Fixing sprintf and a few other things.

src/core/security/credentials.c

@@ -336,6 +336,12 @@ grpc_oauth2_token_fetcher_credentials_parse_server_response(
   grpc_credentials_status status = GRPC_CREDENTIALS_OK;
   grpc_json *json = NULL;
 
+  if (response == NULL) {
+    gpr_log(GPR_ERROR, "Received NULL response.");
+    status = GRPC_CREDENTIALS_ERROR;
+    goto end;
+  }
+
   if (response->body_length > 0) {
     null_terminated_body = gpr_malloc(response->body_length + 1);
     null_terminated_body[response->body_length] = '\0';

src/core/security/json_token.c

@@ -206,15 +206,14 @@ static char *encoded_jwt_claim(const grpc_auth_json_key *json_key,
   char *result = NULL;
   gpr_timespec now = gpr_now();
   gpr_timespec expiration = gpr_time_add(now, token_lifetime);
-  /* log10(2^64) ~= 20 */
+  char now_str[GPR_LTOA_MIN_BUFSIZE];
-  char now_str[24];
+  char expiration_str[GPR_LTOA_MIN_BUFSIZE];
-  char expiration_str[24];
   if (gpr_time_cmp(token_lifetime, grpc_max_auth_token_lifetime) > 0) {
     gpr_log(GPR_INFO, "Cropping token lifetime to maximum allowed value.");
     expiration = gpr_time_add(now, grpc_max_auth_token_lifetime);
   }
-  sprintf(now_str, "%ld", now.tv_sec);
+  gpr_ltoa(now.tv_sec, now_str);
-  sprintf(expiration_str, "%ld", expiration.tv_sec);
+  gpr_ltoa(expiration.tv_sec, expiration_str);
 
   child = create_child(NULL, json, "iss", json_key->client_email,
                        GRPC_JSON_STRING);

test/core/security/fetch_oauth2.c

@@ -95,7 +95,7 @@ static grpc_credentials *create_service_account_creds(
       break;
     }
     current += bytes_read;
-  } while (sizeof(json_key) > (current - json_key));
+  } while (sizeof(json_key) > (size_t)(current - json_key));
 
   if ((current - json_key) == sizeof(json_key)) {
     gpr_log(GPR_ERROR, "Json key file %s exceeds size limit (%d bytes).",