Fix various buffer overflows that may or may not be exploitable.

Fixes PR 2588 Reviewed by: Dan Cross? Submitted by: Julian Assange
author: imp <imp@FreeBSD.org> 1997-03-24 06:01:39 +0000
committer: imp <imp@FreeBSD.org> 1997-03-24 06:01:39 +0000
commit: f5e1bde58d89c89bc11d5028e6f85b6624c876f4 (patch)
tree: 3665327a116538c971e5674588bb05ec8a61da89 /libexec
parent: 7f79bbed5b777c701afb47dfa79b43ff953c2b8a (diff)
download: FreeBSD-src-f5e1bde58d89c89bc11d5028e6f85b6624c876f4.zip
FreeBSD-src-f5e1bde58d89c89bc11d5028e6f85b6624c876f4.tar.gz
1 files changed, 7 insertions, 5 deletions
diff --git a/libexec/rlogind/rlogind.c b/libexec/rlogind/rlogind.c
index 4a9d7a6..3edba3c 100644
--- a/libexec/rlogind/rlogind.c
+++ b/libexec/rlogind/rlogind.c
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id$
+ *	$Id: rlogind.c,v 1.15 1997/02/22 14:22:08 peter Exp $
  */
 
 #ifndef lint
@@ -226,10 +226,12 @@ doit(f, fromp)
 	fromp->sin_port = ntohs((u_short)fromp->sin_port);
 	hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof(struct in_addr),
 	    fromp->sin_family);
-	if (hp)
-		(void)strcpy(hostname, hp->h_name);
-	else
-		(void)strcpy(hostname, inet_ntoa(fromp->sin_addr));
+	if (hp) {
+		(void)strncpy(hostname, hp->h_name, sizeof(hostname));
+	} else {
+		(void)strncpy(hostname, inet_ntoa(fromp->sin_addr), sizeof(hostname));
+	}
+	hostname[sizeof(hostname) - 1] = '\0';
 
 #ifdef	KERBEROS
 	if (use_kerberos) {
author	imp <imp@FreeBSD.org>	1997-03-24 06:01:39 +0000
committer	imp <imp@FreeBSD.org>	1997-03-24 06:01:39 +0000
commit	f5e1bde58d89c89bc11d5028e6f85b6624c876f4 (patch)
tree	3665327a116538c971e5674588bb05ec8a61da89 /libexec
parent	7f79bbed5b777c701afb47dfa79b43ff953c2b8a (diff)
download	FreeBSD-src-f5e1bde58d89c89bc11d5028e6f85b6624c876f4.zip FreeBSD-src-f5e1bde58d89c89bc11d5028e6f85b6624c876f4.tar.gz