bos: Don't overflow buffer with key data

author Simon Wilkinson <sxw@your-file-system.com>

Fri, 8 Mar 2013 13:02:26 +0000 (13:02 +0000)

committer Stephan Wiesand <stephan.wiesand@desy.de>

Wed, 12 Mar 2014 13:07:01 +0000 (06:07 -0700)
author Simon Wilkinson <sxw@your-file-system.com>
Fri, 8 Mar 2013 13:02:26 +0000 (13:02 +0000)
committer Stephan Wiesand <stephan.wiesand@desy.de>
Wed, 12 Mar 2014 13:07:01 +0000 (06:07 -0700)
diff --git a/src/bozo/bos.c b/src/bozo/bos.c

index 5a4368c39cdcfc50187f5f525dc1e122a5a6e611..7b02d15cf7d7e7fc05ba80475b3259042085a22d 100644 (file)
--- a/src/bozo/bos.c
+++ b/src/bozo/bos.c
@@ -808,9 +808,12 @@ AddKey(struct cmd_syndesc *as, void *arock)
      tconn = GetConn(as, 1);
      memset(&tkey, 0, sizeof(struct ktc_encryptionKey));
  
-    if (as->parms[1].items)
-       strcpy(buf, as->parms[1].items->data);
-    else {
+    if (as->parms[1].items) {
+       if (strlcpy(buf, as->parms[1].items->data, sizeof(buf)) >= sizeof(buf)) {
+           fprintf(stderr, "Key data too long for buffer\n");
+           exit(1);
+       }
+    } else {
         /* prompt for key */
         code = des_read_pw_string(buf, sizeof(buf), "input key: ", 0);
         if (code || strlen(buf) == 0) {
author	Simon Wilkinson <sxw@your-file-system.com>
	Fri, 8 Mar 2013 13:02:26 +0000 (13:02 +0000)
committer	Stephan Wiesand <stephan.wiesand@desy.de>
	Wed, 12 Mar 2014 13:07:01 +0000 (06:07 -0700)