Replace strncpy() with strlcpy() when parsing login time limit strings

from /etc/login.conf, or an unterminated string buffer could result. Probably, login_times.c should reject excessively long time strings as unparseable, rather than truncating, which might render an invalid string valid. Found with: Coverity Prevent (tm) Reviewed by: csjp MFC after: 3 days
svn path=/head/; revision=154417
2006-01-16 00:52:20 +00:00 · 2006-01-16 00:52:20 +00:00 · ba183db70c · 2020-12-20 02:59:44 +00:00
commit ba183db70c
parent c21f7757d2
1 changed files with 1 additions and 1 deletions
--- a/lib/libutil/login_times.c
+++ b/lib/libutil/login_times.c
@ -72,7 +72,7 @@ parse_lt(const char * str)
 	char		buf[64];

 	/* Make local copy and force lowercase to simplify parsing */
-	p = strncpy(buf, str, sizeof buf);
+	p = strlcpy(buf, str, sizeof buf);
 	buf[sizeof buf - 1] = '\0';
 	for (i = 0; buf[i]; i++)
 	    buf[i] = (char)tolower(buf[i]);