projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ce1b214)
* sys_term.c (start_login): Bounds check the constructed "speed"
authorTom Yu <tlyu@mit.edu>
Thu, 10 Apr 1997 04:06:02 +0000 (04:06 +0000)
committerTom Yu <tlyu@mit.edu>
Thu, 10 Apr 1997 04:06:02 +0000 (04:06 +0000)
passed in to login.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10065 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/telnet/telnetd/ChangeLog patch | blob | history
src/appl/telnet/telnetd/sys_term.c patch | blob | history

diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog
index d64b94d8748b1d1db829626d7c19f1b2bad40e4f..b8fa48c52b96285e4926768a760fafd187237b64 100644 (file)
--- a/src/appl/telnet/telnetd/ChangeLog
+++ b/src/appl/telnet/telnetd/ChangeLog
@@ -1,3 +1,8 @@
+Wed Apr  9 23:46:40 1997  Tom Yu  <tlyu@mit.edu>
+
+       * sys_term.c (start_login): Bounds check the constructed "speed"
+       passed in to login.
+
 Wed Feb 12 15:22:53 1997  Tom Yu  <tlyu@voltage-multiplier.mit.edu>
 
        * configure.in: Fix DES425_DEPLIB
diff --git a/src/appl/telnet/telnetd/sys_term.c b/src/appl/telnet/telnetd/sys_term.c
index a7c7ee526b4b6bed211f9a42f8fa702e41b34f5a..0e5def6b0170c33f718f1f825dd7f8537a563f1d 100644 (file)
--- a/src/appl/telnet/telnetd/sys_term.c
+++ b/src/appl/telnet/telnetd/sys_term.c
@@ -1289,7 +1289,7 @@ start_login(host, autologin, name)
 
                if (pty > 2) {
                        register char *cp;
-                       char speed[128];
+                       char speed[1024];
                        int isecho, israw, xpty, len;
                        extern int def_rspeed;
 #  ifndef LOGIN_HOST
@@ -1326,7 +1326,13 @@ start_login(host, autologin, name)
                        len = strlen(name)+1;
                        write(xpty, name, len);
                        write(xpty, name, len);
-                       sprintf(speed, "%s/%d", (cp = getenv("TERM")) ? cp : "",
+                       memset(speed, 0, sizeof(speed));
+                       strncpy(speed,
+                               (cp = getenv("TERM")) ? cp : "",
+                               sizeof(speed)-1-(10*sizeof(def_rspeed)/4)-1);
+                       /* 1 for /, () for the number, 1 for trailing 0. */
+                       sprintf(speed + strlen(speed),
+                               "/%d",
                                (def_rspeed > 0) ? def_rspeed : 9600);
                        len = strlen(speed)+1;
                        write(xpty, speed, len);
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.