be more secure with strncat (add \0)

author thib <thib>

Sun, 11 Jul 2004 18:08:08 +0000 (18:08 +0000)

committer thib <thib>

Sun, 11 Jul 2004 18:08:08 +0000 (18:08 +0000)
author thib <thib>
Sun, 11 Jul 2004 18:08:08 +0000 (18:08 +0000)
committer thib <thib>
Sun, 11 Jul 2004 18:08:08 +0000 (18:08 +0000)
diff --git a/fileconf.c b/fileconf.c

index dc99d55aa7303c2d10a0818826732aa79a961f92..129c8b4435e83c97980f69dbc723d1eea742ad73 100644 (file)
--- a/fileconf.c
+++ b/fileconf.c
@@ -22,7 +22,7 @@
   *  `LICENSE' that comes with the fcron source distribution.
   */
  
- /* $Id: fileconf.c,v 1.73 2004-04-29 19:29:36 thib Exp $ */
+ /* $Id: fileconf.c,v 1.74 2004-07-11 18:08:08 thib Exp $ */
  
  #include "fcrontab.h"
  
@@ -341,7 +341,10 @@ read_env(char *ptr, cf_t *cf)
         Alloc(env, env_t);      
  
         strncat(name, "=", sizeof(name) - strlen(name) - 1);
-       env->e_val = strdup2( strncat(name,val,sizeof(name)-strlen(name)-1) );
+       name[sizeof(name)-1]='\0';
+       strncat(name,val,sizeof(name)-strlen(name)-1);
+       name[sizeof(name)-1]='\0';
+       env->e_val = strdup2( name );
         env->e_next = cf->cf_env_base;
         cf->cf_env_base = env;
      }