From: Stelian Pop <stelian@popies.net>
Date: Sat, 26 May 2001 11:04:46 +0000 (+0000)
Subject: Small buffer overflow in restore/tape.c
X-Git-Tag: release_0_4b23~16
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=6d9ffa3ebaadf8f1709aa4e6a8956fab4abf4f64;hp=9081ea909f4c55c9344fee512c509caf4f2f64b8;p=dump.git

Small buffer overflow in restore/tape.c
---

diff --git a/CHANGES b/CHANGES
index 0fd8d3d..c062bca 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,10 @@
-$Id: CHANGES,v 1.114 2001/05/12 11:39:45 stelian Exp $
+$Id: CHANGES,v 1.115 2001/05/26 11:04:46 stelian Exp $
+
+Changes between versions 0.4b22 and 0.4b23 (released ????????????)
+==================================================================
+
+1.	Fixed a buffer overflow in restore/tape.c. Patch provided by
+	Marcus Meissner (Caldera International Security Dept.).
 
 Changes between versions 0.4b21 and 0.4b22 (released May 12, 2001)
 ==================================================================
diff --git a/restore/tape.c b/restore/tape.c
index 5fac380..d7e8ed6 100644
--- a/restore/tape.c
+++ b/restore/tape.c
@@ -46,7 +46,7 @@
 
 #ifndef lint
 static const char rcsid[] =
-	"$Id: tape.c,v 1.38 2001/05/12 11:36:12 stelian Exp $";
+	"$Id: tape.c,v 1.39 2001/05/26 11:04:46 stelian Exp $";
 #endif /* not lint */
 
 #include <config.h>
@@ -448,8 +448,8 @@ again:
 			return;
 		}
 		if (buf[0] != '\n') {
-			(void) strcpy(magtape, buf);
-			magtape[strlen(magtape) - 1] = '\0';
+			(void) strncpy(magtape, buf, sizeof(magtape));
+			magtape[sizeof(magtape) - 1] = '\0';
 		}
 	}
 #ifdef RRESTORE