+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c (SHA_salt_rounds): It is statically ensured that
+ the format fits in rounds_prefix.
+
2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
* src/grpconv.c: Fail if not called correctly.
* src/su.c: Too much const were added on 2011-08-15. pw in
save_caller_context() is allocated and freed.
* src/su.c: Added missing #endif indication
- * src/su.c save_caller_context(): password only needed if
+ * src/su.c (save_caller_context): password only needed if
SU_ACCESS and !USE_PAM.
2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
*/
static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds)
{
- static char rounds_prefix[18];
+ static char rounds_prefix[18]; /* Max size: rounds=999999999$ */
long rounds;
if (NULL == prefered_rounds) {
rounds = ROUNDS_MAX;
}
- (void) snprintf (rounds_prefix, 18, "rounds=%ld$", rounds);
-
- /* Sanity checks. That should not be necessary. */
- rounds_prefix[17] = '\0';
- if ('$' != rounds_prefix[16]) {
- rounds_prefix[17] = '$';
- }
+ (void) snprintf (rounds_prefix, sizeof rounds_prefix,
+ "rounds=%ld$", rounds);
return rounds_prefix;
}