about summary refs log tree commit diff
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2017-03-14 15:13:16 -0400
committerRich Felker <dalias@aerifal.cx>2017-03-14 15:13:16 -0400
commit3ec8b3aeb88cef8574a7b0f677ebc1801f03821d (patch)
tree3b2532fbff7a627bf8804cb557e88f45fea7c0a9
parent733d1ea759119bcd0554f25034d1b4113b910900 (diff)
downloadmusl-3ec8b3aeb88cef8574a7b0f677ebc1801f03821d.tar.gz
musl-3ec8b3aeb88cef8574a7b0f677ebc1801f03821d.tar.xz
musl-3ec8b3aeb88cef8574a7b0f677ebc1801f03821d.zip
fix one-byte overflow in legacy getpass function
if the length of the input was equal to the buffer size (128), a fixed
value of zero was written one byte past the end of the static buffer.
-rw-r--r--src/legacy/getpass.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/legacy/getpass.c b/src/legacy/getpass.c
index 15ab9851..d51286c0 100644
--- a/src/legacy/getpass.c
+++ b/src/legacy/getpass.c
@@ -27,7 +27,7 @@ char *getpass(const char *prompt)
 
 	l = read(fd, password, sizeof password);
 	if (l >= 0) {
-		if (l > 0 && password[l-1] == '\n') l--;
+		if (l > 0 && password[l-1] == '\n' || l==sizeof password) l--;
 		password[l] = 0;
 	}