Changed sprintf's to snprintf's, now that we have snprintf in the

author aland <aland>

Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)

committer aland <aland>

Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)
author aland <aland>
Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)
committer aland <aland>
Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)
diff --git a/src/lib/dict.c b/src/lib/dict.c

index 30d6a79..8ba0f2d 100644 (file)
--- a/src/lib/dict.c
+++ b/src/lib/dict.c
@@ -244,7 +244,7 @@ static int my_dict_init(const char *dir, const char *fn, const char *src_file, i
                 dirtmp[p - fn] = 0;
                 dir = dirtmp;
         } else if (dir && dir[0] && strcmp(dir, ".") != 0) {
-               sprintf(dirtmp, "%s/%s", dir, fn);
+               snprintf(dirtmp, sizeof(dirtmp), "%s/%s", dir, fn);
                 fn = dirtmp;
         }
  
diff --git a/src/lib/print.c b/src/lib/print.c

index 6db8a94..ff8008f 100644 (file)
--- a/src/lib/print.c
+++ b/src/lib/print.c
@@ -56,17 +56,20 @@ void librad_safeprint(char *in, int inlen, char *out, int outlen)
                                 break;
                         default:
                                 if (*str < 32 || (*str >= 128)){
-                                       sprintf(out, "\\%03o", *str);
+                                       snprintf(out, outlen, "\\%03o", *str);
                                         done += 4;
                                         out  += 4;
+                                       outlen -= 4;
                                 } else {
                                         *out++ = *str;
+                                       outlen--;
                                         done++;
                                 }
                 }
                 if (sp) {
                         *out++ = '\\';
                         *out++ = sp;
+                       outlen -= 2;
                         done += 2;
                 }
                 str++;
@@ -112,7 +115,7 @@ int vp_prints_value(char * out, int outlen, VALUE_PAIR *vp, int delimitst)
                                 != NULL)
                                 a = v->name;
                         else {
-                               sprintf(buf, "%d", vp->lvalue);
+                               snprintf(buf, sizeof(buf), "%d", vp->lvalue);
                                 a = buf;
                         }
                         break;
@@ -175,7 +178,7 @@ int vp_prints(char *out, int outlen, VALUE_PAIR *vp)
                 return 0;
         }
  
-       sprintf(out, "%s = ", vp->name);
+       snprintf(out, outlen, "%s = ", vp->name);
         len = strlen(out);
         vp_prints_value(out + len, outlen - len, vp, 1);
  
diff --git a/src/lib/radius.c b/src/lib/radius.c

index 2d098a4..3c9d886 100644 (file)
--- a/src/lib/radius.c
+++ b/src/lib/radius.c
@@ -722,7 +722,7 @@ int rad_decode(RADIUS_PACKET *packet, RADIUS_PACKET *original, const char *secre
  
                         memset(pair, 0, sizeof(VALUE_PAIR));
                         if ((attr = dict_attrbyvalue(attribute)) == NULL) {
-                               sprintf(pair->name, "Attr-%d", attribute);
+                               snprintf(pair->name, sizeof(pair->name), "Attr-%d", attribute);
                                 pair->type = PW_TYPE_STRING;
                         } else {
                                 strcpy(pair->name, attr->name);
author	aland <aland>
	Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)
committer	aland <aland>
	Mon, 12 Mar 2001 16:48:14 +0000 (16:48 +0000)
src/lib/dict.c		patch \| blob \| history
src/lib/print.c		patch \| blob \| history
src/lib/radius.c		patch \| blob \| history