Kill remaining strcpy(), the programmer's guide says username is 32 bytes.

author Todd C. Miller <Todd.Miller@courtesan.com>

Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)
diff --git a/auth/securid.c b/auth/securid.c

index fef17005790292ebe161d2dedf129079aecbc513..74c58f0146de7ab9a96838557e2360eb7dbc8205 100644 (file)
--- a/auth/securid.c
+++ b/auth/securid.c
@@ -99,7 +99,8 @@ securid_setup(pw, promptp, auth)
  
      /* Re-initialize SecurID every time. */
      if (sd_init(sd) == 0) {
-       strcpy(sd->username, pw->pw_name);
+       /* The programmer's guide says username is 32 bytes */
+       strlcpy(sd->username, pw->pw_name, 32);
         return(AUTH_SUCCESS);
      } else {
         (void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Sun, 16 Mar 2003 03:03:32 +0000 (03:03 +0000)