From owner-freebsd-bugs@FreeBSD.ORG Fri May 6 09:30:01 2005 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C26E16A4CE for ; Fri, 6 May 2005 09:30:01 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D2B543D91 for ; Fri, 6 May 2005 09:30:01 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j469U1VC031315 for ; Fri, 6 May 2005 09:30:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j469U0H5031314; Fri, 6 May 2005 09:30:00 GMT (envelope-from gnats) Resent-Date: Fri, 6 May 2005 09:30:00 GMT Resent-Message-Id: <200505060930.j469U0H5031314@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Przemyslaw Frasunek Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A42016A4CE for ; Fri, 6 May 2005 09:23:31 +0000 (GMT) Received: from mailhost.freebsd.lublin.pl (mailhost.freebsd.lublin.pl [193.138.118.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id D328E43D90 for ; Fri, 6 May 2005 09:23:30 +0000 (GMT) (envelope-from venglin@freebsd.lublin.pl) Received: from lagoon.freebsd.lublin.pl (qmailr@lagoon.freebsd.lublin.pl [193.138.118.3])j469NTZP048112 for ; Fri, 6 May 2005 11:23:29 +0200 (CEST) (envelope-from venglin@freebsd.lublin.pl) Received: (qmail 47945 invoked by uid 1001); 6 May 2005 09:23:29 -0000 Message-Id: <20050506092329.47889.qmail@lagoon.freebsd.lublin.pl> Date: 6 May 2005 09:23:29 -0000 From: Przemyslaw Frasunek To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/80687: [patch] Missing NULL termination after strncpy() in login(1) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Przemyslaw Frasunek List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2005 09:30:01 -0000 >Number: 80687 >Category: bin >Synopsis: [patch] Missing NULL termination after strncpy() in login(1) >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri May 06 09:30:00 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Przemyslaw Frasunek >Release: FreeBSD 4.11-STABLE i386 >Organization: czuby.net >Environment: System: FreeBSD lagoon.freebsd.lublin.pl 4.11-STABLE FreeBSD 4.11-STABLE #0: Tue Feb 8 12:36:09 CET 2005 root@riget.scene.pl:/usr/src/sys/compile/RIGET i386 >Description: Similar to bin/80661 >How-To-Repeat: N/A >Fix: --- usr.bin/login/login.c.old Fri May 6 11:20:19 2005 +++ usr.bin/login/login.c Fri May 6 11:20:36 2005 @@ -512,10 +512,10 @@ /* Nothing else left to fail -- really log in. */ memset((void *)&utmp, 0, sizeof(utmp)); (void)time(&utmp.ut_time); - (void)strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); + (void)strlcpy(utmp.ut_name, username, sizeof(utmp.ut_name)); if (hostname) - (void)strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); - (void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); + (void)strlcpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); + (void)strlcpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); login(&utmp); dolastlog(quietlog); @@ -1015,9 +1015,9 @@ } memset((void *)&ll, 0, sizeof(ll)); (void)time(&ll.ll_time); - (void)strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); + (void)strlcpy(ll.ll_line, tty, sizeof(ll.ll_line)); if (hostname) - (void)strncpy(ll.ll_host, hostname, sizeof(ll.ll_host));+ (void)strlcpy(ll.ll_host, hostname, sizeof(ll.ll_host)); (void)write(fd, (char *)&ll, sizeof(ll)); (void)close(fd); } else { >Release-Note: >Audit-Trail: >Unformatted: