use snprintf in knownhost_writeline() rather then sprintf

Although the function checks the length, if the code was in error, there could potentially be a buffer overrun with the use of sprintf. Instead replace with snprintf. Signed-off-by: Steven Dake <sdake@redhat.com>
2012-03-06 08:09:42 +01:00 · 2012-03-06 08:09:42 +01:00 · 796a5195d3
--- a/src/knownhost.c
+++ b/src/knownhost.c
@ -997,10 +997,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,

        if(nlen <= buflen)
            if(node->comment)
-                sprintf(buf, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s %s\n", saltalloc, namealloc,
                        keytype, node->key, node->comment);
            else
-                sprintf(buf, "|1|%s|%s%s %s\n", saltalloc, namealloc,
+                snprintf(buf, buflen, "|1|%s|%s%s %s\n", saltalloc, namealloc,
                        keytype, node->key);
        else
            rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
@ -1016,10 +1016,10 @@ knownhost_writeline(LIBSSH2_KNOWNHOSTS *hosts,
        if(nlen <= buflen)
            /* these types have the plain name */
            if(node->comment)
-                sprintf(buf, "%s%s %s %s\n", node->name, keytype, node->key,
+                snprintf(buf, buflen, "%s%s %s %s\n", node->name, keytype, node->key,
                        node->comment);
            else
-                sprintf(buf, "%s%s %s\n", node->name, keytype, node->key);
+                snprintf(buf, buflen, "%s%s %s\n", node->name, keytype, node->key);
        else
            rc = _libssh2_error(hosts->session, LIBSSH2_ERROR_BUFFER_TOO_SMALL,
                                "Known-host write buffer too small");