chage: Replace STRFCPY() by STRLCPY()
The variables are only being read as strings (char *), so data after the '\0' can't be leaked. Cc: Christian Göttsche <cgzones@googlemail.com> Cc: Serge Hallyn <serge@hallyn.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
committed by
Iker Pedrosa
parent
33abc8bcd9
commit
5579b40e35
+2
-1
@@ -33,6 +33,7 @@
|
||||
#include "pwio.h"
|
||||
#include "shadowio.h"
|
||||
#include "shadowlog.h"
|
||||
#include "strlcpy.h"
|
||||
#ifdef WITH_TCB
|
||||
#include "tcbfuncs.h"
|
||||
#endif
|
||||
@@ -822,7 +823,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (E_NOPERM);
|
||||
}
|
||||
|
||||
STRFCPY (user_name, pw->pw_name);
|
||||
STRLCPY(user_name, pw->pw_name);
|
||||
#ifdef WITH_TCB
|
||||
if (shadowtcb_set_user (pw->pw_name) == SHADOWTCB_FAILURE) {
|
||||
fail_exit (E_NOPERM);
|
||||
|
||||
Reference in New Issue
Block a user