$OpenBSD: patch-src_auth_c,v 1.2 2005/04/16 21:24:15 sturm Exp $
--- src/auth.c.orig	Wed Jul 14 20:25:48 2004
+++ src/auth.c	Sat Apr 16 22:02:01 2005
@@ -354,6 +354,7 @@ int auth_htpasswd_deleteuser(auth_t *aut
     char *sep;
     char *tmpfile = NULL;
     int tmpfile_len = 0;
+    int ret;
 
     state = auth->state;
     passwdfile = fopen(state->filename, "rb");
@@ -365,7 +366,18 @@ int auth_htpasswd_deleteuser(auth_t *aut
     }
     tmpfile_len = strlen(state->filename) + 6;
     tmpfile = calloc(1, tmpfile_len);
-    sprintf(tmpfile, ".%s.tmp", state->filename);
+    if(tmpfile == NULL ) {
+        WARN0("Failed to allocate memory for temporary file");
+        return AUTH_FAILED;
+    }
+
+    ret = snprintf(tmpfile, tmpfile_len, ".%s.tmp", state->filename);
+    if (ret == -1 || ret >= tmpfile_len) {
+        WARN0("Error generating temporary filename in auth_htpasswd_deleteuser()");
+        fclose(passwdfile);
+        free(tmpfile);
+        return AUTH_FAILED;
+    }
 
     tmp_passwdfile = fopen(tmpfile, "wb");
 
