pkgsrc/news/nntpclnt/patches/patch-ac

$NetBSD: patch-ac,v 1.1 2004/04/08 12:32:55 cube Exp $

--- postauth.c.orig	1994-08-11 23:37:52.000000000 +0200
+++ postauth.c
@@ -31,7 +31,7 @@ char *response;
 {
 	char authtype[NNTP_STRLEN];
 	int i, rcode;
-	if((i = sscanf(response,"%d %s", rcode, authtype)) != 2)
+	if((i = sscanf(response,"%d %511s", &rcode, authtype)) != 2) /* 511 == NNTP_STRLEN-1 */
 		return(-1);
 #ifdef AUTHSIMPLE
 	if (!strcasecmp(authtype,"SIMPLE"))
@@ -54,7 +54,7 @@ int
 authsimple(host)
 char * host;
 {
-	char remote[256], user[16], pass[16];
+	char remote[256], user[256], pass[256];
 	char buf[BUFSIZ];
 	int i;
 
@@ -69,7 +69,7 @@ char * host;
 		if (buf[0] == '#')
 			continue;
 		
-		i = sscanf(buf,"%s %s %s", remote, user, pass);
+		i = sscanf(buf,"%255s %255s %255s", remote, user, pass);
 		/* malformed entry? */
 		if (i != 3)
 		{
@@ -87,14 +87,14 @@ char * host;
 		return(-1);
 	}
 	
-	sprintf(buf,"authinfo simple");
+	snprintf(buf,BUFSIZ,"authinfo simple");
 	if (converse(buf, sizeof(buf)) != CONT_AUTH)
 	{
 		fprintf(stderr,"%s\n", buf);
 		return(-1);
 	}
 	
-	sprintf(buf,"%s %s", user,pass);
+	snprintf(buf,BUFSIZ,"%s %s", user,pass);
 	if (converse(buf, sizeof(buf)) != OK_AUTH)
 	{
 		fprintf(stderr,"%s\n", buf);
@@ -110,7 +110,7 @@ extern FILE *passfile;
 authold(host)
 char *host;
 {
-	char remote[64], user[16], pass[16];
+	char remote[256], user[256], pass[256];
 	char buf[1024];
 	int i;
 
@@ -124,7 +124,7 @@ char *host;
 	{
 		if (buf[0] == '#')
 			continue;
-		i = sscanf(buf,"%s %s %s", remote, user, pass);
+		i = sscanf(buf,"%255s %255s %255s", remote, user, pass);
 		/* malformed entry? */
 		if (i != 3)
 		{
@@ -141,14 +141,14 @@ char *host;
 		return(-1);
 	}
 	
-	sprintf(buf,"authinfo user %s", user);
+	snprintf(buf,sizeof(buf),"authinfo user %s", user);
 	if (converse(buf, sizeof(buf)) != CONT_OLDAUTHD)
 	{
 		fprintf(stderr,"%s\n", buf);
 		return(-1);
 	}
 
-	sprintf(buf,"authinfo pass %s", pass);
+	snprintf(buf,sizeof(buf),"authinfo pass %s", pass);
 	if (converse(buf, sizeof(buf)) != OK_OLDAUTH)
 	{
 		fprintf(stderr,"%s\n", buf);