From: Thom May <thommay@apache.org>
Date: Thu, 1 May 2003 13:45:38 +0000 (+0000)
Subject: Forward port a fix for a pair of potential buffer overflows in htdigest from 1.3
X-Git-Tag: pre_ajp_proxy~1752
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6a917afcdb7c4cb8425fd31103c8e6b21c8d1501;p=apache

Forward port a fix for a pair of potential buffer overflows in htdigest from 1.3


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99680 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 153122d217..5dd4de5e6b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,8 @@ Changes with Apache 2.1.0-dev
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) forward port of buffer overflow fixes for htdigest. [Thom May]
+
   *) prefork MPM: Use the right permissions for the directory created 
      for gprof support.  [Jim Carlson <jcarlson@jnous.com>]
 
diff --git a/support/htdigest.c b/support/htdigest.c
index ece9173d6d..79d7171400 100644
--- a/support/htdigest.c
+++ b/support/htdigest.c
@@ -307,8 +307,8 @@ int main(int argc, const char * const argv[])
 	fprintf(stderr, "Use -c option to create new one.\n");
 	cleanup_tempfile_and_exit(1);
     }
-    strcpy(user, argv[3]);
-    strcpy(realm, argv[2]);
+    apr_cpystrn(user, argv[3], sizeof(user));
+    apr_cpystrn(realm, argv[2], sizeof(realm));
 
     found = 0;
     while (!(get_line(line, MAX_STRING_LEN, f))) {