[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC passwords to 7
From: |
Thiemo Seufer |
Subject: |
Re: [Qemu-devel] [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars |
Date: |
Sun, 23 Nov 2008 13:31:01 +0100 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
Chris Webb wrote:
> Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8
>
> monitor_readline expects buf_size to include the terminating \0, but
> do_change_vnc in monitor.c calls it as though it doesn't. The other site
> where monitor_readline reads a password (in vl.c) passes the buffer length
> correctly.
>
> Signed-off-by: Chris Webb <address@hidden>
> ---
> monitor.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/monitor.c b/monitor.c
> index 22360fc..6ae5729 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -433,7 +433,7 @@ static void do_change_vnc(const char *target)
> if (strcmp(target, "passwd") == 0 ||
> strcmp(target, "password") == 0) {
> char password[9];
> - monitor_readline("Password: ", 1, password, sizeof(password)-1);
> + monitor_readline("Password: ", 1, password, sizeof(password));
> password[sizeof(password)-1] = '\0';
The next line can go as well, the string is already NULL terminated.
Thiemo