avoid buf overflow

1 files changed, 7 insertions, 5 deletions

diff --git a/usr.sbin/sliplogin/sliplogin.c b/usr.sbin/sliplogin/sliplogin.c
index d89f9d4df16..7275d3b7718 100644
--- a/usr.sbin/sliplogin/sliplogin.c
+++ b/usr.sbin/sliplogin/sliplogin.c
@@ -39,7 +39,7 @@ char copyright[] =
 
 #ifndef lint
 /*static char sccsid[] = "from: @(#)sliplogin.c	5.6 (Berkeley) 3/2/91";*/
-static char rcsid[] = "$Id: sliplogin.c,v 1.3 1996/08/05 12:01:32 deraadt Exp $";
+static char rcsid[] = "$Id: sliplogin.c,v 1.4 1996/08/05 12:07:56 deraadt Exp $";
 #endif /* not lint */
 
 /*
@@ -145,7 +145,8 @@ findid(name)
 		 * one specific to this host.  If none found, try for
 		 * a generic one.
 		 */
-		(void)sprintf(loginfile, "%s.%s", _PATH_LOGIN, name);
+		(void)snprintf(loginfile, sizeof loginfile, "%s.%s",
+		    _PATH_LOGIN, name);
 		if (access(loginfile, R_OK|X_OK) != 0) {
 			(void)strcpy(loginfile, _PATH_LOGIN);
 			if (access(loginfile, R_OK|X_OK)) {
@@ -186,14 +187,15 @@ hup_handler(s)
 	char logoutfile[MAXPATHLEN];
 
 	seteuid(0);
-	(void)sprintf(logoutfile, "%s.%s", _PATH_LOGOUT, loginname);
+	(void)snprintf(logoutfile, sizeof logoutfile, "%s.%s",
+	    _PATH_LOGOUT, loginname);
 	if (access(logoutfile, R_OK|X_OK) != 0)
 		(void)strcpy(logoutfile, _PATH_LOGOUT);
 	if (access(logoutfile, R_OK|X_OK) == 0) {
 		char logincmd[2*MAXPATHLEN+32];
 
-		(void) sprintf(logincmd, "%s %d %d %s", logoutfile, unit, speed,
-			      loginargs);
+		(void) snprintf(logincmd, sizeof logincmd, "%s %d %d %s",
+		    logoutfile, unit, speed, loginargs);
 		(void) system(logincmd);
 	}
 	(void) close(0);