off-by-one issues in login-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've noticed a few off-by-one issues in login-utils..

login.c:963: strncpy(ut.ut_user, username, sizeof(ut.ut_user));
It should be sizeof(ut.ut_user) - 1.
Or, something like
ut.ut_user[sizeof(ut.ut_user) -1] = '\0';


And on line 275:

        memset(&ut, 0, sizeof(ut));

        strncpy(ut.ut_user, username ? username : "(unknown)",
                sizeof(ut.ut_user));


I can't see anywhere that adds the final NUL-byte to ut.ut_user.
If I've missed something though, feel free to ignore this.


Thanks,
-- 
-- Joshua Rogers <https://internot.info/>

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux