[PATCHv2 1/9] imap-send: avoid buffer overflow
From: Jeff King <hidden>
Date: 2016-06-15 22:52:36
Subsystem:
the rest · Maintainer:
Linus Torvalds
From: Jeff King <hidden>
Date: 2016-06-15 22:52:36
Subsystem:
the rest · Maintainer:
Linus Torvalds
We format the password prompt in an 80-character static buffer. It contains the remote host and username, so it's unlikely to overflow (or be exploitable by a remote attacker), but there's no reason not to be careful and use a strbuf. Signed-off-by: Jeff King <redacted> --- imap-send.c | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/imap-send.c b/imap-send.c
index e1ad1a4..4c1e897 100644
--- a/imap-send.c
+++ b/imap-send.c@@ -1209,9 +1209,10 @@ static int auth_cram_md5(struct imap_store *ctx, struct imap_cmd *cmd, const cha goto bail; } if (!srvc->pass) { - char prompt[80]; - sprintf(prompt, "Password (%s@%s): ", srvc->user, srvc->host); - arg = git_getpass(prompt); + struct strbuf prompt = STRBUF_INIT; + strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host); + arg = git_getpass(prompt.buf); + strbuf_release(&prompt); if (!arg) { perror("getpass"); exit(1);
--
1.7.8.rc2.40.gaf387