From: Wilfried Göesgens <willi@citadel.org>
Date: Sun, 13 Jan 2008 21:39:47 +0000 (+0000)
Subject: * more witchhunt on sprintf
X-Git-Tag: v7.86~2609
X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=d6969948bc92eba2a0bb25053907a2e745d5a2c0

* more witchhunt on sprintf
---

diff --git a/webcit/cookie_conversion.c b/webcit/cookie_conversion.c
index edba4eebf..8b0adab6d 100644
--- a/webcit/cookie_conversion.c
+++ b/webcit/cookie_conversion.c
@@ -26,18 +26,18 @@ typedef unsigned char byte;	      /**< Byte type */
  * \param pass his passphrase
  * \param room the room he wants to enter
  */
-void stuff_to_cookie(char *cookie, int session,
+void stuff_to_cookie(char *cookie, size_t clen, int session,
 		char *user, char *pass, char *room)
 {
 	char buf[SIZ];
 	int i;
 	int len;
 
-	sprintf(buf, "%d|%s|%s|%s|", session, user, pass, room);
+	snprintf(buf, SIZ, "%d|%s|%s|%s|", session, user, pass, room);
 	strcpy(cookie, "");
 	len = strlen(buf);
 	for (i=0; i<len; ++i) {
-		sprintf(&cookie[i*2], "%02X", buf[i]);
+		snprintf(&cookie[i*2], clen - i * 2, "%02X", buf[i]);
 	}
 }
 
diff --git a/webcit/webcit.c b/webcit/webcit.c
index 420aa7b14..89b237e8a 100644
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -535,7 +535,7 @@ void output_headers(	int do_httpheaders,	/**< 1 = output HTTP headers
 		);
 	}
 
-	stuff_to_cookie(cookie, WC->wc_session, WC->wc_username,
+	stuff_to_cookie(cookie, 1024, WC->wc_session, WC->wc_username,
 			WC->wc_password, WC->wc_roomname);
 
 	if (unset_cookies) {
diff --git a/webcit/webcit.h b/webcit/webcit.h
index eeb4c5783..39a85b362 100644
--- a/webcit/webcit.h
+++ b/webcit/webcit.h
@@ -455,7 +455,7 @@ void begin_critical_section(int which_one);
 void end_critical_section(int which_one);
 
 
-void stuff_to_cookie(char *cookie, int session,
+void stuff_to_cookie(char *cookie, size_t clen, int session,
 			char *user, char *pass, char *room);
 void cookie_to_stuff(char *cookie, int *session,
                 char *user, size_t user_len,