dtaction: Fix unsafe use of sprintf

Patch from Robert Tomsick <robert+cde@tomsick.net>:

I believe this fixes vulnerability #3 from CERT CA-1999-11.[1]  The other
uses of sprintf in DtAction seem to be safe.

[1] https://www.cert.org/advisories/CA-1999-11.html

diff --git a/cde/programs/dtaction/Main.c b/cde/programs/dtaction/Main.c
index cecdceb334d7179344653f86dc129ace6042ffa4..13f2d24f1cade8134cd4a30227cec158333c8481 100644 (file)
--- a/cde/programs/dtaction/Main.c
+++ b/cde/programs/dtaction/Main.c
@@ -898,8 +898,8 @@ GetUserPrompt( void )
    XmString cancelLabel;
    XmString okLabel;
 
-   sprintf(prompt, (GETMESSAGE(1,5, "Enter password for user %s:")), 
-           appArgs.user);
+   snprintf(prompt, BUFSIZ, (GETMESSAGE(1,5, "Enter password for user %s:")), 
+            appArgs.user);
    xmString = XmStringCreateLocalized(prompt);
    xmString2 =XmStringCreateLocalized(GETMESSAGE(1,6, "Action Invoker - Password"));
    cancelLabel = XmStringCreateLocalized(GETMESSAGE(1,7, "Cancel"));