diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
| commit | 52571d9201c7bef4dc5ebdf14a41db1f7baddc8e (patch) | |
| tree | 9f108e05e8881ea19954b4959fdca96d47daa615 /src/lib/gssapi | |
| parent | 57913ccc175061dd41e98914d50eda56dd9685c0 (diff) | |
| download | krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.gz krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.xz krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.zip | |
Avoid use of unchecked sprintf in libraries. Use asprintf if the
output buffer is allocated according to the size of data to be
written, or snprintf otherwise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/generic/disp_major_status.c | 7 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/oid_ops.c | 12 |
2 files changed, 8 insertions, 11 deletions
diff --git a/src/lib/gssapi/generic/disp_major_status.c b/src/lib/gssapi/generic/disp_major_status.c index 218370d14..0648192a1 100644 --- a/src/lib/gssapi/generic/disp_major_status.c +++ b/src/lib/gssapi/generic/disp_major_status.c @@ -115,11 +115,8 @@ display_unknown(kind, value, buffer) { char *str; - if ((str = - (char *) xmalloc(strlen(unknown_error)+strlen(kind)+7)) == NULL) - return(0); - - sprintf(str, unknown_error, kind, value); + if (asprintf(&str, unknown_error, kind, value) < 0) + return(0); buffer->length = strlen(str); buffer->value = str; diff --git a/src/lib/gssapi/mechglue/oid_ops.c b/src/lib/gssapi/mechglue/oid_ops.c index 5c2ceb321..2dfbfeae7 100644 --- a/src/lib/gssapi/mechglue/oid_ops.c +++ b/src/lib/gssapi/mechglue/oid_ops.c @@ -249,9 +249,9 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) numshift = 0; cp = (unsigned char *) oid->elements; number = (unsigned long) cp[0]; - sprintf(numstr, "%lu ", (unsigned long)number/40); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number/40); string_length += strlen(numstr); - sprintf(numstr, "%lu ", (unsigned long)number%40); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number%40); string_length += strlen(numstr); for (i=1; i<oid->length; i++) { if ((OM_uint32) (numshift+7) < (sizeof (OM_uint32)*8)) {/* XXX */ @@ -262,7 +262,7 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) return(GSS_S_FAILURE); } if ((cp[i] & 0x80) == 0) { - sprintf(numstr, "%lu ", (unsigned long)number); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number); string_length += strlen(numstr); number = 0; numshift = 0; @@ -276,16 +276,16 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) if ((bp = (char *) malloc(string_length))) { strcpy(bp, "{ "); number = (OM_uint32) cp[0]; - sprintf(numstr, "%lu ", (unsigned long)number/40); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number/40); strcat(bp, numstr); - sprintf(numstr, "%lu ", (unsigned long)number%40); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number%40); strcat(bp, numstr); number = 0; cp = (unsigned char *) oid->elements; for (i=1; i<oid->length; i++) { number = (number << 7) | (cp[i] & 0x7f); if ((cp[i] & 0x80) == 0) { - sprintf(numstr, "%lu ", (unsigned long)number); + snprintf(numstr, sizeof(numstr), "%lu ", (unsigned long)number); strcat(bp, numstr); number = 0; } |