From ecee62038920b2b78b3b00d7a35f63b1893bc82f Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Sun, 16 Mar 2003 03:03:32 +0000
Subject: [PATCH] Kill remaining strcpy(), the programmer's guide says username
 is 32 bytes.

---
 auth/securid.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/auth/securid.c b/auth/securid.c
index fef170057..74c58f014 100644
--- a/auth/securid.c
+++ b/auth/securid.c
@@ -99,7 +99,8 @@ securid_setup(pw, promptp, auth)
 
     /* Re-initialize SecurID every time. */
     if (sd_init(sd) == 0) {
-	strcpy(sd->username, pw->pw_name);
+	/* The programmer's guide says username is 32 bytes */
+	strlcpy(sd->username, pw->pw_name, 32);
 	return(AUTH_SUCCESS);
     } else {
 	(void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);
-- 
2.50.1