From 37063bd4edb87b70b019d35bddf18209ab478c44 Mon Sep 17 00:00:00 2001
From: pst <pst@FreeBSD.org>
Date: Thu, 23 Feb 1995 00:20:00 +0000
Subject: Sendmail 8.6.10 update for security problems. Imported on
 CSRG/V_8_6_10 branch.

Obtained from: CSRG/Allman
---
 usr.sbin/sendmail/src/daemon.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'usr.sbin/sendmail/src/daemon.c')

diff --git a/usr.sbin/sendmail/src/daemon.c b/usr.sbin/sendmail/src/daemon.c
index 293438b..fe1070b 100644
--- a/usr.sbin/sendmail/src/daemon.c
+++ b/usr.sbin/sendmail/src/daemon.c
@@ -37,9 +37,9 @@
 
 #ifndef lint
 #ifdef DAEMON
-static char sccsid[] = "@(#)daemon.c	8.48 (Berkeley) 4/18/94 (with daemon mode)";
+static char sccsid[] = "@(#)daemon.c	8.48.1.2 (Berkeley) 2/9/95 (with daemon mode)";
 #else
-static char sccsid[] = "@(#)daemon.c	8.48 (Berkeley) 4/18/94 (without daemon mode)";
+static char sccsid[] = "@(#)daemon.c	8.48.1.2 (Berkeley) 2/9/95 (without daemon mode)";
 #endif
 #endif /* not lint */
 
@@ -1122,9 +1122,11 @@ getauthinfo(fd)
 	while (isascii(*++p) && isspace(*p))
 		continue;
 
-	/* p now points to the authenticated name */
-	(void) sprintf(hbuf, "%s@%s",
-		p, RealHostName == NULL ? "localhost" : RealHostName);
+	/* p now points to the authenticated name -- copy carefully */
+	cleanstrcpy(hbuf, p, MAXNAME);
+	i = strlen(hbuf);
+	hbuf[i++] = '@';
+	strcpy(&hbuf[i], RealHostName == NULL ? "localhost" : RealHostName);
 	goto finish;
 
 closeident:
-- 
cgit v1.1