$NetBSD: patch-ac,v 1.1 2004/04/08 12:32:55 cube Exp $ --- postauth.c.orig 1994-08-11 23:37:52.000000000 +0200 +++ postauth.c @@ -31,7 +31,7 @@ char *response; { char authtype[NNTP_STRLEN]; int i, rcode; - if((i = sscanf(response,"%d %s", rcode, authtype)) != 2) + if((i = sscanf(response,"%d %511s", &rcode, authtype)) != 2) /* 511 == NNTP_STRLEN-1 */ return(-1); #ifdef AUTHSIMPLE if (!strcasecmp(authtype,"SIMPLE")) @@ -54,7 +54,7 @@ int authsimple(host) char * host; { - char remote[256], user[16], pass[16]; + char remote[256], user[256], pass[256]; char buf[BUFSIZ]; int i; @@ -69,7 +69,7 @@ char * host; if (buf[0] == '#') continue; - i = sscanf(buf,"%s %s %s", remote, user, pass); + i = sscanf(buf,"%255s %255s %255s", remote, user, pass); /* malformed entry? */ if (i != 3) { @@ -87,14 +87,14 @@ char * host; return(-1); } - sprintf(buf,"authinfo simple"); + snprintf(buf,BUFSIZ,"authinfo simple"); if (converse(buf, sizeof(buf)) != CONT_AUTH) { fprintf(stderr,"%s\n", buf); return(-1); } - sprintf(buf,"%s %s", user,pass); + snprintf(buf,BUFSIZ,"%s %s", user,pass); if (converse(buf, sizeof(buf)) != OK_AUTH) { fprintf(stderr,"%s\n", buf); @@ -110,7 +110,7 @@ extern FILE *passfile; authold(host) char *host; { - char remote[64], user[16], pass[16]; + char remote[256], user[256], pass[256]; char buf[1024]; int i; @@ -124,7 +124,7 @@ char *host; { if (buf[0] == '#') continue; - i = sscanf(buf,"%s %s %s", remote, user, pass); + i = sscanf(buf,"%255s %255s %255s", remote, user, pass); /* malformed entry? */ if (i != 3) { @@ -141,14 +141,14 @@ char *host; return(-1); } - sprintf(buf,"authinfo user %s", user); + snprintf(buf,sizeof(buf),"authinfo user %s", user); if (converse(buf, sizeof(buf)) != CONT_OLDAUTHD) { fprintf(stderr,"%s\n", buf); return(-1); } - sprintf(buf,"authinfo pass %s", pass); + snprintf(buf,sizeof(buf),"authinfo pass %s", pass); if (converse(buf, sizeof(buf)) != OK_OLDAUTH) { fprintf(stderr,"%s\n", buf);