[Announce] GnuPG 1.4 and 2.0 buffer overflow

[Claus Assmann]

> +    n = strlen(s) + (defname?strlen (defname):0) + 10;
>      prompt = xmalloc(n);
>      if( defname )
>         sprintf(prompt, "%s [%s]: ", s, defname );

Wouldn't it be more secure to replace sprintf with snprintf
(and the proper length restriction of course)?

         snprintf(prompt, n, "%s [%s]: ", s, defname );

(same for strcpy() -> strlcpy(), strcat() -> strlcat(), etc).