dtsession: A few extra snprintf's for buffer safety

diff --git a/cde/programs/dtsession/SmGlobals.c b/cde/programs/dtsession/SmGlobals.c
index dad30b18d25cc4185e14d90573bc6a82d7a511de..c40605584f5d23f11f94fc4dc2e4e18c0b8010ae 100644 (file)
--- a/cde/programs/dtsession/SmGlobals.c
+++ b/cde/programs/dtsession/SmGlobals.c
@@ -1106,7 +1106,7 @@ SetSavePath(
             * runs a Current session and saves the session.
             */
            strcpy (savedDir, smGD.clientPath);
-            sprintf(smGD.etcPath, "%s.%s", smGD.clientPath, SM_OLD_EXTENSION);
+            snprintf(smGD.etcPath, sizeof(smGD.etcPath), "%s.%s", smGD.clientPath, SM_OLD_EXTENSION);
             status = stat(smGD.etcPath, &buf);
             if(status == 0)
            {
@@ -1180,7 +1180,7 @@ SetSavePath(
             */
            char                * tmpName;
 
-            sprintf(smGD.etcPath, "%s.%s", smGD.clientPath, SM_OLD_EXTENSION);
+            snprintf(smGD.etcPath, sizeof(smGD.etcPath), "%s.%s", smGD.clientPath, SM_OLD_EXTENSION);
             status = stat(smGD.etcPath, &buf);
             if(status == 0)
            {
@@ -1189,7 +1189,7 @@ SetSavePath(
               len = strlen(smGD.savePath) + strlen(smGD.restoreSession) 
                 + strlen("XXXXXX") + 3;
               tmpName = (char *) XtCalloc(1, len);
-              sprintf(tmpName, "%s/%s.XXXXXX", smGD.savePath, 
+              snprintf(tmpName, len, "%s/%s.XXXXXX", smGD.savePath, 
                       smGD.restoreSession);
 
               strcpy (savedOldDir, smGD.etcPath);
@@ -1702,7 +1702,7 @@ TrimErrorlog( void )
      */
     if (len + strlen(DtERRORLOG_FILE) > MAXPATHLEN)
       checkPath1 = SM_REALLOC(savePath, len + strlen(DtERRORLOG_FILE));
-    sprintf(checkPath1, "%s/%s", savePath, DtERRORLOG_FILE);
+    snprintf(checkPath1, len + strlen(DtERRORLOG_FILE), "%s/%s", savePath, DtERRORLOG_FILE);
 
     status = stat(checkPath1, &buf);
     if((status != -1) && (buf.st_size > 0))

diff --git a/cde/programs/dtsession/SmRestore.c b/cde/programs/dtsession/SmRestore.c
index cd84590f76e1f969752bac4eb837f2cead99859e..011b3765f1d7ff2794d4288e451f0cde4b24ac72 100644 (file)
--- a/cde/programs/dtsession/SmRestore.c
+++ b/cde/programs/dtsession/SmRestore.c
@@ -3512,7 +3512,7 @@ StartClient(
               {
                 int slen = strlen(tstr) + 1;
                 defaultCwd = XtCalloc(1, slen);
-                strncpy(defaultCwd, tstr, slen - 1);
+                snprintf(defaultCwd, slen, "%s", tstr);
               }
             else
               defaultCwd = getcwd (NULL, MAXPATHLEN + 1);

diff --git a/cde/programs/dtsession/SmXSMP.c b/cde/programs/dtsession/SmXSMP.c
index 402b25f8f337604fd2d67a8e55fe1e66862be74e..cc7b14fe634aa69177c1747f46cd67bcdb9e37e7 100644 (file)
--- a/cde/programs/dtsession/SmXSMP.c
+++ b/cde/programs/dtsession/SmXSMP.c
@@ -238,10 +238,10 @@ Boolean InitXSMP ( )
        if (!env) {
                free (networkIds);
                PostXSMPFailureDialog (XSMP_FAILURE_MALLOC, False);
+       } else {
+               (void) sprintf (env, "%s=%s", SM_SESSION_MANAGER, networkIds);
+               (void) putenv (env);
        }
-       
-       (void) sprintf (env, "%s=%s", SM_SESSION_MANAGER, networkIds);
-       (void) putenv (env);
 
        PutSessionManagerOnRootWindow (networkIds);