diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:33:25 +0000 |
| commit | 52571d9201c7bef4dc5ebdf14a41db1f7baddc8e (patch) | |
| tree | 9f108e05e8881ea19954b4959fdca96d47daa615 /src/lib/krb4 | |
| parent | 57913ccc175061dd41e98914d50eda56dd9685c0 (diff) | |
Avoid use of unchecked sprintf in libraries. Use asprintf if the
output buffer is allocated according to the size of data to be
written, or snprintf otherwise.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb4')
| -rw-r--r-- | src/lib/krb4/CCache-glue.c | 2 | ||||
| -rw-r--r-- | src/lib/krb4/RealmsConfig-glue.c | 2 | ||||
| -rw-r--r-- | src/lib/krb4/klog.c | 2 | ||||
| -rw-r--r-- | src/lib/krb4/password_to_key.c | 14 | ||||
| -rw-r--r-- | src/lib/krb4/stime.c | 6 | ||||
| -rw-r--r-- | src/lib/krb4/tkt_string.c | 3 |
6 files changed, 15 insertions, 14 deletions
diff --git a/src/lib/krb4/CCache-glue.c b/src/lib/krb4/CCache-glue.c index 2ccbb153a..a078c9f69 100644 --- a/src/lib/krb4/CCache-glue.c +++ b/src/lib/krb4/CCache-glue.c @@ -93,7 +93,7 @@ krb_in_tkt ( err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (err == ccNoError) { - sprintf (principal, "%s%s%s@%s", pname, (pinst [0] == '\0') ? "" : ".", pinst, realm); + snprintf (principal, sizeof(principal), "%s%s%s@%s", pname, (pinst [0] == '\0') ? "" : ".", pinst, realm); } if (err == ccNoError) { diff --git a/src/lib/krb4/RealmsConfig-glue.c b/src/lib/krb4/RealmsConfig-glue.c index 740d881c4..df663adb5 100644 --- a/src/lib/krb4/RealmsConfig-glue.c +++ b/src/lib/krb4/RealmsConfig-glue.c @@ -473,7 +473,7 @@ krb_get_krbhst( return KFAILURE; if (strlen(entry->host) + 6 >= MAXHOSTNAMELEN) return KFAILURE; - sprintf(host, "%s:%d", entry->host, entry->port); + snprintf(host, MAXHOSTNAMELEN, "%s:%d", entry->host, entry->port); return KSUCCESS; } #endif diff --git a/src/lib/krb4/klog.c b/src/lib/krb4/klog.c index da48efeb2..4e9661a89 100644 --- a/src/lib/krb4/klog.c +++ b/src/lib/krb4/klog.c @@ -91,7 +91,7 @@ char * klog(type,format,a1,a2,a3,a4,a5,a6,a7,a8,a9,a0) logtype_array[L_ERR_UNK] = 1; } - (void) sprintf(logtxt,format,a1,a2,a3,a4,a5,a6,a7,a8,a9,a0); + (void) snprintf(logtxt,sizeof(logtxt),format,a1,a2,a3,a4,a5,a6,a7,a8,a9,a0); if (!logtype_array[type]) return(logtxt); diff --git a/src/lib/krb4/password_to_key.c b/src/lib/krb4/password_to_key.c index c6e60d98c..d5ca7a5cc 100644 --- a/src/lib/krb4/password_to_key.c +++ b/src/lib/krb4/password_to_key.c @@ -35,6 +35,8 @@ #include "krb.h" #include "krb4int.h" +#include "k5-platform.h" + /* * passwd_to_key(): given a password, return a DES key. * There are extra arguments here which (used to be?) @@ -107,17 +109,15 @@ krb5_passwd_to_key( char *passwd, C_Block key) { - size_t len, tlen; char *p; if (user && instance && realm && passwd) { - len = MAX_K_NAME_SZ + strlen(passwd) + 1; - tlen = strlen(passwd) + strlen(realm) + strlen(user) + strlen(instance) + 1; - if (tlen > len) + if (strlen(realm) + strlen(user) + strlen(instance) > MAX_K_NAME_SZ) + /* XXX Is this right? The old code returned 0, which is + also what it returns after sucessfully generating a + key. The other error path returns -1. */ return 0; - p = malloc (tlen); - if (p != NULL) { - sprintf (p, "%s%s%s%s", passwd, realm, user, instance); + if (asprintf(&p, "%s%s%s%s", passwd, realm, user, instance) >= 0) { des_string_to_key (p, key); free (p); return 0; diff --git a/src/lib/krb4/stime.c b/src/lib/krb4/stime.c index 92c86895e..f73c6f520 100644 --- a/src/lib/krb4/stime.c +++ b/src/lib/krb4/stime.c @@ -49,9 +49,9 @@ char *krb_stime(t) adjusted_time = *t - CONVERT_TIME_EPOCH; tm = localtime(&adjusted_time); - (void) sprintf(st,"%2d-%s-%d %02d:%02d:%02d",tm->tm_mday, - month_sname(tm->tm_mon + 1),1900+tm->tm_year, - tm->tm_hour, tm->tm_min, tm->tm_sec); + (void) snprintf(st,sizeof(st),"%2d-%s-%d %02d:%02d:%02d",tm->tm_mday, + month_sname(tm->tm_mon + 1),1900+tm->tm_year, + tm->tm_hour, tm->tm_min, tm->tm_sec); return st; } diff --git a/src/lib/krb4/tkt_string.c b/src/lib/krb4/tkt_string.c index 123596ca2..f6ed927b7 100644 --- a/src/lib/krb4/tkt_string.c +++ b/src/lib/krb4/tkt_string.c @@ -74,7 +74,8 @@ const char *tkt_string() } else { /* 32 bits of signed integer will always fit in 11 characters (including the sign), so no need to worry about overflow */ - (void) sprintf(krb_ticket_string, "%s%d",TKT_ROOT,(int) getuid()); + (void) snprintf(krb_ticket_string, sizeof(krb_ticket_string), + "%s%d",TKT_ROOT,(int) getuid()); } } return krb_ticket_string; |