From: Michael Rash <mbr@cipherdyne.org>
Date: Mon, 3 Sep 2012 13:09:35 +0000 (-0400)
Subject: sprintf() -> snprintf() calls
X-Git-Tag: fwknop-2.0.3~5
X-Git-Url: http://www.cipherdyne.com/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff_plain;h=b05d229bb15cb77a17a28a146b8b0dc61afa4aa9

sprintf() -> snprintf() calls
---

diff --git a/lib/fko_encryption.c b/lib/fko_encryption.c
index bc2a80a..e75a222 100644
--- a/lib/fko_encryption.c
+++ b/lib/fko_encryption.c
@@ -57,7 +57,8 @@ _rijndael_encrypt(fko_ctx_t ctx, const char *enc_key)
     if(plain == NULL)
         return(FKO_ERROR_MEMORY_ALLOCATION);
 
-    sprintf(plain, "%s:%s", ctx->encoded_msg, ctx->digest);
+    snprintf(plain, strlen(ctx->encoded_msg) + strlen(ctx->digest) + 2,
+            "%s:%s", ctx->encoded_msg, ctx->digest);
 
     /* Make a bucket for the encrypted version and populate it.
     */
@@ -199,7 +200,8 @@ gpg_encrypt(fko_ctx_t ctx, const char *enc_key)
     if(plain == NULL)
         return(FKO_ERROR_MEMORY_ALLOCATION);
 
-    sprintf(plain, "%s:%s", ctx->encoded_msg, ctx->digest);
+    snprintf(plain, strlen(ctx->encoded_msg) + strlen(ctx->digest) + 2,
+            "%s:%s", ctx->encoded_msg, ctx->digest);
 
     res = gpgme_encrypt(ctx,
         (unsigned char*)plain, strlen(plain),