--- rumba.c.orig Tue Jun 11 11:27:59 2002 +++ rumba.c Tue Jun 11 13:32:39 2002 @@ -24,6 +24,8 @@ /* ------------------------------------------------------------------------- */ +#define NAMESIZE 64 + int debug_mode = 0; char fake_dot_in_root = 1; char fake_dotdot_in_root = 1; @@ -260,7 +262,7 @@ int got_password, upcase_password; int port = -1, max_xmit = -1; char server_name[17], client_name[17]; -char username[64], password[64], run_as_daemon; +char username[NAMESIZE], password[NAMESIZE], run_as_daemon; char *mount_point, *server, *share, *root, *user_dummy, *p; static fh_t root_fh[32/sizeof(fh_t)] = {0}; unsigned ipAddr; @@ -320,12 +322,17 @@ strcpy(server_name, hostName); } } + if(getenv("USER")){ - strcpy(username, getenv("USER")); + if (strlcpy(username, getenv("USER"), NAMESIZE) >= NAMESIZE) + eprintf("$USER too long, truncated to \"%s\"\n", + username); str_upper(username); } - if(username[0] == 0 && getenv("LOGNAME")){ - strcpy(username,getenv("LOGNAME")); + else if(getenv("LOGNAME")){ + if (strlcpy(username, getenv("LOGNAME"), NAMESIZE) >= NAMESIZE); + eprintf("$LOGNAME too long, truncated to \"%s\"\n", + username); str_upper(username); } @@ -415,7 +422,7 @@ got_password = 1; break; case 'i': - if(fgets(password, sizeof(password), stdin) != NULL){ + if(fgets(password, NAMESIZE, stdin) != NULL){ if((p = strrchr(password, '\n')) != NULL) *p = 0; got_password = 1; @@ -462,13 +469,18 @@ conf_dirmode = conf_filemode; conf_dirmode |= (conf_dirmode & 0444) >> 2; } + if(!got_password){ - char *pw; - if((pw = getenv("PASSWD"))) - strcpy(password, pw); - else - strcpy(password, getpass("Password: ")); + char *pw, *src = "$PASSWD"; + if ((pw = getenv("PASSWD")) == NULL) { + src = "User entered password"; + pw = getpass("Password: "); + } + if (strlcpy(password, pw, NAMESIZE) >= NAMESIZE) + eprintf("%s too long, truncated to \"%s\"\n", + src, password); } + if(upcase_password){ str_upper(password); }