2 files changed, 14 insertions, 11 deletions

diff --git a/ChangeLog b/ChangeLog
index 808c5030d..b5505da19 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,8 +8,9 @@
      [buffer.c]
      do not expand buffer before attempting to reallocate it; markus ok
  - (djm) Crank spec versions
- - (djm) Release 3.7p1
+ - (djm) Banish (safe) sprintf from auth-pam.c. Patch from bal
  - (tim) [configure.ac] Fix portability issues.
+ - (djm) Release 3.7p1
 
 20030914
  - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing
@@ -1106,4 +1107,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.2994.2.3 2003/09/16 05:48:15 tim Exp $
+$Id: ChangeLog,v 1.2994.2.4 2003/09/16 06:00:52 djm Exp $
diff --git a/auth-pam.c b/auth-pam.c
index 806c80860..754cbf6df 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -31,7 +31,7 @@
 
 /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
 #include "includes.h"
-RCSID("$Id: auth-pam.c,v 1.72 2003/09/13 12:12:11 dtucker Exp $");
+RCSID("$Id: auth-pam.c,v 1.72.2.1 2003/09/16 06:00:52 djm Exp $");
 
 #ifdef USE_PAM
 #include <security/pam_appl.h>
@@ -672,17 +672,19 @@ do_pam_chauthtok(void)
 int
 do_pam_putenv(char *name, char *value) 
 {
-        char *compound;
         int ret = 1;
-
 #ifdef HAVE_PAM_PUTENV  
-        compound = xmalloc(strlen(name)+strlen(value)+2);
-        if (compound) {
-                sprintf(compound,"%s=%s",name,value);
-                ret = pam_putenv(sshpam_handle,compound);
-                xfree(compound);
-        }
+        char *compound;
+        size_t len;
+
+        len = strlen(name) + strlen(value) + 2;
+        compound = xmalloc(len);
+
+        snprintf(compound, len, "%s=%s", name, value);
+        ret = pam_putenv(sshpam_handle, compound);
+        xfree(compound);
 #endif
+
         return (ret);
 }