login: Replace STRFCPY() by STRLCPY()
The variable is only being read as a string (char *), so data after the '\0' can't be leaked. Cc: Christian Göttsche <cgzones@googlemail.com> Cc: Serge Hallyn <serge@hallyn.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Alejandro Colomar
committed by
Iker Pedrosa
Iker Pedrosa
parent
6dacb154e5
commit
fcc25a03cd
@@ -36,6 +36,7 @@
|
||||
/*@-exitarg@*/
|
||||
#include "exitcodes.h"
|
||||
#include "shadowlog.h"
|
||||
#include "strlcpy.h"
|
||||
|
||||
#ifdef USE_PAM
|
||||
#include "pam_defs.h"
|
||||
@@ -552,7 +553,7 @@ int main (int argc, char **argv)
|
||||
if (NULL == tmptty) {
|
||||
tmptty = "UNKNOWN";
|
||||
}
|
||||
STRFCPY (tty, tmptty);
|
||||
STRLCPY(tty, tmptty);
|
||||
|
||||
#ifndef USE_PAM
|
||||
is_console = console (tty);
|
||||
|
||||
Reference in New Issue
Block a user