Let's make sure we're at the end of the password string before we apply a \0

and terminate it. This patch ensures passwords will be the correct length of 8, which is what is implied in the source (but not reflected in the man page). PR: bin/7817 Reviewed by: Alfred Perlstein <bright@hotjobs.com> Submitted by: Hiroshi Nishikawa <nis@pluto.dti.ne.jp>
author: billf <billf@FreeBSD.org> 1999-01-02 04:37:46 +0000
committer: billf <billf@FreeBSD.org> 1999-01-02 04:37:46 +0000
commit: 4d4062708c4cf30e3dad945b0325fdac2a101662 (patch)
tree: 09deb6263164e98a12d32b75debc9e559a2680a5 /usr.sbin/pw/pw_user.c
parent: 9922763a3d37fda0c9babc82546a8b9726fb4cf6 (diff)
download: FreeBSD-src-4d4062708c4cf30e3dad945b0325fdac2a101662.zip
FreeBSD-src-4d4062708c4cf30e3dad945b0325fdac2a101662.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c
index d10c528..fd5f4f0 100644
--- a/usr.sbin/pw/pw_user.c
+++ b/usr.sbin/pw/pw_user.c
@@ -26,7 +26,7 @@
 
 #ifndef lint
 static const char rcsid[] =
-	"$Id$";
+	"$Id: pw_user.c,v 1.23 1997/10/10 06:23:39 charnier Exp $";
 #endif /* not lint */
 
 #include <ctype.h>
@@ -925,7 +925,7 @@ pw_password(struct userconf * cnf, struct cargs * args, char const * user)
 		l = (random() % 8 + 8);	/* 8 - 16 chars */
 		pw_getrand(rndbuf, l);
 		for (i = 0; i < l; i++)
-			pwbuf[i] = chars[rndbuf[i] % sizeof(chars)];
+			pwbuf[i] = chars[rndbuf[i] % (sizeof(chars)-1)];
 		pwbuf[i] = '\0';
 
 		/*
author	billf <billf@FreeBSD.org>	1999-01-02 04:37:46 +0000
committer	billf <billf@FreeBSD.org>	1999-01-02 04:37:46 +0000
commit	4d4062708c4cf30e3dad945b0325fdac2a101662 (patch)
tree	09deb6263164e98a12d32b75debc9e559a2680a5 /usr.sbin/pw/pw_user.c
parent	9922763a3d37fda0c9babc82546a8b9726fb4cf6 (diff)
download	FreeBSD-src-4d4062708c4cf30e3dad945b0325fdac2a101662.zip FreeBSD-src-4d4062708c4cf30e3dad945b0325fdac2a101662.tar.gz