Module Name: src Committed By: bouyer Date: Sat Sep 24 13:10:52 UTC 2016
Modified Files: src/sys/lib/libsa [netbsd-6]: checkpasswd.c Log Message: Pull up following revision(s) (requested by dholland in ticket #1406): sys/lib/libsa/checkpasswd.c: revision 1.10 Check bounds on input. From Michael Plass. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.9.14.1 src/sys/lib/libsa/checkpasswd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/lib/libsa/checkpasswd.c diff -u src/sys/lib/libsa/checkpasswd.c:1.9 src/sys/lib/libsa/checkpasswd.c:1.9.14.1 --- src/sys/lib/libsa/checkpasswd.c:1.9 Thu Jan 6 02:45:13 2011 +++ src/sys/lib/libsa/checkpasswd.c Sat Sep 24 13:10:52 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: checkpasswd.c,v 1.9 2011/01/06 02:45:13 jakllsch Exp $ */ +/* $NetBSD: checkpasswd.c,v 1.9.14.1 2016/09/24 13:10:52 bouyer Exp $ */ /*- * Copyright (c) 1993 @@ -84,8 +84,10 @@ getpass(const char *prompt) putchar('\n'); break; default: - *lp++ = c; - putchar('*'); + if ((size_t)(lp - buf) < sizeof(buf) - 1) { + *lp++ = c; + putchar('*'); + } break; } }