plugins/radius: Use snprintf in rc_mksid

Commit 858976b1fc31 ("radius: Prevent buffer overflow in rc_mksid()")
changed sprintf to slprintf to avoid a possible buffer overflow.
However, this introduced a bug because slprintf does not currently
handle the %lX and %hX formats.  Use snprintf instead, which does, as
we are not using any of the custom formats that slprintf handles in
this instance.

Reported-by: Adrian Ban <devel@easynet.dev>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>

diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
index 740131e8377c51f326b1f465ca94a12526563712..751f819ede511e929b98b490a1154769cd778ee1 100644 (file)
--- a/pppd/plugins/radius/util.c
+++ b/pppd/plugins/radius/util.c
@@ -75,7 +75,7 @@ rc_mksid (void)
 {
   static char buf[32];
   static unsigned short int cnt = 0;
-  slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
+  snprintf(buf, sizeof(buf), "%08lX%04X%02hX",
           (unsigned long int) time (NULL),
           (unsigned int) getpid (),
           cnt & 0xFF);