commit 050585311ac7e6f17a0d4e33650ea3a5a4ee182b
Author: David Sommerseth <dazo@users.sourceforge.net>
Date:   Thu Jul 8 14:13:41 2010 +0200

    Fixed a buffer overflow issue in eurephia_init

diff --git a/utils/eurephia_init.c b/utils/eurephia_init.c
index ed03690..fd28f68 100644
--- a/utils/eurephia_init.c
+++ b/utils/eurephia_init.c
@@ -503,8 +503,8 @@ int setup_attempt_limits(eurephiaCTX *ctx) {
  * @return Returns 1 on success, otherwise 0.
  */
 int setup_session_params(eurephiaCTX *ctx) {
-        char buffer[20], value[20];
-        memset(&buffer, 0, 20);
+        char buffer[22], value[22];
+        memset(&buffer, 0, 22);
 
         printf("------------------------------------------------------------------------------\n");
         printf("  eurephia :: SESSION PARAMETERS\n");

commit 38df03d8ec77cb26ac22d73787fe9fee88dd6280
Author: David Sommerseth <dazo@users.sourceforge.net>
Date:   Thu Jul 8 14:11:31 2010 +0200

    Fixed compiler warning: loop could be used uninitialised

diff --git a/eurephiadm/client_session.c b/eurephiadm/client_session.c
index 7abad95..31e761b 100644
--- a/eurephiadm/client_session.c
+++ b/eurephiadm/client_session.c
@@ -156,7 +156,7 @@ void remove_session_file(eurephiaCTX *ctx) {
  */
 eurephiaSESSION *create_session(eurephiaCTX *ctx, const char *sesskey) {
         eurephiaSESSION *new_sess = NULL;
-        int loop, uniqchk;
+        int loop = 0, uniqchk = 0;
         char *randdata = NULL;
         unsigned char sha_res[SHA512_HASH_SIZE+2];
         SHA512Context sha;

commit 961b3a85ca6d2ca65360034f5c2b34d276507d6a
Author: David Sommerseth <dazo@users.sourceforge.net>
Date:   Thu Jul 8 13:50:55 2010 +0200

    Do check the result of fgets()
    
    If fgets() returns NULL, clear the buffer allocated for the console data.

diff --git a/eurephiadm/get_console_input.c b/eurephiadm/get_console_input.c
index e291d79..ab407f7 100644
--- a/eurephiadm/get_console_input.c
+++ b/eurephiadm/get_console_input.c
@@ -46,6 +46,7 @@
  */
 int get_console_input(char *buf, size_t len, const char *prompt, int hidden) {
         struct termios term_orig, term_noecho;
+        char *res = NULL;
         char *ptr;
 
         // Print prompt
@@ -65,7 +66,7 @@ int get_console_input(char *buf, size_t len, const char *prompt, int hidden) {
         }
 
         // Read user input from stdin
-        fgets(buf, len, stdin);
+        res = fgets(buf, len, stdin);
 
         if( hidden == 1 ) {
                 // Restore terminal to saved state
@@ -73,13 +74,16 @@ int get_console_input(char *buf, size_t len, const char *prompt, int hidden) {
         }
 
         // Remove trailing spaces
-        if( buf != NULL ) {
+        if( res != NULL && buf != NULL ) {
                 ptr = buf + strlen(buf) - 1;
                 while( (ptr > buf) && ((*ptr == 0x20) || (*ptr == '\n') || (*ptr == '\r')) ) {
                         *ptr = 0;
                         ptr--;
                 }
                 ptr++;
+        } else {
+                // If nothing is read, make sure result buffer is cleared
+                memset(buf, 0, len);
         }
         if( hidden ) {
                 fprintf(stdout, "\n");

commit 7ae14aca46d6299d2ed49640e5eb942a207b3a68
Author: David Sommerseth <dazo@users.sourceforge.net>
Date:   Thu Jul 8 13:49:08 2010 +0200

    Fixed an overflow issue with memset() in eurephiadm

diff --git a/eurephiadm/eurephiadm.c b/eurephiadm/eurephiadm.c
index 564a4a7..340ac08 100644
--- a/eurephiadm/eurephiadm.c
+++ b/eurephiadm/eurephiadm.c
@@ -285,7 +285,7 @@ static eurephiaSESSION *do_login(eurephiaCTX *ctx, eurephiaVALUES *cfg, const ch
         memset(&username, 0, 33);
         memset(&password, 0, 33);
         if( (tmp = eGet_value(cfg, "username")) == NULL ) {
-                memset(username, 0, 34);
+                memset(username, 0, 33);
                 get_console_input(username, 32, "User:", 0);
         } else {
                 strncpy(username, tmp, 32);