login: Replace STRFCPY() by STRLCPY()

The variable is only being read as a string (char *), so data after the
'\0' can't be leaked.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

diff --git a/src/login.c b/src/login.c
index 84002232d4840b103835b9d4052fd1cb52254cb3..9faec81899f91402f8c701038d0ba78c8345c564 100644 (file)
--- a/src/login.c
+++ b/src/login.c
@@ -36,6 +36,7 @@
 /*@-exitarg@*/
 #include "exitcodes.h"
 #include "shadowlog.h"
+#include "strlcpy.h"
 
 #ifdef USE_PAM
 #include "pam_defs.h"
@@ -552,7 +553,7 @@ int main (int argc, char **argv)
        if (NULL == tmptty) {
                tmptty = "UNKNOWN";
        }
-       STRFCPY (tty, tmptty);
+       STRLCPY(tty, tmptty);
 
 #ifndef USE_PAM
        is_console = console (tty);