vss.c: Avoid strcpy() to a fixed-size buffer.
authorAndre Noll <maan@systemlinux.org>
Wed, 31 Oct 2007 00:07:16 +0000 (01:07 +0100)
committerAndre Noll <maan@systemlinux.org>
Wed, 31 Oct 2007 00:07:16 +0000 (01:07 +0100)
aft.c
vss.c

diff --git a/aft.c b/aft.c
index f55bf84..f663109 100644 (file)
--- a/aft.c
+++ b/aft.c
@@ -723,8 +723,9 @@ int open_and_update_audio_file(struct osl_row *aft_row, struct audio_file_data *
        ret = get_attribute_text(&afd->afsi.attributes, " ", &tmp);
        if (ret < 0)
                goto err;
        ret = get_attribute_text(&afd->afsi.attributes, " ", &tmp);
        if (ret < 0)
                goto err;
-       tmp[sizeof(afd->attributes_string) - 1] = '\0';
-       strcpy(afd->attributes_string, tmp); /* OK */
+       assert(tmp);
+       strncpy(afd->attributes_string, tmp, sizeof(afd->attributes_string));
+       afd->attributes_string[sizeof(afd->attributes_string) - 1] = '\0';
        free(tmp);
 
        aced.aft_row = aft_row;
        free(tmp);
 
        aced.aft_row = aft_row;
diff --git a/vss.c b/vss.c
index ee63d10..4418c53 100644 (file)
--- a/vss.c
+++ b/vss.c
@@ -198,7 +198,8 @@ static void vss_eof(void)
        mmd->afd.afhi.chunk_table = NULL;
        tmp  = make_message("%s:\n%s:\n%s:\n", status_item_list[SI_AUDIO_INFO1],
                status_item_list[SI_AUDIO_INFO2], status_item_list[SI_AUDIO_INFO3]);
        mmd->afd.afhi.chunk_table = NULL;
        tmp  = make_message("%s:\n%s:\n%s:\n", status_item_list[SI_AUDIO_INFO1],
                status_item_list[SI_AUDIO_INFO2], status_item_list[SI_AUDIO_INFO3]);
-       strcpy(mmd->afd.afhi.info_string, tmp);
+       strncpy(mmd->afd.afhi.info_string, tmp, sizeof(mmd->afd.afhi.info_string));
+       mmd->afd.afhi.info_string[sizeof(mmd->afd.afhi.info_string) - 1] = '\0';
        free(tmp);
        mmd->afd.path[0] = '\0';
        mmd->afd.afsi.lyrics_id = 0;
        free(tmp);
        mmd->afd.path[0] = '\0';
        mmd->afd.afsi.lyrics_id = 0;