From 9d6146d6f9870fbfcec15cdc4becaf094d5a90e0 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 24 Oct 2016 13:12:05 +0200
Subject: [PATCH] gpg: Replace two sprintf calls.

* g10/keygen.c (print_status_key_created): Use snprintf for now.
(ask_expire_interval): Replace xmalloc and sprintf by xasprintf.
--

Future updates: Replace code like

   r = xcalloc (1, sizeof *r + 20 );
   r->key = pKEYLENGTH;
   sprintf( r->u.value, "%u", info.key_attr[0].nbits);

by something like

   r = new_r_with_value ("%u", info.key_attr[0].nbits);
   r->key = pKEYLENGTH;

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/keygen.c | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/g10/keygen.c b/g10/keygen.c
index ed529c750..d98b70b94 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -180,8 +180,9 @@ print_status_key_created (int letter, PKT_public_key *pk, const char *handle)
           *p++ = ' ';
           fingerprint_from_pk (pk, array, &n);
           s = array;
+          /* Fixme: Use bin2hex */
           for (i=0; i < n ; i++, s++, p += 2)
-            sprintf (p, "%02X", *s);
+            snprintf (p, 3, "%02X", *s);
         }
     }
   if (*handle)
@@ -2428,13 +2429,7 @@ ask_expire_interval(int object,const char *def_expire)
 	  {
 	    char *prompt;
 
-#define PROMPTSTRING _("Signature is valid for? (%s) ")
-	    /* This will actually end up larger than necessary because
-	       of the 2 bytes for '%s' */
-	    prompt=xmalloc(strlen(PROMPTSTRING)+strlen(def_expire)+1);
-	    sprintf(prompt,PROMPTSTRING,def_expire);
-#undef PROMPTSTRING
-
+	    prompt = xasprintf (_("Signature is valid for? (%s) "), def_expire);
 	    answer = cpr_get("siggen.valid",prompt);
 	    xfree(prompt);