projects / citadel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ba8fa67)
* more witchhunt on sprintf
authorWilfried Göesgens <willi@citadel.org>
Sun, 13 Jan 2008 21:39:47 +0000 (21:39 +0000)
committerWilfried Göesgens <willi@citadel.org>
Sun, 13 Jan 2008 21:39:47 +0000 (21:39 +0000)
webcit/cookie_conversion.c patch | blob | history
webcit/webcit.c patch | blob | history
webcit/webcit.h patch | blob | history

diff --git a/webcit/cookie_conversion.c b/webcit/cookie_conversion.c
index edba4eebfa37cdde5472dcb9bf8cb042798eec57..8b0adab6d752c3bf16b3ab49399dfc1852ac44b3 100644 (file)
--- a/webcit/cookie_conversion.c
+++ b/webcit/cookie_conversion.c
@@ -26,18 +26,18 @@ typedef unsigned char byte;       /**< Byte type */
  * \param pass his passphrase
  * \param room the room he wants to enter
  */
-void stuff_to_cookie(char *cookie, int session,
+void stuff_to_cookie(char *cookie, size_t clen, int session,
                char *user, char *pass, char *room)
 {
        char buf[SIZ];
        int i;
        int len;
 
-       sprintf(buf, "%d|%s|%s|%s|", session, user, pass, room);
+       snprintf(buf, SIZ, "%d|%s|%s|%s|", session, user, pass, room);
        strcpy(cookie, "");
        len = strlen(buf);
        for (i=0; i<len; ++i) {
-               sprintf(&cookie[i*2], "%02X", buf[i]);
+               snprintf(&cookie[i*2], clen - i * 2, "%02X", buf[i]);
        }
 }
 
diff --git a/webcit/webcit.c b/webcit/webcit.c
index 420aa7b14816aed0a3d85b8d66b0846a98045d00..89b237e8aa56fae1c9c341ec66394a8819401600 100644 (file)
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -535,7 +535,7 @@ void output_headers(        int do_httpheaders,     /**< 1 = output HTTP headers
                );
        }
 
-       stuff_to_cookie(cookie, WC->wc_session, WC->wc_username,
+       stuff_to_cookie(cookie, 1024, WC->wc_session, WC->wc_username,
                        WC->wc_password, WC->wc_roomname);
 
        if (unset_cookies) {
diff --git a/webcit/webcit.h b/webcit/webcit.h
index eeb4c5783d54948b6585e44d13c741dfa4eeaf0d..39a85b362b4766412a4bf248b6bafbfc0e810fc7 100644 (file)
--- a/webcit/webcit.h
+++ b/webcit/webcit.h
@@ -455,7 +455,7 @@ void begin_critical_section(int which_one);
 void end_critical_section(int which_one);
 
 
-void stuff_to_cookie(char *cookie, int session,
+void stuff_to_cookie(char *cookie, size_t clen, int session,
                        char *user, char *pass, char *room);
 void cookie_to_stuff(char *cookie, int *session,
                 char *user, size_t user_len,
Citadel server, clients, utilities