diff options
author | pst <pst@FreeBSD.org> | 1996-10-01 03:41:28 +0000 |
---|---|---|
committer | pst <pst@FreeBSD.org> | 1996-10-01 03:41:28 +0000 |
commit | 52622b0ef03b43a8128af188ee72f860571a83c3 (patch) | |
tree | da40efc42b9308e3b4fcabbb8ab278386852e65b /usr.sbin/pppd | |
parent | d79a1dfb7183c2997895b2d3b74425a6063882e5 (diff) | |
download | FreeBSD-src-52622b0ef03b43a8128af188ee72f860571a83c3.zip FreeBSD-src-52622b0ef03b43a8128af188ee72f860571a83c3.tar.gz |
Fix potential buffer overrun
Diffstat (limited to 'usr.sbin/pppd')
-rw-r--r-- | usr.sbin/pppd/auth.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c index f180ef1..098f0f2 100644 --- a/usr.sbin/pppd/auth.c +++ b/usr.sbin/pppd/auth.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: auth.c,v 1.5 1995/10/31 21:20:45 peter Exp $"; +static char rcsid[] = "$Id: auth.c,v 1.6 1996/03/01 19:29:35 phk Exp $"; #endif #include <stdio.h> @@ -372,14 +372,17 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg, msglen) char passwd[256], user[256]; char secret[MAXWORDLEN]; static int attempts = 0; + int len; /* * Make copies of apasswd and auser, then null-terminate them. */ - BCOPY(apasswd, passwd, passwdlen); - passwd[passwdlen] = '\0'; - BCOPY(auser, user, userlen); - user[userlen] = '\0'; + len = MIN(passwdlen, sizeof(passwd) - 1); + BCOPY(apasswd, passwd, len); + passwd[len] = '\0'; + len = MIN(userlen, sizeof(user) - 1); + BCOPY(auser, user, len); + user[len] = '\0'; /* * Open the file of upap secrets and scan for a suitable secret |