Replace strncpy() with strlcpy() when parsing login time limit strings

from /etc/login.conf, or an unterminated string buffer could result.
Probably, login_times.c should reject excessively long time strings as
unparseable, rather than truncating, which might render an invalid
string valid.

Found with:	Coverity Prevent (tm)
Reviewed by:	csjp
MFC after:	3 days
This commit is contained in:
Robert Watson 2006-01-16 00:52:20 +00:00
parent c21f7757d2
commit ba183db70c

View File

@ -72,7 +72,7 @@ parse_lt(const char * str)
char buf[64];
/* Make local copy and force lowercase to simplify parsing */
p = strncpy(buf, str, sizeof buf);
p = strlcpy(buf, str, sizeof buf);
buf[sizeof buf - 1] = '\0';
for (i = 0; buf[i]; i++)
buf[i] = (char)tolower(buf[i]);