From 80e7484aeadb8faea26bc9dc7cfd5822cc14614b Mon Sep 17 00:00:00 2001
From: Karol Babioch <karol@babioch.de>
Date: Thu, 17 May 2018 16:31:36 +0200
Subject: [PATCH] pam_yubico.c: Check for return codes of snprintf()

---
 pam_yubico.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pam_yubico.c b/pam_yubico.c
index 4360913..251fe0b 100644
--- a/pam_yubico.c
+++ b/pam_yubico.c
@@ -308,7 +308,11 @@ authorize_user_token_ldap (struct cfg *cfg,
       DBG ("Failed allocating %zu bytes", i);
       goto done;
     }
-    snprintf (find, i, "%s=%s,%s", cfg->user_attr, user, cfg->ldapdn);
+    int j = snprintf (find, i, "%s=%s,%s", cfg->user_attr, user, cfg->ldapdn);
+    if (j < 0 || j >= i) {
+      DBG ("Failed to format string");
+      goto done;
+    }
     filter = NULL;
   } else if (cfg->ldapdn) {
     find = strdup(cfg->ldapdn); /* allow free later */