svn commit: r228625 - head/usr.bin/csup
Dimitry Andric
dim at FreeBSD.org
Sat Dec 17 13:14:45 UTC 2011
Author: dim
Date: Sat Dec 17 13:14:44 2011
New Revision: 228625
URL: http://svn.freebsd.org/changeset/base/228625
Log:
In usr.bin/csup/auth.c, use the correct number of bytes for zeroing the
shared secret, and use long long format to snprintf a time_t.
MFC after: 1 week
Modified:
head/usr.bin/csup/auth.c
Modified: head/usr.bin/csup/auth.c
==============================================================================
--- head/usr.bin/csup/auth.c Sat Dec 17 12:52:58 2011 (r228624)
+++ head/usr.bin/csup/auth.c Sat Dec 17 13:14:44 2011 (r228625)
@@ -254,7 +254,7 @@ auth_makesecret(struct srvrecord *auth,
MD5_Update(&md5, ":", 1);
MD5_Update(&md5, auth->password, strlen(auth->password));
MD5_Final(md5sum, &md5);
- memset(secret, 0, sizeof(secret));
+ memset(secret, 0, MD5_CHARS_MAX);
strcpy(secret, md5salt);
auth_readablesum(md5sum, secret + strlen(md5salt));
}
@@ -302,8 +302,9 @@ auth_makechallenge(struct config *config
}
gettimeofday(&tv, NULL);
MD5_Init(&md5);
- snprintf(buf, sizeof(buf), "%s:%ld:%ld:%ld:%d:%d",
- inet_ntoa(laddr.sin_addr), tv.tv_sec, tv.tv_usec, random(), pid, ppid);
+ snprintf(buf, sizeof(buf), "%s:%lld:%ld:%ld:%d:%d",
+ inet_ntoa(laddr.sin_addr), (long long)tv.tv_sec, tv.tv_usec,
+ random(), pid, ppid);
MD5_Update(&md5, buf, strlen(buf));
MD5_Final(md5sum, &md5);
auth_readablesum(md5sum, challenge);
More information about the svn-src-head
mailing list