From 87fbe12dbba8278d58d6581626e4cf4224dbca8d Mon Sep 17 00:00:00 2001 From: Rob Landley Date: Sat, 13 Dec 2014 11:56:41 -0600 Subject: Remove more strncpy() calls. The semantics of strncat() and strncpy() are non-obvious, so let's not use 'em. Both zero all their remaining buffer space, and with strncat() the size is the space left at the _end_ of the string (not the size of the buffer) so it's way too easy to stomp memory you don't own. As long as we have to measure stuff ourselves to get it right, just use memcpy(). --- lib/lib.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/lib.c b/lib/lib.c index 5923176c..33be44b6 100644 --- a/lib/lib.c +++ b/lib/lib.c @@ -177,7 +177,7 @@ struct string_list **splitpath(char *path, struct string_list **list) if (len > 0) { *list = xmalloc(sizeof(struct string_list) + len + 1); (*list)->next = 0; - strncpy((*list)->str, new, len); + memcpy((*list)->str, new, len); (*list)->str[len] = 0; list = &(*list)->next; } @@ -210,7 +210,8 @@ struct string_list *find_in_path(char *path, char *filename) if (!len) sprintf(rnext->str, "%s/%s", cwd, filename); else { char *res = rnext->str; - strncpy(res, path, len); + + memcpy(res, path, len); res += len; *(res++) = '/'; strcpy(res, filename); -- cgit v1.2.3