Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

author: Richard Levitte <levitte@openssl.org> 2002-02-28 12:42:19 +0000
committer: Richard Levitte <levitte@openssl.org> 2002-02-28 12:42:19 +0000
commit: 26414ee013170f2d8e42b1995dbb30c03e7ed16c (patch)
tree: 8c063e88267e1cc018fb3a71a74b35962249702f /ssl/kssl.c
parent: 5c62f68e14f38101e2a1dd969b1d5f587a16bfdb (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/kssl.c b/ssl/kssl.c
index 49b749b054..edc108b3de 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -1597,10 +1597,12 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
 	else
                 {
 		strncpy(*princ, entity->data, entity->length);
+		(*princ)[entity->length]='\0';
 		if (realm)
                         {
 			strcat (*princ, "@");
 			(void) strncat(*princ, realm->data, realm->length);
+			(*princ)[entity->length+1+realm->length]='\0';
 			}
 		}
author	Richard Levitte <levitte@openssl.org>	2002-02-28 12:42:19 +0000
committer	Richard Levitte <levitte@openssl.org>	2002-02-28 12:42:19 +0000
commit	26414ee013170f2d8e42b1995dbb30c03e7ed16c (patch)
tree	8c063e88267e1cc018fb3a71a74b35962249702f /ssl/kssl.c
parent	5c62f68e14f38101e2a1dd969b1d5f587a16bfdb (diff)