From: Thom May <thommay@apache.org>
Date: Wed, 30 Apr 2003 11:43:49 +0000 (+0000)
Subject: Fix a pair of potential buffer overflows in htdigest
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2b9d3c1497acc020d95f98c2c3f3974f6d380495;p=thirdparty%2Fapache%2Fhttpd.git

Fix a pair of potential buffer overflows in htdigest

Obtained from: Martin Schulze <joey@infodrom.org>
Reviewed by: William Rowe, Sander Striker, David Reid


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@99659 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/CHANGES b/src/CHANGES
index da3de85d8f9..9de8a2acfe4 100644
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,4 +1,7 @@
 Changes with Apache 1.3.28
+  
+  *) Fix a pair of potential buffer overflows in htdigest
+     [Martin Schulze <joey@infodrom.org>, Thom May]
 
   *) A newly created child now has a start_time of 0, to prevent
      mod_status from displaying a bogus value for the "time to
diff --git a/src/support/htdigest.c b/src/support/htdigest.c
index afc84d26cd2..25b5a8db423 100644
--- a/src/support/htdigest.c
+++ b/src/support/htdigest.c
@@ -253,8 +253,8 @@ int main(int argc, char *argv[])
 	fprintf(stderr, "Use -c option to create new one.\n");
 	exit(1);
     }
-    strcpy(user, argv[3]);
-    strcpy(realm, argv[2]);
+    ap_cpystrn(user, argv[3], sizeof(user));
+    ap_cpystrn(realm, argv[2], sizeof(realm));
 
     found = 0;
     while (!(getline(line, MAX_STRING_LEN, f))) {