summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2003-07-30 14:53:11 +1000
committerDamien Miller <djm@mindrot.org>2003-07-30 14:53:11 +1000
commit7f2d795e3f338fbbaced85d5d318d54749d9133f (patch)
tree465a356dcb27745c1d6f590e1eef26113dfe7864
parentfbba5a0501e5bdb03a412f099e45c2760a380d55 (diff)
- (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
-rw-r--r--ChangeLog5
-rw-r--r--auth-pam.c13
2 files changed, 12 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index e796763a..ecb8af1b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20030730
+ - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
+
20030726
- (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW ->
DISABLE_SHADOW. Fixes HP-UX compile error.
@@ -732,4 +735,4 @@
- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
-$Id: ChangeLog,v 1.2866 2003/07/26 09:38:30 dtucker Exp $
+$Id: ChangeLog,v 1.2867 2003/07/30 04:53:11 djm Exp $
diff --git a/auth-pam.c b/auth-pam.c
index 057164ad..9ca18e77 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -31,7 +31,7 @@
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
#include "includes.h"
-RCSID("$Id: auth-pam.c,v 1.64 2003/06/03 00:25:48 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.65 2003/07/30 04:53:11 djm Exp $");
#ifdef USE_PAM
#include <security/pam_appl.h>
@@ -373,6 +373,7 @@ sshpam_query(void *ctx, char **name, char **info,
size_t plen;
u_char type;
char *msg;
+ size_t len;
buffer_init(&buffer);
*name = xstrdup("");
@@ -388,16 +389,18 @@ sshpam_query(void *ctx, char **name, char **info,
case PAM_PROMPT_ECHO_ON:
case PAM_PROMPT_ECHO_OFF:
*num = 1;
- **prompts = xrealloc(**prompts, plen + strlen(msg) + 1);
- plen += sprintf(**prompts + plen, "%s", msg);
+ len = plen + strlen(msg) + 1;
+ **prompts = xrealloc(**prompts, len);
+ plen += snprintf(**prompts + plen, len, "%s", msg);
**echo_on = (type == PAM_PROMPT_ECHO_ON);
xfree(msg);
return (0);
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
/* accumulate messages */
- **prompts = xrealloc(**prompts, plen + strlen(msg) + 1);
- plen += sprintf(**prompts + plen, "%s", msg);
+ len = plen + strlen(msg) + 1;
+ **prompts = xrealloc(**prompts, len);
+ plen += snprintf(**prompts + plen, len, "%s", msg);
xfree(msg);
break;
case PAM_NEW_AUTHTOK_REQD: