diff options
author | Richard Levitte <levitte@openssl.org> | 2002-02-28 12:42:19 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-02-28 12:42:19 +0000 |
commit | 26414ee013170f2d8e42b1995dbb30c03e7ed16c (patch) | |
tree | 8c063e88267e1cc018fb3a71a74b35962249702f /crypto/des/des.c | |
parent | 5c62f68e14f38101e2a1dd969b1d5f587a16bfdb (diff) | |
download | openssl-26414ee013170f2d8e42b1995dbb30c03e7ed16c.tar.gz |
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
Diffstat (limited to 'crypto/des/des.c')
-rw-r--r-- | crypto/des/des.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/des/des.c b/crypto/des/des.c index a03ce161af..d8c846b23d 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -153,12 +153,14 @@ int main(int argc, char **argv) case 'c': cflag=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'C': cflag=1; longk=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'e': @@ -190,6 +192,7 @@ int main(int argc, char **argv) case 'u': uflag=1; strncpy(uuname,p,200); + uuname[sizeof(uuname)-1]='\0'; p+=strlen(uuname); break; case 'h': |