Make sure copied strings are properly terminated in snmplib and wccp2

diff --git a/snmplib/parse.c b/snmplib/parse.c
index e8d8647419027afabde14bd27bd14c3767aa3e01..d2ad7b7e8265af33aa19f8e3bc5e8f7db21dd0e5 100644 (file)
--- a/snmplib/parse.c
+++ b/snmplib/parse.c
@@ -1014,6 +1014,7 @@ parse(FILE *fp) {
             return NULL;
         }
         strncpy(name, token, 64);
+        name[63] = '\0';
         type = get_token(fp, token);
         if (type == OBJTYPE) {
             if (root == NULL) {

diff --git a/src/wccp2.cc b/src/wccp2.cc
index a5f6c8b5ce2d6ad96a2a296a05a460da19b32233..01c4bc5fbb7a8fe71933ee485994706efec1ae4f 100644 (file)
--- a/src/wccp2.cc
+++ b/src/wccp2.cc
@@ -592,6 +592,7 @@ wccp2_update_md5_security(char *password, char *ptr, char *packet, int len)
     /* The password field, for the MD5 hash, needs to be 8 bytes and NUL padded. */
     memset(pwd, 0, sizeof(pwd));
     strncpy(pwd, password, sizeof(pwd));
+    pwd[sizeof(pwd) - 1] = '\0';
 
     ws = (struct wccp2_security_md5_t *) ptr;
     assert(ntohs(ws->security_type) == WCCP2_SECURITY_INFO);
@@ -660,6 +661,7 @@ wccp2_check_security(struct wccp2_service_list_t *srv, char *security, char *pac
     /* The password field, for the MD5 hash, needs to be 8 bytes and NUL padded. */
     memset(pwd, 0, sizeof(pwd));
     strncpy(pwd, srv->wccp_password, sizeof(pwd));
+    pwd[sizeof(pwd) - 1] = '\0';
 
     /* Take a copy of the challenge: we need to NUL it before comparing */
     memcpy(md5_challenge, ws->security_implementation, 16);