diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-07-13 02:15:02 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-07-13 02:15:02 +0000 |
| commit | f045cb189e02fb2f4df922a685c49439f2a9296a (patch) | |
| tree | 023e625d003ca2c6e7bcf2d2040503c68596dd96 /usr.bin | |
| parent | b19f562070955475584cff34e088b6e9e6f3a0d9 (diff) | |
excessive paranoia
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/passwd/local_passwd.c | 7 | ||||
| -rw-r--r-- | usr.bin/passwd/yp_passwd.c | 10 |
2 files changed, 10 insertions, 7 deletions
diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c index 51056a1d4f3..4536abf1f8b 100644 --- a/usr.bin/passwd/local_passwd.c +++ b/usr.bin/passwd/local_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: local_passwd.c,v 1.9 1998/02/24 20:46:14 deraadt Exp $ */ +/* $OpenBSD: local_passwd.c,v 1.10 1998/07/13 02:15:00 deraadt Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. @@ -35,7 +35,7 @@ #ifndef lint /*static char sccsid[] = "from: @(#)local_passwd.c 5.5 (Berkeley) 5/6/91";*/ -static char rcsid[] = "$OpenBSD: local_passwd.c,v 1.9 1998/02/24 20:46:14 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: local_passwd.c,v 1.10 1998/07/13 02:15:00 deraadt Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -139,7 +139,8 @@ getnewpasswd(pw) (void)printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n"); continue; } - (void)strcpy(buf, p); + strncpy(buf, p, sizeof buf-1); + buf[sizeof buf-1] = '\0'; if (!strcmp(buf, getpass("Retype new password:"))) break; (void)printf("Mismatch; try again, EOF to quit.\n"); diff --git a/usr.bin/passwd/yp_passwd.c b/usr.bin/passwd/yp_passwd.c index 1aed72f99a8..112e9feef1c 100644 --- a/usr.bin/passwd/yp_passwd.c +++ b/usr.bin/passwd/yp_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: yp_passwd.c,v 1.11 1998/07/12 18:05:15 deraadt Exp $ */ +/* $OpenBSD: yp_passwd.c,v 1.12 1998/07/13 02:15:01 deraadt Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. @@ -34,7 +34,7 @@ */ #ifndef lint /*static char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";*/ -static char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.11 1998/07/12 18:05:15 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.12 1998/07/13 02:15:01 deraadt Exp $"; #endif /* not lint */ #ifdef YP @@ -221,7 +221,8 @@ getnewpasswd(pw, old_pass) printf("Please don't use an all-lower case password.\nUnusual capitalization, control characters or digits are suggested.\n"); continue; } - strcpy(buf, p); + strncpy(buf, p, sizeof buf-1); + buf[sizeof buf-1] = '\0'; if (!strcmp(buf, getpass("Retype new password:"))) break; (void)printf("Mismatch; try again, EOF to quit.\n"); @@ -304,7 +305,8 @@ ypgetpwnam(nam) if (__yplin) free(__yplin); __yplin = (char *)malloc(vallen + 1); - strcpy(__yplin, val); + strncpy(__yplin, val, vallen); + __yplin[vallen] = '\0'; free(val); return(interpret(&pwent, __yplin)); |