diff options
| author | brian <brian@cvs.openbsd.org> | 1997-12-17 00:20:38 +0000 |
|---|---|---|
| committer | brian <brian@cvs.openbsd.org> | 1997-12-17 00:20:38 +0000 |
| commit | 7e416f61d1bd8e2bc3b8060ec2d90b21f17ebf40 (patch) | |
| tree | be5a6d1f795a62c06c46a45c5a20c66e9860d8d7 /usr.sbin/ppp/command.c | |
| parent | 31ef532e772c3ac5660c12bda77b76b27ff89c74 (diff) | |
Fix a potential overflow where, if the label passed on the command
line is > LINE_LEN (512 bytes), we scribble (*blush*).
Hinted at by: Theo de Raadt <deraadt@cvs.openbsd.org>
Change sprintf(buf, "fixedstring") to strcpy(buf, "fixedstring").
Diffstat (limited to 'usr.sbin/ppp/command.c')
| -rw-r--r-- | usr.sbin/ppp/command.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index a68cedaa698..c167413115b 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.5 1997/12/15 22:50:20 brian Exp $ + * $Id: command.c,v 1.6 1997/12/17 00:20:36 brian Exp $ * */ #include <sys/param.h> @@ -746,7 +746,8 @@ RunCommand(int argc, char const *const *argv, const char *label) *buf = '\0'; if (label) { - strcpy(buf, label); + strncpy(buf, label, sizeof buf); + buf[sizeof(buf)-3] = '\0'; strcat(buf, ": "); } n = strlen(buf); |