summaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>1997-04-18 18:55:17 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>1997-04-18 18:55:17 +0000
commitceefd3c9184ed70b29d9c9b3c14639ea9df024df (patch)
treec781f4fabb4ce486294457af73518557fe81929e /lib/libc
parentb3c1597e3a7c5cd6b76127270ad5333f1e7e3d6c (diff)
constrain length of db lookups better; reported by adam@math.tau.ac.il
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/gen/getpwent.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c
index 7cab9efbccc..12aeeb618e0 100644
--- a/lib/libc/gen/getpwent.c
+++ b/lib/libc/gen/getpwent.c
@@ -33,7 +33,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: getpwent.c,v 1.9 1997/04/13 05:11:07 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: getpwent.c,v 1.10 1997/04/18 18:55:16 deraadt Exp $";
#endif /* LIBC_SCCS and not lint */
#include <sys/param.h>
@@ -489,7 +489,7 @@ __has_yppw()
len = strlen("+");
bcopy("+", bf + 1, MIN(len, UT_NAMESIZE));
pkey.data = (u_char *)bf;
- pkey.size = len + 1;
+ pkey.size = MIN(len, UT_NAMESIZE) + 1;
if ((_pw_db->get)(_pw_db, &key, &data, 0)
&& (_pw_db->get)(_pw_db, &pkey, &pdata, 0))
@@ -699,7 +699,7 @@ pwnam_netgrp:
len = strlen(name);
bcopy(name, bf + 1, MIN(len, UT_NAMESIZE));
key.data = (u_char *)bf;
- key.size = len + 1;
+ key.size = MIN(len, UT_NAMESIZE) + 1;
rval = __hashpw(&key);
if (!_pw_stayopen) {