* ftpd.c (user): Remove extra "%s" in call to sprintf() to avoid

author Tom Yu <tlyu@mit.edu>

Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)

committer Tom Yu <tlyu@mit.edu>

Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)
author Tom Yu <tlyu@mit.edu>
Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)
committer Tom Yu <tlyu@mit.edu>
Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)
diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog

index fd44a6077d581ae44d4c0e3da11ccaf7a9ba0274..ead623aefd4a8e386c0da4963315d9c267271fc8 100644 (file)
--- a/src/appl/gssftp/ftpd/ChangeLog
+++ b/src/appl/gssftp/ftpd/ChangeLog
@@ -1,3 +1,8 @@
+Fri Mar 12 07:35:01 1999  Tom Yu  <tlyu@mit.edu>
+
+       * ftpd.c (user): Remove extra "%s" in call to sprintf() to avoid
+       dereferencing stack garbage.
+
  Mon Mar  8 23:47:51 1999  Tom Yu  <tlyu@mit.edu>
  
         * ftpd.M: Resync with reality.
diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c

index 71709dceae1d4efffa1d8959bff642066f61762a..f880734a5efb9182249edf06d8557700f698acc4 100644 (file)
--- a/src/appl/gssftp/ftpd/ftpd.c
+++ b/src/appl/gssftp/ftpd/ftpd.c
@@ -765,7 +765,7 @@ user(name)
  #ifdef KRB5_KRB4_COMPAT
                 if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) {
                         authorized = kuserok(&kdata,name) == 0;
-                       sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s%s",
+                       sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
                                 kdata.pname, *kdata.pinst ? "." : "",
                                 kdata.pinst, kdata.prealm,
                                 authorized ? "" : " not", name);
author	Tom Yu <tlyu@mit.edu>
	Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Fri, 12 Mar 1999 12:35:56 +0000 (12:35 +0000)
src/appl/gssftp/ftpd/ChangeLog		patch \| blob \| history
src/appl/gssftp/ftpd/ftpd.c		patch \| blob \| history