diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:35:24 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2007-07-12 23:35:24 +0000 |
| commit | c67c8d9e788049afcfd76709116172ac26b3c02d (patch) | |
| tree | 33dde4459bdb8e2e3b7d334a74ec33c6b304004e /src/appl | |
| parent | 83ac9cd518766c5db25bc3cdb34ee276c89770ee (diff) | |
| download | krb5-c67c8d9e788049afcfd76709116172ac26b3c02d.zip krb5-c67c8d9e788049afcfd76709116172ac26b3c02d.tar.gz krb5-c67c8d9e788049afcfd76709116172ac26b3c02d.tar.bz2 | |
Use [v]snprintf or asprintf instead of unchecked sprintf and separate allocation size calculations
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19709 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl')
| -rw-r--r-- | src/appl/bsd/v4rcp.c | 5 | ||||
| -rw-r--r-- | src/appl/telnet/telnetd/telnetd.c | 19 | ||||
| -rw-r--r-- | src/appl/telnet/telnetd/utility.c | 4 |
3 files changed, 16 insertions, 12 deletions
diff --git a/src/appl/bsd/v4rcp.c b/src/appl/bsd/v4rcp.c index 71b1b8d..3cb7b3f 100644 --- a/src/appl/bsd/v4rcp.c +++ b/src/appl/bsd/v4rcp.c @@ -812,8 +812,9 @@ void sink(argc, argv) SCREWUP("size not delimited"); if (targisdir) { if (strlen(targ) + strlen(cp) + 1 < sizeof(nambuf)) { - (void) sprintf(nambuf, "%s%s%s", targ, - *targ ? "/" : "", cp); + (void) snprintf(nambuf, sizeof(nambuf), + "%s%s%s", targ, + *targ ? "/" : "", cp); } else { SCREWUP("target directory name too long"); } diff --git a/src/appl/telnet/telnetd/telnetd.c b/src/appl/telnet/telnetd/telnetd.c index 725075d..4115b66 100644 --- a/src/appl/telnet/telnetd/telnetd.c +++ b/src/appl/telnet/telnetd/telnetd.c @@ -201,15 +201,18 @@ get_default_IM() static char banner[1024]; if (uname(&name) < 0) - sprintf(banner, "\r\nError getting hostname: %s\r\n", - strerror(errno)); + snprintf(banner, sizeof(banner), + "\r\nError getting hostname: %s\r\n", + strerror(errno)); else { #if defined(_AIX) - sprintf(banner, "\r\n %%h (%s release %s.%s) (%%t)\r\n\r\n", - name.sysname, name.version, name.release); + snprintf(banner, sizeof(banner), + "\r\n %%h (%s release %s.%s) (%%t)\r\n\r\n", + name.sysname, name.version, name.release); #else - sprintf(banner, "\r\n %%h (%s release %s %s) (%%t)\r\n\r\n", - name.sysname, name.release, name.version); + snprintf(banner, sizeof(banner), + "\r\n %%h (%s release %s %s) (%%t)\r\n\r\n", + name.sysname, name.release, name.version); #endif } return banner; @@ -966,10 +969,10 @@ static void doit(who) if (secflag) { char slave_dev[16]; /*xxx This code needs to be fixed to work without ptynum; I don't understand why they don't currently use line, so I don't really know how to fix.*/ - sprintf(tty_dev, "/dev/pty/%03d", ptynum); + snprintf(tty_dev, sizeof(tty_dev), "/dev/pty/%03d", ptynum); if (setdevs(tty_dev, &dv) < 0) fatal(net, "cannot set pty security"); - sprintf(slave_dev, "/dev/ttyp%03d", ptynum); + snprintf(slave_dev, sizeof(slave_dev), "/dev/ttyp%03d", ptynum); if (setdevs(slave_dev, &dv) < 0) fatal(net, "cannot set tty security"); } diff --git a/src/appl/telnet/telnetd/utility.c b/src/appl/telnet/telnetd/utility.c index a091d08..4a4c130 100644 --- a/src/appl/telnet/telnetd/utility.c +++ b/src/appl/telnet/telnetd/utility.c @@ -516,7 +516,7 @@ fatal(f, msg) { char buf[BUFSIZ]; - (void) sprintf(buf, "telnetd: %s.\r\n", msg); + (void) snprintf(buf, sizeof(buf), "telnetd: %s.\r\n", msg); #ifdef ENCRYPTION if (encrypt_output) { /* @@ -539,7 +539,7 @@ fatalperror(f, msg) { char buf[BUFSIZ], *strerror(); - (void) sprintf(buf, "%s: %s\r\n", msg, strerror(errno)); + (void) snprintf(buf, sizeof(buf), "%s: %s\r\n", msg, strerror(errno)); fatal(f, buf); } |