From 55e28977cad16a59abecbe5857fbebfefab4f811 Mon Sep 17 00:00:00 2001
From: Ted Gould <ted@gould.cx>
Date: Thu, 30 Aug 2012 11:14:46 -0500
Subject: Checking the return for mlock and snprintf

---
 src/pam-freerdp.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'src/pam-freerdp.c')

diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 33105d4..5696bbd 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -264,6 +264,7 @@ session_socket_handler (struct passwd * pwdent, const char * ruser, const char *
 	/* Our buffer */
 	char * buffer = NULL;
 	int buffer_len = 0;
+	int buffer_fill = 0;
 
 	/* Track write out */
 	int writedata = 0;
@@ -294,8 +295,18 @@ session_socket_handler (struct passwd * pwdent, const char * ruser, const char *
 	}
 
 	/* Lock the buffer before writing */
-	mlock(buffer, buffer_len);
-	snprintf(buffer, buffer_len, "%s %s %s %s", ruser, password, rdomain, rhost);
+	if (mlock(buffer, buffer_len) != 0) {
+		/* We can't lock, we go home */
+		goto cleanup;
+	}
+
+	buffer_fill = snprintf(buffer, buffer_len, "%s %s %s %s", ruser, password, rdomain, rhost);
+	if (buffer_fill > buffer_len) {
+		/* This really shouldn't happen, but if for some reason we have an
+		   difference between they way that the lengths are calculated we want
+		   to catch that. */
+		goto cleanup;
+	}
 
 	/* Make our socket and bind it */
 	socketfd = socket(AF_UNIX, SOCK_STREAM, 0);
-- 
cgit v1.2.3