getfacl: Don't trust length of incoming user/groupname

author Corinna Vinschen <corinna@vinschen.de>

Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)

committer Corinna Vinschen <corinna@vinschen.de>

Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)
author Corinna Vinschen <corinna@vinschen.de>
Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)
committer Corinna Vinschen <corinna@vinschen.de>
Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)
diff --git a/winsup/utils/getfacl.c b/winsup/utils/getfacl.c

index 6fb04e667b026a7ea98c8d3b470f9bcaff0a0a3f..57c58fb6af68e8b26d4dbf0040dc793328b464cf 100644 (file)
--- a/winsup/utils/getfacl.c
+++ b/winsup/utils/getfacl.c
@@ -40,7 +40,7 @@ username (uid_t uid)
    struct passwd *pw;
  
    if ((pw = getpwuid (uid)))
-    strcpy (ubuf, pw->pw_name);
+    snprintf (ubuf, sizeof ubuf, "%s", pw->pw_name);
    else
      sprintf (ubuf, "%lu <unknown>", (unsigned long)uid);
    return ubuf;
@@ -53,7 +53,7 @@ groupname (gid_t gid)
    struct group *gr;
  
    if ((gr = getgrgid (gid)))
-    strcpy (gbuf, gr->gr_name);
+    snprintf (gbuf, sizeof gbuf, "%s", gr->gr_name);
    else
      sprintf (gbuf, "%lu <unknown>", (unsigned long)gid);
    return gbuf;
author	Corinna Vinschen <corinna@vinschen.de>
	Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)
committer	Corinna Vinschen <corinna@vinschen.de>
	Sun, 23 Oct 2016 14:52:28 +0000 (16:52 +0200)