summaryrefslogtreecommitdiff
path: root/libexec/login_tis
diff options
context:
space:
mode:
authorMoritz Jodeit <moritz@cvs.openbsd.org>2005-01-04 18:24:34 +0000
committerMoritz Jodeit <moritz@cvs.openbsd.org>2005-01-04 18:24:34 +0000
commit5d9aaa7c020aefb8a2e55569b8ea851ad9dd9a94 (patch)
treefcacb24de6cb4f49082de0962126dc52e6056ce3 /libexec/login_tis
parent545d393aff3c7f5e0e705957a3897af88337dce1 (diff)
add some snprintf sanity checks.
ok millert@, henning@
Diffstat (limited to 'libexec/login_tis')
-rw-r--r--libexec/login_tis/login_tis.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/libexec/login_tis/login_tis.c b/libexec/login_tis/login_tis.c
index d3cdc31eeec..92b887d8459 100644
--- a/libexec/login_tis/login_tis.c
+++ b/libexec/login_tis/login_tis.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_tis.c,v 1.1 2004/09/28 15:02:01 millert Exp $ */
+/* $OpenBSD: login_tis.c,v 1.2 2005/01/04 18:24:33 moritz Exp $ */
/*
* Copyright (c) 2004 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -633,7 +633,7 @@ tis_authorize(struct tis_connection *tc, const char *user,
*obuf = '\0';
/* class is not used by authsrv (it is effectively a comment) */
len = snprintf(buf, sizeof(buf), "authenticate %s %s", user, class);
- if (len >= sizeof(buf)) {
+ if (len == -1 || len >= sizeof(buf)) {
syslog(LOG_ERR, "user/class too large");
resp = error;
} else if (tis_send(tc, buf, len) < 0)
@@ -673,7 +673,7 @@ tis_verify(struct tis_connection *tc, const char *response, char *ebuf)
ebuf[0] = '\0';
len = snprintf(buf, sizeof(buf), "response '%s'", response);
- if (len >= sizeof(buf)) {
+ if (len == -1 || len >= sizeof(buf)) {
syslog(LOG_ERR, "response too large");
return (-1);
}