diff options
author | Jonathan Geisler <jgeisler@cse.taylor.edu> | 2010-03-24 16:02:15 -0700 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2010-03-24 16:02:15 -0700 |
commit | fd8ccb0427569ffdfbb70c8828029122f3459160 (patch) | |
tree | 8a8c6aca5e5e068c60bb7d71f6fb71c7fe88fe14 /sysdeps | |
parent | 54bf215c6f6811161275654518161b6bd5b8e325 (diff) | |
download | glibc-fd8ccb0427569ffdfbb70c8828029122f3459160.tar.gz glibc-fd8ccb0427569ffdfbb70c8828029122f3459160.tar.xz glibc-fd8ccb0427569ffdfbb70c8828029122f3459160.zip |
calls to cuserid() can result in buffer overruns and/or overflows
Diffstat (limited to 'sysdeps')
-rw-r--r-- | sysdeps/posix/cuserid.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sysdeps/posix/cuserid.c b/sysdeps/posix/cuserid.c index 11c827a686..f30c20e3f8 100644 --- a/sysdeps/posix/cuserid.c +++ b/sysdeps/posix/cuserid.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1996, 1998, 1999, 2001 Free Software Foundation, Inc. +/* Copyright (C) 1991, 1996, 1998, 1999, 2001, 2010 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -44,5 +44,6 @@ cuserid (s) if (s == NULL) s = name; - return strncpy (s, pwptr->pw_name, L_cuserid); + s[L_userid - 1] = '\0'; + return strncpy (s, pwptr->pw_name, L_cuserid - 1); } |