fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg)

author: Anselm R. Garbe <arg@suckless.org> 2007-01-13 14:09:41 +0100
committer: Anselm R. Garbe <arg@suckless.org> 2007-01-13 14:09:41 +0100
commit: 6725bb2a3a425ffff9c2253d60c0f25513c78a93 (patch)
tree: 47d0689fc98e1527f98bf86c2be408da7c1fc5d4 /slock.c
parent: 11642443f520a3f7fe6ecfd7411bf18b3f2081d3 (diff)
download: slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.gz
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.bz2
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/slock.c b/slock.c
index aafc7c0..94cb26b 100644
--- a/slock.c
+++ b/slock.c
@@ -1,4 +1,4 @@
-/* (C)opyright MMIV-MMV Anselm R. Garbe <garbeam at gmail dot com>
+/* (C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
  * See LICENSE file for license details.
  */
 #define _XOPEN_SOURCE 500
@@ -122,7 +122,7 @@ main(int argc, char **argv) {
 					--len;
 				break;
 			default:
-				if(num && !iscntrl((int) buf[0])) {
+				if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { 
 					memcpy(passwd + len, buf, num);
 					len += num;
 				}
author	Anselm R. Garbe <arg@suckless.org>	2007-01-13 14:09:41 +0100
committer	Anselm R. Garbe <arg@suckless.org>	2007-01-13 14:09:41 +0100
commit	6725bb2a3a425ffff9c2253d60c0f25513c78a93 (patch)
tree	47d0689fc98e1527f98bf86c2be408da7c1fc5d4 /slock.c
parent	11642443f520a3f7fe6ecfd7411bf18b3f2081d3 (diff)
download	slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.gz slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.bz2 slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.zip