svn commit: r228625 - head/usr.bin/csup
mdf at FreeBSD.org
mdf at FreeBSD.org
Sat Dec 17 21:33:01 UTC 2011
On Sat, Dec 17, 2011 at 5:14 AM, Dimitry Andric <dim at freebsd.org> wrote:
> Author: dim
> Date: Sat Dec 17 13:14:44 2011
> New Revision: 228625
> URL: http://svn.freebsd.org/changeset/base/228625
>
> Log:
> In usr.bin/csup/auth.c, use the correct number of bytes for zeroing the
> shared secret, and use long long format to snprintf a time_t.
If casting is necessary, style prefers intmax_t or uintmax_t, since
those are always wide enough.
Thanks,
matthew
> MFC after: 1 week
>
> Modified:
> head/usr.bin/csup/auth.c
>
> Modified: head/usr.bin/csup/auth.c
> ==============================================================================
> --- head/usr.bin/csup/auth.c Sat Dec 17 12:52:58 2011 (r228624)
> +++ head/usr.bin/csup/auth.c Sat Dec 17 13:14:44 2011 (r228625)
> @@ -254,7 +254,7 @@ auth_makesecret(struct srvrecord *auth,
> MD5_Update(&md5, ":", 1);
> MD5_Update(&md5, auth->password, strlen(auth->password));
> MD5_Final(md5sum, &md5);
> - memset(secret, 0, sizeof(secret));
> + memset(secret, 0, MD5_CHARS_MAX);
> strcpy(secret, md5salt);
> auth_readablesum(md5sum, secret + strlen(md5salt));
> }
> @@ -302,8 +302,9 @@ auth_makechallenge(struct config *config
> }
> gettimeofday(&tv, NULL);
> MD5_Init(&md5);
> - snprintf(buf, sizeof(buf), "%s:%ld:%ld:%ld:%d:%d",
> - inet_ntoa(laddr.sin_addr), tv.tv_sec, tv.tv_usec, random(), pid, ppid);
> + snprintf(buf, sizeof(buf), "%s:%lld:%ld:%ld:%d:%d",
> + inet_ntoa(laddr.sin_addr), (long long)tv.tv_sec, tv.tv_usec,
> + random(), pid, ppid);
> MD5_Update(&md5, buf, strlen(buf));
> MD5_Final(md5sum, &md5);
> auth_readablesum(md5sum, challenge);
More information about the svn-src-head
mailing list