Make sure logintime string can never overflow (Coverity CID 1164485).

author Petter Reinholdtsen <pere@hungry.com>

Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)

committer Petter Reinholdtsen <pere@hungry.com>

Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
author Petter Reinholdtsen <pere@hungry.com>
Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
committer Petter Reinholdtsen <pere@hungry.com>
Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
diff --git a/src/last.c b/src/last.c

index 02103e03f7f9549ce23c1c9ef21b0ed8d8d36769..b5f77ab7d0205bf1a5fbbddd00597c096c457e56 100644 (file)
--- a/src/last.c
+++ b/src/last.c
@@ -396,7 +396,8 @@ int list(struct utmp *p, time_t t, int what)
          *      Calculate times
          */
         tmp = (time_t)p->ut_time;
-       strcpy(logintime, ctime(&tmp));
+       strncpy(logintime, ctime(&tmp), sizeof(logintime));
+       logintime[sizeof(logintime)-1] = 0; /* enforce null termination */
         if (fulltime)
                 sprintf(logouttime, "- %s", ctime(&t));
         else {
author	Petter Reinholdtsen <pere@hungry.com>
	Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)
committer	Petter Reinholdtsen <pere@hungry.com>
	Sun, 26 Jan 2014 13:38:51 +0000 (13:38 +0000)