summaryrefslogtreecommitdiffstats
path: root/usr.bin/finger
diff options
context:
space:
mode:
authorimp <imp@FreeBSD.org>1999-08-22 17:24:25 +0000
committerimp <imp@FreeBSD.org>1999-08-22 17:24:25 +0000
commitb78c77d7be4f11b400f76b6663c5f14566ac2f16 (patch)
tree83ed5a1b1bdb9f3e0cb8a068c146c235ed96329d /usr.bin/finger
parent545b4031fcf7a84e33e2c2e2fad8e13d80a3395c (diff)
downloadFreeBSD-src-b78c77d7be4f11b400f76b6663c5f14566ac2f16.zip
FreeBSD-src-b78c77d7be4f11b400f76b6663c5f14566ac2f16.tar.gz
Use the final version of the patch for the overflow, not the next to
final. Noticed by: eivind
Diffstat (limited to 'usr.bin/finger')
-rw-r--r--usr.bin/finger/util.c16
1 files changed, 9 insertions, 7 deletions
diff --git a/usr.bin/finger/util.c b/usr.bin/finger/util.c
index 8e58ed2..e391840 100644
--- a/usr.bin/finger/util.c
+++ b/usr.bin/finger/util.c
@@ -39,7 +39,7 @@
static char sccsid[] = "@(#)util.c 8.3 (Berkeley) 4/28/95";
#else
static const char rcsid[] =
- "$Id: util.c,v 1.5 1997/07/02 06:34:51 charnier Exp $";
+ "$Id: util.c,v 1.6 1999/08/21 18:25:38 imp Exp $";
#endif
#endif /* not lint */
@@ -80,7 +80,7 @@ match(pw, user)
* Why do we skip asterisks!?!?
*/
(void)strncpy(p = tbuf, pw->pw_gecos, sizeof(tbuf));
- p[sizeof(tbuf) - 1] = '\0';
+ tbuf[sizeof(tbuf) - 1] = '\0';
if (*p == '*')
++p;
@@ -88,12 +88,13 @@ match(pw, user)
if ((p = strtok(p, ",")) == NULL)
return(0);
- for (t = name; (*t = *p) != '\0' && t - name > sizeof(name); ++p) {
+ for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
if (*t == '&') {
(void)strncpy(t, pw->pw_name,
sizeof(name) - (t - name));
name[sizeof(name) - 1] = '\0';
- while (*++t);
+ while (t < &name[sizeof(name) - 1] && *++t)
+ continue;
} else {
++t;
}
@@ -352,21 +353,22 @@ userinfo(pn, pw)
/* why do we skip asterisks!?!? */
(void)strncpy(bp = tbuf, pw->pw_gecos, sizeof(tbuf));
- bp[sizeof(tbuf) - 1] = '\0';
+ tbuf[sizeof(tbuf) - 1] = '\0';
if (*bp == '*')
++bp;
/* ampersands get replaced by the login name */
if (!(p = strsep(&bp, ",")))
return;
- for (t = name; (*t = *p) != '\0' && t < name + sizeof(name); ++p) {
+ for (t = name; t < &name[sizeof(name) - 1] && (*t = *p) != '\0'; ++p) {
if (*t == '&') {
(void)strncpy(t, pw->pw_name,
sizeof(name) - (t - name));
name[sizeof(name) - 1] = '\0';
if (islower(*t))
*t = toupper(*t);
- while (*++t);
+ while (t < &name[sizeof(name) - 1] && *++t)
+ continue;
} else {
++t;
}
OpenPOWER on IntegriCloud