From 6d38cab0b686e49b3a72e02e29099cd491e052cb Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 5 Nov 2008 16:19:01 +0000
Subject: Convert many uses of strcpy/strcat (and sometimes sprintf) to
 accepted string-handling functions.

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c | 12 ++++++------
 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c    | 15 +++++++++------
 2 files changed, 15 insertions(+), 12 deletions(-)

(limited to 'src/plugins')

diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
index f95105678..f3cf219ca 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
@@ -125,16 +125,16 @@ krb5_ldap_readpassword(context, ldap_context, password)
 	/* Check if the entry has the path of a certificate */
 	if (!strncmp(start, "{FILE}", strlen("{FILE}"))) {
 	    /* Set *password = {FILE}<path to cert>\0<cert password> */
-	    /*ptr = strchr(start, ':');
-	      if (ptr == NULL) { */
-	    *password = (unsigned char *)malloc(strlen(start) + 2);
+	    size_t len = strlen(start);
+
+	    *password = (unsigned char *)malloc(len + 2);
 	    if (*password == NULL) {
 		st = ENOMEM;
 		goto rp_exit;
 	    }
-	    (*password)[strlen(start) + 1] = '\0';
-	    (*password)[strlen(start)] = '\0';
-	    strcpy((char *)(*password), start);
+	    memcpy((char *)(*password), start, len);
+	    (*password)[len] = '\0';
+	    (*password)[len + 1] = '\0';
 	    goto got_password;
 	} else {
 	    CT.value = (unsigned char *)start;
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 2ab23b03a..2c1ec38a7 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -3200,6 +3200,7 @@ pkinit_login(krb5_context context,
 {
     krb5_data rdat;
     char *prompt;
+    const char *warning;
     krb5_prompt kprompt;
     krb5_prompt_type prompt_type;
     int r = 0;
@@ -3208,15 +3209,17 @@ pkinit_login(krb5_context context,
 	rdat.data = NULL;
 	rdat.length = 0;
     } else {
-	if ((prompt = (char *) malloc(sizeof (tip->label) + 32)) == NULL)
-	    return ENOMEM;
-	sprintf(prompt, "%.*s PIN", sizeof (tip->label), tip->label);
 	if (tip->flags & CKF_USER_PIN_LOCKED)
-	    strcat(prompt, " (Warning: PIN locked)");
+	    warning = " (Warning: PIN locked)";
 	else if (tip->flags & CKF_USER_PIN_FINAL_TRY)
-	    strcat(prompt, " (Warning: PIN final try)");
+	    warning = " (Warning: PIN final try)";
 	else if (tip->flags & CKF_USER_PIN_COUNT_LOW)
-	    strcat(prompt, " (Warning: PIN count low)");
+	    warning = " (Warning: PIN count low)";
+	else
+	    warning = "";
+	if (asprintf(&prompt, "%.*s PIN%s", (int) sizeof (tip->label),
+		     tip->label, warning) < 0)
+	    return ENOMEM;
 	rdat.data = (char *)malloc(tip->ulMaxPinLen + 2);
 	rdat.length = tip->ulMaxPinLen + 1;
 
-- 
cgit