From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thiemo Seufer Subject: Re: [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars Date: Sun, 23 Nov 2008 13:31:01 +0100 Message-ID: <20081123123101.GC17042@networkno.de> References: <20081123113147.GA12832@arachsys.com> Reply-To: qemu-devel@nongnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org To: Chris Webb Return-path: Content-Disposition: inline In-Reply-To: <20081123113147.GA12832@arachsys.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: qemu-devel-bounces+gceq-qemu-devel=gmane.org@nongnu.org Errors-To: qemu-devel-bounces+gceq-qemu-devel=gmane.org@nongnu.org List-Id: kvm.vger.kernel.org Chris Webb wrote: > Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8 > > monitor_readline expects buf_size to include the terminating \0, but > do_change_vnc in monitor.c calls it as though it doesn't. The other site > where monitor_readline reads a password (in vl.c) passes the buffer length > correctly. > > Signed-off-by: Chris Webb > --- > monitor.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/monitor.c b/monitor.c > index 22360fc..6ae5729 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -433,7 +433,7 @@ static void do_change_vnc(const char *target) > if (strcmp(target, "passwd") == 0 || > strcmp(target, "password") == 0) { > char password[9]; > - monitor_readline("Password: ", 1, password, sizeof(password)-1); > + monitor_readline("Password: ", 1, password, sizeof(password)); > password[sizeof(password)-1] = '\0'; The next line can go as well, the string is already NULL terminated. Thiemo