From: Christian Göttsche <cgzones@googlemail.com>
Date: Mon, 11 Dec 2023 16:13:43 +0000 (+0100)
Subject: src/useradd: avoid usage of sprintf
X-Git-Tag: 4.15.0-rc1~81
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d7cb003b73edd8ce1e0b5c69c95a0ed09c40c40;p=thirdparty%2Fshadow.git

src/useradd: avoid usage of sprintf

sprintf(3) does not take the destination buffer into account. Although
the destination in these case is large enough, sprintf(3) indicates a
code smell.

Use the xasprintf() wrapper.
---

diff --git a/src/useradd.c b/src/useradd.c
index e947361b4..98603f98d 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2387,7 +2387,6 @@ static void create_mail (void)
 	char          *file;
 	gid_t         gid;
 	mode_t        mode;
-	size_t        size;
 	const char    *spool;
 	struct group  *gr;
 
@@ -2403,12 +2402,10 @@ static void create_mail (void)
 	if (NULL == spool) {
 		return;
 	}
-	size = strlen(prefix) + strlen(spool) + strlen(user_name) + 3;
-	file = XMALLOC(size, char);
 	if (prefix[0])
-		sprintf(file, "%s/%s/%s", prefix, spool, user_name);
+		xasprintf(&file, "%s/%s/%s", prefix, spool, user_name);
 	else
-		sprintf(file, "%s/%s", spool, user_name);
+		xasprintf(&file, "%s/%s", spool, user_name);
 
 #ifdef WITH_SELINUX
 	if (set_selinux_file_context(file, S_IFREG) != 0) {