svn rev #22045: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Feb 23 13:28:48 EST 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22045
Commit By: ghudson
Log Message:
Kill an odd (but harmless) use of strncpy in
krb5_get_in_tkt_with_password, by using the construction from
krb5_get_init_creds_password.
Changed Files:
U trunk/src/lib/krb5/krb/gic_pwd.c
Modified: trunk/src/lib/krb5/krb/gic_pwd.c
===================================================================
--- trunk/src/lib/krb5/krb/gic_pwd.c 2009-02-23 16:22:47 UTC (rev 22044)
+++ trunk/src/lib/krb5/krb/gic_pwd.c 2009-02-23 18:28:48 UTC (rev 22045)
@@ -483,16 +483,13 @@
int use_master = 0;
krb5_gic_opt_ext *opte = NULL;
- pw0array[0] = '\0';
pw0.data = pw0array;
- if (password) {
- pw0.length = strlen(password);
- if (pw0.length > sizeof(pw0array))
+ if (password && password[0]) {
+ if (strlcpy(pw0.data, password, sizeof(pw0array)) >= sizeof(pw0array))
return EINVAL;
- strncpy(pw0.data, password, sizeof(pw0array));
- if (pw0.length == 0)
- pw0.length = sizeof(pw0array);
+ pw0.length = strlen(password);
} else {
+ pw0.data[0] = '\0';
pw0.length = sizeof(pw0array);
}
retval = krb5int_populate_gic_opt(context, &opte,
More information about the cvs-krb5
mailing list