Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

2002-02-28 12:42:19 +00:00
parent 5c62f68e14
commit 26414ee013
6 changed files with 18 additions and 4 deletions
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -153,12 +153,14 @@ int main(int argc, char **argv)
 				case 'c':
 					cflag=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'C':
 					cflag=1;
 					longk=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'e':
@@ -190,6 +192,7 @@ int main(int argc, char **argv)
 				case 'u':
 					uflag=1;
 					strncpy(uuname,p,200);
+					uuname[sizeof(uuname)-1]='\0';
 					p+=strlen(uuname);
 					break;
 				case 'h':