summaryrefslogtreecommitdiff
path: root/usr.sbin/pppd/auth.c
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2003-04-04 20:25:08 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2003-04-04 20:25:08 +0000
commit96eef4873443f17a48dc476e38e0ce7c3dfb7af1 (patch)
treea0074d08345d60f73dbe2cb4389526f43ddf57ee /usr.sbin/pppd/auth.c
parent87bb416d9162030904882f8dc0b054ecc84f194c (diff)
strlcpy and snprintf; various people ok
Diffstat (limited to 'usr.sbin/pppd/auth.c')
-rw-r--r--usr.sbin/pppd/auth.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c
index c77564659ac..99b0a8c3ac3 100644
--- a/usr.sbin/pppd/auth.c
+++ b/usr.sbin/pppd/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $ */
+/* $OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $ */
/*
* auth.c - PPP authentication and phase control.
@@ -77,7 +77,7 @@
#if 0
static char rcsid[] = "Id: auth.c,v 1.37 1998/03/26 04:46:03 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $";
+static char rcsid[] = "$OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -560,9 +560,9 @@ auth_check_options()
/* Default our_name to hostname, and user to our_name */
if (our_name[0] == 0 || usehostname)
- strcpy(our_name, hostname);
+ strlcpy(our_name, hostname, MAXHOSTNAMELEN);
if (user[0] == 0)
- strcpy(user, our_name);
+ strlcpy(user, our_name, MAXNAMELEN);
/* If authentication is required, ask peer for CHAP or PAP. */
if (auth_required && !wo->neg_chap && !wo->neg_upap) {
@@ -1424,7 +1424,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
* Special syntax: @filename means read secret from file.
*/
if (word[0] == '@') {
- strcpy(atfile, word+1);
+ strlcpy(atfile, word+1, sizeof atfile);
if ((sf = fopen(atfile, "r")) == NULL) {
syslog(LOG_WARNING, "can't open indirect secret file %s",
atfile);
@@ -1440,7 +1440,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
fclose(sf);
}
if (secret != NULL)
- strcpy(lsecret, word);
+ strlcpy(lsecret, word, sizeof lsecret);
/*
* Now read address authorization info and make a wordlist.
@@ -1478,7 +1478,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
free_wordlist(addr_list);
addr_list = alist;
if (secret != NULL)
- strcpy(secret, lsecret);
+ strlcpy(secret, lsecret, MAXWORDLEN);
if (!newline)
break;
@@ -1525,10 +1525,10 @@ auth_script(script)
if ((pw = getpwuid(getuid())) != NULL && pw->pw_name != NULL)
user_name = pw->pw_name;
else {
- sprintf(struid, "%u", getuid());
+ snprintf(struid, sizeof struid, "%u", getuid());
user_name = struid;
}
- sprintf(strspeed, "%d", baud_rate);
+ snprintf(strspeed, sizeof strspeed, "%d", baud_rate);
argv[0] = script;
argv[1] = ifname;