From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1L9gnn-00069u-MY
	for qemu-devel@nongnu.org; Mon, 08 Dec 2008 09:09:35 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1L9gnn-00069c-Bm
	for qemu-devel@nongnu.org; Mon, 08 Dec 2008 09:09:35 -0500
Received: from [199.232.76.173] (port=53030 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1L9gnn-00069V-1k
	for qemu-devel@nongnu.org; Mon, 08 Dec 2008 09:09:35 -0500
Received: from alpha.arachsys.com ([91.203.57.7]:42282)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <chris@arachsys.com>) id 1L9gnm-0000Zn-Gi
	for qemu-devel@nongnu.org; Mon, 08 Dec 2008 09:09:34 -0500
Date: Mon, 8 Dec 2008 14:09:30 +0000
From: Chris Webb <chris@arachsys.com>
Message-ID: <20081208140930.GF19711@arachsys.com>
References: <20081123113147.GA12832@arachsys.com>
	<20081123123101.GC17042@networkno.de>
	<20081125100935.GI2380@arachsys.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20081125100935.GI2380@arachsys.com>
Subject: [Qemu-devel] [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC
	passwords to 7 chars
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, kvm@vger.kernel.org

Fix off-by-one bug limiting VNC passwords to 7 characters instead of 8

monitor_readline expects buf_size to include the terminating \0, but
do_change_vnc in monitor.c calls it as though it doesn't. The other site
where monitor_readline reads a password (in vl.c) passes the buffer length
correctly.

Signed-off-by: Chris Webb <chris@arachsys.com>
---
 monitor.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/monitor.c b/monitor.c
index 22360fc..a252838 100644
--- a/monitor.c
+++ b/monitor.c
@@ -433,8 +433,7 @@ static void do_change_vnc(const char *target)
     if (strcmp(target, "passwd") == 0 ||
 	strcmp(target, "password") == 0) {
 	char password[9];
-	monitor_readline("Password: ", 1, password, sizeof(password)-1);
-	password[sizeof(password)-1] = '\0';
+	monitor_readline("Password: ", 1, password, sizeof(password));
 	if (vnc_display_password(NULL, password) < 0)
 	    term_printf("could not set VNC server password\n");
     } else {