diff options
author | dg <dg@FreeBSD.org> | 1997-02-19 08:04:58 +0000 |
---|---|---|
committer | dg <dg@FreeBSD.org> | 1997-02-19 08:04:58 +0000 |
commit | d71873490f68c7d73328533d93e71176a0f39ca0 (patch) | |
tree | b5a939ff0ebbc93bf7b8a1d5a716a640b89c7bf8 /sbin/init/init.c | |
parent | ebf34cb49474140708827f27e18cfedd0515472f (diff) | |
download | FreeBSD-src-d71873490f68c7d73328533d93e71176a0f39ca0.zip FreeBSD-src-d71873490f68c7d73328533d93e71176a0f39ca0.tar.gz |
Protect from stack overrun via /etc/ttys, which could possibly allow a
root user to change the securelevel. Pointed out by Thomas H. Ptacek
<tqbf@enteract.com>.
Diffstat (limited to 'sbin/init/init.c')
-rw-r--r-- | sbin/init/init.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/init/init.c b/sbin/init/init.c index bd3ab67..d5695c2 100644 --- a/sbin/init/init.c +++ b/sbin/init/init.c @@ -1089,7 +1089,7 @@ start_window_system(sp) if (sp->se_type) { /* Don't use malloc after fork */ strcpy(term, "TERM="); - strcat(term, sp->se_type); + strncat(term, sp->se_type, sizeof(term) - 6); env[0] = term; env[1] = 0; } @@ -1154,7 +1154,7 @@ start_getty(sp) if (sp->se_type) { /* Don't use malloc after fork */ strcpy(term, "TERM="); - strcat(term, sp->se_type); + strncat(term, sp->se_type, sizeof(term) - 6); env[0] = term; env[1] = 0; } |