summaryrefslogtreecommitdiff
path: root/imap-send.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2011-12-10 05:40:45 -0500
committerJunio C Hamano <gitster@pobox.com>2011-12-12 16:09:38 -0800
commit50d0158fbba5c4cd04184bb757bf43a84c290405 (patch)
tree25066f3cd87576fda794d9f3fb71d59db9a28d94 /imap-send.c
parent861444f6d702b15713d0875ce9dc5aff64885fba (diff)
downloadgit-50d0158fbba5c4cd04184bb757bf43a84c290405.tar.gz
imap-send: avoid buffer overflow
We format the password prompt in an 80-character static buffer. It contains the remote host and username, so it's unlikely to overflow (or be exploitable by a remote attacker), but there's no reason not to be careful and use a strbuf. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'imap-send.c')
-rw-r--r--imap-send.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/imap-send.c b/imap-send.c
index e1ad1a48ce..4c1e897113 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -1209,9 +1209,10 @@ static struct store *imap_open_store(struct imap_server_conf *srvc)
goto bail;
}
if (!srvc->pass) {
- char prompt[80];
- sprintf(prompt, "Password (%s@%s): ", srvc->user, srvc->host);
- arg = git_getpass(prompt);
+ struct strbuf prompt = STRBUF_INIT;
+ strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host);
+ arg = git_getpass(prompt.buf);
+ strbuf_release(&prompt);
if (!arg) {
perror("getpass");
exit(1);