===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/encrypt/encrypt.c,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- src/usr.bin/encrypt/encrypt.c	2015/01/15 17:34:15	1.38
+++ src/usr.bin/encrypt/encrypt.c	2015/02/24 18:45:51	1.39
@@ -1,4 +1,4 @@
-/*	$OpenBSD: encrypt.c,v 1.38 2015/01/15 17:34:15 chl Exp $	*/
+/*	$OpenBSD: encrypt.c,v 1.39 2015/02/24 18:45:51 tedu Exp $	*/
 
 /*
  * Copyright (c) 1996, Jason Downs.  All rights reserved.
@@ -63,10 +63,12 @@
 {
 	char buffer[_PASSWORD_LEN];
 	const char *pref;
-	char prefbuf[16];
+	char prefbuf[64];
 
 	if (operation == DO_BLF) {
-		snprintf(prefbuf, sizeof(prefbuf), "blowfish,%s", extra);
+		if (snprintf(prefbuf, sizeof(prefbuf), "blowfish,%s", extra) >=
+		    sizeof(prefbuf))
+			errx(1, "pref too long");
 		pref = prefbuf;
 	} else {
 		login_cap_t *lc;