Avoid use of unchecked sprintf in libraries. Use asprintf if the

output buffer is allocated according to the size of data to be written, or snprintf otherwise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19703 dc483132-0cff-0310-8789-dd5450dbe970
author: Ken Raeburn <raeburn@mit.edu> 2007-07-12 23:33:25 +0000
committer: Ken Raeburn <raeburn@mit.edu> 2007-07-12 23:33:25 +0000
commit: 52571d9201c7bef4dc5ebdf14a41db1f7baddc8e (patch)
tree: 9f108e05e8881ea19954b4959fdca96d47daa615 /src/lib/kadm5/srv/server_kdb.c
parent: 57913ccc175061dd41e98914d50eda56dd9685c0 (diff)
download: krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.zip
krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.gz
krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.bz2
1 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c
index 6392ef1..700b53a 100644
--- a/src/lib/kadm5/srv/server_kdb.c
+++ b/src/lib/kadm5/srv/server_kdb.c
@@ -113,11 +113,10 @@ krb5_error_code kdb_init_hist(kadm5_server_handle_t handle, char *r)
 	realm = r;
     }
 
-    if ((hist_name = (char *) malloc(strlen(KADM5_HIST_PRINCIPAL) +
-				     strlen(realm) + 2)) == NULL)
+    if (asprintf(&hist_name, "%s@%s", KADM5_HIST_PRINCIPAL, realm) < 0) {
+	hist_name = NULL;
 	goto done;
-
-    (void) sprintf(hist_name, "%s@%s", KADM5_HIST_PRINCIPAL, realm);
+    }
 
     if ((ret = krb5_parse_name(handle->context, hist_name, &hist_princ)))
 	goto done;
author	Ken Raeburn <raeburn@mit.edu>	2007-07-12 23:33:25 +0000
committer	Ken Raeburn <raeburn@mit.edu>	2007-07-12 23:33:25 +0000
commit	52571d9201c7bef4dc5ebdf14a41db1f7baddc8e (patch)
tree	9f108e05e8881ea19954b4959fdca96d47daa615 /src/lib/kadm5/srv/server_kdb.c
parent	57913ccc175061dd41e98914d50eda56dd9685c0 (diff)
download	krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.zip krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.gz krb5-52571d9201c7bef4dc5ebdf14a41db1f7baddc8e.tar.bz2