aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnselm R. Garbe <arg@suckless.org>2007-01-13 14:09:41 +0100
committerAnselm R. Garbe <arg@suckless.org>2007-01-13 14:09:41 +0100
commit6725bb2a3a425ffff9c2253d60c0f25513c78a93 (patch)
tree47d0689fc98e1527f98bf86c2be408da7c1fc5d4
parentthanks to Jack for this hint (diff)
downloadslock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.gz
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.bz2
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.xz
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.tar.zst
slock-6725bb2a3a425ffff9c2253d60c0f25513c78a93.zip
fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg)
-rw-r--r--LICENSE2
-rw-r--r--Makefile2
-rw-r--r--config.mk2
-rw-r--r--slock.c4
4 files changed, 5 insertions, 5 deletions
diff --git a/LICENSE b/LICENSE
index aa0a3ab..3646c7d 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
MIT/X Consortium License
-(C)opyright MMVI Anselm R. Garbe <garbeam at gmail dot com>
+(C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
diff --git a/Makefile b/Makefile
index a84e889..2254925 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,5 @@
# slock - simple screen locker
-# (C)opyright MMVI Anselm R. Garbe
+# (C)opyright MMVI-MMVII Anselm R. Garbe
include config.mk
diff --git a/config.mk b/config.mk
index df3b2dc..22a1585 100644
--- a/config.mk
+++ b/config.mk
@@ -1,5 +1,5 @@
# slock version
-VERSION = 0.3
+VERSION = 0.4
# Customize below to fit your system
diff --git a/slock.c b/slock.c
index aafc7c0..94cb26b 100644
--- a/slock.c
+++ b/slock.c
@@ -1,4 +1,4 @@
-/* (C)opyright MMIV-MMV Anselm R. Garbe <garbeam at gmail dot com>
+/* (C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
* See LICENSE file for license details.
*/
#define _XOPEN_SOURCE 500
@@ -122,7 +122,7 @@ main(int argc, char **argv) {
--len;
break;
default:
- if(num && !iscntrl((int) buf[0])) {
+ if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) {
memcpy(passwd + len, buf, num);
len += num;
}