From fcc25a03cd448597472c076e6fae0c0face0693e Mon Sep 17 00:00:00 2001
From: Alejandro Colomar <alx@kernel.org>
Date: Sat, 29 Jul 2023 17:56:46 +0200
Subject: [PATCH] login: Replace STRFCPY() by STRLCPY()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

The variable is only being read as a string (char *), so data after the
'\0' can't be leaked.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
 src/login.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/login.c b/src/login.c
index 84002232d..9faec8189 100644
--- a/src/login.c
+++ b/src/login.c
@@ -36,6 +36,7 @@
 /*@-exitarg@*/
 #include "exitcodes.h"
 #include "shadowlog.h"
+#include "strlcpy.h"
 
 #ifdef USE_PAM
 #include "pam_defs.h"
@@ -552,7 +553,7 @@ int main (int argc, char **argv)
 	if (NULL == tmptty) {
 		tmptty = "UNKNOWN";
 	}
-	STRFCPY (tty, tmptty);
+	STRLCPY(tty, tmptty);
 
 #ifndef USE_PAM
 	is_console = console (tty);
-- 
2.47.2