fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg)

2007-01-13 14:09:41 +01:00 · 2007-01-13 14:09:41 +01:00 · 6725bb2a3a
parent 11642443f5
commit 6725bb2a3a
4 changed files with 5 additions and 5 deletions
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 MIT/X Consortium License

-(C)opyright MMVI Anselm R. Garbe <garbeam at gmail dot com>
+(C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>

 Permission is hereby granted, free of charge, to any person obtaining a
 copy of this software and associated documentation files (the "Software"),
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 # slock - simple screen locker
-#   (C)opyright MMVI Anselm R. Garbe
+#   (C)opyright MMVI-MMVII Anselm R. Garbe

 include config.mk

--- a/config.mk
+++ b/config.mk
@ -1,5 +1,5 @@
 # slock version
-VERSION = 0.3
+VERSION = 0.4

 # Customize below to fit your system

--- a/slock.c
+++ b/slock.c
@ -1,4 +1,4 @@
-/* (C)opyright MMIV-MMV Anselm R. Garbe <garbeam at gmail dot com>
+/* (C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
 * See LICENSE file for license details.
 */
 #define _XOPEN_SOURCE 500
@ -122,7 +122,7 @@ main(int argc, char **argv) {
 					--len;
 				break;
 			default:
-				if(num && !iscntrl((int) buf[0])) {
+				if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { 
 					memcpy(passwd + len, buf, num);
 					len += num;
 				}