passwd: Fix potential buffer overflow

Fixes Coverity CID 66956 Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
author: Corinna Vinschen <corinna@vinschen.de> 2016-10-23 17:16:30 +0200
committer: Corinna Vinschen <corinna@vinschen.de> 2016-10-23 17:16:30 +0200
commit: 79edb254aca9631fd1e83ac4fdfa27acdf564244 (patch)
tree: 2d56e077e65274e91304390e2e71682fcdd2ae8d
parent: 526107a7536c3ae8d7de2b38bc668b940f52ca35 (diff)
download: cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.tar.gz
cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.tar.bz2
cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/winsup/utils/passwd.c b/winsup/utils/passwd.c
index 8d9183875..aa8e8cc3a 100644
--- a/winsup/utils/passwd.c
+++ b/winsup/utils/passwd.c
@@ -592,7 +592,8 @@ main (int argc, char **argv)
       return SetModals (xarg, narg, iarg, Larg, server);
     }
 
-  strcpy (user, optind >= argc ? getlogin () : argv[optind]);
+  user[0] = '\0';
+  strncat (user, optind >= argc ? getlogin () : argv[optind], UNLEN);
 
   /* Changing password for calling user?  Use logonserver for user as well. */
   if (!server && optind >= argc)
author	Corinna Vinschen <corinna@vinschen.de>	2016-10-23 17:16:30 +0200
committer	Corinna Vinschen <corinna@vinschen.de>	2016-10-23 17:16:30 +0200
commit	79edb254aca9631fd1e83ac4fdfa27acdf564244 (patch)
tree	2d56e077e65274e91304390e2e71682fcdd2ae8d
parent	526107a7536c3ae8d7de2b38bc668b940f52ca35 (diff)
download	cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.tar.gz cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.tar.bz2 cygnal-79edb254aca9631fd1e83ac4fdfa27acdf564244.zip