From ed70e6014cbe43baf5d5e0c3261c4d99e6bc9473 Mon Sep 17 00:00:00 2001
From: "Pavel I. Kryukov" <kryukov@frtk.ru>
Date: Sat, 22 Sep 2018 14:37:24 +0300
Subject: [PATCH] Remove a fixed-size buffer in cmdgen.c.

This patch solves the same problem as in previous commit:
the fixed-size buffer may have less size than data placed into it.
---
 cmdgen.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cmdgen.c b/cmdgen.c
index 034b9154..610a8c4a 100644
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -1281,14 +1281,15 @@ int main(int argc, char **argv)
 	setup_passphrases(NULL);
 	test(0, "puttygen", "-L", filename, "-o", pubfilename, NULL);
 	{
-	    char cmdbuf[256];
+	    char *cmdbuf;
 	    fp = NULL;
-	    sprintf(cmdbuf, "ssh-keygen -l -f '%s' > '%s'",
+	    cmdbuf = dupprintf("ssh-keygen -l -f '%s' > '%s'",
 		    pubfilename, tmpfilename1);
 	    if (system(cmdbuf) ||
 		(fp = get_fp(tmpfilename1)) == NULL) {
 		printf("UNABLE to test fingerprint matching against OpenSSH");
 	    }
+	    sfree(cmdbuf);
 	}
 
 	/*