    name = malloc(strlen(KIPROP_SVC_NAME)+ strlen(host) + 2);
-    if (name == NULL) {
+    if (asprintf(&name, "%s@%s", KIPROP_SVC_NAME, host) < 0) {
 	free(host);
 	return (ENOMEM);
     }
-    (void) sprintf(name, "%s@%s", KIPROP_SVC_NAME, host);
     free(host);
     *host_service_name = name;