From f1628d50556fb5ee6b744d605abfa567e45944b9 Mon Sep 17 00:00:00 2001 From: Gregory Nutt Date: Sat, 22 Feb 2014 10:31:20 -0600 Subject: [PATCH] NSH telnet: Use strncpy vs strcpy to avoid overrunning username and password buffers. From Bertold Van den Bergh --- ChangeLog.txt | 2 ++ nshlib/nsh_telnetd.c | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ChangeLog.txt b/ChangeLog.txt index 36a7fbc5c..29bab006a 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -842,4 +842,6 @@ (2014-2-20). * nshlib/Kconfig: Use CONFIG_DEFAULT_SMALL in selecting default settings (2014-2-20). + * nshlib/nsh_telnetd.c: Use strncpy vs strcpy to avoid overrun the + username and password buffers. From Bertold Van den Bergh (2014-2-22). diff --git a/nshlib/nsh_telnetd.c b/nshlib/nsh_telnetd.c index 76ed81086..b3e67b87c 100644 --- a/nshlib/nsh_telnetd.c +++ b/nshlib/nsh_telnetd.c @@ -131,7 +131,7 @@ int nsh_telnetlogin(struct console_stdio_s *pstate) fflush(pstate->cn_outstream); if (fgets(pstate->cn_line, CONFIG_NSH_LINELEN, INSTREAM(pstate)) != NULL) { - strcpy(username, pstate->cn_line); + strncpy(username, pstate->cn_line, sizeof(username)); username[strlen(pstate->cn_line) - 1] = 0; } @@ -144,7 +144,7 @@ int nsh_telnetlogin(struct console_stdio_s *pstate) { /* Verify the username and password */ - strcpy(password,pstate->cn_line); + strncpy(password, pstate->cn_line, sizeof(password)); password[strlen(pstate->cn_line) - 1] = 0; if (strcmp(password, CONFIG_NSH_TELNET_PASSWORD) == 0 &&