src/common/cert_info.c | 1 + src/common/pkcs11_lib.c | 1 + src/common/strings.c | 1 + src/common/uri.c | 1 + src/mappers/openssh_mapper.c | 4 ++-- src/pam_pkcs11/pam_pkcs11.c | 4 ++-- src/tools/pkcs11_eventmgr.c | 1 + 7 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/common/cert_info.c b/src/common/cert_info.c index 12965e1..4d5a9c5 100644 --- a/src/common/cert_info.c +++ b/src/common/cert_info.c @@ -748,6 +748,7 @@ static char **cert_info_sshpuk(X509 *x509) { DBG("No memory to store public key dump"); goto sshpuk_fail; } + /* buf is allocated above */ if (maillist && maillist[0]) sprintf(buf,"%s %s %s",type,data,maillist[0]); else sprintf(buf,"%s %s",type,data); DBG1("Public key is '%s'\n",buf); diff --git a/src/common/pkcs11_lib.c b/src/common/pkcs11_lib.c index 46a93bd..1e7b8bb 100644 --- a/src/common/pkcs11_lib.c +++ b/src/common/pkcs11_lib.c @@ -270,6 +270,7 @@ int load_pkcs11_module(const char *pkcs11_module, pkcs11_handle_t **hp) free (h); return -1; } + /* moduleSpec is allocated above */ sprintf(moduleSpec,SPEC_TEMPLATE, pkcs11_module); DBG2("loading Module explictly, moduleSpec=<%s> module=%s", moduleSpec, pkcs11_module); diff --git a/src/common/strings.c b/src/common/strings.c index 085b952..3574fc4 100644 --- a/src/common/strings.c +++ b/src/common/strings.c @@ -88,6 +88,7 @@ char *bin2hex(const unsigned char *binstr,const int len) { return res; } for(i=0,pt=res;ihttp->path, uri->http->host); len = strlen(request); rv = send(sock, request, len, 0); diff --git a/src/mappers/openssh_mapper.c b/src/mappers/openssh_mapper.c index b9e09f7..37db10b 100644 --- a/src/mappers/openssh_mapper.c +++ b/src/mappers/openssh_mapper.c @@ -319,7 +319,7 @@ static int openssh_mapper_match_user(X509 *x509, const char *user, void *context DBG1("User '%s' has no home directory",user); return -1; } - sprintf(filename,"%s/.ssh/authorized_keys",pw->pw_dir); + snprintf(filename, sizeof(filename),"%s/.ssh/authorized_keys",pw->pw_dir); return openssh_mapper_match_keys(x509,filename); } @@ -339,7 +339,7 @@ static char * openssh_mapper_find_user(X509 *x509, void *context, int *match) { DBG1("User '%s' has no home directory",pw->pw_name); continue; } - sprintf(filename,"%s/.ssh/authorized_keys",pw->pw_dir); + snprintf(filename, sizeof(filename),"%s/.ssh/authorized_keys",pw->pw_dir); n = openssh_mapper_match_keys (x509,filename); if (n<0) { DBG1("Error in matching process with user '%s'",pw->pw_name); diff --git a/src/pam_pkcs11/pam_pkcs11.c b/src/pam_pkcs11/pam_pkcs11.c index d6ca475..640008b 100644 --- a/src/pam_pkcs11/pam_pkcs11.c +++ b/src/pam_pkcs11/pam_pkcs11.c @@ -86,7 +86,7 @@ static int pam_prompt(pam_handle_t *pamh, int style, char **response, char *fmt, struct pam_message *(msgp[1]); msgp[0] = &msg; va_list va; - char text[128]; + char text[256]; va_start(va, fmt); vsnprintf(text, sizeof text, fmt, va); @@ -489,7 +489,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, cons rv = get_slot_protected_authentication_path(ph); if ((-1 == rv) || (0 == rv)) { - char password_prompt[128]; + char password_prompt[256]; snprintf(password_prompt, sizeof(password_prompt), _("%s PIN: "), _(configuration->token_type)); if (configuration->use_first_pass) { diff --git a/src/tools/pkcs11_eventmgr.c b/src/tools/pkcs11_eventmgr.c index 0ec28be..904f104 100644 --- a/src/tools/pkcs11_eventmgr.c +++ b/src/tools/pkcs11_eventmgr.c @@ -483,6 +483,7 @@ int main(int argc, char *argv[]) strerror(errno)); return 1; } + /* moduleSpec is allocated above */ sprintf(moduleSpec, SPEC_TEMPLATE, pkcs11_module); DBG2("loading Module explictly, moduleSpec=<%s> module=%s\n", moduleSpec, pkcs11_module);