* the rlogind or rshd. Set the environment variable as well.
*/
- sprintf(ccname, "FILE:/tmp/krb5cc_p%ld", (long) getpid());
+ snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_p%ld", (long) getpid());
setenv("KRB5CCNAME", ccname, 1);
retval = krb5_cc_resolve(context, ccname, ccache);
fprintf(stderr, "can't connect to %s port 0\n", hname);
return -1;
}
- sprintf(rport_buf, "%d", ntohs(rport));
+ snprintf(rport_buf, sizeof(rport_buf), "%d", ntohs(rport));
memset(&aihints, 0, sizeof(aihints));
aihints.ai_socktype = SOCK_STREAM;
aihints.ai_flags = AI_CANONNAME;
FD_SET(s, &xfds);
listen(s2, 1);
FD_SET(s2, &rfds);
- (void) sprintf(num, "%d", *lportp);
+ (void) snprintf(num, sizeof(num), "%d", *lportp);
slen = strlen(num)+1;
if (write(s, num, slen) != slen) {
perror("write: setting up stderr");
char *targ, *host, *src;
char *suser, *tuser, *thost;
int i;
- unsigned int cmdsiz = 30;
char buf[RCP_BUFSIZ], cmdbuf[30];
char *cmd = cmdbuf;
struct servent *sp;
}
#ifdef KERBEROS
- if (krb_realm != NULL)
- cmdsiz += strlen(krb_realm);
- if (krb_cache != NULL)
- cmdsiz += strlen(krb_cache);
- if (krb_config != NULL)
- cmdsiz += strlen(krb_config);
-
- if ((cmd = (char *)malloc(cmdsiz)) == NULL) {
+ if (asprintf(&cmd, "%srcp %s%s%s%s%s%s%s%s%s",
+ encryptflag ? "-x " : "",
+
+ iamrecursive ? " -r" : "", pflag ? " -p" : "",
+ targetshouldbedirectory ? " -d" : "",
+ krb_realm != NULL ? " -k " : "",
+ krb_realm != NULL ? krb_realm : "",
+ krb_cache != NULL ? " -c " : "",
+ krb_cache != NULL ? krb_cache : "",
+ krb_config != NULL ? " -C " : "",
+ krb_config != NULL ? krb_config : "") < 0) {
fprintf(stderr, "rcp: Cannot malloc.\n");
exit(1);
}
- (void) sprintf(cmd, "%srcp %s%s%s%s%s%s%s%s%s",
- encryptflag ? "-x " : "",
-
- iamrecursive ? " -r" : "", pflag ? " -p" : "",
- targetshouldbedirectory ? " -d" : "",
- krb_realm != NULL ? " -k " : "",
- krb_realm != NULL ? krb_realm : "",
- krb_cache != NULL ? " -c " : "",
- krb_cache != NULL ? krb_cache : "",
- krb_config != NULL ? " -C " : "",
- krb_config != NULL ? krb_config : "");
#else /* !KERBEROS */
- (void) sprintf(cmd, "rcp%s%s%s",
- iamrecursive ? " -r" : "", pflag ? " -p" : "",
- targetshouldbedirectory ? " -d" : "");
+ (void) snprintf(cmd, sizeof(cmdbuf), "rcp%s%s%s",
+ iamrecursive ? " -r" : "", pflag ? " -p" : "",
+ targetshouldbedirectory ? " -d" : "");
#endif /* KERBEROS */
#ifdef POSIX_SIGNALS
suser = pwd->pw_name;
else if (!okname(suser))
continue;
- (void) sprintf(buf,
+ (void) snprintf(buf, sizeof(buf),
#if defined(hpux) || defined(__hpux)
- "remsh %s -l %s -n %s %s '%s%s%s:%s'",
+ "remsh %s -l %s -n %s %s '%s%s%s:%s'",
#else
- "rsh %s -l %s -n %s %s '%s%s%s:%s'",
+ "rsh %s -l %s -n %s %s '%s%s%s:%s'",
#endif
- host, suser, cmd, src,
- tuser ? tuser : "",
- tuser ? "@" : "",
+ host, suser, cmd, src,
+ tuser ? tuser : "",
+ tuser ? "@" : "",
thost, targ);
} else
- (void) sprintf(buf,
+ (void) snprintf(buf, sizeof(buf),
#if defined(hpux) || defined(__hpux)
- "remsh %s -n %s %s '%s%s%s:%s'",
+ "remsh %s -n %s %s '%s%s%s:%s'",
#else
- "rsh %s -n %s %s '%s%s%s:%s'",
+ "rsh %s -n %s %s '%s%s%s:%s'",
#endif
argv[i], cmd, src,
tuser ? tuser : "",
} else { /* local to remote */
krb5_creds *cred;
if (rem == -1) {
- (void) sprintf(buf, "%s -t %s",
- cmd, targ);
+ (void) snprintf(buf, sizeof(buf), "%s -t %s",
+ cmd, targ);
host = thost;
#ifdef KERBEROS
authopts = AP_OPTS_MUTUAL_REQUIRED;
}
}
if (src == 0) { /* local to local */
- (void) sprintf(buf, "/bin/cp%s%s %s %s",
- iamrecursive ? " -r" : "",
- pflag ? " -p" : "",
- argv[i], argv[argc - 1]);
+ (void) snprintf(buf, sizeof(buf), "/bin/cp%s%s %s %s",
+ iamrecursive ? " -r" : "",
+ pflag ? " -p" : "",
+ argv[i], argv[argc - 1]);
(void) susystem(buf);
} else { /* remote to local */
krb5_creds *cred;
host = argv[i];
suser = pwd->pw_name;
}
- (void) sprintf(buf, "%s -f %s", cmd, src);
+ (void) snprintf(buf, sizeof(buf), "%s -f %s", cmd, src);
#ifdef KERBEROS
authopts = AP_OPTS_MUTUAL_REQUIRED;
status = kcmd(&sock, &host,
* Make it compatible with possible future
* versions expecting microseconds.
*/
- (void) sprintf(buf, "T%ld 0 %ld 0\n",
- stb.st_mtime, stb.st_atime);
+ (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n",
+ stb.st_mtime, stb.st_atime);
(void) rcmd_stream_write(rem, buf, strlen(buf), 0);
if (response() < 0) {
(void) close(f);
continue;
}
}
- (void) sprintf(buf, "C%04o %ld %s\n",
- (int) stb.st_mode&07777, (long ) stb.st_size, last);
+ (void) snprintf(buf, sizeof(buf), "C%04o %ld %s\n",
+ (int) stb.st_mode&07777, (long ) stb.st_size, last);
(void) rcmd_stream_write(rem, buf, strlen(buf), 0);
if (response() < 0) {
(void) close(f);
else
last++;
if (pflag) {
- (void) sprintf(buf, "T%ld 0 %ld 0\n",
- statp->st_mtime, statp->st_atime);
+ (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n",
+ statp->st_mtime, statp->st_atime);
(void) rcmd_stream_write(rem, buf, strlen(buf), 0);
if (response() < 0) {
closedir(d);
return;
}
}
- (void) sprintf(buf, "D%04lo %d %s\n", (long) statp->st_mode&07777, 0,
- last);
+ (void) snprintf(buf, sizeof(buf), "D%04lo %d %s\n",
+ (long) statp->st_mode&07777, 0, last);
(void) rcmd_stream_write(rem, buf, strlen(buf), 0);
if (response() < 0) {
closedir(d);
error("%s/%s: Name too long.\n", name, dp->d_name);
continue;
}
- (void) sprintf(buf, "%s/%s", name, dp->d_name);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", name, dp->d_name);
bufv[0] = buf;
source(1, bufv);
}
if (targisdir) {
if(strlen(targ) + strlen(cp) + 2 >= sizeof(nambuf))
SCREWUP("target name too long");
- (void) sprintf(nambuf, "%s%s%s", targ,
- *targ ? "/" : "", cp);
+ (void) snprintf(nambuf, sizeof(nambuf), "%s%s%s", targ,
+ *targ ? "/" : "", cp);
} else {
if (strlen(targ) + 1 >= sizeof (nambuf))
SCREWUP("target name too long");
errs++;
*cp++ = 1;
- (void) vsprintf(cp, fmt, ap);
+ (void) vsnprintf(cp, sizeof(buf) - (cp - buf), fmt, ap);
va_end(ap);
if (iamremote)
if (ospeed >= 50)
/* On some systems, ospeed is the baud rate itself,
not a table index. */
- sprintf (term + strlen (term), "%d", ospeed);
+ snprintf (term + strlen (term),
+ sizeof(term) - strlen(term), "%d", ospeed);
else if (ospeed >= sizeof(speeds)/sizeof(char*))
/* Past end of table, but not high enough to
look like a real speed. */
/*
* Problems read failed ...
*/
- sprintf(buferror, "Cannot read slave pty %s ",line);
+ snprintf(buferror, sizeof(buferror), "Cannot read slave pty %s ",line);
fatalperror(p,buferror);
}
close(syncpipe[0]);
#if defined(KERBEROS)
if (do_encrypt) {
if (rcmd_stream_write(f, SECURE_MESSAGE, sizeof(SECURE_MESSAGE), 0) < 0){
- sprintf(buferror, "Cannot encrypt-write network.");
+ snprintf(buferror, sizeof(buferror),
+ "Cannot encrypt-write network.");
fatal(p,buferror);
}
}
/*
* Problems write failed ...
*/
- sprintf(buferror,"Cannot write slave pty %s ",line);
+ snprintf(buferror, sizeof(buferror), "Cannot write slave pty %s ",
+ line);
fatalperror(f,buferror);
}
#endif
buf[0] = '\01'; /* error indicator */
- (void) sprintf(buf + 1, "%s: %s.\r\n",progname, msg);
+ (void) snprintf(buf + 1, sizeof(buf) - 1, "%s: %s.\r\n", progname, msg);
if ((f == netf) && (pid > 0))
(void) rcmd_stream_write(f, buf, strlen(buf), 0);
else
{
char buf[512];
- (void) sprintf(buf, "%s: %s", msg, error_message(errno));
+ (void) snprintf(buf, sizeof(buf), "%s: %s", msg, error_message(errno));
fatal(f, buf);
}
if (ticket)
krb5_free_ticket(bsd_context, ticket);
- if (krusername)
- msg_fail = (char *)malloc(strlen(krusername) + strlen(lusername) + 80);
- if (!msg_fail)
- fatal(netf, "User is not authorized to login to specified account");
-
if (auth_sent)
- sprintf(msg_fail, "Access denied because of improper credentials");
+ fatal(netf, "Access denied because of improper credentials");
+ else if (asprintf(&msg_fail,
+ "User %s is not authorized to login to account %s",
+ krusername, lusername) >= 0)
+ fatal(netf, msg_fail);
else
- sprintf(msg_fail, "User %s is not authorized to login to account %s",
- krusername, lusername);
-
- fatal(netf, msg_fail);
+ fatal(netf, "User is not authorized to login to specified account");
/* NOTREACHED */
}
Key_schedule v4_schedule;
#endif
#include <k5-util.h>
+#include <k5-platform.h>
#ifdef HAVE_PATHS_H
#include <paths.h>
privileges. */
if (port) {
/* Place entry into wtmp */
- sprintf(ttyn,"krsh%ld",(long) (getpid() % 9999999));
+ snprintf(ttyn,sizeof(ttyn),"krsh%ld",(long) (getpid() % 9999999));
pty_logwtmp(ttyn,locuser,sane_host);
}
/* We are simply execing a program over rshd : log entry into wtmp,
strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
strncat(shell, pwd->pw_shell, sizeof(shell)-7);
strncat(username, pwd->pw_name, sizeof(username)-6);
- path = (char *) malloc(strlen(kprogdir) + strlen(path_rest) + 7);
- if (path == NULL) {
+ if (asprintf(&path, "PATH=%s:%s", kprogdir, path_rest) < 0) {
perror("malloc");
_exit(1);
}
- sprintf(path, "PATH=%s:%s", kprogdir, path_rest);
envinit[PATHENV] = path;
/* If we have KRB5CCNAME set, then copy into the
*/
if (getenv("KRB5CCNAME")) {
int i;
- char *buf2 = (char *)malloc(strlen(getenv("KRB5CCNAME"))
- +strlen("KRB5CCNAME=")+1);
- if (buf2) {
- sprintf(buf2, "KRB5CCNAME=%s",getenv("KRB5CCNAME"));
+ char *buf2;
+ if (asprintf(&buf2, "KRB5CCNAME=%s",getenv("KRB5CCNAME")) >= 0) {
for (i = 0; envinit[i]; i++);
envinit[i] = buf2;
NI_NUMERICHOST | NI_NUMERICSERV);
if (aierr)
goto skip_localaddr_env;
- sprintf(local_addr, "KRB5LOCALADDR=%s", hbuf);
+ snprintf(local_addr, sizeof(local_addr), "KRB5LOCALADDR=%s", hbuf);
envinit[i++] =local_addr;
- sprintf(local_port, "KRB5LOCALPORT=%s", sbuf);
+ snprintf(local_port, sizeof(local_port), "KRB5LOCALPORT=%s", sbuf);
envinit[i++] =local_port;
skip_localaddr_env:
NI_NUMERICHOST | NI_NUMERICSERV);
if (aierr)
goto skip_remoteaddr_env;
- sprintf(remote_addr, "KRB5REMOTEADDR=%s", hbuf);
+ snprintf(remote_addr, sizeof(remote_addr), "KRB5REMOTEADDR=%s", hbuf);
envinit[i++] =remote_addr;
- sprintf(remote_port, "KRB5REMOTEPORT=%s", sbuf);
+ snprintf(remote_port, sizeof(remote_port), "KRB5REMOTEPORT=%s", sbuf);
envinit[i++] =remote_port;
skip_remoteaddr_env:
char *buf2;
if(getenv(save_env[cnt])) {
- buf2 = (char *)malloc(strlen(getenv(save_env[cnt]))
- +strlen(save_env[cnt])+2);
- if (buf2) {
- sprintf(buf2, "%s=%s", save_env[cnt],
- getenv(save_env[cnt]));
+ if (asprintf(&buf2, "%s=%s", save_env[cnt],
+ getenv(save_env[cnt])) >= 0) {
for (i = 0; envinit[i]; i++);
envinit[i] = buf2;
}
#endif
*cp++ = 1;
- (void) sprintf(cp, "%s: ", progname);
- (void) vsprintf(buf+strlen(buf), fmt, ap);
+ (void) snprintf(cp, sizeof(buf) - (cp - buf), "%s: ", progname);
+ (void) vsnprintf(buf+strlen(buf), sizeof(buf) - strlen(buf), fmt, ap);
va_end(ap);
(void) write(2, buf, strlen(buf));
syslog(LOG_ERR ,"%s",buf+1);
register char *endc, *tdp = &tmpdir[strlen(tmpdir)];
register int i;
- sprintf(tdp, "%s/jtmp.%06d", JTMPDIR, jid);
+ snprintf(tdp, sizeof(tmpdir) - (tdp - tmpdir), "%s/jtmp.%06d",
+ JTMPDIR, jid);
endc = &tmpdir[strlen(tmpdir)];
endc[1] = '\0';
#endif
buf[0] = '\01'; /* error indicator */
- (void) sprintf(buf + 1, "%s: %s.\r\n",progname, msg);
+ (void) snprintf(buf + 1, sizeof(buf) - 1, "%s: %s.\r\n",progname, msg);
if ((f == netf) && (pid > 0))
(void) rcmd_stream_write(f, buf, strlen(buf), 0);
else
/* Set up the credential cache environment variable */
if (!getenv(KRB5_ENV_CCNAME)) {
- sprintf(ccfile, "FILE:/tmp/krb5cc_p%ld", (long) getpid());
+ snprintf(ccfile, sizeof(ccfile), "FILE:/tmp/krb5cc_p%ld",
+ (long) getpid());
setenv(KRB5_ENV_CCNAME, ccfile, 1);
krb5_cc_set_default_name(kcontext, ccfile);
unlink(ccfile+strlen("FILE:"));
{
krb5_error_code code;
char prompt[255];
- sprintf(prompt,"Password for %s", username);
+ snprintf(prompt, sizeof(prompt), "Password for %s", username);
/* reduce opportunities to be swapped out */
code = krb5_read_password(kcontext, prompt, 0, user_pwstring, &pwsize);
if (hostname) {
char buf[BUFSIZ];
#ifdef UT_HOSTSIZE
- (void) sprintf(buf,
+ (void) snprintf(buf, sizeof(buf),
"ROOT LOGIN (krb) %s from %.*s, %s.%s@%s",
tty, UT_HOSTSIZE, hostname,
kdata->pname, kdata->pinst,
kdata->prealm);
#else
- (void) sprintf(buf,
+ (void) snprintf(buf, sizeof(buf),
"ROOT LOGIN (krb) %s from %s, %s.%s@%s",
tty, hostname,
kdata->pname, kdata->pinst,
{
char tbuf[MAXPATHLEN+2];
struct stat st;
- (void)sprintf(tbuf, "%s/%s", MAILDIR, pwd->pw_name);
+ (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", MAILDIR, pwd->pw_name);
if (stat(tbuf, &st) == 0 && st.st_size != 0)
printf("You have %smail.\n",
(st.st_mtime > st.st_atime) ? "new " : "");
case 'P': /* Set port to use. */
port = atoi(*argv);
- sprintf(portarg, " -p%d", port);
- sprintf(rcpportarg, " -P%d", port);
+ snprintf(portarg, sizeof(portarg), " -p%d", port);
+ snprintf(rcpportarg, sizeof(rcpportarg), " -P%d",
+ port);
port = htons(port);
goto next_arg;
usage();
strncpy(krb_realm,*argv,REALM_SZ);
krb_realm[REALM_SZ-1] = 0;
- sprintf(realmarg, " -k %s", krb_realm);
+ snprintf(realmarg, sizeof(realmarg), " -k %s",
+ krb_realm);
goto next_arg;
#endif /* KERBEROS */
/* The rest of these are not for users. */
* Make it compatible with possible future
* versions expecting microseconds.
*/
- (void) sprintf(buf, "T%ld 0 %ld 0\n",
- stb.st_mtime, stb.st_atime);
+ (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n",
+ stb.st_mtime, stb.st_atime);
kstream_write (krem, buf, strlen (buf));
if (response() < 0) {
(void) close(f);
continue;
}
}
- (void) sprintf(buf, "C%04o %ld %s\n",
- (unsigned int) stb.st_mode&07777, (long) stb.st_size, last);
+ (void) snprintf(buf, sizeof(buf), "C%04o %ld %s\n",
+ (unsigned int) stb.st_mode&07777,
+ (long) stb.st_size, last);
kstream_write (krem, buf, strlen (buf));
if (response() < 0) {
(void) close(f);
else
last++;
if (pflag) {
- (void) sprintf(buf, "T%ld 0 %ld 0\n",
- statp->st_mtime, statp->st_atime);
+ (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n",
+ statp->st_mtime, statp->st_atime);
kstream_write (krem, buf, strlen (buf));
if (response() < 0) {
closedir(d);
return;
}
}
- (void) sprintf(buf, "D%04o %d %s\n",
+ (void) sprintf(buf, sizeof(buf), "D%04o %d %s\n",
(unsigned int) statp->st_mode&07777, 0, last);
kstream_write (krem, buf, strlen (buf));
if (response() < 0) {
error("%s/%s: Name too long.\n", name, dp->d_name);
continue;
}
- (void) sprintf(buf, "%s/%s", name, dp->d_name);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", name, dp->d_name);
bufv[0] = buf;
source(1, bufv);
}
static void
parse_oid(char *mechanism, gss_OID * oid)
{
- char *mechstr = 0, *cp;
+ char *mechstr = 0;
gss_buffer_desc tok;
OM_uint32 maj_stat, min_stat;
+ size_t i, mechlen = strlen(mechanism);
if (isdigit((int) mechanism[0])) {
- mechstr = malloc(strlen(mechanism) + 5);
+ mechstr = malloc(mechlen + 5);
if (!mechstr) {
fprintf(stderr, "Couldn't allocate mechanism scratch!\n");
return;
}
- sprintf(mechstr, "{ %s }", mechanism);
- for (cp = mechstr; *cp; cp++)
- if (*cp == '.')
- *cp = ' ';
+ mechstr[0] = '{';
+ mechstr[1] = ' ';
+ for (i = 0; i < mechlen; i++)
+ mechstr[i + 2] = (mechanism[i] == '.') ? ' ' : mechanism[i];
+ mechstr[mechlen + 2] = ' ';
+ mechstr[mechlen + 3] = ' ';
+ mechstr[mechlen + 4] = '\0';
tok.value = mechstr;
} else
tok.value = mechanism;
}
oldintr = signal(SIGINT, cmdabort);
va_start(ap, fmt);
- vsprintf(in, fmt, ap);
+ vsnprintf(in, FTP_BUFSIZ, fmt, ap);
va_end(ap);
again: if (secure_command(in) == 0)
return(0);
for (trial = 0; trial < n_gss_trials; trial++) {
/* ftp@hostname first, the host@hostname */
/* the V5 GSSAPI binding canonicalizes this for us... */
- sprintf(stbuf, "%s@%s", gss_trials[trial].service_name, hostname);
+ snprintf(stbuf, sizeof(stbuf), "%s@%s",
+ gss_trials[trial].service_name, hostname);
if (debug)
fprintf(stderr, "Trying to authenticate to <%s>\n", stbuf);
* send IAC in urgent mode instead of DM because 4.3BSD places oob mark
* after urgent byte rather than before as is protocol now
*/
- sprintf(buf, "%c%c%c", IAC, IP, IAC);
+ snprintf(buf, sizeof(buf), "%c%c%c", IAC, IP, IAC);
if (send(SOCKETNO(fileno(cout)), buf, 3, MSG_OOB) != 3)
PERROR_SOCKET("abort");
putc(DM, cout);
hdir = getenv("HOME");
if (hdir == NULL)
hdir = ".";
- (void) sprintf(buf, "%s/.netrc", hdir);
+ (void) snprintf(buf, sizeof(buf), "%s/.netrc", hdir);
cfile = fopen(buf, "r");
if (cfile == NULL) {
if (errno != ENOENT)
syslog(LOG_ERR, "user: username too long");
name = "[username too long]";
}
- sprintf(buf, "GSSAPI user %s is%s authorized as %s",
+ snprintf(buf, sizeof(buf),
+ "GSSAPI user %s is%s authorized as %s",
(char *) client_name.value,
authorized ? "" : " not",
name);
syslog(LOG_ERR, "user: username too long");
name = "[username too long]";
}
- sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
+ snprintf(buf, sizeof(buf),
+ "Kerberos user %s%s%s@%s is%s authorized as %s",
kdata.pname, *kdata.pinst ? "." : "",
kdata.pinst, kdata.prealm,
authorized ? "" : " not", name);
return 0;
my_creds.client = me;
- sprintf(ccname, "FILE:/tmp/krb5cc_ftpd%ld", (long) getpid());
+ snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_ftpd%ld",
+ (long) getpid());
if (krb5_cc_resolve(kcontext, ccname, &ccache))
return(0);
if (krb5_cc_initialize(kcontext, ccache, me))
if (krb_get_lrealm(realm, 1) != KSUCCESS)
goto nuke_ccache;
- sprintf(ccname, "%s_ftpd%ld", TKT_ROOT, (long) getpid());
+ snprintf(ccname, sizeof(ccname), "%s_ftpd%ld", TKT_ROOT,
+ (long) getpid());
krb_set_tkt_string(ccname);
if (krb_get_pw_in_tkt(name, "", realm, "krbtgt", realm, 1, passwd))
(void) initgroups(pw->pw_name, pw->pw_gid);
/* open wtmp before chroot */
- (void) sprintf(ttyline, "ftp%ld", (long) getpid());
+ (void) snprintf(ttyline, sizeof(ttyline), "ftp%ld", (long) getpid());
pty_logwtmp(ttyline, pw->pw_name, rhost_sane);
logged_in = 1;
if (guest) {
reply(230, "Guest login ok, access restrictions apply.");
#ifdef SETPROCTITLE
- sprintf(proctitle, "%s: anonymous/%.*s", rhost_sane,
- sizeof(proctitle) - strlen(rhost_sane) -
- sizeof(": anonymous/"), passwd);
+ snprintf(proctitle, sizeof(proctitle), "%s: anonymous/%.*s",
+ rhost_sane, passwd);
setproctitle(proctitle);
#endif /* SETPROCTITLE */
if (logging)
reply(230, "User %s logged in.", pw->pw_name);
}
#ifdef SETPROCTITLE
- sprintf(proctitle, "%s: %s", rhost_sane, pw->pw_name);
+ snprintf(proctitle, sizeof(proctitle), "%s: %s",
+ rhost_sane, pw->pw_name);
setproctitle(proctitle);
#endif /* SETPROCTITLE */
if (logging)
reply(501, "filename too long");
return;
}
- (void) sprintf(line, cmd, name), name = line;
+ (void) snprintf(line, sizeof(line), cmd, name), name = line;
fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose;
st.st_size = -1;
#ifndef NOSTBLKSIZE
byte_count = 0;
if (size != (off_t) -1)
/* cast size to long in case sizeof(off_t) > sizeof(long) */
- (void) sprintf (sizebuf, " (%ld bytes)", (long)size);
+ (void) snprintf (sizebuf, sizeof(sizebuf), " (%ld bytes)",
+ (long)size);
else
sizebuf[0] = '\0';
if (pdata >= 0) {
reply(501, "filename too long");
return;
}
- (void) sprintf(line, "/bin/ls -lgA %s", filename);
+ (void) snprintf(line, sizeof(line), "/bin/ls -lgA %s", filename);
fin = ftpd_popen(line, "r");
lreply(211, "status of %s:", filename);
p = str;
lreply(211, "%s FTP server status:", hostname);
reply(0, " %s", version);
- sprintf(str, " Connected to %s", remotehost[0] ? remotehost : "");
- sprintf(&str[strlen(str)], " (%s)", rhost_addra);
+ snprintf(str, sizeof(str), " Connected to %s (%s)",
+ remotehost[0] ? remotehost : "", rhost_addra);
reply(0, "%s", str);
if (auth_type) reply(0, " Authentication type: %s", auth_type);
if (logged_in) {
else
reply(0, " Waiting for user name");
reply(0, " Protection level: %s", levelnames[dlevel]);
- sprintf(str, " TYPE: %s", typenames[type]);
- if (type == TYPE_A || type == TYPE_E)
- sprintf(&str[strlen(str)], ", FORM: %s", formnames[form]);
+ snprintf(str, sizeof(str), " TYPE: %s", typenames[type]);
+ if (type == TYPE_A || type == TYPE_E) {
+ snprintf(&str[strlen(str)], sizeof(str) - strlen(str),
+ ", FORM: %s", formnames[form]);
+ }
if (type == TYPE_L)
-#if 1
strncat(str, " 8", sizeof (str) - strlen(str) - 1);
-#else
-/* this is silly. -- eichin@cygnus.com */
-#if NBBY == 8
- sprintf(&str[strlen(str)], " %d", NBBY);
-#else
- sprintf(&str[strlen(str)], " %d", bytesize); /* need definition! */
-#endif
-#endif
- sprintf(&str[strlen(str)], "; STRUcture: %s; transfer MODE: %s",
- strunames[stru], modenames[mode]);
+ snprintf(&str[strlen(str)], sizeof(str) - strlen(str),
+ "; STRUcture: %s; transfer MODE: %s",
+ strunames[stru], modenames[mode]);
reply(0, "%s", str);
if (data != -1)
strlcpy(str, " Data connection open", sizeof(str));
va_list ap;
va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
+ vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
#else
- sprintf(buf, fmt, p0, p1, p2, p3, p4, p5);
+ snprintf(buf, sizeof(buf), fmt, p0, p1, p2, p3, p4, p5);
#endif
if (auth_type) {
*/
char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
int length = 0, kerror;
- if (n) sprintf(in, "%d%c", n, cont_char);
+ if (n) snprintf(in, sizeof(in), "%d%c", n, cont_char);
else in[0] = '\0';
strncat(in, buf, sizeof (in) - strlen(in) - 1);
#ifdef KRB5_KRB4_COMPAT
va_list ap;
va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
+ vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
#else
- sprintf(buf, fmt, p0, p1, p2, p3, p4, p5);
+ snprintf(buf, sizeof(buf), fmt, p0, p1, p2, p3, p4, p5);
#endif
cont_char = '-';
reply(n, "%s", buf);
exit(1);
}
#ifdef SETPROCTITLE
- sprintf(proctitle, "%s: connected", rhost_sane);
+ snprintf(proctitle, sizeof(proctitle), "%s: connected", rhost_sane);
setproctitle(proctitle);
#endif /* SETPROCTITLE */
cp = new + strlen(new);
*cp++ = '.';
for (count = 1; count < 100; count++) {
- (void) sprintf(cp, "%d", count);
+ (void) snprintf(cp, sizeof(new) - (cp - new), "%d", count);
if (stat(new, &st) < 0)
return(new);
}
localname[sizeof(localname) - 1] = '\0';
for (gservice = gss_services; *gservice; gservice++) {
- sprintf(service_name, "%s@%s", *gservice, localname);
+ snprintf(service_name, sizeof(service_name),
+ "%s@%s", *gservice, localname);
name_buf.value = service_name;
name_buf.length = strlen(name_buf.value) + 1;
if (debug)
ret = -2; /* XXX */
goto data_err;
}
- sprintf(nbuf, "%s/%s", dirname, dir->d_name);
+ snprintf(nbuf, sizeof(nbuf), "%s/%s",
+ dirname, dir->d_name);
/*
* We have to do a stat to insure it's
if (krb5_parse_name(kcontext, name, &me))
return;
- sprintf(ccname, "FILE:/tmp/krb5cc_ftpd%ld", (long) getpid());
+ snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_ftpd%ld",
+ (long) getpid());
if (krb5_cc_resolve(kcontext, ccname, &ccache))
return;
if (krb5_cc_initialize(kcontext, ccache, me))
if (krb524_convert_creds_kdc(kcontext, v5creds, &v4creds))
goto cleanup;
- sprintf(ccname, "%s_ftpd%ld", TKT_ROOT, (long) getpid());
+ snprintf(ccname, sizeof(ccname), "%s_ftpd%ld",
+ TKT_ROOT, (long) getpid());
krb_set_tkt_string(ccname);
if (in_tkt(v4creds.pname, v4creds.pinst) != KSUCCESS)
return PTY_GETPTY_FSTAT;
}
ptynum = (int)(stb.st_rdev&0xFF);
- sprintf(slavebuf, "/dev/ttyp%x", ptynum);
+ snprintf(slavebuf, sizeof(slavebuf), "/dev/ttyp%x", ptynum);
if (strlen(slavebuf) > slavelength - 1) {
close(*fd);
*fd = -1;
return 0;
} else {
for (cp = "pqrstuvwxyzPQRST";*cp; cp++) {
- sprintf(slavebuf,"/dev/ptyXX");
+ snprintf(slavebuf,sizeof(slavebuf),"/dev/ptyXX");
slavebuf[sizeof("/dev/pty") - 1] = *cp;
slavebuf[sizeof("/dev/ptyp") - 1] = '0';
if (stat(slavebuf, &stb) < 0)
cp = tty + len - 2;
else
cp = tty;
- sprintf(utmp_id, "kr%s", cp);
+ snprintf(utmp_id, sizeof(utmp_id), "kr%s", cp);
strncpy(utx.ut_id, utmp_id, sizeof(utx.ut_id));
#ifdef HAVE_SETUTXENT
}
/* Get client name */
+ repbuf[sizeof(repbuf) - 1] = '\0';
retval = krb5_unparse_name(context, ticket->enc_part2->client, &cname);
if (retval){
syslog(LOG_ERR, "unparse failed: %s", error_message(retval));
- sprintf(repbuf, "You are <unparse error>\n");
+ strncpy(repbuf, "You are <unparse error>\n", sizeof(repbuf) - 1);
} else {
- sprintf(repbuf, "You are %s\n", cname);
+ strncpy(repbuf, "You are ", sizeof(repbuf) - 1);
+ strncat(repbuf, cname, sizeof(repbuf) - 1 - strlen(repbuf));
+ strncat(repbuf, "\n", sizeof(repbuf) - 1 - strlen(repbuf));
free(cname);
}
xmitlen = htons(strlen(repbuf));
buf[buflen-2] = '*';
buflen -= 2;
for (; cnt > 0; cnt--, data++) {
- sprintf((char *)tbuf, " %d", *data);
+ snprintf((char *)tbuf, sizeof(tbuf), " %d", *data);
for (cp = tbuf; *cp && buflen > 0; --buflen)
*buf++ = *cp++;
if (buflen <= 0)
switch(data[2]) {
case FB64_IV:
- sprintf(lbuf, "%s_IV", type);
+ snprintf(lbuf, sizeof(lbuf), "%s_IV", type);
cp = lbuf;
goto common;
case FB64_IV_OK:
- sprintf(lbuf, "%s_IV_OK", type);
+ snprintf(lbuf, sizeof(lbuf), "%s_IV_OK", type);
cp = lbuf;
goto common;
case FB64_IV_BAD:
- sprintf(lbuf, "%s_IV_BAD", type);
+ snprintf(lbuf, sizeof(lbuf), "%s_IV_BAD", type);
cp = lbuf;
goto common;
default:
- sprintf(lbuf, " %d (unknown)", data[2]);
+ snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[2]);
cp = lbuf;
common:
for (; (buflen > 0) && (*buf = *cp++); buf++)
buflen--;
for (i = 3; i < cnt; i++) {
- sprintf(lbuf, " %d", data[i]);
+ snprintf(lbuf, sizeof(lbuf), " %d", data[i]);
for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++)
buflen--;
}
buf[buflen-2] = '*';
buflen -= 2;;
for (; cnt > 0; cnt--, data++) {
- sprintf(tbuf, " %d", *data);
+ snprintf(tbuf, sizeof(tbuf), " %d", *data);
for (cp = tbuf; *cp && buflen > 0; --buflen)
*buf++ = *cp++;
if (buflen <= 0)
if ((retval = krb5_rd_cred(context, auth_context, inbuf, &creds, NULL)))
return(retval);
- sprintf(ccname, "FILE:/tmp/krb5cc_p%ld", (long) getpid());
+ snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_p%ld", (long) getpid());
setenv("KRB5CCNAME", ccname, 1);
if ((retval = krb5_cc_resolve(context, ccname, &ccache)))
goto common2;
default:
- sprintf(lbuf, " %d (unknown)", data[3]);
+ snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]);
strncpy((char *)buf, lbuf, buflen);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
- sprintf(lbuf, " %d", data[i]);
+ snprintf(lbuf, sizeof(lbuf), " %d", data[i]);
strncpy((char *)buf, lbuf, buflen);
BUMP(buf, buflen);
}
ticket->server,0)->length] = '\0';
if (strcmp("host", princ)) {
if(strlen(princ) < sizeof(errbuf) - 39) {
- (void) sprintf(errbuf, "incorrect service name: \"%s\" != \"host\"",
+ (void) snprintf(errbuf, sizeof(errbuf), "incorrect service name: \"%s\" != \"host\"",
princ);
} else {
- (void) sprintf(errbuf, "incorrect service name: principal != \"host\"");
+ (void) snprintf(errbuf, sizeof(errbuf), "incorrect service name: principal != \"host\"");
}
goto errout;
}
#endif /* FORWARD */
default:
- sprintf(lbuf, " %d (unknown)", data[3]);
+ snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]);
strncpy((char *)buf, lbuf, buflen);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
- sprintf(lbuf, " %d", data[i]);
+ snprintf(lbuf, sizeof(lbuf), " %d", data[i]);
strncpy((char *)buf, lbuf, buflen);
BUMP(buf, buflen);
}
goto common2;
default:
- sprintf(lbuf, " %d (unknown)", data[3]);
+ snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]);
strncpy((char *)buf, lbuf, buflen);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
- sprintf(lbuf, " %d", data[i]);
+ snprintf(lbuf, sizeof(lbuf), " %d", data[i]);
strncpy((char *)buf, lbuf, buflen);
BUMP(buf, buflen);
}
env_init()
{
extern char **environ;
- register char **epp, *cp;
- register struct env_lst *ep;
+ char **epp, *cp;
+ struct env_lst *ep;
for (epp = environ; *epp; epp++) {
if ((cp = strchr(*epp, '='))) {
gethostname(hbuf, 256);
hbuf[256] = '\0';
- cp = (char *)malloc(strlen(hbuf) + strlen(cp2) + 1);
- sprintf((char *)cp, "%s%s", hbuf, cp2);
+ asprintf(&cp, "%s%s", hbuf, cp2);
free(ep->value);
ep->value = (unsigned char *)cp;
}
#include <libtelnet/misc-proto.h>
#endif /* defined(AUTHENTICATION) || defined(ENCRYPTION) */
+#include <k5-platform.h>
+
static int is_unique (char *, char **, char **);
\f
name = gettermname();
len = strlen(name) + 4 + 2;
if (len < NETROOM()) {
- sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE,
- TELQUAL_IS, name, IAC, SE);
+ snprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
+ IAC, SB, TELOPT_TTYPE, TELQUAL_IS, name, IAC, SE);
ring_supply_data(&netoring, temp, len);
printsub('>', &temp[2], len-2);
} else {
TerminalSpeeds(&ispeed, &o_speed);
- sprintf((char *)temp, "%c%c%c%c%ld,%ld%c%c", IAC, SB, TELOPT_TSPEED,
- TELQUAL_IS, o_speed, ispeed, IAC, SE);
+ snprintf((char *)temp, sizeof(temp), "%c%c%c%c%ld,%ld%c%c", IAC,
+ SB, TELOPT_TSPEED, TELQUAL_IS, o_speed, ispeed, IAC, SE);
len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */
if (len < NETROOM()) {
send_wont(TELOPT_XDISPLOC, 1);
break;
}
- sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC,
- TELQUAL_IS, dp, IAC, SE);
+ snprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
+ IAC, SB, TELOPT_XDISPLOC, TELQUAL_IS, dp, IAC, SE);
len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */
if (len < NETROOM()) {
#include <libtelnet/encrypt.h>
#endif
+#include <k5-platform.h>
+
FILE *NetTrace = 0; /* Not in bss, since needs to stay */
int prettydump;
}
{
char tbuf[64];
- sprintf(tbuf, "%s%s%s%s%s",
+ snprintf(tbuf, sizeof(tbuf), "%s%s%s%s%s",
pointer[2]&MODE_EDIT ? "|EDIT" : "",
pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "",
pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
slcchange = 0;
if (getit)
init_termbuf();
- (void) sprintf((char *)slcbuf, "%c%c%c%c",
- IAC, SB, TELOPT_LINEMODE, LM_SLC);
+ (void) snprintf((char *)slcbuf, sizeof(slcbuf), "%c%c%c%c",
+ IAC, SB, TELOPT_LINEMODE, LM_SLC);
slcptr = slcbuf + 4;
} /* end of start_slc */
*bufp = &slcbuf[4];
return(slcptr - slcbuf - 4);
} else {
- (void) sprintf((char *)slcptr, "%c%c", IAC, SE);
- slcptr += 2;
+ *slcptr++ = IAC;
+ *slcptr++ = SE;
+ *slcptr = 0;
len = slcptr - slcbuf;
netwrite(slcbuf, len);
netflush(); /* force it out immediately */
*/
if ((i = open(INIT_FIFO, O_WRONLY)) < 0) {
char tbuf[128];
- (void) sprintf(tbuf, "Can't open %s\n", INIT_FIFO);
+ (void) snprintf(tbuf, sizeof(tbuf), "Can't open %s\n",
+ INIT_FIFO);
fatalperror(net, tbuf);
}
memset((char *)&request, 0, sizeof(request));
#endif /* BFTPDAEMON */
if (write(i, (char *)&request, sizeof(request)) < 0) {
char tbuf[128];
- (void) sprintf(tbuf, "Can't write to %s\n", INIT_FIFO);
+ (void) snprintf(tbuf, sizeof(tbuf), "Can't write to %s\n",
+ INIT_FIFO);
fatalperror(net, tbuf);
}
(void) close(i);
if (i == 3 || n >= 0 || !gotalarm)
break;
gotalarm = 0;
- sprintf(tbuf, "telnetd: waiting for /etc/init to start login process on %s\r\n", line);
+ snprintf(tbuf, sizeof(tbuf), "telnetd: waiting for /etc/init to start login process on %s\r\n", line);
(void) write(net, tbuf, strlen(tbuf));
}
if (n < 0 && gotalarm)
write(xpty, name, len);
write(xpty, name, len);
memset(speed, 0, sizeof(speed));
- strncpy(speed,
- (cp = getenv("TERM")) ? cp : "",
- sizeof(speed)-1-(10*sizeof(def_rspeed)/4)-1);
- /* 1 for /, () for the number, 1 for trailing 0. */
- sprintf(speed + strlen(speed),
- "/%d",
- (def_rspeed > 0) ? def_rspeed : 9600);
+ snprintf(speed, sizeof(speed), "%s/%d",
+ (cp = getenv("TERM")) ? cp : "",
+ (def_rspeed > 0) ? def_rspeed : 9600);
len = strlen(speed)+1;
write(xpty, speed, len);
}else{
/* must be either full path or just the cmd name */
if (strchr(fcmd, '/')){
- err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char));
- sprintf(err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME);
+ asprintf(&err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME);
*out_err = err;
return FALSE;
}
#ifndef CMD_PATH
- err = (char *) xcalloc(2*(strlen(fcmd) +200) ,sizeof(char));
- sprintf(err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd);
+ asprintf(&err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd);
*out_err = err;
return FALSE;
#else
tc = get_first_token (path_ptr, &lp);
if (! tc){
- err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char));
- sprintf(err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n", fcmd, KRB5_USERS_NAME);
+ asprintf(&err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n", fcmd, KRB5_USERS_NAME);
*out_err = err;
return FALSE;
}
i=0;
do{
if (*tc != '/'){ /* must be full path */
- err = (char *) xcalloc((strlen(tc) +200) ,sizeof(char));
- sprintf(err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME );
+ asprintf(&err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME );
*out_err = err;
return FALSE;
}
void init_auth_names(pw_dir)
char *pw_dir;
{
- if (strlen (k5login_path) + 2 + strlen (KRB5_LOGIN_NAME) >= MAXPATHLEN) {
+ const char *sep;
+ int r1, r2;
+
+ sep = ((strlen(pw_dir) == 1) && (*pw_dir == '/')) ? "" : "/";
+ r1 = snprintf(k5login_path, sizeof(k5login_path), "%s%s%s",
+ pw_dir, sep, KRB5_LOGIN_NAME);
+ r2 = snprintf(k5users_path, sizeof(k5users_path), "%s%s%s",
+ pw_dir, sep, KRB5_USERS_NAME);
+ if (SNPRINTF_OVERFLOW(r1, sizeof(k5login_path)) ||
+ SNPRINTF_OVERFLOW(r2, sizeof(k5users_path))) {
fprintf (stderr,
"home directory name `%s' too long, can't search for .k5login\n",
pw_dir);
exit (1);
}
- if ((strlen(pw_dir) == 1) && (*pw_dir == '/')){
- sprintf(k5login_path,"%s%s", pw_dir, KRB5_LOGIN_NAME);
- sprintf(k5users_path,"%s%s", pw_dir, KRB5_USERS_NAME);
- } else {
- sprintf(k5login_path,"%s/%s", pw_dir, KRB5_LOGIN_NAME);
- sprintf(k5users_path,"%s/%s", pw_dir, KRB5_USERS_NAME);
- }
}
krb5_timestamp now;
unsigned int pwsize;
char password[255], *client_name, prompt[255];
-
+ int result;
*zero_password = FALSE;
} else
my_creds.times.renew_till = 0;
- if (strlen (client_name) + 80 > sizeof (prompt)) {
+ result = snprintf(prompt, sizeof(prompt), "Kerberos password for %s: ",
+ client_name);
+ if (SNPRINTF_OVERFLOW(result, sizeof(prompt))) {
fprintf (stderr,
"principal name %s too long for internal buffer space\n",
client_name);
return FALSE;
}
- (void) sprintf(prompt,"Kerberos password for %s: ", client_name);
pwsize = sizeof(password);
cache will be created.*/
do {
- sprintf(cc_target_tag, "%s%ld.%d",
- KRB5_SECONDARY_CACHE,
- (long) target_uid, gen_sym());
+ snprintf(cc_target_tag, KRB5_SEC_BUFFSIZE, "%s%ld.%d",
+ KRB5_SECONDARY_CACHE,
+ (long) target_uid, gen_sym());
cc_target_tag_tmp = strchr(cc_target_tag, ':') + 1;
}while ( !stat ( cc_target_tag_tmp, &st_temp));
static char * ontty()
{
char *p, *ttyname();
- static char buf[MAXPATHLEN + 4];
+ static char buf[MAXPATHLEN + 5];
+ int result;
buf[0] = 0;
if ((p = ttyname(STDERR_FILENO))) {
- if (strlen (p) > MAXPATHLEN) {
+ result = snprintf(buf, sizeof(buf), " on %s", p);
+ if (SNPRINTF_OVERFLOW(result, sizeof(buf))) {
fprintf (stderr, "terminal name %s too long\n", p);
exit (1);
}
- sprintf(buf, " on %s", p);
}
return (buf);
}
{
char * env_var_buf;
- /* allocate extra two spaces, one for the = and one for the \0 */
- env_var_buf = (char *) xcalloc(2 + strlen(name) + strlen(value),
- sizeof(char));
-
- sprintf(env_var_buf,"%s=%s",name, value);
+ asprintf(&env_var_buf,"%s=%s",name, value);
return putenv(env_var_buf);
}
minutes = duration / 60;
duration %= 60;
seconds = duration;
- sprintf(out, "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
- days, days == 1 ? "day" : "days",
- hours, minutes, seconds);
+ snprintf(out, sizeof(out), "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
+ days, days == 1 ? "day" : "days",
+ hours, minutes, seconds);
return out;
}
} else if (argc == 1) {
unsigned int i = sizeof (newpw) - 1;
- sprintf(prompt1, "Enter password for principal \"%.900s\"",
- *argv);
- sprintf(prompt2,
- "Re-enter password for principal \"%.900s\"",
- *argv);
+ snprintf(prompt1, sizeof(prompt1),
+ "Enter password for principal \"%.900s\"",
+ *argv);
+ snprintf(prompt2, sizeof(prompt2),
+ "Re-enter password for principal \"%.900s\"",
+ *argv);
retval = krb5_read_password(context, prompt1, prompt2,
newpw, &i);
if (retval) {
} else if (pass == NULL) {
unsigned int sz = sizeof (newpw) - 1;
- sprintf(prompt1, "Enter password for principal \"%.900s\"",
- canon);
- sprintf(prompt2,
- "Re-enter password for principal \"%.900s\"",
- canon);
+ snprintf(prompt1, sizeof(prompt1),
+ "Enter password for principal \"%.900s\"",
+ canon);
+ snprintf(prompt2, sizeof(prompt2),
+ "Re-enter password for principal \"%.900s\"",
+ canon);
retval = krb5_read_password(context, prompt1, prompt2,
newpw, &sz);
if (retval) {
if (krb5_enctype_to_string(key_data->key_data_type[0],
enctype, sizeof(enctype)))
- sprintf(enctype, "<Encryption type 0x%x>",
- key_data->key_data_type[0]);
+ snprintf(enctype, sizeof(enctype), "<Encryption type 0x%x>",
+ key_data->key_data_type[0]);
printf("Key: vno %d, %s, ", key_data->key_data_kvno, enctype);
if (key_data->key_data_ver > 1) {
if (krb5_salttype_to_string(key_data->key_data_type[1],
salttype, sizeof(salttype)))
- sprintf(salttype, "<Salt type 0x%x>",
- key_data->key_data_type[1]);
+ snprintf(salttype, sizeof(salttype), "<Salt type 0x%x>",
+ key_data->key_data_type[1]);
printf("%s\n", salttype);
} else
printf("no salt\n");
{
char *n;
- n = (char *) malloc(strlen(name) + strlen(realm) + 2);
- sprintf(n, "%s@%s", name, realm);
+ asprintf(&n, "%s@%s", name, realm);
return n;
}
goto cleanup;
}
- sprintf(promptstr, "Password for %.1000s", princ_str);
+ snprintf(promptstr, sizeof(promptstr), "Password for %.1000s",
+ princ_str);
retval = krb5_read_password(context, promptstr, NULL, password.data,
&password.length);
if (retval)
}
if (fmt)
{
- vsprintf(buf + strlen(buf), fmt, args);
+ vsnprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), fmt, args);
}
XtVaSetValues(scroll_text, XmNvalue, buf, NULL);
XmString xmstr;
char buf[1024];
- sprintf(buf, fmt_string, arg_string);
+ snprintf(buf, sizeof(buf), fmt_string, arg_string);
xmstr = XmStringCreateLtoR(buf, XmSTRING_DEFAULT_CHARSET);
XtVaSetValues(main_lbl, XmNlabelString, xmstr, NULL);
if (ret = kadm5_get_master(context, realm, &host))
return (ret);
- name = malloc(strlen(KIPROP_SVC_NAME)+ strlen(host) + 2);
- if (name == NULL) {
+ if (asprintf(&name, "%s@%s", KIPROP_SVC_NAME, host) < 0) {
free(host);
return (ENOMEM);
}
- (void) sprintf(name, "%s@%s", KIPROP_SVC_NAME, host);
free(host);
*host_service_name = name;
case KAINTERNALERROR:
return "internal error in fakeka, help!";
default:
- sprintf(buf, "impossible error code %d, help!", e);
+ snprintf(buf, sizeof(buf), "impossible error code %d, help!", e);
return buf;
}
/*NOTREACHED*/
sd.data = (char *) s;
assert (strlen (s) + 4 < sizeof (buf));
- sprintf (buf, "\"%s\"", s);
+ snprintf (buf, sizeof (buf), "\"%s\"", s);
printf ( "salt: %-25s", buf);
printhex (strlen(s), s);
- sprintf (buf, "\"%s\"", p);
+ snprintf (buf, sizeof (buf), "\"%s\"", p);
printf ("\npassword: %-25s", buf);
printhex (strlen(p), p);
printf ("\n");
key.contents = key_contents;
assert (strlen (s) + 4 < sizeof (buf));
- sprintf (buf, "\"%s\"", s);
+ snprintf (buf, sizeof(buf), "\"%s\"", s);
printf ( "salt:\t%s\n\t", buf);
printhex (strlen(s), s);
- sprintf (buf, "\"%s\"", p);
+ snprintf (buf, sizeof(buf), "\"%s\"", p);
printf ("\npasswd:\t%s\n\t", buf);
printhex (strlen(p), p);
printf ("\n");
}
cpOut = outstr;
for(dex=0; dex<CC_SHA1_DIGEST_LENGTH; dex++) {
- sprintf(cpOut, "%02X", (unsigned)(digest[dex]));
+ snprintf(cpOut, 3, "%02X", (unsigned)(digest[dex]));
cpOut += 2;
}
*cpOut = '\0';
utc->tm_min > 59 || utc->tm_sec > 59) {
return ASN1_BAD_GMTIME;
}
- outStr = (char *)malloc(16);
- if(outStr == NULL) {
+ if (asprintf(&outStr, "%04d%02d%02d%02d%02d%02dZ",
+ utc->tm_year + 1900, utc->tm_mon + 1,
+ utc->tm_mday, utc->tm_hour, utc->tm_min, utc->tm_sec) < 0) {
return ENOMEM;
}
- sprintf(outStr, "%04d%02d%02d%02d%02d%02dZ",
- utc->tm_year + 1900, utc->tm_mon + 1,
- utc->tm_mday, utc->tm_hour, utc->tm_min, utc->tm_sec);
*str = outStr;
return 0;
}
!(kret = ser_data(verbose, "> Resolved default keytab",
(krb5_pointer) keytab, KV5M_KEYTAB)) &&
!(kret = krb5_kt_close(kcontext, keytab))) {
- sprintf(ccname, "FILE:temp_kt_%d", (int) getpid());
+ snprintf(ccname, sizeof(ccname), "FILE:temp_kt_%d", (int) getpid());
if (!(kret = krb5_kt_resolve(kcontext, ccname, &keytab)) &&
!(kret = ser_data(verbose, "> Resolved FILE keytab",
(krb5_pointer) keytab, KV5M_KEYTAB)) &&
/* Solaris returns "Invalid argument" if the buffer is too
small. AIX and Linux return no error indication. */
int e = errno;
- sprintf (buffer, "SIOCGIFCONF(%d)", t);
+ snprintf (buffer, sizeof(buffer), "SIOCGIFCONF(%d)", t);
errno = e;
perror (buffer);
if (e == EINVAL)
case SOCK_RAW:
return "raw";
default:
- sprintf(buf, "?%d", stype);
+ snprintf(buf, sizeof(buf), "?%d", stype);
return buf;
}
}
*/
echo_arg = buf;
for (i = 0; i < 3; i++) {
- sprintf(buf, "testing %d\n", i);
+ snprintf(buf, sizeof(buf), "testing %d\n", i);
echo_resp = rpc_test_echo_1(&echo_arg, clnt);
if (echo_resp == NULL) {
if (res)
free(res);
- res = (char *) malloc(strlen(*arg) + strlen("Echo: ") + 1);
- sprintf(res, "Echo: %s", *arg);
+ asprintf(&res, "Echo: %s", *arg);
return &res;
}
p = getenv("TMPDIR");
if (p == NULL)
p = "/var/tmp";
- (void)sprintf(buf, "%s/__dbtest", p);
+ (void)snprintf(buf, sizeof(buf), "%s/__dbtest", p);
fname = buf;
(void)unlink(buf);
} else if (!sflag)
#endif
info.lorder = 0;
if (!(db = dbopen("bigtest", O_RDWR | O_CREAT | O_BINARY, 0644, DB_HASH, &info))) {
- sprintf(buf, "dbopen: failed on file bigtest");
+ snprintf(buf, sizeof(buf), "dbopen: failed on file bigtest");
perror(buf);
exit(1);
}
content.size = 128 + (rand()&1023);
/* printf("%d: Key size %d, data size %d\n", i, key.size,
content.size); */
- sprintf(keybuf, "Key #%d", i);
- sprintf(contentbuf, "Contents #%d", i);
+ snprintf(keybuf, sizeof(keybuf), "Key #%d", i);
+ snprintf(contentbuf, sizeof(contentbuf), "Contents #%d", i);
if ((db->put)(db, &key, &content, R_NOOVERWRITE)) {
- sprintf(buf, "dbm_store #%d", i);
+ snprintf(buf, sizeof(buf), "dbm_store #%d", i);
perror(buf);
}
}
minutes = duration / 60;
duration %= 60;
seconds = duration;
- sprintf(out, "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
- days, days == 1 ? "day" : "days",
- hours, minutes, seconds);
+ snprintf(out, sizeof(out), "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
+ days, days == 1 ? "day" : "days", hours, minutes, seconds);
return out;
}
minutes = duration / 60;
duration %= 60;
seconds = duration;
- sprintf(out, "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
+ snprintf(out, sizeof(out), "%s%d %s %02d:%02d:%02d", neg ? "-" : "",
days, days == 1 ? "day" : "days",
hours, minutes, seconds);
return out;
/* Parse for the protocol string and translate to number */
strncpy (proto_str, pchr + 1, PROTOCOL_STR_LEN);
if (!strcmp(proto_str, "udp"))
- sprintf (proto_str, "%d", PROTOCOL_NUM_UDP);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_NUM_UDP);
else if (!strcmp(proto_str, "tcp"))
- sprintf (proto_str, "%d", PROTOCOL_NUM_TCP);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_NUM_TCP);
else
proto_str[0] = '\0'; /* Make the string null if invalid */
and port values if they are absent or not matching */
if (servicetype == LDAP_KDC_SERVICE) {
if (proto_str[0] == '\0')
- sprintf (proto_str, "%d", PROTOCOL_DEFAULT_KDC);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_DEFAULT_KDC);
if (port_str[0] == '\0')
- sprintf (port_str, "%d", PORT_DEFAULT_KDC);
+ snprintf (port_str, sizeof(port_str), "%d", PORT_DEFAULT_KDC);
} else if (servicetype == LDAP_ADMIN_SERVICE) {
if (proto_str[0] == '\0')
- sprintf (proto_str, "%d", PROTOCOL_DEFAULT_ADM);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_DEFAULT_ADM);
else if (strcmp(proto_str, "1")) {
- sprintf (proto_str, "%d", PROTOCOL_DEFAULT_ADM);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_DEFAULT_ADM);
/* Print warning message */
printf ("Admin Server supports only TCP protocol, hence setting that\n");
}
if (port_str[0] == '\0')
- sprintf (port_str, "%d", PORT_DEFAULT_ADM);
+ snprintf (port_str, sizeof(port_str), "%d", PORT_DEFAULT_ADM);
} else if (servicetype == LDAP_PASSWD_SERVICE) {
if (proto_str[0] == '\0')
- sprintf (proto_str, "%d", PROTOCOL_DEFAULT_PWD);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_DEFAULT_PWD);
else if (strcmp(proto_str, "0")) {
- sprintf (proto_str, "%d", PROTOCOL_DEFAULT_PWD);
+ snprintf (proto_str, sizeof(proto_str), "%d",
+ PROTOCOL_DEFAULT_PWD);
/* Print warning message */
printf ("Password Server supports only UDP protocol, hence setting that\n");
unsigned int passwd_len = 0;
krb5_error_code errcode = -1;
int retval = 0, i = 0;
- unsigned int len = 0;
krb5_boolean print_usage = FALSE;
FILE *pfile = NULL;
char *str = NULL;
memset(passwd, 0, MAX_SERVICE_PASSWD_LEN + 1);
passwd_len = MAX_SERVICE_PASSWD_LEN;
- len = strlen(service_object);
- /* size of allocation=strlen of servicedn + strlen("Password for \" \"")=20 */
- prompt1 = (char *)malloc(len + 20);
- if (prompt1 == NULL) {
+ if (asprintf(&prompt1, "Password for \"%s\"", service_object) < 0) {
com_err(me, ENOMEM, "while setting service object password");
goto cleanup;
}
- sprintf(prompt1, "Password for \"%s\"", service_object);
- /* size of allocation=strlen of servicedn + strlen("Re-enter Password for \" \"")=30 */
- prompt2 = (char *)malloc(len + 30);
- if (prompt2 == NULL) {
+ if (asprintf(&prompt2, "Re-enter password for \"%s\"",
+ service_object) < 0) {
com_err(me, ENOMEM, "while setting service object password");
free(prompt1);
goto cleanup;
}
- sprintf(prompt2, "Re-enter password for \"%s\"", service_object);
retval = krb5_read_password(util_context, prompt1, prompt2, passwd, &passwd_len);
free(prompt1);
goto cleanup;
}
/* Password = {HEX}<encrypted password>:<encrypted key> */
- encrypted_passwd.value = (unsigned char *)malloc(strlen(service_object) +
- 1 + 5 + hex.length + 2);
- if (encrypted_passwd.value == NULL) {
+ if (asprintf(&str, "%s#{HEX}%s\n", service_object, hex.data) < 0) {
com_err(me, ENOMEM, "while setting service object password");
memset(passwd, 0, passwd_len);
memset(hex.data, 0, hex.length);
free(hex.data);
goto cleanup;
}
- encrypted_passwd.value[strlen(service_object) +
- 1 + 5 + hex.length + 1] = '\0';
- sprintf((char *)encrypted_passwd.value, "%s#{HEX}%s\n", service_object, hex.data);
- encrypted_passwd.len = strlen((char *)encrypted_passwd.value);
+ encrypted_passwd.data = (unsigned char *)str;
+ encrypted_passwd.len = strlen(str);
memset(hex.data, 0, hex.length);
free(hex.data);
}
mode_t omask;
/* Create a new file with the extension .tmp */
- tmp_file = (char *) malloc(sizeof(char) * (strlen(file_name) + 4 + 1));
- if (tmp_file == NULL) {
+ if (asprintf(&tmp_file,"%s.tmp",file_name) < 0) {
com_err(me, ENOMEM, "while setting service object password");
goto cleanup;
}
- sprintf(tmp_file,"%s.%s",file_name,"tmp");
omask = umask(077);
newfile = fopen(tmp_file, "w+");
goto cleanup;
}
} else {
- len = strlen(line);
if (fprintf(newfile, "%s", line) < 0) {
com_err(me, errno, "Failed to write service object password to file");
fclose(newfile);
/* size of prompt = strlen of servicedn + strlen("Password for \" \"") */
assert (sizeof (prompt1) > (strlen (service_object)
+ sizeof ("Password for \" \"")));
- sprintf(prompt1, "Password for \"%s\"", service_object);
+ snprintf(prompt1, sizeof(prompt1), "Password for \"%s\"", service_object);
/* size of prompt = strlen of servicedn + strlen("Re-enter Password for \" \"") */
assert (sizeof (prompt2) > (strlen (service_object)
+ sizeof ("Re-enter Password for \" \"")));
- sprintf(prompt2, "Re-enter password for \"%s\"", service_object);
+ snprintf(prompt2, sizeof(prompt2), "Re-enter password for \"%s\"", service_object);
ret = krb5_read_password(util_context, prompt1, prompt2, passwd, &passwd_len);
if (ret != 0) {
mode_t omask;
/* Create a new file with the extension .tmp */
- tmp_file = (char *) malloc(sizeof(char) * (strlen(file_name) + 4 + 1));
- if (tmp_file == NULL) {
+ if (asprintf(&tmp_file,"%s.tmp",file_name) < 0) {
com_err(me, ENOMEM, "while setting service object password");
fclose(pfile);
goto cleanup;
}
- sprintf(tmp_file,"%s.%s",file_name,"tmp");
omask = umask(077);
newfile = fopen(tmp_file, "w");
goto clean_n_exit;
}
} else {
- void *tmp=NULL;
- char *oldstr = NULL;
- unsigned int len=0;
+ char *newstr;
- oldstr = strdup(ldap_context->root_certificate_file);
- if (oldstr == NULL) {
+ if (asprintf(&newstr, "%s %s",
+ ldap_context->root_certificate_file, val) < 0) {
free (opt);
free (val);
status = ENOMEM;
goto clean_n_exit;
}
-
- tmp = ldap_context->root_certificate_file;
- len = strlen(ldap_context->root_certificate_file) + 2 + strlen(val);
- ldap_context->root_certificate_file = realloc(ldap_context->root_certificate_file,
- len);
- if (ldap_context->root_certificate_file == NULL) {
- free (tmp);
- free (opt);
- free (val);
- status = ENOMEM;
- goto clean_n_exit;
- }
- memset(ldap_context->root_certificate_file, 0, len);
- sprintf(ldap_context->root_certificate_file,"%s %s", oldstr, val);
- free (oldstr);
+ free(ldap_context->root_certificate_file);
+ ldap_context->root_certificate_file = newstr;
}
#endif
} else {
goto cleanup;
}
} else {
- void *tmp=NULL;
- char *oldstr = NULL;
- unsigned int len=0;
+ char *newstr;
- oldstr = strdup(ldap_context->root_certificate_file);
- if (oldstr == NULL) {
+ if (asprintf(&newstr, "%s %s",
+ ldap_context->root_certificate_file, val) < 0) {
free (opt);
free (val);
status = ENOMEM;
goto cleanup;
}
-
- tmp = ldap_context->root_certificate_file;
- len = strlen(ldap_context->root_certificate_file) + 2 + strlen(val);
- ldap_context->root_certificate_file = realloc(ldap_context->root_certificate_file,
- len);
- if (ldap_context->root_certificate_file == NULL) {
- free (tmp);
- free (opt);
- free (val);
- status = ENOMEM;
- goto cleanup;
- }
- memset(ldap_context->root_certificate_file, 0, len);
- sprintf(ldap_context->root_certificate_file,"%s %s", oldstr, val);
- free (oldstr);
+ ldap_context->root_certificate_file = newstr;
}
#endif
} else {
format_d (int val)
{
char tmpbuf[2+3*sizeof(val)];
- sprintf(tmpbuf, "%d", val);
+ snprintf(tmpbuf, sizeof(tmpbuf), "%d", val);
return strdup(tmpbuf);
}
goto cleanup;
}
- filter = (char *) malloc (strlen (refattr) + strlen (ptr) + 2);
- if (filter == NULL) {
+ if (asprintf (&filter, "%s=%s", refattr, ptr) < 0) {
+ filter = NULL;
st = ENOMEM;
goto cleanup;
}
- sprintf (filter, "%s=%s", refattr, ptr);
-
if ((st = krb5_get_subtree_info(ldap_context, &subtree, &ntrees)) != 0)
goto cleanup;
krb5_db_entry entry;
krb5_principal principal;
char **subtree=NULL, *princ_name=NULL, *realm=NULL, **values=NULL, *filter=NULL;
- unsigned int filterlen=0, tree=0, ntree=1, i=0;
+ unsigned int tree=0, ntree=1, i=0;
krb5_error_code st=0, tempst=0;
LDAP *ld=NULL;
LDAPMessage *result=NULL, *ent=NULL;
if (match_expr == NULL)
match_expr = default_match_expr;
- filterlen = strlen(FILTER) + strlen(match_expr) + 2 + 1; /* 2 for closing brackets */
- filter = malloc (filterlen);
+ if (asprintf(&filter, FILTER"%s))", match_expr) < 0)
+ filter = NULL;
CHECK_NULL(filter);
- memset(filter, 0, filterlen);
- sprintf(filter, FILTER"%s))", match_expr);
if ((st = krb5_get_subtree_info(ldap_context, &subtree, &ntree)) != 0)
goto cleanup;
krb5_error_code
krb5_ldap_unparse_principal_name(char *user_name)
{
- char *tmp_princ_name=NULL, *princ_name=NULL, *tmp=NULL;
- int l=0;
- krb5_error_code st=0;
+ char *in, *out;
- if (strstr(user_name, "\\@")) {
-
- tmp_princ_name = strdup(user_name);
- if (!tmp_princ_name) {
- st = ENOMEM;
- goto cleanup;
- }
- tmp = tmp_princ_name;
-
- princ_name = (char *) malloc (strlen(user_name));
- if (!princ_name) {
- st = ENOMEM;
- goto cleanup;
- }
- memset(princ_name, 0, strlen(user_name));
-
- l = 0;
- while (*tmp_princ_name) {
- if ((*tmp_princ_name == '\\') && (*(tmp_princ_name+1) == '@')) {
- tmp_princ_name += 1;
- } else {
- *(princ_name + l) = *tmp_princ_name++;
- l++;
- }
- }
-
- memset(user_name, 0, strlen(user_name));
- sprintf(user_name, "%s", princ_name);
- }
-
-cleanup:
- if (tmp) {
- free(tmp);
- tmp = NULL;
+ out = user_name;
+ for (in = user_name; *in; in++) {
+ if (*in == '\\' && *(in + 1) == '@')
+ continue;
+ *out++ = *in;
}
+ *out = '\0';
- if (princ_name) {
- free(princ_name);
- princ_name = NULL;
- }
-
- return st;
+ return 0;
}
if (st == KRB5_KDB_NOENTRY || st == KRB5_KDB_CONSTRAINT_VIOLATION) {
int ost = st;
st = EINVAL;
- sprintf(errbuf, "'%s' not found: ", xargs.containerdn);
+ snprintf(errbuf, sizeof(errbuf), "'%s' not found: ",
+ xargs.containerdn);
prepend_err_str(context, errbuf, st, ost);
}
goto cleanup;
}
CHECK_NULL(subtree);
- standalone_principal_dn = malloc(strlen("krbprincipalname=") + strlen(user) + strlen(",") +
- strlen(subtree) + 1);
+ if (asprintf(&standalone_principal_dn, "krbprincipalname=%s,%s",
+ user, subtree) < 0)
+ standalone_principal_dn = NULL;
CHECK_NULL(standalone_principal_dn);
- sprintf(standalone_principal_dn, "krbprincipalname=%s,%s", user, subtree);
/*
* free subtree when you are done using the subtree
* set the boolean create_standalone_prinicipal to TRUE
/* a load operation must replace an existing entry */
st = ldap_delete_ext_s(ld, standalone_principal_dn, NULL, NULL);
if (st != LDAP_SUCCESS) {
- sprintf(errbuf, "Principal delete failed (trying to replace entry): %s",
+ snprintf(errbuf, sizeof(errbuf), "Principal delete failed (trying to replace entry): %s",
ldap_err2string(st));
st = translate_ldap_error (st, OP_ADD);
krb5_set_error_message(context, st, "%s", errbuf);
}
}
if (st != LDAP_SUCCESS) {
- sprintf(errbuf, "Principal add failed: %s", ldap_err2string(st));
+ snprintf(errbuf, sizeof(errbuf), "Principal add failed: %s", ldap_err2string(st));
st = translate_ldap_error (st, OP_ADD);
krb5_set_error_message(context, st, "%s", errbuf);
goto cleanup;
st = ldap_modify_ext_s(ld, principal_dn, mods, NULL, NULL);
if (st != LDAP_SUCCESS) {
- sprintf(errbuf, "User modification failed: %s", ldap_err2string(st));
+ snprintf(errbuf, sizeof(errbuf), "User modification failed: %s", ldap_err2string(st));
st = translate_ldap_error (st, OP_MOD);
krb5_set_error_message(context, st, "%s", errbuf);
goto cleanup;
assert (sizeof (filter) >= sizeof ("(krbprincipalname=)") +
strlen (realm) + 2 /* "*@" */ + 1);
- sprintf (filter, "(krbprincipalname=*@%s)", realm);
+ snprintf (filter, sizeof(filter), "(krbprincipalname=*@%s)", realm);
free (realm);
/* LDAP_SEARCH(NULL, LDAP_SCOPE_SUBTREE, filter, attr); */
for (i=0; oldkdcservers[i]; ++i)
if ((st=deleteAttribute(ld, oldkdcservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf (errbuf, "Error removing 'krbRealmReferences' from %s: ",
- oldkdcservers[i]);
+ snprintf (errbuf, sizeof(errbuf), "Error removing 'krbRealmReferences' from %s: ",
+ oldkdcservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
for (i=0; newkdcservers[i]; ++i)
if ((st=updateAttribute(ld, newkdcservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf (errbuf, "Error adding 'krbRealmReferences' to %s: ",
- newkdcservers[i]);
+ snprintf (errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ newkdcservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
for (i=0; oldadminservers[i]; ++i)
if ((st=deleteAttribute(ld, oldadminservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf(errbuf, "Error removing 'krbRealmReferences' from "
- "%s: ", oldadminservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error removing 'krbRealmReferences' from "
+ "%s: ", oldadminservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
for (i=0; newadminservers[i]; ++i)
if ((st=updateAttribute(ld, newadminservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf(errbuf, "Error adding 'krbRealmReferences' to %s: ",
- newadminservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ newadminservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
for (i=0; oldpasswdservers[i]; ++i)
if ((st=deleteAttribute(ld, oldpasswdservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf(errbuf, "Error removing 'krbRealmReferences' from "
- "%s: ", oldpasswdservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error removing 'krbRealmReferences' from "
+ "%s: ", oldpasswdservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
for (i=0; newpasswdservers[i]; ++i)
if ((st=updateAttribute(ld, newpasswdservers[i], "krbRealmReferences",
rparams->realmdn)) != 0) {
- sprintf(errbuf, "Error adding 'krbRealmReferences' to %s: ",
- newpasswdservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ newpasswdservers[i]);
prepend_err_str (context, errbuf, st, st);
goto cleanup;
}
realm_name = rparams->realm_name;
- dn = malloc(strlen("cn=") + strlen(realm_name) + strlen(ldap_context->krbcontainer->DN) + 2);
+ if (asprintf(&dn, "cn=%s,%s", realm_name,
+ ldap_context->krbcontainer->DN) < 0)
+ dn = NULL;
CHECK_NULL(dn);
- sprintf(dn, "cn=%s,%s", realm_name, ldap_context->krbcontainer->DN);
strval[0] = realm_name;
strval[1] = NULL;
if (mask & LDAP_REALM_KDCSERVERS)
for (i=0; rparams->kdcservers[i]; ++i)
if ((st=updateAttribute(ld, rparams->kdcservers[i], "krbRealmReferences", dn)) != 0) {
- sprintf(errbuf, "Error adding 'krbRealmReferences' to %s: ",
- rparams->kdcservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ rparams->kdcservers[i]);
prepend_err_str (context, errbuf, st, st);
/* delete Realm, status ignored intentionally */
ldap_delete_ext_s(ld, dn, NULL, NULL);
if (mask & LDAP_REALM_ADMINSERVERS)
for (i=0; rparams->adminservers[i]; ++i)
if ((st=updateAttribute(ld, rparams->adminservers[i], "krbRealmReferences", dn)) != 0) {
- sprintf(errbuf, "Error adding 'krbRealmReferences' to %s: ",
- rparams->adminservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ rparams->adminservers[i]);
prepend_err_str (context, errbuf, st, st);
/* delete Realm, status ignored intentionally */
ldap_delete_ext_s(ld, dn, NULL, NULL);
if (mask & LDAP_REALM_PASSWDSERVERS)
for (i=0; rparams->passwdservers[i]; ++i)
if ((st=updateAttribute(ld, rparams->passwdservers[i], "krbRealmReferences", dn)) != 0) {
- sprintf(errbuf, "Error adding 'krbRealmReferences' to %s: ",
- rparams->passwdservers[i]);
+ snprintf(errbuf, sizeof(errbuf), "Error adding 'krbRealmReferences' to %s: ",
+ rparams->passwdservers[i]);
prepend_err_str (context, errbuf, st, st);
/* delete Realm, status ignored intentionally */
ldap_delete_ext_s(ld, dn, NULL, NULL);
krbcontDN = ldap_context->krbcontainer->DN;
- rlparams->realmdn = (char *) malloc(strlen("cn=") + strlen(lrealm) + strlen(krbcontDN) + 2);
- if (rlparams->realmdn == NULL) {
+ if (asprintf(&rlparams->realmdn, "cn=%s,%s", lrealm, krbcontDN) < 0) {
+ rlparams->realmdn = NULL;
st = ENOMEM;
goto cleanup;
}
- sprintf(rlparams->realmdn, "cn=%s,%s", lrealm, krbcontDN);
/* populate the realm name in the structure */
rlparams->realm_name = strdup(lrealm);
for (i=0; strcmp(security_container[i][0], "") != 0; i++) {
- seccontacls[0] = (char *)malloc(strlen(security_container[i][0]) +
- strlen(serviceobjdn) +
- strlen(security_container[i][1]) + 1);
-
- sprintf(seccontacls[0], "%s%s%s", security_container[i][0], serviceobjdn,
- security_container[i][1]);
+ asprintf(&seccontacls[0], "%s%s%s", security_container[i][0], serviceobjdn,
+ security_container[i][1]);
seccontclass.mod_values = seccontacls;
seccontarr[0] = &seccontclass;
krbcontclass.mod_type = "ACL";
for (i=0; strcmp(kerberos_container[i][0], "") != 0; i++) {
- krbcontacls[0] = (char *)malloc(strlen(kerberos_container[i][0]) + strlen(serviceobjdn)
- + strlen(kerberos_container[i][1]) + 1);
- sprintf(krbcontacls[0], "%s%s%s", kerberos_container[i][0], serviceobjdn,
- kerberos_container[i][1]);
+ asprintf(&krbcontacls[0], "%s%s%s", kerberos_container[i][0], serviceobjdn,
+ kerberos_container[i][1]);
krbcontclass.mod_values = krbcontacls;
krbcontarr[0] = &krbcontclass;
}
/* Construct the realm dn from realm name */
- realmdn = (char *)malloc(strlen("cn=") + strlen(realmname) +
- strlen(ldap_context->krbcontainer->DN) + 2);
- sprintf(realmdn,"cn=%s,%s", realmname, ldap_context->krbcontainer->DN);
+ asprintf(&realmdn,"cn=%s,%s", realmname, ldap_context->krbcontainer->DN);
realmclass.mod_op = LDAP_MOD_ADD;
realmclass.mod_type = "ACL";
if (servicetype == LDAP_KDC_SERVICE) {
for (i=0; strcmp(kdcrights_realmcontainer[i][0], "") != 0; i++) {
- realmacls[0] = (char *)malloc(strlen(kdcrights_realmcontainer[i][0])
- + strlen(serviceobjdn) +
- strlen(kdcrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", kdcrights_realmcontainer[i][0], serviceobjdn,
- kdcrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", kdcrights_realmcontainer[i][0], serviceobjdn,
+ kdcrights_realmcontainer[i][1]);
realmclass.mod_values = realmacls;
realmarr[0] = &realmclass;
}
} else if (servicetype == LDAP_ADMIN_SERVICE) {
for (i=0; strcmp(adminrights_realmcontainer[i][0], "") != 0; i++) {
- realmacls[0] = (char *) malloc(strlen(adminrights_realmcontainer[i][0]) +
- strlen(serviceobjdn) +
- strlen(adminrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", adminrights_realmcontainer[i][0], serviceobjdn,
- adminrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", adminrights_realmcontainer[i][0], serviceobjdn,
+ adminrights_realmcontainer[i][1]);
realmclass.mod_values = realmacls;
realmarr[0] = &realmclass;
}
} else if (servicetype == LDAP_PASSWD_SERVICE) {
for (i=0; strcmp(pwdrights_realmcontainer[i][0], "")!=0; i++) {
- realmacls[0] = (char *) malloc(strlen(pwdrights_realmcontainer[i][0]) +
- strlen(serviceobjdn) +
- strlen(pwdrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", pwdrights_realmcontainer[i][0], serviceobjdn,
- pwdrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", pwdrights_realmcontainer[i][0], serviceobjdn,
+ pwdrights_realmcontainer[i][1]);
realmclass.mod_values = realmacls;
realmarr[0] = &realmclass;
if (servicetype == LDAP_KDC_SERVICE) {
for (i=0; strcmp(kdcrights_subtree[i][0], "")!=0; i++) {
- subtreeacls[0] = (char *) malloc(strlen(kdcrights_subtree[i][0]) +
- strlen(serviceobjdn) +
- strlen(kdcrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", kdcrights_subtree[i][0], serviceobjdn,
- kdcrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", kdcrights_subtree[i][0], serviceobjdn,
+ kdcrights_subtree[i][1]);
subtreeclass.mod_values = subtreeacls;
subtreearr[0] = &subtreeclass;
}
} else if (servicetype == LDAP_ADMIN_SERVICE) {
for (i=0; strcmp(adminrights_subtree[i][0], "")!=0; i++) {
- subtreeacls[0] = (char *) malloc(strlen(adminrights_subtree[i][0])
- + strlen(serviceobjdn)
- + strlen(adminrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", adminrights_subtree[i][0], serviceobjdn,
- adminrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", adminrights_subtree[i][0], serviceobjdn,
+ adminrights_subtree[i][1]);
subtreeclass.mod_values = subtreeacls;
subtreearr[0] = &subtreeclass;
}
} else if (servicetype == LDAP_PASSWD_SERVICE) {
for (i=0; strcmp(pwdrights_subtree[i][0], "") != 0; i++) {
- subtreeacls[0] = (char *)malloc(strlen(pwdrights_subtree[i][0])
- + strlen(serviceobjdn)
- + strlen(pwdrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", pwdrights_subtree[i][0], serviceobjdn,
- pwdrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", pwdrights_subtree[i][0], serviceobjdn,
+ pwdrights_subtree[i][1]);
subtreeclass.mod_values = subtreeacls;
subtreearr[0] = &subtreeclass;
/* Set the rights for the realm */
if (mask & LDAP_REALM_RIGHTS) {
- /* Construct the realm dn from realm name */
- realmdn = (char *) malloc(strlen("cn=") + strlen(realmname) +
- strlen(ldap_context->krbcontainer->DN) + 2);
- sprintf(realmdn,"cn=%s,%s", realmname, ldap_context->krbcontainer->DN);
+ asprintf(&realmdn,"cn=%s,%s", realmname, ldap_context->krbcontainer->DN);
realmclass.mod_op=LDAP_MOD_DELETE;
realmclass.mod_type="ACL";
if (servicetype == LDAP_KDC_SERVICE) {
for (i=0; strcmp(kdcrights_realmcontainer[i][0], "") != 0; i++) {
- realmacls[0] = (char *) malloc(strlen(kdcrights_realmcontainer[i][0])
- + strlen(serviceobjdn) +
- strlen(kdcrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", kdcrights_realmcontainer[i][0], serviceobjdn,
- kdcrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", kdcrights_realmcontainer[i][0], serviceobjdn,
+ kdcrights_realmcontainer[i][1]);
realmclass.mod_values= realmacls;
realmarr[0]=&realmclass;
}
} else if (servicetype == LDAP_ADMIN_SERVICE) {
for (i=0; strcmp(adminrights_realmcontainer[i][0], "") != 0; i++) {
- realmacls[0] = (char *) malloc(strlen(adminrights_realmcontainer[i][0]) +
- strlen(serviceobjdn) +
- strlen(adminrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", adminrights_realmcontainer[i][0], serviceobjdn,
- adminrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", adminrights_realmcontainer[i][0], serviceobjdn,
+ adminrights_realmcontainer[i][1]);
realmclass.mod_values= realmacls;
realmarr[0]=&realmclass;
}
} else if (servicetype == LDAP_PASSWD_SERVICE) {
for (i=0; strcmp(pwdrights_realmcontainer[i][0], "") != 0; i++) {
- realmacls[0]=(char *)malloc(strlen(pwdrights_realmcontainer[i][0])
- + strlen(serviceobjdn)
- + strlen(pwdrights_realmcontainer[i][1]) + 1);
- sprintf(realmacls[0], "%s%s%s", pwdrights_realmcontainer[i][0], serviceobjdn,
- pwdrights_realmcontainer[i][1]);
+ asprintf(&realmacls[0], "%s%s%s", pwdrights_realmcontainer[i][0], serviceobjdn,
+ pwdrights_realmcontainer[i][1]);
realmclass.mod_values= realmacls;
realmarr[0]=&realmclass;
if (servicetype == LDAP_KDC_SERVICE) {
for (i=0; strcmp(kdcrights_subtree[i][0], "")!=0; i++) {
- subtreeacls[0] = (char *) malloc(strlen(kdcrights_subtree[i][0])
- + strlen(serviceobjdn)
- + strlen(kdcrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", kdcrights_subtree[i][0], serviceobjdn,
- kdcrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", kdcrights_subtree[i][0], serviceobjdn,
+ kdcrights_subtree[i][1]);
subtreeclass.mod_values= subtreeacls;
subtreearr[0]=&subtreeclass;
}
} else if (servicetype == LDAP_ADMIN_SERVICE) {
for (i=0; strcmp(adminrights_subtree[i][0], "") != 0; i++) {
- subtreeacls[0] = (char *) malloc(strlen(adminrights_subtree[i][0])
- + strlen(serviceobjdn)
- + strlen(adminrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", adminrights_subtree[i][0], serviceobjdn,
- adminrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", adminrights_subtree[i][0], serviceobjdn,
+ adminrights_subtree[i][1]);
subtreeclass.mod_values= subtreeacls;
subtreearr[0]=&subtreeclass;
}
} else if (servicetype == LDAP_PASSWD_SERVICE) {
for (i=0; strcmp(pwdrights_subtree[i][0], "") != 0; i++) {
- subtreeacls[0] = (char *) malloc(strlen(pwdrights_subtree[i][0])
- + strlen(serviceobjdn)
- + strlen(pwdrights_subtree[i][1]) + 1);
- sprintf(subtreeacls[0], "%s%s%s", pwdrights_subtree[i][0], serviceobjdn,
- pwdrights_subtree[i][1]);
+ asprintf(&subtreeacls[0], "%s%s%s", pwdrights_subtree[i][0], serviceobjdn,
+ pwdrights_subtree[i][1]);
subtreeclass.mod_values= subtreeacls;
subtreearr[0]=&subtreeclass;
ret->data[ret->length] = 0;
for (i = 0; i < in.length; i++)
- sprintf(ret->data + 2 * i, "%02x", in.data[i] & 0xff);
+ snprintf(ret->data + 2 * i, 3, "%02x", in.data[i] & 0xff);
cleanup:
for (i=0; service->krbrealmreferences[i]; ++i) {
if ((st=updateAttribute(ld, service->krbrealmreferences[i], realmattr,
service->servicedn)) != 0) {
- sprintf (errbuf, "Error adding 'krbRealmReferences' to %s: ",
- service->krbrealmreferences[i]);
+ snprintf (errbuf, sizeof(errbuf),
+ "Error adding 'krbRealmReferences' to %s: ",
+ service->krbrealmreferences[i]);
prepend_err_str (context, errbuf, st, st);
/* delete service object, status ignored intentionally */
ldap_delete_ext_s(ld, service->servicedn, NULL, NULL);
if (PyString_Check (field)) {
portstr = PyString_AsString (field);
} else if (PyInt_Check (field)) {
- sprintf(portbuf, "%ld", PyInt_AsLong (field));
+ snprintf(portbuf, sizeof(portbuf), "%ld", PyInt_AsLong (field));
portstr = portbuf;
} else {
krb5_set_error_message(blob, -1,
my_authz_data[0]->ad_type = 1;
my_authz_data[0]->length = AD_ALLOC_SIZE;
memcpy(my_authz_data[0]->contents, ad_header, sizeof(ad_header));
- sprintf(my_authz_data[0]->contents + sizeof(ad_header),
- "cksum authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
+ snprintf(my_authz_data[0]->contents + sizeof(ad_header),
+ AD_ALLOC_SIZE - sizeof(ad_header),
+ "cksum authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
*authz_data = my_authz_data;
#ifdef DEBUG
fprintf(stderr, "Returning %d bytes of authorization data\n",
break;
if (pkcs11_errstrings[i].text != NULL)
return (pkcs11_errstrings[i].text);
- sprintf(uc, "unknown code 0x%x", err);
+ snprintf(uc, sizeof(uc), "unknown code 0x%x", err);
return (uc);
}
my_authz_data[0]->ad_type = 1;
my_authz_data[0]->length = AD_ALLOC_SIZE;
memcpy(my_authz_data[0]->contents, ad_header, sizeof(ad_header));
- sprintf(my_authz_data[0]->contents + sizeof(ad_header),
- "wpse authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
+ snprintf(my_authz_data[0]->contents + sizeof(ad_header),
+ AD_ALLOC_SIZE - sizeof(ad_header),
+ "wpse authorization data: %d bytes worth!\n", AD_ALLOC_SIZE);
*authz_data = my_authz_data;
#ifdef DEBUG
fprintf(stderr, "Returning %d bytes of authorization data\n",
* Initialize cache file which we're going to be using
*/
(void) mktemp(tkstring);
- sprintf(buf, "FILE:%s", tkstring);
+ snprintf(buf, sizeof(buf), "FILE:%s", tkstring);
retval = krb5_cc_resolve(context, buf, &ccache);
if (retval) {
hp = gethostbyname(host);
if (hp == NULL) {
- (void) sprintf(Errmsg, "%s: unknown host", host);
+ (void) snprintf(Errmsg, ErrmsgSz, "%s: unknown host", host);
*fd = -1;
return(0);
}
s = socket(AF_INET, SOCK_STREAM, 0);
if (s < 0) {
- (void) sprintf(Errmsg, "in call to socket");
+ (void) snprintf(Errmsg, ErrmsgSz, "in call to socket");
return(errno);
}
if (connect(s, (struct sockaddr *)&my_sin, sizeof my_sin) < 0) {
retval = errno;
close(s);
- (void) sprintf(Errmsg, "in call to connect");
+ (void) snprintf(Errmsg, ErrmsgSz, "in call to connect");
return(retval);
}
*fd = s;
if (getsockname(s, (struct sockaddr *)&my_sin, &socket_length) < 0) {
retval = errno;
close(s);
- (void) sprintf(Errmsg, "in call to getsockname");
+ (void) snprintf(Errmsg, ErrmsgSz, "in call to getsockname");
return(retval);
}
sender_addr.addrtype = ADDRTYPE_INET;
retval = krb5_mk_priv(context, auth_context, &inbuf,
&outbuf, NULL);
if (retval) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"while encoding database block starting at %d",
sent_size);
com_err(progname, retval, buf);
while (received_size < database_size) {
retval = krb5_read_message(context, (void *) &fd, &inbuf);
if (retval) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"while reading database block starting at offset %d",
received_size);
com_err(progname, retval, buf);
retval = krb5_rd_priv(context, auth_context, &inbuf,
&outbuf, NULL);
if (retval) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"while decoding database block starting at offset %d",
received_size);
com_err(progname, retval, buf);
krb5_free_data_contents(context, &inbuf);
krb5_free_data_contents(context, &outbuf);
if (n < 0) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"while writing database block starting at offset %d",
received_size);
send_error(context, fd, errno, buf);
} else if (n != outbuf.length) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"incomplete write while writing database block starting at \noffset %d (%d written, %d expected)",
received_size, n, outbuf.length);
send_error(context, fd, KRB5KRB_ERR_GENERIC, buf);
* OK, we've seen the entire file. Did we get too many bytes?
*/
if (received_size > database_size) {
- sprintf(buf,
+ snprintf(buf, sizeof(buf),
"Received %d bytes, expected %d bytes for database file",
received_size, database_size);
send_error(context, fd, KRB5KRB_ERR_GENERIC, buf);
if (error.error > 127) {
error.error = KRB_ERR_GENERIC;
if (err_text) {
- sprintf(buf, "%s %s", error_message(err_code),
- err_text);
+ snprintf(buf, sizeof(buf), "%s %s",
+ error_message(err_code), err_text);
text = buf;
}
}
host = params.admin_server; /* XXX */
- name = malloc(strlen(KADM5_KIPROP_HOST_SERVICE) + strlen(host) + 2);
- if (name == NULL) {
+ if (asprintf(&name, "%s/%s", KADM5_KIPROP_HOST_SERVICE, host) < 0) {
free(host);
return (ENOMEM);
}
- sprintf(name, "%s/%s", KADM5_KIPROP_HOST_SERVICE, host);
*host_service_name = name;
return (KADM5_OK);
int num_to_create;
char principal_string[BUFSIZ];
char *suffix = 0;
+ size_t suffix_size;
int depth;
krb5_init_context(&test_context);
strncpy(principal_string, optarg, sizeof(principal_string) - 1);
principal_string[sizeof(principal_string) - 1] = '\0';
suffix = principal_string + strlen(principal_string);
+ suffix_size = sizeof(principal_string) -
+ (suffix - principal_string);
break;
case 'n': /* how many to create */
num_to_create = atoi(optarg);
/* build the new principal name */
/* we can't pick random names because we need to generate all the names
again given a prefix and count to test the db lib and kdb */
- (void) sprintf(suffix, "%d", n);
- (void) sprintf(tmp, "%s-DEPTH-1", principal_string);
+ (void) snprintf(suffix, suffix_size, "%d", n);
+ (void) snprintf(tmp, sizeof(tmp), "%s-DEPTH-1", principal_string);
tmp[sizeof(tmp) - 1] = '\0';
str_newprinc = tmp;
add_princ(test_context, str_newprinc);
for (i = 2; i <= depth; i++) {
- (void) sprintf(tmp2, "/%s-DEPTH-%d", principal_string, i);
+ (void) snprintf(tmp2, sizeof(tmp2), "/%s-DEPTH-%d",
+ principal_string, i);
tmp2[sizeof(tmp2) - 1] = '\0';
strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
str_newprinc = tmp;
char princ_name[4096];
memset((char *)&newentry, 0, sizeof(newentry));
- sprintf(princ_name, "%s@%s", str_newprinc, cur_realm);
+ snprintf(princ_name, sizeof(princ_name), "%s@%s", str_newprinc, cur_realm);
if ((retval = krb5_parse_name(context, princ_name, &newprinc))) {
com_err(progname, retval, "while parsing '%s'", princ_name);
return;
}
/* Pathname is passed to db2 via 'args' parameter. */
args[1] = NULL;
- args[0] = malloc(sizeof("dbname=") + strlen(dbname));
- if (args[0] == NULL) {
+ if (asprintf(&args[0], "dbname=%s", dbname) < 0) {
com_err(pname, errno, "while setting up db parameters");
return 1;
}
- sprintf(args[0], "dbname=%s", dbname);
if ((retval = krb5_db_open(test_context, args, KRB5_KDB_OPEN_RO))) {
com_err(pname, retval, "while initializing database");
#include "gss-misc.h"
#include "port-sockets.h"
#include "fake-addrinfo.h"
+#include "k5-platform.h"
static int verbose = 1;
OM_uint32 maj_stat, min_stat;
if (isdigit((int) mechanism[0])) {
- mechstr = malloc(strlen(mechanism)+5);
- if (!mechstr) {
+ if (asprintf(&mechstr, "{ %s }", mechanism) < 0) {
fprintf(stderr, "Couldn't allocate mechanism scratch!\n");
return;
}
- sprintf(mechstr, "{ %s }", mechanism);
for (cp = mechstr; *cp; cp++)
if (*cp == '.')
*cp = ' ';
again given a prefix and count to test the db lib and kdb */
ctmp[0] = '\0';
for (i = 1; i <= depth; i++) {
- (void) sprintf(ctmp2, "%s%s%d-DEPTH-%d", (i != 1) ? "/" : "",
- prefix, n, i);
+ (void) snprintf(ctmp2, sizeof(ctmp2), "%s%s%d-DEPTH-%d",
+ (i != 1) ? "/" : "", prefix, n, i);
ctmp2[sizeof(ctmp2) - 1] = '\0';
strncat(ctmp, ctmp2, sizeof(ctmp) - 1 - strlen(ctmp));
ctmp[sizeof(ctmp) - 1] = '\0';
- sprintf(client, "%s@%s", ctmp, cur_realm);
+ snprintf(client, sizeof(client), "%s@%s", ctmp, cur_realm);
if (get_tgt (test_context, client, &client_princ, ccache)) {
errors++;
stmp[0] = '\0';
for (j = 1; j <= depth; j++) {
- (void) sprintf(stmp2, "%s%s%d-DEPTH-%d", (j != 1) ? "/" : "",
- prefix, n, j);
+ (void) snprintf(stmp2, sizeof(stmp2), "%s%s%d-DEPTH-%d",
+ (j != 1) ? "/" : "", prefix, n, j);
stmp2[sizeof (stmp2) - 1] = '\0';
strncat(stmp, stmp2, sizeof(stmp) - 1 - strlen(stmp));
stmp[sizeof(stmp) - 1] = '\0';
- sprintf(server, "%s@%s", stmp, cur_realm);
+ snprintf(server, sizeof(server), "%s@%s", stmp, cur_realm);
if (verify_cs_pair(test_context, client, client_princ,
stmp, cur_realm, n, i, j, ccache))
errors++;
memset((char *)&creds, 0, sizeof(creds));
/* Do client side */
- sname = (char *) malloc(strlen(service)+strlen(hostname)+2);
- if (sname) {
- sprintf(sname, "%s@%s", service, hostname);
+ if (asprintf(&sname, "%s@%s", service, hostname) >= 0) {
retval = krb5_parse_name(context, sname, &creds.server);
free(sname);
}
X(COMP);
#endif
- sprintf(buf, " %-2d", p);
+ snprintf(buf, sizeof(buf), " %-2d", p);
return buf;
}
case SOCK_RDM: return "RDM";
case SOCK_SEQPACKET: return "SEQPACKET";
}
- sprintf(buf, " %-2d", t);
+ snprintf(buf, sizeof(buf), " %-2d", t);
return buf;
}
static char buf[30];
switch (f) {
default:
- sprintf(buf, "AF %d", f);
+ snprintf(buf, sizeof(buf), "AF %d", f);
return buf;
case AF_INET: return "AF_INET";
#ifdef AF_INET6
{
if (verbose) {
char pbuf[3*sizeof(libhandle)+4];
- sprintf(pbuf, "%p", libhandle);
+ snprintf(pbuf, sizeof(pbuf), "%p", libhandle);
printf("from line %d: do_close(%s)...%*s", line, pbuf,
HORIZ-1-strlen(pbuf), "");
}
char buf[100], buf2[100];
krb5_rcache my_rcache;
- sprintf(buf, "host/all-in-one.mit.edu/%p@ATHENA.MIT.EDU", buf);
+ snprintf(buf, sizeof(buf), "host/all-in-one.mit.edu/%p@ATHENA.MIT.EDU",
+ buf);
r.server = buf;
r.client = (t->my_cusec & 7) + "abcdefgh@ATHENA.MIT.EDU";
if (t->now != t->my_ctime) {
if (t->my_ctime != 0) {
- sprintf(buf2, "%3d: %ld %5d\n", t->idx, t->my_ctime, t->my_cusec);
+ snprintf(buf2, sizeof(buf2), "%3d: %ld %5d\n", t->idx,
+ t->my_ctime, t->my_cusec);
printf("%s", buf2);
}
t->my_ctime = t->now;
int num_to_check;
char principal_string[BUFSIZ];
char *suffix = 0;
+ size_t suffix_size;
int depth, errors;
krb5_init_context(&context);
strncpy(principal_string, optarg, sizeof(principal_string) - 1);
principal_string[sizeof(principal_string) - 1] = '\0';
suffix = principal_string + strlen(principal_string);
+ suffix_size = sizeof(principal_string) -
+ (suffix - principal_string);
break;
case 'n': /* how many to check */
num_to_check = atoi(optarg);
/* build the new principal name */
/* we can't pick random names because we need to generate all the names
again given a prefix and count to test the db lib and kdb */
- (void) sprintf(suffix, "%d", n);
- (void) sprintf(tmp, "%s-DEPTH-1", principal_string);
+ (void) snprintf(suffix, suffix_size, "%d", n);
+ (void) snprintf(tmp, sizeof(tmp), "%s-DEPTH-1", principal_string);
str_princ = tmp;
if (check_princ(context, str_princ)) errors++;
for (i = 2; i <= depth; i++) {
- (void) sprintf(tmp2, "/%s-DEPTH-%d", principal_string, i);
+ (void) snprintf(tmp2, sizeof(tmp2), "/%s-DEPTH-%d",
+ principal_string, i);
tmp2[sizeof(tmp2) - 1] = '\0';
strncat(tmp, tmp2, sizeof(tmp) - 1 - strlen(tmp));
str_princ = tmp;
/* char *str_mod_name; */
char princ_name[4096];
- sprintf(princ_name, "%s@%s", str_princ, cur_realm);
+ snprintf(princ_name, sizeof(princ_name), "%s@%s", str_princ, cur_realm);
fprintf(stderr, "\t%s ...\n", princ_name);
}
/* Pathname is passed to db2 via 'args' parameter. */
args[1] = NULL;
- args[0] = malloc(sizeof("dbname=") + strlen(dbname));
- if (args[0] == NULL) {
+ if (asprintf(&args[0], "dbname=%s", dbname) < 0) {
com_err(pname, errno, "while setting up db parameters");
return 1;
}
- sprintf(args[0], "dbname=%s", dbname);
if ((retval = krb5_db_open(context, args, KRB5_KDB_OPEN_RO))) {
com_err(pname, retval, "while initializing database");
const char *msg = error_message (code);
char buffy[1024];
- sprintf (buffy, "error table %d message %d", table, msgno);
+ snprintf (buffy, sizeof(buffy), "error table %d message %d", table, msgno);
if (0 == strcmp (buffy, msg)) {
if (!known) {
known_err++;
}
return;
}
- sprintf (buffy, "Unknown code et%d %d", table, msgno);
+ snprintf (buffy, sizeof(buffy), "Unknown code et%d %d", table, msgno);
if (!strcmp (buffy, msg)) {
if (known)
known_err++;
{
char *symbol;
- symbol = malloc((strlen(name)+6) * sizeof(char));
gensym_n++;
- sprintf(symbol, "%s%05ld", name, gensym_n);
+ asprintf(&symbol, "%s%05ld", name, gensym_n);
return(symbol);
}
#include "k5-thread.h"
#include "supp-int.h"
-#include <stdio.h> /* for sprintf */
+#include <stdio.h>
#include <errno.h>
#define IMPLEMENT_FAKE_GETADDRINFO
#if (!defined (HAVE_GETADDRINFO) || defined (WRAP_GETADDRINFO)) && defined(DEBUG_ADDRINFO)
/* Some debug routines. */
-static const char *protoname (int p, char *buf) {
+static const char *protoname (int p, char *buf, size_t bufsize) {
#define X(N) if (p == IPPROTO_ ## N) return #N
X(TCP);
X(IGMP);
#endif
- sprintf(buf, " %-2d", p);
+ snprintf(buf, bufsize, " %-2d", p);
return buf;
}
-static const char *socktypename (int t, char *buf) {
+static const char *socktypename (int t, char *buf, size_t bufsize) {
switch (t) {
case SOCK_DGRAM: return "DGRAM";
case SOCK_STREAM: return "STREAM";
case SOCK_RDM: return "RDM";
case SOCK_SEQPACKET: return "SEQPACKET";
}
- sprintf(buf, " %-2d", t);
+ snprintf(buf, bufsize, " %-2d", t);
return buf;
}
-static const char *familyname (int f, char *buf) {
+static const char *familyname (int f, char *buf, size_t bufsize) {
switch (f) {
default:
- sprintf(buf, "AF %d", f);
+ snprintf(buf, bufsize, "AF %d", f);
return buf;
case AF_INET: return "AF_INET";
case AF_INET6: return "AF_INET6";
if (sep[0] == 0)
fprintf(stderr, "no-flags");
if (hint->ai_family)
- fprintf(stderr, " %s", familyname(hint->ai_family, buf));
+ fprintf(stderr, " %s", familyname(hint->ai_family, buf,
+ sizeof(buf)));
if (hint->ai_socktype)
- fprintf(stderr, " SOCK_%s", socktypename(hint->ai_socktype, buf));
+ fprintf(stderr, " SOCK_%s", socktypename(hint->ai_socktype, buf,
+ sizeof(buf)));
if (hint->ai_protocol)
- fprintf(stderr, " IPPROTO_%s", protoname(hint->ai_protocol, buf));
+ fprintf(stderr, " IPPROTO_%s", protoname(hint->ai_protocol, buf,
+ sizeof(buf)));
} else
fprintf(stderr, "(null)");
fprintf(stderr, " }):\n");
fprintf(stderr, "addrinfos returned:\n");
while (ai) {
fprintf(stderr, "%p...", ai);
- fprintf(stderr, " socktype=%s", socktypename(ai->ai_socktype, buf));
- fprintf(stderr, " ai_family=%s", familyname(ai->ai_family, buf));
+ fprintf(stderr, " socktype=%s", socktypename(ai->ai_socktype, buf,
+ sizeof(buf)));
+ fprintf(stderr, " ai_family=%s", familyname(ai->ai_family, buf,
+ sizeof(buf)));
if (ai->ai_family != ai->ai_addr->sa_family)
fprintf(stderr, " sa_family=%s",
- familyname(ai->ai_addr->sa_family, buf));
+ familyname(ai->ai_addr->sa_family, buf, sizeof(buf)));
fprintf(stderr, "\n");
ai = ai->ai_next;
count++;
char tmpbuf[20];
numeric_host:
uc = (const unsigned char *) &sinp->sin_addr;
- sprintf(tmpbuf, "%d.%d.%d.%d", uc[0], uc[1], uc[2], uc[3]);
+ snprintf(tmpbuf, sizeof(tmpbuf), "%d.%d.%d.%d",
+ uc[0], uc[1], uc[2], uc[3]);
strncpy(host, tmpbuf, hlen);
#else
char *p;
port = ntohs (sinp->sin_port);
if (port < 0 || port > 65535)
return EAI_FAIL;
- sprintf (numbuf, "%d", port);
+ snprintf (numbuf, sizeof(numbuf), "%d", port);
strncpy (service, numbuf, slen);
} else {
int serr;
#include "k5-platform.h"
#include "k5-thread.h"
-#include <stdio.h> /* for sprintf */
+#include <stdio.h>
#include <errno.h>
#define IMPLEMENT_FAKE_GETADDRINFO