>diff --git a/fcoemon.c b/fcoemon.c >index 46ba0f1..c485754 100644 >--- a/fcoemon.c >+++ b/fcoemon.c >@@ -2159,7 +2159,7 @@ int fcm_save_reply(struct sock_info **r, struct >sockaddr_un *f, socklen_t flen, > } > (*r)->sock = s; > (*r)->from.sun_family = f->sun_family; >- memcpy((*r)->from.sun_path, f->sun_path, strlen(f->sun_path)); >+ strncpy((*r)->from.sun_path, f->sun_path, strlen(f->sun_path) + >1);
The final argument here doesn't make any sense for strncpy(). You're just passing in the length of the source, when it should be the length of the destination buffer in order to protect against overflow. As is, this is just strcpy(). > (*r)->fromlen = flen; > return fcm_success; > } _______________________________________________ devel mailing list [email protected] http://www.open-fcoe.org/mailman/listinfo/devel
