Make sure logintime string can never overflow (Coverity CID 1164485).
authorPetter Reinholdtsen <pere@hungry.com>
Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
committerPetter Reinholdtsen <pere@hungry.com>
Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
git-svn-id: svn://svn.sv.gnu.org/sysvinit/sysvinit/trunk@133 456724a4-4300-0410-8514-c89748c515a2

src/last.c

index 02103e03f7f9549ce23c1c9ef21b0ed8d8d36769..b5f77ab7d0205bf1a5fbbddd00597c096c457e56 100644 (file)
@@ -396,7 +396,8 @@ int list(struct utmp *p, time_t t, int what)
         *      Calculate times
         */
        tmp = (time_t)p->ut_time;
-       strcpy(logintime, ctime(&tmp));
+       strncpy(logintime, ctime(&tmp), sizeof(logintime));
+       logintime[sizeof(logintime)-1] = 0; /* enforce null termination */
        if (fulltime)
                sprintf(logouttime, "- %s", ctime(&t));
        else {