diff options
| author | Damien Miller <djm@mindrot.org> | 2003-07-30 06:53:11 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2003-07-30 06:53:11 +0200 |
| commit | 7f2d795e3f338fbbaced85d5d318d54749d9133f (patch) | |
| tree | 465a356dcb27745c1d6f590e1eef26113dfe7864 | |
| parent | - (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW -> (diff) | |
| download | openssh-7f2d795e3f338fbbaced85d5d318d54749d9133f.tar.xz openssh-7f2d795e3f338fbbaced85d5d318d54749d9133f.zip | |
- (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | auth-pam.c | 13 |
2 files changed, 12 insertions, 6 deletions
@@ -1,3 +1,6 @@ +20030730 + - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal + 20030726 - (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW -> DISABLE_SHADOW. Fixes HP-UX compile error. @@ -732,4 +735,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2866 2003/07/26 09:38:30 dtucker Exp $ +$Id: ChangeLog,v 1.2867 2003/07/30 04:53:11 djm Exp $ diff --git a/auth-pam.c b/auth-pam.c index 057164ad3..9ca18e77e 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -31,7 +31,7 @@ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.64 2003/06/03 00:25:48 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.65 2003/07/30 04:53:11 djm Exp $"); #ifdef USE_PAM #include <security/pam_appl.h> @@ -373,6 +373,7 @@ sshpam_query(void *ctx, char **name, char **info, size_t plen; u_char type; char *msg; + size_t len; buffer_init(&buffer); *name = xstrdup(""); @@ -388,16 +389,18 @@ sshpam_query(void *ctx, char **name, char **info, case PAM_PROMPT_ECHO_ON: case PAM_PROMPT_ECHO_OFF: *num = 1; - **prompts = xrealloc(**prompts, plen + strlen(msg) + 1); - plen += sprintf(**prompts + plen, "%s", msg); + len = plen + strlen(msg) + 1; + **prompts = xrealloc(**prompts, len); + plen += snprintf(**prompts + plen, len, "%s", msg); **echo_on = (type == PAM_PROMPT_ECHO_ON); xfree(msg); return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: /* accumulate messages */ - **prompts = xrealloc(**prompts, plen + strlen(msg) + 1); - plen += sprintf(**prompts + plen, "%s", msg); + len = plen + strlen(msg) + 1; + **prompts = xrealloc(**prompts, len); + plen += snprintf(**prompts + plen, len, "%s", msg); xfree(msg); break; case PAM_NEW_AUTHTOK_REQD: |