From b05d229bb15cb77a17a28a146b8b0dc61afa4aa9 Mon Sep 17 00:00:00 2001
From: Michael Rash <mbr@cipherdyne.org>
Date: Mon, 3 Sep 2012 09:09:35 -0400
Subject: [PATCH] sprintf() -> snprintf() calls

---
 lib/fko_encryption.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/fko_encryption.c b/lib/fko_encryption.c
index bc2a80a..e75a222 100644
--- a/lib/fko_encryption.c
+++ b/lib/fko_encryption.c
@@ -57,7 +57,8 @@ _rijndael_encrypt(fko_ctx_t ctx, const char *enc_key)
     if(plain == NULL)
         return(FKO_ERROR_MEMORY_ALLOCATION);
 
-    sprintf(plain, "%s:%s", ctx->encoded_msg, ctx->digest);
+    snprintf(plain, strlen(ctx->encoded_msg) + strlen(ctx->digest) + 2,
+            "%s:%s", ctx->encoded_msg, ctx->digest);
 
     /* Make a bucket for the encrypted version and populate it.
     */
@@ -199,7 +200,8 @@ gpg_encrypt(fko_ctx_t ctx, const char *enc_key)
     if(plain == NULL)
         return(FKO_ERROR_MEMORY_ALLOCATION);
 
-    sprintf(plain, "%s:%s", ctx->encoded_msg, ctx->digest);
+    snprintf(plain, strlen(ctx->encoded_msg) + strlen(ctx->digest) + 2,
+            "%s:%s", ctx->encoded_msg, ctx->digest);
 
     res = gpgme_encrypt(ctx,
         (unsigned char*)plain, strlen(plain),
-- 
1.7.5.4