fix one-byte overflow in legacy getpass function

if the length of the input was equal to the buffer size (128), a fixed
value of zero was written one byte past the end of the static buffer.
This commit is contained in:
Rich Felker 2017-03-14 15:13:16 -04:00
parent 733d1ea759
commit 3ec8b3aeb8

View File

@ -27,7 +27,7 @@ char *getpass(const char *prompt)
l = read(fd, password, sizeof password);
if (l >= 0) {
if (l > 0 && password[l-1] == '\n') l--;
if (l > 0 && password[l-1] == '\n' || l==sizeof password) l--;
password[l] = 0;
}