From 26414ee013170f2d8e42b1995dbb30c03e7ed16c Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Thu, 28 Feb 2002 12:42:19 +0000
Subject: Increase internal security when using strncpy, by making sure the
 resulting string is NUL-terminated

---
 crypto/des/des.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'crypto/des/des.c')

diff --git a/crypto/des/des.c b/crypto/des/des.c
index a03ce161af..d8c846b23d 100644
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -153,12 +153,14 @@ int main(int argc, char **argv)
 				case 'c':
 					cflag=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'C':
 					cflag=1;
 					longk=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'e':
@@ -190,6 +192,7 @@ int main(int argc, char **argv)
 				case 'u':
 					uflag=1;
 					strncpy(uuname,p,200);
+					uuname[sizeof(uuname)-1]='\0';
 					p+=strlen(uuname);
 					break;
 				case 'h':
-- 
cgit v1.2.3