From 7be6df901996d2f8252b4b4c79a66406265d2d2e Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <millert@cvs.openbsd.org>
Date: Sun, 16 Mar 2003 03:08:33 +0000
Subject: sync w/ my tree

---
 usr.bin/sudo/auth/kerb4.c   | 5 +++--
 usr.bin/sudo/auth/rfc1938.c | 8 ++++----
 usr.bin/sudo/auth/securid.c | 5 +++--
 3 files changed, 10 insertions(+), 8 deletions(-)

(limited to 'usr.bin/sudo/auth')

diff --git a/usr.bin/sudo/auth/kerb4.c b/usr.bin/sudo/auth/kerb4.c
index dabc4a82975..94228a5f0a7 100644
--- a/usr.bin/sudo/auth/kerb4.c
+++ b/usr.bin/sudo/auth/kerb4.c
@@ -62,7 +62,7 @@
 #include "sudo_auth.h"
 
 #ifndef lint
-static const char rcsid[] = "$Sudo: kerb4.c,v 1.7 2003/03/15 20:37:44 millert Exp $";
+static const char rcsid[] = "$Sudo: kerb4.c,v 1.8 2003/03/16 02:18:57 millert Exp $";
 #endif /* lint */
 
 int
@@ -101,7 +101,8 @@ kerb4_verify(pw, pass, auth)
      * Set the ticket file to be in sudo sudo timedir so we don't
      * wipe out other (real) kerberos tickets.
      */
-    (void) sprintf(tkfile, "%s/tkt%ld", _PATH_SUDO_TIMEDIR, (long) pw->pw_uid);
+    (void) snprintf(tkfile, sizoef(tkfile), "%s/tkt%lu",
+	_PATH_SUDO_TIMEDIR, (unsigned long) pw->pw_uid);
     (void) krb_set_tkt_string(tkfile);
 
     /* Convert the password to a ticket given. */
diff --git a/usr.bin/sudo/auth/rfc1938.c b/usr.bin/sudo/auth/rfc1938.c
index 4824e2d33ac..4d702e61b41 100644
--- a/usr.bin/sudo/auth/rfc1938.c
+++ b/usr.bin/sudo/auth/rfc1938.c
@@ -77,7 +77,7 @@
 #include "sudo_auth.h"
 
 #ifndef lint
-static const char rcsid[] = "$Sudo: rfc1938.c,v 1.11 2003/03/15 20:37:44 millert Exp $";
+static const char rcsid[] = "$Sudo: rfc1938.c,v 1.12 2003/03/16 02:18:34 millert Exp $";
 #endif /* lint */
 
 int
@@ -137,10 +137,10 @@ rfc1938_setup(pw, promptp, auth)
     }
 
     if (def_flag(I_LONG_OTP_PROMPT))
-	(void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt);
+	(void) snprintf(new_prompt, np_size, "%s\n%s", challenge, orig_prompt);
     else
-	(void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt,
-	    challenge);
+	(void) snprintf(new_prompt, np_size, "%.*s [ %s ]:", op_len,
+	    orig_prompt, challenge);
 
     *promptp = new_prompt;
     return(AUTH_SUCCESS);
diff --git a/usr.bin/sudo/auth/securid.c b/usr.bin/sudo/auth/securid.c
index 9da4d5e4e48..b3df35237fd 100644
--- a/usr.bin/sudo/auth/securid.c
+++ b/usr.bin/sudo/auth/securid.c
@@ -68,7 +68,7 @@
 #include "sudo_auth.h"
 
 #ifndef lint
-static const char rcsid[] = "$Sudo: securid.c,v 1.8 2001/12/14 19:52:53 millert Exp $";
+static const char rcsid[] = "$Sudo: securid.c,v 1.9 2003/03/16 03:03:32 millert Exp $";
 #endif /* lint */
 
 union config_record configure;
@@ -99,7 +99,8 @@ securid_setup(pw, promptp, auth)
 
     /* Re-initialize SecurID every time. */
     if (sd_init(sd) == 0) {
-	strcpy(sd->username, pw->pw_name);
+	/* The programmer's guide says username is 32 bytes */
+	strlcpy(sd->username, pw->pw_name, 32);
 	return(AUTH_SUCCESS);
     } else {
 	(void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);
-- 
cgit v1.2.3