From fc78bb8523d8d6a2c90ded155b555e956156c2b1 Mon Sep 17 00:00:00 2001
From: "Andrew G. Morgan" <morgan@kernel.org>
Date: Mon, 26 Nov 2001 06:05:24 +0000
Subject: Relevant BUGIDs: 476947

Purpose of commit: cleanup

Commit summary:
---------------
be more confident that strings are being initialized correctly
from Nalin.
---
 modules/pam_unix/pam_unix_passwd.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'modules/pam_unix/pam_unix_passwd.c')

diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 7f8f6e03..7870f320 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -285,9 +285,11 @@ static int save_old_password(const char *forwho, const char *oldpass, int howman
 			}
 			pass = crypt_md5_wrapper(oldpass);
 			if (s_pas == NULL)
-				sprintf(nbuf, "%s:%s:%d:%s\n", s_luser, s_uid, npas, pass);
+				snprintf(nbuf, sizeof(nbuf), "%s:%s:%d:%s\n",
+					 s_luser, s_uid, npas, pass);
 			else
-				sprintf(nbuf, "%s:%s:%d:%s,%s\n", s_luser, s_uid, npas, s_pas, pass);
+				snprintf(nbuf, sizeof(nbuf),"%s:%s:%d:%s,%s\n",
+					 s_luser, s_uid, npas, s_pas, pass);
 			_pam_delete(pass);
 			if (fputs(nbuf, pwfile) < 0) {
 				retval = PAM_AUTHTOK_ERR;
@@ -309,7 +311,8 @@ static int save_old_password(const char *forwho, const char *oldpass, int howman
 			err = 1;
 		} else {
 			pass = crypt_md5_wrapper(oldpass);
-			sprintf(nbuf, "%s:%d:1:%s\n", forwho, pwd->pw_uid, pass);
+			snprintf(nbuf, sizeof(nbuf), "%s:%d:1:%s\n",
+				 forwho, pwd->pw_uid, pass);
 			_pam_delete(pass);
 			if (fputs(nbuf, pwfile) < 0) {
 				retval = PAM_AUTHTOK_ERR;
-- 
cgit v1.2.3