SourceFormat Enforcement

[thirdparty/squid.git] / lib / smblib / find_password.c

diff --git a/lib/smblib/find_password.c b/lib/smblib/find_password.c
index ae310348972b48d89dba5ada08d14d7766ec8f67..410ea6d819b30a07e1e167e692dfe53368ae9c22 100644 (file)
--- a/lib/smblib/find_password.c
+++ b/lib/smblib/find_password.c
@@ -1,3 +1,11 @@
+/*
+ * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
 #include "squid.h"
 /* Find passwords ... */
 /* We do it in a brute force way ... Cycle through all the possible passwords
@@ -97,7 +105,7 @@ char *print_password(char * password)
         if (((unsigned)password[i] <= ' ') || ((unsigned)password[i] > 127)) {
 
             pwd_str[j] = '\\';
-            sprintf(temp, "%03i", (int)password[i]);
+            snprintf(temp, sizeof(temp)-1, "%03i", (int)password[i]);
             strcpy(&pwd_str[j + 1], temp);
             j = j + 3;                       /* Space for \ accounted for below */
 
@@ -228,7 +236,7 @@ main(int argc, char *argv[])
 
     }
 
-    sprintf(service_name, "\\\\%s\\%s", server, service); /* Could blow up */
+    sprintf(service_name, sizeof(service_name)-1, "\\\\%s\\%s", server, service); /* Could blow up */
 
     /* Now loop through all password possibilities ... */
 
@@ -280,3 +288,4 @@ main(int argc, char *argv[])
     fprintf(stderr, "Passwords exhausted.");
 
 }
+