summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2003-03-16 03:08:33 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2003-03-16 03:08:33 +0000
commit7be6df901996d2f8252b4b4c79a66406265d2d2e (patch)
tree957b25ea9d1c04926a92a399674c05d81ca2679e
parentfad9d98927af712c388c6deafab0bc9b85577784 (diff)
sync w/ my tree
-rw-r--r--usr.bin/sudo/auth/kerb4.c5
-rw-r--r--usr.bin/sudo/auth/rfc1938.c8
-rw-r--r--usr.bin/sudo/auth/securid.c5
3 files changed, 10 insertions, 8 deletions
diff --git a/usr.bin/sudo/auth/kerb4.c b/usr.bin/sudo/auth/kerb4.c
index dabc4a82975..94228a5f0a7 100644
--- a/usr.bin/sudo/auth/kerb4.c
+++ b/usr.bin/sudo/auth/kerb4.c
@@ -62,7 +62,7 @@
#include "sudo_auth.h"
#ifndef lint
-static const char rcsid[] = "$Sudo: kerb4.c,v 1.7 2003/03/15 20:37:44 millert Exp $";
+static const char rcsid[] = "$Sudo: kerb4.c,v 1.8 2003/03/16 02:18:57 millert Exp $";
#endif /* lint */
int
@@ -101,7 +101,8 @@ kerb4_verify(pw, pass, auth)
* Set the ticket file to be in sudo sudo timedir so we don't
* wipe out other (real) kerberos tickets.
*/
- (void) sprintf(tkfile, "%s/tkt%ld", _PATH_SUDO_TIMEDIR, (long) pw->pw_uid);
+ (void) snprintf(tkfile, sizoef(tkfile), "%s/tkt%lu",
+ _PATH_SUDO_TIMEDIR, (unsigned long) pw->pw_uid);
(void) krb_set_tkt_string(tkfile);
/* Convert the password to a ticket given. */
diff --git a/usr.bin/sudo/auth/rfc1938.c b/usr.bin/sudo/auth/rfc1938.c
index 4824e2d33ac..4d702e61b41 100644
--- a/usr.bin/sudo/auth/rfc1938.c
+++ b/usr.bin/sudo/auth/rfc1938.c
@@ -77,7 +77,7 @@
#include "sudo_auth.h"
#ifndef lint
-static const char rcsid[] = "$Sudo: rfc1938.c,v 1.11 2003/03/15 20:37:44 millert Exp $";
+static const char rcsid[] = "$Sudo: rfc1938.c,v 1.12 2003/03/16 02:18:34 millert Exp $";
#endif /* lint */
int
@@ -137,10 +137,10 @@ rfc1938_setup(pw, promptp, auth)
}
if (def_flag(I_LONG_OTP_PROMPT))
- (void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt);
+ (void) snprintf(new_prompt, np_size, "%s\n%s", challenge, orig_prompt);
else
- (void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt,
- challenge);
+ (void) snprintf(new_prompt, np_size, "%.*s [ %s ]:", op_len,
+ orig_prompt, challenge);
*promptp = new_prompt;
return(AUTH_SUCCESS);
diff --git a/usr.bin/sudo/auth/securid.c b/usr.bin/sudo/auth/securid.c
index 9da4d5e4e48..b3df35237fd 100644
--- a/usr.bin/sudo/auth/securid.c
+++ b/usr.bin/sudo/auth/securid.c
@@ -68,7 +68,7 @@
#include "sudo_auth.h"
#ifndef lint
-static const char rcsid[] = "$Sudo: securid.c,v 1.8 2001/12/14 19:52:53 millert Exp $";
+static const char rcsid[] = "$Sudo: securid.c,v 1.9 2003/03/16 03:03:32 millert Exp $";
#endif /* lint */
union config_record configure;
@@ -99,7 +99,8 @@ securid_setup(pw, promptp, auth)
/* Re-initialize SecurID every time. */
if (sd_init(sd) == 0) {
- strcpy(sd->username, pw->pw_name);
+ /* The programmer's guide says username is 32 bytes */
+ strlcpy(sd->username, pw->pw_name, 32);
return(AUTH_SUCCESS);
} else {
(void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);