Commit
858976b1fc31 ("radius: Prevent buffer overflow in rc_mksid()")
changed sprintf to slprintf to avoid a possible buffer overflow.
However, this introduced a bug because slprintf does not currently
handle the %lX and %hX formats. Use snprintf instead, which does, as
we are not using any of the custom formats that slprintf handles in
this instance.
Reported-by: Adrian Ban <devel@easynet.dev>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
{
static char buf[32];
static unsigned short int cnt = 0;
- slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
+ snprintf(buf, sizeof(buf), "%08lX%04X%02hX",
(unsigned long int) time (NULL),
(unsigned int) getpid (),
cnt & 0xFF);