From 5d1711220c6dc7e66798664f9766ce64e62a7f5c Mon Sep 17 00:00:00 2001 From: Bill Fumerola Date: Sat, 2 Jan 1999 04:37:46 +0000 Subject: [PATCH] Let's make sure we're at the end of the password string before we apply a \0 and terminate it. This patch ensures passwords will be the correct length of 8, which is what is implied in the source (but not reflected in the man page). PR: bin/7817 Reviewed by: Alfred Perlstein Submitted by: Hiroshi Nishikawa --- usr.sbin/pw/pw_user.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index d10c5283f5f8..fd5f4f090686 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -26,7 +26,7 @@ #ifndef lint static const char rcsid[] = - "$Id$"; + "$Id: pw_user.c,v 1.23 1997/10/10 06:23:39 charnier Exp $"; #endif /* not lint */ #include @@ -925,7 +925,7 @@ pw_password(struct userconf * cnf, struct cargs * args, char const * user) l = (random() % 8 + 8); /* 8 - 16 chars */ pw_getrand(rndbuf, l); for (i = 0; i < l; i++) - pwbuf[i] = chars[rndbuf[i] % sizeof(chars)]; + pwbuf[i] = chars[rndbuf[i] % (sizeof(chars)-1)]; pwbuf[i] = '\0'; /*