Prevent buffer overflow in readKeys()

author: Jindrich Novy <jnovy@redhat.com> 2008-04-14 13:07:58 +0200
committer: Jindrich Novy <jnovy@redhat.com> 2008-04-14 13:07:58 +0200
commit: 2c2d98a08dc3a9e21014b3173102f73064fc39ae (patch)
tree: ed40bcfd1493e045b02fe56d2ffa39ad2e81303d /rpmio
parent: 641046e4da826b5845703cdee23227dc344b0c7a (diff)
download: rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.tar.gz
rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.tar.bz2
rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/rpmio/thkp.c b/rpmio/thkp.c
index a459450dd..62a365d17 100644
--- a/rpmio/thkp.c
+++ b/rpmio/thkp.c
@@ -44,7 +44,7 @@ static int readKeys(const char * uri)
     const uint8_t * pkt;
     size_t pktlen;
     uint8_t keyid[8];
-    char fn[BUFSIZ];
+    char *fn = NULL;
     pgpDig dig;
     int rc;
     int ec = 0;
@@ -54,11 +54,12 @@ static int readKeys(const char * uri)
     for (kip = keyids; *kip; kip += 2) {
 	pgpArmor pa;
 
-	sprintf(fn, "%s/pks/lookup?op=get&search=0x%08x%08x", uri, kip[0], kip[1]);
+	rasprintf(&fn, "%s/pks/lookup?op=get&search=0x%08x%08x", uri, kip[0], kip[1]);
 fprintf(stderr, "======================= %s\n", fn);
 	pkt = NULL;
 	pktlen = 0;
 	pa = pgpReadPkts(fn, &pkt, &pktlen);
+	free(fn);
 	if (pa == PGPARMOR_ERROR || pa == PGPARMOR_NONE
          || pkt == NULL || pktlen <= 0)
         {
author	Jindrich Novy <jnovy@redhat.com>	2008-04-14 13:07:58 +0200
committer	Jindrich Novy <jnovy@redhat.com>	2008-04-14 13:07:58 +0200
commit	2c2d98a08dc3a9e21014b3173102f73064fc39ae (patch)
tree	ed40bcfd1493e045b02fe56d2ffa39ad2e81303d /rpmio
parent	641046e4da826b5845703cdee23227dc344b0c7a (diff)
download	rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.tar.gz rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.tar.bz2 rpm-2c2d98a08dc3a9e21014b3173102f73064fc39ae.zip