aboutsummaryrefslogtreecommitdiff
path: root/lib/libc/net
diff options
context:
space:
mode:
authorWarner Losh <imp@FreeBSD.org>2018-01-06 12:46:04 +0000
committerWarner Losh <imp@FreeBSD.org>2018-01-06 12:46:04 +0000
commit90ceddb1606f867f24bd2e0fb136a0b7947577ad (patch)
tree940068cd5d45fd21d55394d46e9d711f09dc258c /lib/libc/net
parentca23e64eb4a39c14ca57a5b08954163e4f4a4384 (diff)
downloadsrc-90ceddb1606f867f24bd2e0fb136a0b7947577ad.tar.gz
src-90ceddb1606f867f24bd2e0fb136a0b7947577ad.zip
The source strings are from the password database which guarantees
that the data going into it is sane. Out of an abundance of caution, limit the string copies to prevent an overflow. CID: 1019035
Notes
Notes: svn path=/head/; revision=327619
Diffstat (limited to 'lib/libc/net')
-rw-r--r--lib/libc/net/rcmd.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libc/net/rcmd.c b/lib/libc/net/rcmd.c
index 38a150452d24..3cb475a6bece 100644
--- a/lib/libc/net/rcmd.c
+++ b/lib/libc/net/rcmd.c
@@ -457,8 +457,8 @@ again:
first = 0;
if ((pwd = getpwnam(luser)) == NULL)
return (-1);
- (void)strcpy(pbuf, pwd->pw_dir);
- (void)strcat(pbuf, "/.rhosts");
+ (void)strlcpy(pbuf, pwd->pw_dir, sizeof(pbuf));
+ (void)strlcat(pbuf, "/.rhosts", sizeof(pbuf));
/*
* Change effective uid while opening .rhosts. If root and