From 6725bb2a3a425ffff9c2253d60c0f25513c78a93 Mon Sep 17 00:00:00 2001 From: "Anselm R. Garbe" Date: Sat, 13 Jan 2007 14:09:41 +0100 Subject: [PATCH] fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg) --- LICENSE | 2 +- Makefile | 2 +- config.mk | 2 +- slock.c | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/LICENSE b/LICENSE index aa0a3ab..3646c7d 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT/X Consortium License -(C)opyright MMVI Anselm R. Garbe +(C)opyright MMVI-MMVII Anselm R. Garbe Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), diff --git a/Makefile b/Makefile index a84e889..2254925 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # slock - simple screen locker -# (C)opyright MMVI Anselm R. Garbe +# (C)opyright MMVI-MMVII Anselm R. Garbe include config.mk diff --git a/config.mk b/config.mk index df3b2dc..22a1585 100644 --- a/config.mk +++ b/config.mk @@ -1,5 +1,5 @@ # slock version -VERSION = 0.3 +VERSION = 0.4 # Customize below to fit your system diff --git a/slock.c b/slock.c index aafc7c0..94cb26b 100644 --- a/slock.c +++ b/slock.c @@ -1,4 +1,4 @@ -/* (C)opyright MMIV-MMV Anselm R. Garbe +/* (C)opyright MMVI-MMVII Anselm R. Garbe * See LICENSE file for license details. */ #define _XOPEN_SOURCE 500 @@ -122,7 +122,7 @@ main(int argc, char **argv) { --len; break; default: - if(num && !iscntrl((int) buf[0])) { + if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { memcpy(passwd + len, buf, num); len += num; }