From: Jeff King <peff@peff.net>
Date: Sat, 10 Dec 2011 10:40:45 +0000 (-0500)
Subject: imap-send: avoid buffer overflow
X-Git-Tag: v1.7.9-rc0~31^2~9
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=50d0158fbba5c4cd04184bb757bf43a84c290405;p=git.git

imap-send: avoid buffer overflow

We format the password prompt in an 80-character static
buffer. It contains the remote host and username, so it's
unlikely to overflow (or be exploitable by a remote
attacker), but there's no reason not to be careful and use
a strbuf.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

diff --git a/imap-send.c b/imap-send.c
index e1ad1a48c..4c1e89711 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -1209,9 +1209,10 @@ static struct store *imap_open_store(struct imap_server_conf *srvc)
 			goto bail;
 		}
 		if (!srvc->pass) {
-			char prompt[80];
-			sprintf(prompt, "Password (%s@%s): ", srvc->user, srvc->host);
-			arg = git_getpass(prompt);
+			struct strbuf prompt = STRBUF_INIT;
+			strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host);
+			arg = git_getpass(prompt.buf);
+			strbuf_release(&prompt);
 			if (!arg) {
 				perror("getpass");
 				exit(1);