Fix buffer overrun in useragent. Use asprintf

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/http.c b/http.c
index 0fb03f1..3a5dc9c 100644 (file)
--- a/http.c
+++ b/http.c
@@ -628,7 +628,10 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 
 char *openconnect_create_useragent(char *base)
 {
-       char *uagent = malloc(strlen(base) + 1 + strlen(openconnect_version));
-       sprintf(uagent, "%s %s", base, openconnect_version);
+       char *uagent;
+
+       if (asprintf(&uagent, "%s %s", base, openconnect_version) < 0)
+               return NULL;
+
        return uagent;
 }