Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't strcpy the contents of an environment variable into a fixed-size

Browse Source 
buffer, use strlcpy instead. Should fix security/11550.
This commit is contained in:
wiz 2000-12-05 02:19:23 +00:00
parent 7a8eea351b
commit de67766c6a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
usr.bin/login/k5login.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: k5login.c,v 1.16 2000/10/28 03:51:26 aidan Exp $ */
/* $NetBSD: k5login.c,v 1.17 2000/12/05 02:19:23 wiz Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@ -55,7 +55,7 @@
#if 0
static char sccsid[] = "@(#)klogin.c 5.11 (Berkeley) 7/12/92";
#endif
__RCSID("$NetBSD: k5login.c,v 1.16 2000/10/28 03:51:26 aidan Exp $");
__RCSID("$NetBSD: k5login.c,v 1.17 2000/12/05 02:19:23 wiz Exp $");
#endif /* not lint */
#ifdef KERBEROS5
@ -272,7 +272,7 @@ k5_read_creds(username)
}
have_forward = 1;
strcpy(tkt_location, getenv("KRB5CCNAME"));
strlcpy(tkt_location, getenv("KRB5CCNAME"), sizeof(tkt_location));
krb5tkfile_env = tkt_location;
has_ccache = 1;
notickets = 0;