diff options
Diffstat (limited to 'cmd/signtool/certgen.c')
-rw-r--r-- | cmd/signtool/certgen.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/cmd/signtool/certgen.c b/cmd/signtool/certgen.c index e095a01fb..442b0d616 100644 --- a/cmd/signtool/certgen.c +++ b/cmd/signtool/certgen.c @@ -129,7 +129,7 @@ GetSubjectFromUser(unsigned long serial) } cp = chop(buf); if (*cp == '\0') { - sprintf(common_name_buf, "%s (%lu)", DEFAULT_COMMON_NAME, + snprintf(common_name_buf, sizeof(common_name_buf), "%s (%lu)", DEFAULT_COMMON_NAME, serial); cp = common_name_buf; } @@ -137,7 +137,7 @@ GetSubjectFromUser(unsigned long serial) if (!common_name) { out_of_memory(); } - sprintf(common_name, "CN=%s, ", cp); + snprintf(common_name, strlen(cp) + 6, "CN=%s, ", cp); subjectlen += strlen(common_name); #ifdef VERBOSE_PROMPTS @@ -157,7 +157,7 @@ GetSubjectFromUser(unsigned long serial) if (!org) { out_of_memory(); } - sprintf(org, "O=%s, ", cp); + snprintf(org, strlen(cp) + 5, "O=%s, ", cp); subjectlen += strlen(org); } @@ -178,7 +178,7 @@ GetSubjectFromUser(unsigned long serial) if (!orgunit) { out_of_memory(); } - sprintf(orgunit, "OU=%s, ", cp); + snprintf(orgunit, strlen(cp) + 6, "OU=%s, ", cp); subjectlen += strlen(orgunit); } @@ -198,7 +198,7 @@ GetSubjectFromUser(unsigned long serial) if (!state) { out_of_memory(); } - sprintf(state, "ST=%s, ", cp); + snprintf(state, strlen(cp) + 6, "ST=%s, ", cp); subjectlen += strlen(state); } @@ -221,7 +221,7 @@ GetSubjectFromUser(unsigned long serial) if (!country) { out_of_memory(); } - sprintf(country, "C=%s, ", cp); + snprintf(country, strlen(cp) + 5, "C=%s, ", cp); subjectlen += strlen(country); } @@ -241,7 +241,7 @@ GetSubjectFromUser(unsigned long serial) if (!uid) { out_of_memory(); } - sprintf(uid, "UID=%s, ", cp); + snprintf(uid, strlen(cp) + 7, "UID=%s, ", cp); subjectlen += strlen(uid); } @@ -261,7 +261,7 @@ GetSubjectFromUser(unsigned long serial) if (!email) { out_of_memory(); } - sprintf(email, "E=%s,", cp); + snprintf(email,strlen(cp) + 5, "E=%s,", cp); subjectlen += strlen(email); } @@ -272,7 +272,7 @@ GetSubjectFromUser(unsigned long serial) out_of_memory(); } - sprintf(subject, "%s%s%s%s%s%s%s", + snprintf(subject, subjectlen, "%s%s%s%s%s%s%s", common_name ? common_name : "", org ? org : "", orgunit ? orgunit : "", @@ -662,7 +662,7 @@ output_ca_cert(CERTCertificate *cert, CERTCertDBHandle *db) if (!filename) out_of_memory(); - sprintf(filename, "%s.raw", DEFAULT_X509_BASENAME); + snprintf(filename, strlen(DEFAULT_X509_BASENAME) + 8,"%s.raw", DEFAULT_X509_BASENAME); if ((out = fopen(filename, "wb")) == NULL) { PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename); @@ -691,7 +691,7 @@ output_ca_cert(CERTCertificate *cert, CERTCertDBHandle *db) /* and the cooked */ - sprintf(filename, "%s.cacert", DEFAULT_X509_BASENAME); + snprintf(filename,strlen(DEFAULT_X509_BASENAME) + 8, "%s.cacert", DEFAULT_X509_BASENAME); if ((out = fopen(filename, "wb")) == NULL) { PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename); |