Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/login Don't strcpy the contents of an environment va...
details: https://anonhg.NetBSD.org/src/rev/c60eb259fe68
branches: trunk
changeset: 500087:c60eb259fe68
user: wiz <wiz%NetBSD.org@localhost>
date: Tue Dec 05 02:19:23 2000 +0000
description:
Don't strcpy the contents of an environment variable into a fixed-size
buffer, use strlcpy instead. Should fix security/11550.
diffstat:
usr.bin/login/k5login.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (27 lines):
diff -r 6617ae265a8c -r c60eb259fe68 usr.bin/login/k5login.c
--- a/usr.bin/login/k5login.c Tue Dec 05 01:35:56 2000 +0000
+++ b/usr.bin/login/k5login.c Tue Dec 05 02:19:23 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: k5login.c,v 1.16 2000/10/28 03:51:26 aidan Exp $ */
+/* $NetBSD: k5login.c,v 1.17 2000/12/05 02:19:23 wiz Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@@ -55,7 +55,7 @@
#if 0
static char sccsid[] = "@(#)klogin.c 5.11 (Berkeley) 7/12/92";
#endif
-__RCSID("$NetBSD: k5login.c,v 1.16 2000/10/28 03:51:26 aidan Exp $");
+__RCSID("$NetBSD: k5login.c,v 1.17 2000/12/05 02:19:23 wiz Exp $");
#endif /* not lint */
#ifdef KERBEROS5
@@ -272,7 +272,7 @@
}
have_forward = 1;
- strcpy(tkt_location, getenv("KRB5CCNAME"));
+ strlcpy(tkt_location, getenv("KRB5CCNAME"), sizeof(tkt_location));
krb5tkfile_env = tkt_location;
has_ccache = 1;
notickets = 0;
Home |
Main Index |
Thread Index |
Old Index