diff options
| author | rwatson <rwatson@FreeBSD.org> | 2006-01-16 00:52:20 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2006-01-16 00:52:20 +0000 |
| commit | 2ad9f38f267367ce7d537b2b4e8c5071a27db22f (patch) | |
| tree | d6082b114a7a5e3dd2691a119f68dd20e2b171e1 /lib | |
| parent | 0254c18ba2d3fa453bbe7041a5bd845a78ce7c1f (diff) | |
| download | FreeBSD-src-2ad9f38f267367ce7d537b2b4e8c5071a27db22f.zip FreeBSD-src-2ad9f38f267367ce7d537b2b4e8c5071a27db22f.tar.gz | |
Replace strncpy() with strlcpy() when parsing login time limit strings
from /etc/login.conf, or an unterminated string buffer could result.
Probably, login_times.c should reject excessively long time strings as
unparseable, rather than truncating, which might render an invalid
string valid.
Found with: Coverity Prevent (tm)
Reviewed by: csjp
MFC after: 3 days
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libutil/login_times.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libutil/login_times.c b/lib/libutil/login_times.c index 10e88dd..fda3585 100644 --- a/lib/libutil/login_times.c +++ b/lib/libutil/login_times.c @@ -72,7 +72,7 @@ parse_lt(const char * str) char buf[64]; /* Make local copy and force lowercase to simplify parsing */ - p = strncpy(buf, str, sizeof buf); + p = strlcpy(buf, str, sizeof buf); buf[sizeof buf - 1] = '\0'; for (i = 0; buf[i]; i++) buf[i] = (char)tolower(buf[i]); |
