From 2ae2d8627d0e2f71c67d0cb3d580695eca10073a Mon Sep 17 00:00:00 2001
From: kris <kris@FreeBSD.org>
Date: Fri, 4 Aug 2000 11:15:48 +0000
Subject: Return an error instead of overflowing the buffer in the case of a
 long $HOME in ruserpass()

---
 lib/libcompat/4.3/rexec.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib')

diff --git a/lib/libcompat/4.3/rexec.c b/lib/libcompat/4.3/rexec.c
index beb2108..2fc85da 100644
--- a/lib/libcompat/4.3/rexec.c
+++ b/lib/libcompat/4.3/rexec.c
@@ -29,6 +29,8 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
+ * $FreeBSD$
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
@@ -146,6 +148,8 @@ ruserpass(host, aname, apass, aacct)
 	hdir = getenv("HOME");
 	if (hdir == NULL)
 		hdir = ".";
+	if (strlen(hdir) + 8 > sizeof(buf))
+		return (0);
 	(void) sprintf(buf, "%s/.netrc", hdir);
 	cfile = fopen(buf, "r");
 	if (cfile == NULL) {
-- 
cgit v1.1