[packages/apache.git] / apache-security_htdigest_bufferoverflow.patch

--- apache_1.3.26/src/support/htdigest.c	2002-10-23 09:22:02.000000000 +0200
+++ apache_1.3.26/src/support/htdigest.c	2002-10-26 09:33:54.000000000 +0200
@@ -255,8 +255,8 @@
 	fprintf(stderr, "Use -c option to create new one.\n");
 	exit(1);
     }
-    strcpy(user, argv[3]);
-    strcpy(realm, argv[2]);
+    strncpy(user, argv[3], sizeof (user));
+    strncpy(realm, argv[2], sizeof (realm));
 
     found = 0;
     while (!(getline(line, MAX_STRING_LEN, f))) {
Commit	Line	Data
a7f3a527	1	--- apache_1.3.26/src/support/htdigest.c 2002-10-23 09:22:02.000000000 +0200
	2	+++ apache_1.3.26/src/support/htdigest.c 2002-10-26 09:33:54.000000000 +0200
	3	@@ -255,8 +255,8 @@
	4	fprintf(stderr, "Use -c option to create new one.\n");
	5	exit(1);
	6	}
	7	- strcpy(user, argv[3]);
	8	- strcpy(realm, argv[2]);
	9	+ strncpy(user, argv[3], sizeof (user));
	10	+ strncpy(realm, argv[2], sizeof (realm));
	11
	12	found = 0;
	13	while (!(getline(line, MAX_STRING_LEN, f))) {