lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-14 04:18:54 +03:00
Code Activity

server: Use strncat instead of strcat.

Browse Source 
This is just hardening the code.

Found by Coverity.
This commit is contained in:
Andreas Schneider
2012-10-08 21:50:08 +02:00
parent a660177a6e
commit b1287cd946
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/server.c
View File

@@ -580,16 +580,24 @@ static int ssh_message_auth_reply_default(ssh_message msg,int partial) {
session->auth_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD; session->auth_methods = SSH_AUTH_METHOD_PUBLICKEY | SSH_AUTH_METHOD_PASSWORD;
} }
if (session->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) { if (session->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) {
strcat(methods_c, "publickey,"); strncat(methods_c, "publickey,",
sizeof(methods_c) - strlen(methods_c) - 1);
} }
if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) { if (session->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
strcat(methods_c, "keyboard-interactive,"); strncat(methods_c, "keyboard-interactive,",
sizeof(methods_c) - strlen(methods_c) - 1);
} }
if (session->auth_methods & SSH_AUTH_METHOD_PASSWORD) { if (session->auth_methods & SSH_AUTH_METHOD_PASSWORD) {
strcat(methods_c, "password,"); strncat(methods_c, "password,",
sizeof(methods_c) - strlen(methods_c) - 1);
} }
if (session->auth_methods & SSH_AUTH_METHOD_HOSTBASED) { if (session->auth_methods & SSH_AUTH_METHOD_HOSTBASED) {
strcat(methods_c, "hostbased,"); strncat(methods_c, "hostbased,",
sizeof(methods_c) - strlen(methods_c) - 1);
}
if (methods_c[0] == '\0' || strlen(methods_c) != ',') {
return SSH_ERROR;
} }
/* Strip the comma. */ /* Strip the comma. */