summaryrefslogtreecommitdiffstats
path: root/src/plugins/preauth
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/preauth')
-rw-r--r--src/plugins/preauth/cksum_body/cksum_body_main.c5
-rw-r--r--src/plugins/preauth/pkinit/pkinit_crypto_openssl.c2
-rw-r--r--src/plugins/preauth/wpse/wpse_main.c5
3 files changed, 7 insertions, 5 deletions
diff --git a/src/plugins/preauth/cksum_body/cksum_body_main.c b/src/plugins/preauth/cksum_body/cksum_body_main.c
index 66b1620b4..523951351 100644
--- a/src/plugins/preauth/cksum_body/cksum_body_main.c
+++ b/src/plugins/preauth/cksum_body/cksum_body_main.c
@@ -535,8 +535,9 @@ server_verify(krb5_context kcontext,
my_authz_data[0]->ad_type = 1;
my_authz_data[0]->length = AD_ALLOC_SIZE;
memcpy(my_authz_data[0]->contents, ad_header, sizeof(ad_header));
- sprintf(my_authz_data[0]->contents + sizeof(ad_header),
- "cksum authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
+ snprintf(my_authz_data[0]->contents + sizeof(ad_header),
+ AD_ALLOC_SIZE - sizeof(ad_header),
+ "cksum authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
*authz_data = my_authz_data;
#ifdef DEBUG
fprintf(stderr, "Returning %d bytes of authorization data\n",
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 2c1ec38a7..15bbbb85c 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -5613,6 +5613,6 @@ pkinit_pkcs11_code_to_text(int err)
break;
if (pkcs11_errstrings[i].text != NULL)
return (pkcs11_errstrings[i].text);
- sprintf(uc, "unknown code 0x%x", err);
+ snprintf(uc, sizeof(uc), "unknown code 0x%x", err);
return (uc);
}
diff --git a/src/plugins/preauth/wpse/wpse_main.c b/src/plugins/preauth/wpse/wpse_main.c
index 22dfd1322..655f2b949 100644
--- a/src/plugins/preauth/wpse/wpse_main.c
+++ b/src/plugins/preauth/wpse/wpse_main.c
@@ -333,8 +333,9 @@ server_verify(krb5_context kcontext,
my_authz_data[0]->ad_type = 1;
my_authz_data[0]->length = AD_ALLOC_SIZE;
memcpy(my_authz_data[0]->contents, ad_header, sizeof(ad_header));
- sprintf(my_authz_data[0]->contents + sizeof(ad_header),
- "wpse authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
+ snprintf(my_authz_data[0]->contents + sizeof(ad_header),
+ AD_ALLOC_SIZE - sizeof(ad_header),
+ "wpse authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
*authz_data = my_authz_data;
#ifdef DEBUG
fprintf(stderr, "Returning %d bytes of authorization data\n",
generated by cgit (git 2.34.1) at 2026-04-08 07:47:18 +0000