summaryrefslogtreecommitdiff
path: root/kerberosIV/krb/rd_req.c
diff options
context:
space:
mode:
authorArtur Grabowski <art@cvs.openbsd.org>1997-12-09 07:57:43 +0000
committerArtur Grabowski <art@cvs.openbsd.org>1997-12-09 07:57:43 +0000
commiteded21a00a253859f474c1bcca5d418a3c82948f (patch)
tree94e38e1e18679c1a1a5af56a04c549d26eb42255 /kerberosIV/krb/rd_req.c
parent49ac4cb4369b59297c067ed22daacd240c981029 (diff)
Removed one expliotable hole, one possibly exploitable hole, many buffer
overflows and lots of unchecked pointers. Tags are nice too.
Diffstat (limited to 'kerberosIV/krb/rd_req.c')
-rw-r--r--kerberosIV/krb/rd_req.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/kerberosIV/krb/rd_req.c b/kerberosIV/krb/rd_req.c
index adcbabe8937..2072c0519e1 100644
--- a/kerberosIV/krb/rd_req.c
+++ b/kerberosIV/krb/rd_req.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rd_req.c,v 1.5 1997/12/09 07:57:34 art Exp $ */
/* $KTH: rd_req.c,v 1.24 1997/05/11 11:05:28 assar Exp $ */
/*
@@ -217,9 +218,12 @@ krb_rd_req(KTEXT authent, /* The received message */
return(RD_AP_UNDEC);
if ((status = krb_set_key((char*)skey, 0)))
return(status);
- strcpy(st_rlm, realm);
- strcpy(st_nam, service);
- strcpy(st_inst, instance);
+ strncpy(st_rlm, realm, REALM_SZ);
+ st_rlm[REALM_SZ-1] = '\0';
+ strncpy(st_nam, service, SNAME_SZ);
+ st_nam[SNAME_SZ-1] = '\0';
+ strncpy(st_inst, instance, INST_SZ);
+ st_inst[INST_SZ-1] = '\0';
}
tkt->length = *p++;
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-11 20:12:34 +0000