Home » Mailing list archives » linux-kvm » 2008 » November » 23

[PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Chris Webb
Subject: [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars
Date: Sunday, November 23, 2008 - 4:31 am

Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8

monitor_readline expects buf_size to include the terminating \0, but
do_change_vnc in monitor.c calls it as though it doesn't. The other site
where monitor_readline reads a password (in vl.c) passes the buffer length
correctly.

Signed-off-by: Chris Webb <chris@arachsys.com>
---
 monitor.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/monitor.c b/monitor.c
index 22360fc..6ae5729 100644
--- a/monitor.c
+++ b/monitor.c
@@ -433,7 +433,7 @@ static void do_change_vnc(const char *target)
     if (strcmp(target, "passwd") == 0 ||
 	strcmp(target, "password") == 0) {
 	char password[9];
-	monitor_readline("Password: ", 1, password, sizeof(password)-1);
+	monitor_readline("Password: ", 1, password, sizeof(password));
 	password[sizeof(password)-1] = '\0';
 	if (vnc_display_password(NULL, password) < 0)
 	    term_printf("could not set VNC server password\n");
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars, Chris Webb, (Sun Nov 23, 4:31 am)
Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC p ..., Thiemo Seufer, (Sun Nov 23, 5:31 am)
Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC p ..., Chris Webb, (Tue Nov 25, 3:09 am)
[PATCH v2] Fix off-by-one bug limiting VNC passwords to 7 ..., Chris Webb, (Tue Nov 25, 3:25 am)
[PATCH v2] Accept password as an argument to 'change vnc p ..., Chris Webb, (Tue Nov 25, 3:26 am)
[RESEND] [PATCH v2] Fix off-by-one bug limiting VNC passwo ..., Chris Webb, (Mon Dec 8, 7:09 am)
[RESEND] [PATCH v2] Accept password as an argument to 'cha ..., Chris Webb, (Mon Dec 8, 7:09 am)
Re: [RESEND] [PATCH v2] Accept password as an argument to ..., Anthony Liguori, (Wed Dec 10, 8:14 am)
Re: [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC pa ..., Anthony Liguori, (Wed Dec 10, 8:14 am)