From d420ac2c7d4ba9d99ff2c257a3ad71ecc6d876e2 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 27 Dec 2003 14:40:17 +0000
Subject: Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of
 strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better
 track of buffer lengths. This is part of a large change submitted by Markus
 Friedl <markus@openbsd.org>

---
 crypto/engine/eng_ctrl.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'crypto/engine/eng_ctrl.c')

diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
index d9104d3b0a..1a808bec41 100644
--- a/crypto/engine/eng_ctrl.c
+++ b/crypto/engine/eng_ctrl.c
@@ -160,15 +160,19 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
 	case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
 		return strlen(e->cmd_defns[idx].cmd_name);
 	case ENGINE_CTRL_GET_NAME_FROM_CMD:
-		return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
+		return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
+				    "%s", e->cmd_defns[idx].cmd_name);
 	case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
 		if(e->cmd_defns[idx].cmd_desc)
 			return strlen(e->cmd_defns[idx].cmd_desc);
 		return strlen(int_no_description);
 	case ENGINE_CTRL_GET_DESC_FROM_CMD:
 		if(e->cmd_defns[idx].cmd_desc)
-			return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
-		return sprintf(s, "%s", int_no_description);
+			return BIO_snprintf(s,
+					    strlen(e->cmd_defns[idx].cmd_desc) + 1,
+					    "%s", e->cmd_defns[idx].cmd_desc);
+		return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
+				    int_no_description);
 	case ENGINE_CTRL_GET_CMD_FLAGS:
 		return e->cmd_defns[idx].cmd_flags;
 		}
-- 
cgit v1.2.3