qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC passwords to 7


From: Thiemo Seufer
Subject: Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars
Date: Sun, 23 Nov 2008 13:31:01 +0100
User-agent: Mutt/1.5.18 (2008-05-17)

Chris Webb wrote:
> Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8
> 
> monitor_readline expects buf_size to include the terminating \0, but
> do_change_vnc in monitor.c calls it as though it doesn't. The other site
> where monitor_readline reads a password (in vl.c) passes the buffer length
> correctly.
> 
> Signed-off-by: Chris Webb <address@hidden>
> ---
>  monitor.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/monitor.c b/monitor.c
> index 22360fc..6ae5729 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -433,7 +433,7 @@ static void do_change_vnc(const char *target)
>      if (strcmp(target, "passwd") == 0 ||
>       strcmp(target, "password") == 0) {
>       char password[9];
> -     monitor_readline("Password: ", 1, password, sizeof(password)-1);
> +     monitor_readline("Password: ", 1, password, sizeof(password));
>       password[sizeof(password)-1] = '\0';

The next line can go as well, the string is already NULL terminated.


Thiemo




reply via email to

[Prev in Thread] Current Thread [Next in Thread]