diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-09 21:46:42 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-09 21:46:44 +0200 |
| commit | daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e (patch) | |
| tree | 776eca9d38a23456756b39fc7c4e1fb10996d88e /src/common.c | |
| parent | c02b6c61959c25c685442b56e1337c09437a3d11 (diff) | |
| download | gnutls-daad5b9ba054e17d8bcfb0b8c76d67dc19c64e0e.tar.gz | |
Corrected possible buffer overruns in included programs and examples.
Corrected possible buffer overruns in included programs and examples.
Reported by Pedro Ribeiro <pedrib@gmail.com>.
Diffstat (limited to 'src/common.c')
| -rw-r--r-- | src/common.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/common.c b/src/common.c index cdbb25219a..d4331f8428 100644 --- a/src/common.c +++ b/src/common.c @@ -1045,12 +1045,19 @@ pin_callback (void *user, int attempt, const char *token_url, exit (1); } - len = MIN (pin_max, strlen (password)); + len = 1 + MIN (pin_max, strlen (password)); memcpy (pin, password, len); pin[len] = 0; /* cache */ - strcpy (cached_pin, pin); + if (len < sizeof(cached_pin)) + { + memcpy (cached_pin, pin, len); + cached_pin[len] = 0; + } + else + cached_pin[0] = 0; + free (cached_url); if (token_url) cached_url = strdup (token_url); |