diff options
author | Gregory Nutt <gnutt@nuttx.org> | 2014-02-22 10:31:20 -0600 |
---|---|---|
committer | Gregory Nutt <gnutt@nuttx.org> | 2014-02-22 10:31:20 -0600 |
commit | f94ed85a9d85ceb0144c6053cb2230cc758983bf (patch) | |
tree | 5693949a958a976be18f3bcc4fa0746aba31432a /apps/nshlib/nsh_telnetd.c | |
parent | f7529b9f9e4c9e9ab647fde82c7adc0e765d15c8 (diff) | |
download | nuttx-f94ed85a9d85ceb0144c6053cb2230cc758983bf.tar.gz nuttx-f94ed85a9d85ceb0144c6053cb2230cc758983bf.tar.bz2 nuttx-f94ed85a9d85ceb0144c6053cb2230cc758983bf.zip |
NSH telnet: Use strncpy vs strcpy to avoid overrunning username and password buffers. From Bertold Van den Bergh
Diffstat (limited to 'apps/nshlib/nsh_telnetd.c')
-rw-r--r-- | apps/nshlib/nsh_telnetd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/nshlib/nsh_telnetd.c b/apps/nshlib/nsh_telnetd.c index 76ed81086..b3e67b87c 100644 --- a/apps/nshlib/nsh_telnetd.c +++ b/apps/nshlib/nsh_telnetd.c @@ -131,7 +131,7 @@ int nsh_telnetlogin(struct console_stdio_s *pstate) fflush(pstate->cn_outstream); if (fgets(pstate->cn_line, CONFIG_NSH_LINELEN, INSTREAM(pstate)) != NULL) { - strcpy(username, pstate->cn_line); + strncpy(username, pstate->cn_line, sizeof(username)); username[strlen(pstate->cn_line) - 1] = 0; } @@ -144,7 +144,7 @@ int nsh_telnetlogin(struct console_stdio_s *pstate) { /* Verify the username and password */ - strcpy(password,pstate->cn_line); + strncpy(password, pstate->cn_line, sizeof(password)); password[strlen(pstate->cn_line) - 1] = 0; if (strcmp(password, CONFIG_NSH_TELNET_PASSWORD) == 0 && |