removed all references to sprintf from several files (not all files yet)

[citadel.git] / citadel / client_passwords.c

diff --git a/citadel/client_passwords.c b/citadel/client_passwords.c
index 3d78f9b3a439d9cefcd682bf91f91ff865b5033d..3552c42ec897a4e0b68c48c00d1cd9e938398c1f 100644 (file)
--- a/citadel/client_passwords.c
+++ b/citadel/client_passwords.c
@@ -1,3 +1,11 @@
+/*
+ * $Id$
+ *
+ * Functions which allow the client to remember usernames and passwords for
+ * various sites.
+ *
+ */
+
 #include "sysdep.h"
 #include <stdlib.h>
 #include <unistd.h>
@@ -8,17 +16,18 @@
 #include <sys/stat.h>
 #include <limits.h>
 #include <stdio.h>
+#include "citadel.h"
 #include "tools.h"
 #include "commands.h"
 
 #define PWFILENAME "%s/.citadel.passwords"
 
-void determine_pwfilename(char *pwfile) {
+static void determine_pwfilename(char *pwfile, size_t n) {
        struct passwd *p;
 
        p = getpwuid(getuid());
        if (p == NULL) strcpy(pwfile, "");
-       sprintf(pwfile, PWFILENAME, p->pw_dir);
+       snprintf(pwfile, n, PWFILENAME, p->pw_dir);
 }
 
 
@@ -34,20 +43,20 @@ void get_stored_password(
 
        char pwfile[PATH_MAX];
        FILE *fp;
-       char buf[256];
-       char buf64[256];
-       char hostbuf[256], portbuf[256], ubuf[256], pbuf[256];
+       char buf[SIZ];
+       char buf64[SIZ];
+       char hostbuf[SIZ], portbuf[SIZ], ubuf[SIZ], pbuf[SIZ];
 
        strcpy(username, "");
        strcpy(password, "");
 
-       determine_pwfilename(pwfile);
+       determine_pwfilename(pwfile, sizeof pwfile);
        if (strlen(pwfile)==0) return;
 
        fp = fopen(pwfile, "r");
        if (fp == NULL) return;
        while (fgets(buf64, sizeof buf64, fp) != NULL) {
-               decode_base64(buf, buf64);
+               decode_base64(buf, buf64, sizeof(buf64));
                extract(hostbuf, buf, 0);
                extract(portbuf, buf, 1);
                extract(ubuf, buf, 2);
@@ -75,11 +84,11 @@ void set_stored_password(
 
        char pwfile[PATH_MAX];
        FILE *fp, *oldfp;
-       char buf[256];
-       char buf64[256];
-       char hostbuf[256], portbuf[256], ubuf[256], pbuf[256];
+       char buf[SIZ];
+       char buf64[SIZ];
+       char hostbuf[SIZ], portbuf[SIZ], ubuf[SIZ], pbuf[SIZ];
 
-       determine_pwfilename(pwfile);
+       determine_pwfilename(pwfile, sizeof pwfile);
        if (strlen(pwfile)==0) return;
 
        oldfp = fopen(pwfile, "r");
@@ -88,7 +97,7 @@ void set_stored_password(
        fp = fopen(pwfile, "w");
        if (fp == NULL) fp = fopen("/dev/null", "w");
        while (fgets(buf64, sizeof buf64, oldfp) != NULL) {
-               decode_base64(buf, buf64);
+               decode_base64(buf, buf64, sizeof(buf64));
                extract(hostbuf, buf, 0);
                extract(portbuf, buf, 1);
                extract(ubuf, buf, 2);
@@ -96,14 +105,14 @@ void set_stored_password(
 
                if ( (strcasecmp(hostbuf, host)) 
                   || (strcasecmp(portbuf, port)) ) {
-                       sprintf(buf, "%s|%s|%s|%s|",
+                       snprintf(buf, sizeof buf, "%s|%s|%s|%s|",
                                hostbuf, portbuf, ubuf, pbuf);
                        encode_base64(buf64, buf);
                        fprintf(fp, "%s\n", buf64);
                }
        }
        if (strlen(username) > 0) {
-               sprintf(buf, "%s|%s|%s|%s|",
+               snprintf(buf, sizeof buf, "%s|%s|%s|%s|",
                        host, port, username, password);
                encode_base64(buf64, buf);
                fprintf(fp, "%s\n", buf64);