Corrected possible buffer overruns in included programs and examples.

Corrected possible buffer overruns in included programs and examples. Reported by Pedro Ribeiro <pedrib@gmail.com>.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2013-10-09 21:46:42 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2013-10-09 21:46:44 +0200
commit: daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e (patch)
tree: 776eca9d38a23456756b39fc7c4e1fb10996d88e /src/srptool.c
parent: c02b6c61959c25c685442b56e1337c09437a3d11 (diff)
download: gnutls-daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/src/srptool.c b/src/srptool.c
index f50264cc91..5fcd17eaab 100644
--- a/src/srptool.c
+++ b/src/srptool.c
@@ -602,13 +602,13 @@ crypt_int (const char *username, const char *passwd, int salt_size,
       FILE *fd2;
       int put;
 
-      if (strlen (tpasswd) > sizeof (tmpname) + 5)
+      if (strlen (tpasswd) + 5 > sizeof (tmpname))
         {
           fprintf (stderr, "file '%s' is tooooo long\n", tpasswd);
           return -1;
         }
-      strcpy (tmpname, tpasswd);
-      strcat (tmpname, ".tmp");
+
+      snprintf(tmpname, sizeof(tmpname), "%s.tmp", tpasswd);
 
       if (stat (tmpname, &st) != -1)
         {
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-10-09 21:46:42 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-10-09 21:46:44 +0200
commit	daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e (patch)
tree	776eca9d38a23456756b39fc7c4e1fb10996d88e /src/srptool.c
parent	c02b6c61959c25c685442b56e1337c09437a3d11 (diff)
download	gnutls-daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e.tar.gz