Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>

commit: d420ac2c7d4ba9d99ff2c257a3ad71ecc6d876e2 [log] [tgz]
author: Richard Levitte <levitte@openssl.org> Sat Dec 27 14:40:17 2003 +0000
committer: Richard Levitte <levitte@openssl.org> Sat Dec 27 14:40:17 2003 +0000
tree: 84414c7d794c6286588d2042f060036378311348
parent: b79aa47a0c8478bea62fc2bb55f99e0be172da3d [diff] [blame]
diff --git a/apps/enc.c b/apps/enc.c
index ae18452..69f4beb 100644
--- a/apps/enc.c
+++ b/apps/enc.c

@@ -373,9 +373,9 @@
 			{
 			char buf[200];
 
-			sprintf(buf,"enter %s %s password:",
-				OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				(enc)?"encryption":"decryption");
+			BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
+				     OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+				     (enc)?"encryption":"decryption");
 			strbuf[0]='\0';
 			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
 			if (i == 0)
commit	d420ac2c7d4ba9d99ff2c257a3ad71ecc6d876e2	[log] [tgz]
author	Richard Levitte <levitte@openssl.org>	Sat Dec 27 14:40:17 2003 +0000
committer	Richard Levitte <levitte@openssl.org>	Sat Dec 27 14:40:17 2003 +0000
tree	84414c7d794c6286588d2042f060036378311348
parent	b79aa47a0c8478bea62fc2bb55f99e0be172da3d [diff] [blame]