login: use mem2strcpy() rather than rely on printf()

The strings from utmp does not have to be terminated. It's seems
better to explicitly terminate it than rely on "%.*s" printf()
functionality -- printf() man page assumes that "If a precision is
given, no null byte need be present", but static analyzers are pretty
unhappy with it.

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/login-utils/login.c b/login-utils/login.c
index 248cfb2e305f0116d931eb8e6a7f200ab999cb89..5c1f03fa225c4e0a0aa09949d03e540557a9f26a 100644 (file)
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -597,17 +597,20 @@ static void log_lastlog(struct login_context *cxt)
                if ((pread(fd, (void *)&ll, sizeof(ll), offset) == sizeof(ll)) &&
                    ll.ll_time != 0) {
                        char time_string[CTIME_BUFSIZ];
+                       char buf[sizeof(ll.ll_host) + 1];
 
                        time_t ll_time = (time_t) ll.ll_time;
 
                        ctime_r(&ll_time, time_string);
                        printf(_("Last login: %.*s "), 24 - 5, time_string);
-                       if (*ll.ll_host != '\0')
-                               printf(_("from %.*s\n"),
-                                      (int)sizeof(ll.ll_host), ll.ll_host);
-                       else
-                               printf(_("on %.*s\n"),
-                                      (int)sizeof(ll.ll_line), ll.ll_line);
+
+                       if (*ll.ll_host != '\0') {
+                               mem2strcpy(buf, ll.ll_host, sizeof(ll.ll_host), sizeof(buf));
+                               printf(_("from %s\n"), buf);
+                       } else {
+                               mem2strcpy(buf, ll.ll_line, sizeof(ll.ll_line), sizeof(buf));
+                               printf(_("on %s\n"), buf);
+                       }
                }
        }