diff options
author | Jeff King <peff@peff.net> | 2011-12-10 05:40:45 -0500 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2011-12-12 16:09:38 -0800 |
commit | 50d0158fbba5c4cd04184bb757bf43a84c290405 (patch) | |
tree | 25066f3cd87576fda794d9f3fb71d59db9a28d94 | |
parent | 861444f6d702b15713d0875ce9dc5aff64885fba (diff) | |
download | git-50d0158fbba5c4cd04184bb757bf43a84c290405.tar.gz |
imap-send: avoid buffer overflow
We format the password prompt in an 80-character static
buffer. It contains the remote host and username, so it's
unlikely to overflow (or be exploitable by a remote
attacker), but there's no reason not to be careful and use
a strbuf.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | imap-send.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/imap-send.c b/imap-send.c index e1ad1a48ce..4c1e897113 100644 --- a/imap-send.c +++ b/imap-send.c @@ -1209,9 +1209,10 @@ static struct store *imap_open_store(struct imap_server_conf *srvc) goto bail; } if (!srvc->pass) { - char prompt[80]; - sprintf(prompt, "Password (%s@%s): ", srvc->user, srvc->host); - arg = git_getpass(prompt); + struct strbuf prompt = STRBUF_INIT; + strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host); + arg = git_getpass(prompt.buf); + strbuf_release(&prompt); if (!arg) { perror("getpass"); exit(1); |