Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

author: Richard Levitte <levitte@openssl.org> 2002-02-28 12:44:05 +0000
committer: Richard Levitte <levitte@openssl.org> 2002-02-28 12:44:05 +0000
commit: 421d474332dbb3d5b0073cc48c28c45663d0fa31 (patch)
tree: 76ad9958e196e74969183229f61b0724c2b8ba16 /ssl/kssl.c
parent: 58060fa11b5e7648ce8bf0856c00bbafe515b8a6 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/kssl.c b/ssl/kssl.c
index 49b749b054..edc108b3de 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -1597,10 +1597,12 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
 	else
                 {
 		strncpy(*princ, entity->data, entity->length);
+		(*princ)[entity->length]='\0';
 		if (realm)
                         {
 			strcat (*princ, "@");
 			(void) strncat(*princ, realm->data, realm->length);
+			(*princ)[entity->length+1+realm->length]='\0';
 			}
 		}
author	Richard Levitte <levitte@openssl.org>	2002-02-28 12:44:05 +0000
committer	Richard Levitte <levitte@openssl.org>	2002-02-28 12:44:05 +0000
commit	421d474332dbb3d5b0073cc48c28c45663d0fa31 (patch)
tree	76ad9958e196e74969183229f61b0724c2b8ba16 /ssl/kssl.c
parent	58060fa11b5e7648ce8bf0856c00bbafe515b8a6 (diff)