From 96512e192985a7499b521e1e0c9083b8ff5cb0c6 Mon Sep 17 00:00:00 2001 From: millert Date: Mon, 16 Sep 1996 18:48:49 +0000 Subject: [PATCH] sprintf -> snprintf paranoia --- kerberosIV/kadmind/kadm_funcs.c | 11 ++--- kerberosIV/kdb/krb_lib.c | 9 ++-- kerberosIV/kdb_edit/kdb_edit.c | 9 ++-- kerberosIV/kerberos/kerberos.c | 12 ++--- kerberosIV/kpropd/kpropd.c | 62 ++++++++++++++------------ kerberosIV/krb/klog.c | 2 +- kerberosIV/krb/kparse.c | 57 ++++++++++++----------- kerberosIV/krb/lifetime.c | 3 +- kerberosIV/krb/sendauth.c | 2 +- kerberosIV/krb/tkt_string.c | 3 +- kerberosIV/ksrvutil/ksrvutil.c | 5 ++- kerberosIV/make_keypair/make_keypair.c | 5 +-- kerberosIV/mk_cmds/utils.c | 4 +- kerberosIV/register/register.c | 7 ++- kerberosIV/registerd/registerd.c | 20 ++++----- kerberosIV/ss/help.c | 7 +-- 16 files changed, 118 insertions(+), 100 deletions(-) diff --git a/kerberosIV/kadmind/kadm_funcs.c b/kerberosIV/kadmind/kadm_funcs.c index 5bed94d0591..0768b2d4069 100644 --- a/kerberosIV/kadmind/kadm_funcs.c +++ b/kerberosIV/kadmind/kadm_funcs.c @@ -1,4 +1,4 @@ -/* $Id: kadm_funcs.c,v 1.1.1.1 1995/12/14 06:52:49 tholo Exp $ */ +/* $Id: kadm_funcs.c,v 1.2 1996/09/16 18:48:49 millert Exp $ */ /*- * Copyright (C) 1989 by the Massachusetts Institute of Technology @@ -38,17 +38,18 @@ check_access(char *pname, char *pinst, char *prealm, enum acl_types acltype) char checkname[MAX_K_NAME_SZ]; char filename[MAXPATHLEN]; - (void) sprintf(checkname, "%s.%s@%s", pname, pinst, prealm); + (void) snprintf(checkname, sizeof(checkname), "%s.%s@%s", pname, pinst, + prealm); switch (acltype) { case ADDACL: - (void) sprintf(filename, "%s%s", acldir, ADD_ACL_FILE); + (void) snprintf(filename, sizeof(filename), "%s%s", acldir, ADD_ACL_FILE); break; case GETACL: - (void) sprintf(filename, "%s%s", acldir, GET_ACL_FILE); + (void) snprintf(filename, sizeof(filename), "%s%s", acldir, GET_ACL_FILE); break; case MODACL: - (void) sprintf(filename, "%s%s", acldir, MOD_ACL_FILE); + (void) snprintf(filename, sizeof(filename), "%s%s", acldir, MOD_ACL_FILE); break; } return(acl_check(filename, checkname)); diff --git a/kerberosIV/kdb/krb_lib.c b/kerberosIV/kdb/krb_lib.c index f5d963490ae..7763e455cf2 100644 --- a/kerberosIV/kdb/krb_lib.c +++ b/kerberosIV/kdb/krb_lib.c @@ -1,4 +1,4 @@ -/* $Id: krb_lib.c,v 1.1.1.1 1995/12/14 06:52:36 tholo Exp $ */ +/* $Id: krb_lib.c,v 1.2 1996/09/16 18:48:51 millert Exp $ */ /*- * Copyright (C) 1989 by the Massachusetts Institute of Technology @@ -143,9 +143,10 @@ kerb_put_principal(principal, n) /* and mod date string */ tp = k_localtime(&principal->mod_date); - (void) sprintf(principal->mod_date_txt, "%4d-%2d-%2d", - tp->tm_year > 1900 ? tp->tm_year : tp->tm_year + 1900, - tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ + (void) snprintf(principal->mod_date_txt, sizeof(principal->mod_date_txt), + "%4d-%2d-%2d", + tp->tm_year > 1900 ? tp->tm_year : tp->tm_year + 1900, + tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ #ifdef DEBUG if (kerb_debug & 1) { int i; diff --git a/kerberosIV/kdb_edit/kdb_edit.c b/kerberosIV/kdb_edit/kdb_edit.c index 7d79d3f3cd7..256a39a8d2f 100644 --- a/kerberosIV/kdb_edit/kdb_edit.c +++ b/kerberosIV/kdb_edit/kdb_edit.c @@ -1,4 +1,4 @@ -/* $Id: kdb_edit.c,v 1.1.1.1 1995/12/14 06:52:42 tholo Exp $ */ +/* $Id: kdb_edit.c,v 1.2 1996/09/16 18:48:53 millert Exp $ */ /*- * Copyright 1987, 1988 by the Student Information Processing Board @@ -130,9 +130,10 @@ change_principal(void) principal_data[0].key_version = 0; /* bumped up later */ } tp = k_localtime(&principal_data[0].exp_date); - (void) sprintf(principal_data[0].exp_date_txt, "%4d-%02d-%02d", - tp->tm_year > 1900 ? tp->tm_year : tp->tm_year + 1900, - tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ + (void) snprintf(principal_data[0].exp_date_txt, + sizeof(principal_data[0].exp_date_txt), "%4d-%02d-%02d", + tp->tm_year > 1900 ? tp->tm_year : tp->tm_year + 1900, + tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ for (i = 0; i < j; i++) { for (;;) { fprintf(stdout, diff --git a/kerberosIV/kerberos/kerberos.c b/kerberosIV/kerberos/kerberos.c index a87d11c3eab..1fbcead9aad 100644 --- a/kerberosIV/kerberos/kerberos.c +++ b/kerberosIV/kerberos/kerberos.c @@ -1,4 +1,4 @@ -/* $Id: kerberos.c,v 1.1.1.1 1995/12/14 06:52:52 tholo Exp $ */ +/* $Id: kerberos.c,v 1.2 1996/09/16 18:48:54 millert Exp $ */ /*- * Copyright 1987, 1988 by the Student Information Processing Board @@ -140,7 +140,9 @@ hang(void) pause(); } else { char buf[256]; - sprintf(buf, "Kerberos will wait %d seconds before dying so as not to loop init", pause_int); + (void) snprintf(buf, sizeof(buf), + "Kerberos will wait %d seconds before dying so as not to loop init", + pause_int); klog(L_KRB_PERR, buf); sleep(pause_int); klog(L_KRB_PERR, "Do svedania....\n"); @@ -165,9 +167,9 @@ strtime(time_t *t) char *month_sname(int n); tm = localtime(t); - (void) sprintf(st,"%2d-%s-%02d %02d:%02d:%02d",tm->tm_mday, - month_sname(tm->tm_mon + 1),tm->tm_year, - tm->tm_hour, tm->tm_min, tm->tm_sec); + (void) snprintf(st, sizeof(st_data), "%2d-%s-%02d %02d:%02d:%02d", + tm->tm_mday, month_sname(tm->tm_mon + 1), tm->tm_year, + tm->tm_hour, tm->tm_min, tm->tm_sec); return st; } diff --git a/kerberosIV/kpropd/kpropd.c b/kerberosIV/kpropd/kpropd.c index 4e27c37fc3a..b2a97227a0c 100644 --- a/kerberosIV/kpropd/kpropd.c +++ b/kerberosIV/kpropd/kpropd.c @@ -1,4 +1,4 @@ -/* $Id: kpropd.c,v 1.2 1995/12/14 08:43:50 tholo Exp $ */ +/* $Id: kpropd.c,v 1.3 1996/09/16 18:48:56 millert Exp $ */ /*- * Copyright 1987 by the Massachusetts Institute of Technology. @@ -68,20 +68,21 @@ recv_auth (int in, int out, int private, struct sockaddr_in *remote, struct sock n = krb_net_read (in, (char *)&length, sizeof length); if (n == 0) break; if (n < 0) { - sprintf (errmsg, "kpropd: read: %s", strerror(errno)); + snprintf (errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); klog (L_KRB_PERR, errmsg); SlowDeath(); } length = ntohl (length); if (length > sizeof buf) { - sprintf (errmsg, "kpropd: read length %ld, bigger than buf %d", - length, (int)(sizeof(buf))); + snprintf (errmsg, sizeof(errmsg), + "kpropd: read length %ld, bigger than buf %d", + length, (int)(sizeof(buf))); klog (L_KRB_PERR, errmsg); SlowDeath(); } n = krb_net_read(in, buf, length); if (n < 0) { - sprintf(errmsg, "kpropd: read: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } @@ -92,7 +93,7 @@ recv_auth (int in, int out, int private, struct sockaddr_in *remote, struct sock kerror = krb_rd_safe (buf, n, &ad->session, remote, local, &msg_data); if (kerror != KSUCCESS) { - sprintf (errmsg, "kpropd: %s: %s", + snprintf (errmsg, sizeof(errmsg), "kpropd: %s: %s", private ? "krb_rd_priv" : "krb_rd_safe", krb_err_txt[kerror]); klog (L_KRB_PERR, errmsg); @@ -100,7 +101,7 @@ recv_auth (int in, int out, int private, struct sockaddr_in *remote, struct sock } if (write(out, msg_data.app_data, msg_data.app_length) != msg_data.app_length) { - sprintf(errmsg, "kpropd: write: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: write: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } @@ -116,12 +117,12 @@ recv_clear (int in, int out) n = read (in, buf, sizeof buf); if (n == 0) break; if (n < 0) { - sprintf (errmsg, "kpropd: read: %s", strerror(errno)); + snprintf (errmsg, sizeof(errmsg), "kpropd: read: %s", strerror(errno)); klog (L_KRB_PERR, errmsg); SlowDeath(); } if (write(out, buf, n) != n) { - sprintf(errmsg, "kpropd: write: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: write: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } @@ -204,12 +205,12 @@ main(int argc, char **argv) sin.sin_family = AF_INET; if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - sprintf(errmsg, "kpropd: socket: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: socket: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } if (bind(s, (struct sockaddr*)&sin, sizeof sin) < 0) { - sprintf(errmsg, "kpropd: bind: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: bind: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } @@ -217,7 +218,7 @@ main(int argc, char **argv) if (!rflag) { kerror = krb_get_lrealm(my_realm,1); if (kerror != KSUCCESS) { - sprintf (errmsg, "kpropd: Can't get local realm. %s", + snprintf(errmsg, sizeof(errmsg), "kpropd: Can't get local realm. %s", krb_err_txt[kerror]); klog (L_KRB_PERR, errmsg); SlowDeath(); @@ -234,7 +235,7 @@ main(int argc, char **argv) for (;;) { from_len = sizeof from; if ((s2 = accept(s, (struct sockaddr *) &from, &from_len)) < 0) { - sprintf(errmsg, "kpropd: accept: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: accept: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); continue; } @@ -246,7 +247,8 @@ main(int argc, char **argv) strcpy(hostname, hp->h_name); } - sprintf(errmsg, "Connection from %s, %s", hostname, from_str); + snprintf(errmsg, sizeof(errmsg), "Connection from %s, %s", hostname, + from_str); klog(L_KRB_PERR, errmsg); /* for krb_rd_{priv, safe} */ @@ -262,17 +264,17 @@ main(int argc, char **argv) } if ((fdlock = open(local_temp, O_WRONLY | O_CREAT, 0600)) < 0) { - sprintf(errmsg, "kpropd: open: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: open: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } if (flock(fdlock, LOCK_EX | LOCK_NB)) { - sprintf(errmsg, "kpropd: flock: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: flock: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } if ((fd = creat(local_temp, 0600)) < 0) { - sprintf(errmsg, "kpropd: creat: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: creat: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } @@ -283,7 +285,7 @@ main(int argc, char **argv) } if (strncmp (buf, kprop_version, sizeof (kprop_version)) != 0) { - sprintf (errmsg, "kpropd: unsupported version %s", buf); + snprintf (errmsg, sizeof(errmsg), "kpropd: unsupported version %s", buf); klog (L_KRB_PERR, errmsg); SlowDeath(); } @@ -304,14 +306,14 @@ main(int argc, char **argv) session_sched, version); if (kerror != KSUCCESS) { - sprintf (errmsg, "kpropd: %s: Calling getkdata", - krb_err_txt[kerror]); + snprintf (errmsg, sizeof(errmsg), "kpropd: %s: Calling getkdata", + krb_err_txt[kerror]); klog (L_KRB_PERR, errmsg); SlowDeath(); } - sprintf (errmsg, "kpropd: Connection from %s.%s@%s", - auth_dat.pname, auth_dat.pinst, auth_dat.prealm); + snprintf (errmsg, sizeof(errmsg), "kpropd: Connection from %s.%s@%s", + auth_dat.pname, auth_dat.pinst, auth_dat.prealm); klog (L_KRB_PERR, errmsg); /* AUTHORIZATION is done here. We might want to expand this to @@ -342,7 +344,8 @@ main(int argc, char **argv) recv_clear (s2, fd); break; default: - sprintf (errmsg, "kpropd: bad transfer mode %d", transfer_mode); + snprintf (errmsg, sizeof(errmsg), "kpropd: bad transfer mode %d", + transfer_mode); klog (L_KRB_PERR, errmsg); SlowDeath(); } @@ -372,20 +375,21 @@ main(int argc, char **argv) klog(L_KRB_PERR, "File received."); if (rename(local_temp, local_file) < 0) { - sprintf(errmsg, "kpropd: rename: %s", strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: rename: %s", strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } klog(L_KRB_PERR, "Temp file renamed to %s", local_file); if (flock(fdlock, LOCK_UN)) { - sprintf(errmsg, "kpropd: flock (unlock): %s", - strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: flock (unlock): %s", + strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } close(fdlock); - sprintf(cmd, "%s load %s %s\n", kdb_util_path, local_file, local_db); + snprintf(cmd, sizeof(cmd), "%s load %s %s\n", kdb_util_path, local_file, + local_db); if (system (cmd) != 0) { klog (L_KRB_PERR, "Couldn't load database"); SlowDeath(); @@ -406,8 +410,8 @@ unsigned long get_data_checksum(fd, key_sched) while (n = read(fd, buf, sizeof buf)) { if (n < 0) { - sprintf(errmsg, "kpropd: read (in checksum test): %s", - strerror(errno)); + snprintf(errmsg, sizeof(errmsg), "kpropd: read (in checksum test): %s", + strerror(errno)); klog(L_KRB_PERR, errmsg); SlowDeath(); } diff --git a/kerberosIV/krb/klog.c b/kerberosIV/krb/klog.c index 5e7ea6c7e50..feb6c55e41f 100644 --- a/kerberosIV/krb/klog.c +++ b/kerberosIV/krb/klog.c @@ -90,7 +90,7 @@ klog(type, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a0) logtype_array[L_ERR_UNK] = 1; } - (void) sprintf(logtxt,format,a1,a2,a3,a4,a5,a6,a7,a8,a9,a0); + (void) snprintf(logtxt,sizeof(logtxt),format,a1,a2,a3,a4,a5,a6,a7,a8,a9,a0); if (!logtype_array[type]) return(logtxt); diff --git a/kerberosIV/krb/kparse.c b/kerberosIV/krb/kparse.c index 1e23482a040..1ff9af282fe 100644 --- a/kerberosIV/krb/kparse.c +++ b/kerberosIV/krb/kparse.c @@ -108,8 +108,8 @@ fGetParameterSet(fp, parm, parmcount) for (i=0; i= parmcount) { - sprintf(ErrorMsg, "unrecognized keyword \"%s\" found", - keyword); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "unrecognized keyword \"%s\" found", keyword); return(PS_BAD_KEYWORD); } break; default: - sprintf(ErrorMsg, + snprintf(ErrorMsg, sizeof(ErrorMsg), "panic: bad return (%d) from fGetToken()",rc); break; } @@ -213,14 +213,16 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) return(KV_EOF); case GTOK_BAD_QSTRING: - sprintf(ErrorMsg,"unterminated string \"%s found",keyword); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "unterminated string \"%s found",keyword); return(KV_SYNTAX); case GTOK_PUNK: if (strcmp("\n",keyword)==0) { return(KV_EOL); } else if (strcmp(",",keyword)!=0) { - sprintf(ErrorMsg,"expecting rvalue, found \'%s\'",keyword); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting rvalue, found \'%s\'", keyword); } break; @@ -231,7 +233,8 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) break; default: - sprintf(ErrorMsg,"panic: bad return (%d) from fGetToken()",rc); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "panic: bad return (%d) from fGetToken()", rc); return(KV_SYNTAX); } @@ -253,9 +256,9 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) break; case GTOK_BAD_QSTRING: - sprintf(ErrorMsg, - "expecting \'=\', found unterminated string \"%s", - value); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting \'=\', found unterminated string \"%s", + value); return(KV_SYNTAX); case GTOK_PUNK: @@ -263,11 +266,12 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) gotit = TRUE; } else { if (strcmp("\n",value)==0) { - sprintf(ErrorMsg,"expecting \"=\", found newline"); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting \"=\", found newline"); fUngetChar('\n',fp); } else { - sprintf(ErrorMsg, - "expecting rvalue, found \'%s\'",keyword); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting rvalue, found \'%s\'",keyword); } return(KV_SYNTAX); } @@ -276,16 +280,17 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) case GTOK_STRING: case GTOK_QSTRING: case GTOK_NUMBER: - sprintf(ErrorMsg,"expecting \'=\', found \"%s\"",value); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting \'=\', found \"%s\"", value); return(KV_SYNTAX); case GTOK_EOF: - sprintf(ErrorMsg,"expecting \'=\', found EOF"); + snprintf(ErrorMsg, sizeof(ErrorMsg), "expecting \'=\', found EOF"); return(KV_SYNTAX); default: - sprintf(ErrorMsg, - "panic: bad return (%d) from fGetToken()",rc); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "panic: bad return (%d) from fGetToken()",rc); return(KV_SYNTAX); } @@ -306,20 +311,22 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) break; case GTOK_EOF: - sprintf(ErrorMsg,"expecting rvalue, found EOF"); + snprintf(ErrorMsg, sizeof(ErrorMsg), "expecting rvalue, found EOF"); return(KV_SYNTAX); case GTOK_BAD_QSTRING: - sprintf(ErrorMsg,"unterminated quoted string \"%s",value); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "unterminated quoted string \"%s", value); return(KV_SYNTAX); case GTOK_PUNK: if (strcmp("\n",value)==0) { - sprintf(ErrorMsg,"expecting rvalue, found newline"); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting rvalue, found newline"); fUngetChar('\n',fp); } else { - sprintf(ErrorMsg, - "expecting rvalue, found \'%s\'",value); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "expecting rvalue, found \'%s\'",value); } return(KV_SYNTAX); break; @@ -331,8 +338,8 @@ fGetKeywordValue(fp, keyword, klen, value, vlen) return(KV_OKAY); default: - sprintf(ErrorMsg, - "panic: bad return (%d) from fGetToken()",rc); + snprintf(ErrorMsg, sizeof(ErrorMsg), + "panic: bad return (%d) from fGetToken()",rc); return(KV_SYNTAX); } diff --git a/kerberosIV/krb/lifetime.c b/kerberosIV/krb/lifetime.c index e91d5b09e2e..bc23027cd87 100644 --- a/kerberosIV/krb/lifetime.c +++ b/kerberosIV/krb/lifetime.c @@ -185,7 +185,8 @@ krb_life_to_atime(life) when /= 60; hours = when%24; when /= 24; - sprintf(atime, "%d+%02d:%02d:%02d", (int)when, hours, mins, secs); + snprintf(atime, sizeof(atime), "%d+%02d:%02d:%02d", (int)when, hours, + mins, secs); return(atime); } diff --git a/kerberosIV/krb/sendauth.c b/kerberosIV/krb/sendauth.c index 3aa157df14e..847b69c51a2 100644 --- a/kerberosIV/krb/sendauth.c +++ b/kerberosIV/krb/sendauth.c @@ -171,7 +171,7 @@ krb_sendauth(options, fd, ticket, service, inst, realm, checksum, #ifdef ATHENA_COMPAT /* this is only for compatibility with old servers */ if (options & KOPT_DO_OLDSTYLE) { - (void) sprintf(buf,"%d ",ticket->length); + (void) snprintf(buf, sizeof(buf), "%d ", ticket->length); (void) write(fd, buf, strlen(buf)); (void) write(fd, (char *) ticket->dat, ticket->length); return(rem); diff --git a/kerberosIV/krb/tkt_string.c b/kerberosIV/krb/tkt_string.c index 74e50cfa192..7b6e68467a9 100644 --- a/kerberosIV/krb/tkt_string.c +++ b/kerberosIV/krb/tkt_string.c @@ -62,7 +62,8 @@ tkt_string() } else { /* 32 bits of signed integer will always fit in 11 characters (including the sign), so no need to worry about overflow */ - (void) sprintf(krb_ticket_string, "%s%d",TKT_ROOT,(int)getuid()); + (void) snprintf(krb_ticket_string, sizeof(krb_ticket_string), + "%s%d", TKT_ROOT, (int)getuid()); } } return krb_ticket_string; diff --git a/kerberosIV/ksrvutil/ksrvutil.c b/kerberosIV/ksrvutil/ksrvutil.c index 32486110522..cf03e2ccfd1 100644 --- a/kerberosIV/ksrvutil/ksrvutil.c +++ b/kerberosIV/ksrvutil/ksrvutil.c @@ -1,4 +1,4 @@ -/* $Id: ksrvutil.c,v 1.2 1995/12/14 08:43:56 tholo Exp $ */ +/* $Id: ksrvutil.c,v 1.3 1996/09/16 18:49:03 millert Exp $ */ /*- * Copyright (C) 1989 by the Massachusetts Institute of Technology @@ -325,7 +325,8 @@ main(int argc, char **argv) (void) bzero((char *)backup_keyfile, sizeof(backup_keyfile)); (void) bzero((char *)local_realm, sizeof(local_realm)); - (void) sprintf(change_tkt, "/tmp/tkt_ksrvutil.%d", (int)getpid()); + (void) snprintf(change_tkt, sizeof(change_tkt), "/tmp/tkt_ksrvutil.%d", + (int)getpid()); krb_set_tkt_string(change_tkt); /* This is used only as a default for adding keys */ diff --git a/kerberosIV/make_keypair/make_keypair.c b/kerberosIV/make_keypair/make_keypair.c index b25f1545f43..2b669504535 100644 --- a/kerberosIV/make_keypair/make_keypair.c +++ b/kerberosIV/make_keypair/make_keypair.c @@ -1,4 +1,4 @@ -/* $Id: make_keypair.c,v 1.2 1995/12/29 09:49:55 tholo Exp $ */ +/* $Id: make_keypair.c,v 1.3 1996/09/16 18:49:04 millert Exp $ */ /*- * Copyright (c) 1988, 1993 @@ -109,8 +109,7 @@ make_key(addr) char namebuf[255]; int fd; - (void)sprintf(namebuf, "%s", - inet_ntoa(addr)); + (void)snprintf(namebuf, sizeof(namebuf), "%s", inet_ntoa(addr)); fd = open(namebuf, O_WRONLY|O_CREAT, 0600); if (fd < 0) { perror("open"); diff --git a/kerberosIV/mk_cmds/utils.c b/kerberosIV/mk_cmds/utils.c index c15d33bbf5e..d9d4648a614 100644 --- a/kerberosIV/mk_cmds/utils.c +++ b/kerberosIV/mk_cmds/utils.c @@ -1,4 +1,4 @@ -/* $Id: utils.c,v 1.1.1.1 1995/12/14 06:52:48 tholo Exp $ */ +/* $Id: utils.c,v 1.2 1996/09/16 18:49:05 millert Exp $ */ /*- * Copyright 1987, 1988 by MIT Student Information Processing Board @@ -71,7 +71,7 @@ char * generate_rqte(func_name, info_string, cmds, options) size += strlen(var_name)+7; /* "quux, " */ size += strlen(func_name)+7; /* "foo, " */ size += strlen(info_string)+9; /* "\"Info!\", " */ - sprintf(numbuf, "%d", options); + snprintf(numbuf, sizeof(numbuf), "%d", options); size += strlen(numbuf); size += 4; /* " }," + NL */ string = malloc(size * sizeof(char *)); diff --git a/kerberosIV/register/register.c b/kerberosIV/register/register.c index 3928fefa9c2..7b2bbadc8bc 100644 --- a/kerberosIV/register/register.c +++ b/kerberosIV/register/register.c @@ -1,4 +1,4 @@ -/* $Id: register.c,v 1.3 1996/09/04 05:10:23 deraadt Exp $ */ +/* $Id: register.c,v 1.4 1996/09/16 18:49:06 millert Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -279,9 +279,8 @@ setup_key(local) char namebuf[MAXPATHLEN]; extern int errno; - (void) sprintf(namebuf, "%s%s", - CLIENT_KEYFILE, - inet_ntoa(local.sin_addr)); + (void) snprintf(namebuf, sizeof(namebuf), "%s%s", CLIENT_KEYFILE, + inet_ntoa(local.sin_addr)); fd = open(namebuf, O_RDONLY); if (fd < 0) { diff --git a/kerberosIV/registerd/registerd.c b/kerberosIV/registerd/registerd.c index 535434f7290..7b0bdac5ff4 100644 --- a/kerberosIV/registerd/registerd.c +++ b/kerberosIV/registerd/registerd.c @@ -1,4 +1,4 @@ -/* $Id: registerd.c,v 1.3 1996/04/17 07:23:35 tholo Exp $ */ +/* $Id: registerd.c,v 1.4 1996/09/16 18:49:07 millert Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -106,27 +106,26 @@ main(argc, argv) /* get encryption key */ - (void) sprintf(keyfile, "%s/%s", - SERVER_KEYDIR, - inet_ntoa(sina.sin_addr)); + (void) snprintf(keyfile, sizeof(keyfile), "%s/%s", + SERVER_KEYDIR, inet_ntoa(sina.sin_addr)); if ((kf = open(keyfile, O_RDONLY)) < 0) { syslog(LOG_ERR, "error opening Kerberos update keyfile (%s): %m", keyfile); - (void) sprintf(msgbuf, - "couldn't open session keyfile for your host"); + (void) snprintf(msgbuf, sizeof(msgbuf), + "couldn't open session keyfile for your host"); send_packet(msgbuf, CLEAR); exit(1); } if (read(kf, keybuf, KBUFSIZ) != KBUFSIZ) { syslog(LOG_ERR, "wrong read size of Kerberos update keyfile"); - (void) sprintf(msgbuf, + (void) snprintf(msgbuf, sizeof(msgbuf), "couldn't read session key from your host's keyfile"); send_packet(msgbuf, CLEAR); exit(1); } - (void) sprintf(msgbuf, GOTKEY_MSG); + (void) snprintf(msgbuf, sizeof(msgbuf), GOTKEY_MSG); send_packet(msgbuf, CLEAR); kfile = (struct keyfile_data *) keybuf; key_sched(&kfile->kf_key, schedule); @@ -159,10 +158,11 @@ main(argc, argv) code = (u_char) retval; if (code != KSUCCESS) { - (void) sprintf(msgbuf, "%s", krb_err_txt[code]); + (void) snprintf(msgbuf, sizeof(msgbuf), "%s", + krb_err_txt[code]); send_packet(msgbuf, RCRYPT); } else { - (void) sprintf(msgbuf, "Update complete."); + (void) snprintf(msgbuf, sizeof(msgbuf), "Update complete."); send_packet(msgbuf, RCRYPT); } cleanup(); diff --git a/kerberosIV/ss/help.c b/kerberosIV/ss/help.c index 64d94f0e0d5..bde376f1d53 100644 --- a/kerberosIV/ss/help.c +++ b/kerberosIV/ss/help.c @@ -1,4 +1,4 @@ -/* $Id: help.c,v 1.1.1.1 1995/12/14 06:52:47 tholo Exp $ */ +/* $Id: help.c,v 1.2 1996/09/16 18:49:08 millert Exp $ */ /*- * Copyright 1987, 1988 by the Student Information Processing Board @@ -56,8 +56,9 @@ ss_help (argc, argv, sci_idx, info_ptr) } else if (argc != 2) { /* should do something better than this */ - sprintf(buffer, "usage:\n\t%s [topic|command]\nor\t%s\n", - request_name, request_name); + snprintf(buffer, sizeof(buffer), + "usage:\n\t%s [topic|command]\nor\t%s\n", + request_name, request_name); ss_perror(sci_idx, 0, buffer); return; } -- 2.20.1