diff options
| author | Ray Lai <ray@cvs.openbsd.org> | 2006-11-02 18:27:30 +0000 |
|---|---|---|
| committer | Ray Lai <ray@cvs.openbsd.org> | 2006-11-02 18:27:30 +0000 |
| commit | d156247be881b90786081389fc7821071c0a07c3 (patch) | |
| tree | fb28d864d760b63ae1e061ac259c6119f2717321 /usr.sbin/ppp | |
| parent | f09390209295738d7ac0691fc7244c2257443829 (diff) | |
Check that last character is a newline before truncating; prevents
negative index array access.
OK moritz@.
Diffstat (limited to 'usr.sbin/ppp')
| -rw-r--r-- | usr.sbin/ppp/ppp/auth.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/usr.sbin/ppp/ppp/auth.c b/usr.sbin/ppp/ppp/auth.c index d33630bb715..d24da995a89 100644 --- a/usr.sbin/ppp/ppp/auth.c +++ b/usr.sbin/ppp/ppp/auth.c @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: auth.c,v 1.19 2005/09/07 01:36:02 brad Exp $ + * $OpenBSD: auth.c,v 1.20 2006/11/02 18:27:29 ray Exp $ */ #include <sys/param.h> @@ -124,10 +124,13 @@ auth_SetPhoneList(const char *name, char *phone, int phonelen) again: lineno = 0; while (fgets(buff, sizeof buff, fp)) { + char *p; + lineno++; if (buff[0] == '#') continue; - buff[strlen(buff) - 1] = '\0'; + if ((p = strchr(buff, '\n')) != NULL) + *p = '\0'; memset(vector, '\0', sizeof vector); if ((n = MakeArgs(buff, vector, VECSIZE(vector), PARSE_REDUCE)) < 0) log_Printf(LogWARN, "%s: %d: Invalid line\n", SECRETFILE, lineno); @@ -185,10 +188,13 @@ auth_Select(struct bundle *bundle, const char *name) again: lineno = 0; while (fgets(buff, sizeof buff, fp)) { + char *p; + lineno++; if (buff[0] == '#') continue; - buff[strlen(buff) - 1] = '\0'; + if ((p = strchr(buff, '\n')) != NULL) + *p = '\0'; memset(vector, '\0', sizeof vector); if ((n = MakeArgs(buff, vector, VECSIZE(vector), PARSE_REDUCE)) < 0) log_Printf(LogWARN, "%s: %d: Invalid line\n", SECRETFILE, lineno); @@ -253,10 +259,13 @@ again: lineno = 0; if (fp != NULL) { while (fgets(buff, sizeof buff, fp)) { + char *p; + lineno++; if (buff[0] == '#') continue; - buff[strlen(buff) - 1] = 0; + if ((p = strchr(buff, '\n')) != NULL) + *p = '\0'; memset(vector, '\0', sizeof vector); if ((n = MakeArgs(buff, vector, VECSIZE(vector), PARSE_REDUCE)) < 0) log_Printf(LogWARN, "%s: %d: Invalid line\n", SECRETFILE, lineno); @@ -308,12 +317,14 @@ auth_GetSecret(struct bundle *bundle, const char *name, int len, again: lineno = 0; while (fgets(buff, sizeof buff, fp)) { + char *p; + lineno++; if (buff[0] == '#') continue; - n = strlen(buff) - 1; - if (buff[n] == '\n') - buff[n] = '\0'; /* Trim the '\n' */ + /* Trim the '\n' */ + if ((p = strchr(buff, '\n')) != NULL) + *p = '\0'; memset(vector, '\0', sizeof vector); if ((n = MakeArgs(buff, vector, VECSIZE(vector), PARSE_REDUCE)) < 0) log_Printf(LogWARN, "%s: %d: Invalid line\n", SECRETFILE, lineno); |