diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2003-03-16 03:08:33 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2003-03-16 03:08:33 +0000 |
commit | 7be6df901996d2f8252b4b4c79a66406265d2d2e (patch) | |
tree | 957b25ea9d1c04926a92a399674c05d81ca2679e | |
parent | fad9d98927af712c388c6deafab0bc9b85577784 (diff) |
sync w/ my tree
-rw-r--r-- | usr.bin/sudo/auth/kerb4.c | 5 | ||||
-rw-r--r-- | usr.bin/sudo/auth/rfc1938.c | 8 | ||||
-rw-r--r-- | usr.bin/sudo/auth/securid.c | 5 |
3 files changed, 10 insertions, 8 deletions
diff --git a/usr.bin/sudo/auth/kerb4.c b/usr.bin/sudo/auth/kerb4.c index dabc4a82975..94228a5f0a7 100644 --- a/usr.bin/sudo/auth/kerb4.c +++ b/usr.bin/sudo/auth/kerb4.c @@ -62,7 +62,7 @@ #include "sudo_auth.h" #ifndef lint -static const char rcsid[] = "$Sudo: kerb4.c,v 1.7 2003/03/15 20:37:44 millert Exp $"; +static const char rcsid[] = "$Sudo: kerb4.c,v 1.8 2003/03/16 02:18:57 millert Exp $"; #endif /* lint */ int @@ -101,7 +101,8 @@ kerb4_verify(pw, pass, auth) * Set the ticket file to be in sudo sudo timedir so we don't * wipe out other (real) kerberos tickets. */ - (void) sprintf(tkfile, "%s/tkt%ld", _PATH_SUDO_TIMEDIR, (long) pw->pw_uid); + (void) snprintf(tkfile, sizoef(tkfile), "%s/tkt%lu", + _PATH_SUDO_TIMEDIR, (unsigned long) pw->pw_uid); (void) krb_set_tkt_string(tkfile); /* Convert the password to a ticket given. */ diff --git a/usr.bin/sudo/auth/rfc1938.c b/usr.bin/sudo/auth/rfc1938.c index 4824e2d33ac..4d702e61b41 100644 --- a/usr.bin/sudo/auth/rfc1938.c +++ b/usr.bin/sudo/auth/rfc1938.c @@ -77,7 +77,7 @@ #include "sudo_auth.h" #ifndef lint -static const char rcsid[] = "$Sudo: rfc1938.c,v 1.11 2003/03/15 20:37:44 millert Exp $"; +static const char rcsid[] = "$Sudo: rfc1938.c,v 1.12 2003/03/16 02:18:34 millert Exp $"; #endif /* lint */ int @@ -137,10 +137,10 @@ rfc1938_setup(pw, promptp, auth) } if (def_flag(I_LONG_OTP_PROMPT)) - (void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt); + (void) snprintf(new_prompt, np_size, "%s\n%s", challenge, orig_prompt); else - (void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt, - challenge); + (void) snprintf(new_prompt, np_size, "%.*s [ %s ]:", op_len, + orig_prompt, challenge); *promptp = new_prompt; return(AUTH_SUCCESS); diff --git a/usr.bin/sudo/auth/securid.c b/usr.bin/sudo/auth/securid.c index 9da4d5e4e48..b3df35237fd 100644 --- a/usr.bin/sudo/auth/securid.c +++ b/usr.bin/sudo/auth/securid.c @@ -68,7 +68,7 @@ #include "sudo_auth.h" #ifndef lint -static const char rcsid[] = "$Sudo: securid.c,v 1.8 2001/12/14 19:52:53 millert Exp $"; +static const char rcsid[] = "$Sudo: securid.c,v 1.9 2003/03/16 03:03:32 millert Exp $"; #endif /* lint */ union config_record configure; @@ -99,7 +99,8 @@ securid_setup(pw, promptp, auth) /* Re-initialize SecurID every time. */ if (sd_init(sd) == 0) { - strcpy(sd->username, pw->pw_name); + /* The programmer's guide says username is 32 bytes */ + strlcpy(sd->username, pw->pw_name, 32); return(AUTH_SUCCESS); } else { (void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]); |