raster pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=3c5412f72879bbce72bfbc7190acd9e5d16d3b46
commit 3c5412f72879bbce72bfbc7190acd9e5d16d3b46 Author: Carsten Haitzler (Rasterman) <[email protected]> Date: Mon Sep 1 18:23:56 2014 +0900 evas - generic loaders - fix possible string overflow on decoders fixes CID 1039580 --- .../evas/loaders/generic/evas_image_load_generic.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/modules/evas/loaders/generic/evas_image_load_generic.c b/src/modules/evas/loaders/generic/evas_image_load_generic.c index 6f00a68..22d0acd 100644 --- a/src/modules/evas/loaders/generic/evas_image_load_generic.c +++ b/src/modules/evas/loaders/generic/evas_image_load_generic.c @@ -151,18 +151,21 @@ _load(Eina_File *ef, const char *key, // double extn not too long if (((end - dot2) <= 10) && (!illegal_char(dot2))) { - strcpy(&(decoders[decoders_num][0]), img_loader); + strncpy(&(decoders[decoders_num][0]), img_loader, 127); + decoders[decoders_num][127] = 0; dotcat(&(decoders[decoders_num][0]), dot2); decoders_num++; } // single extn not too long if (((end - dot1) <= 5) && (!illegal_char(dot1))) { - strcpy(&(decoders[decoders_num][0]), img_loader); + strncpy(&(decoders[decoders_num][0]), img_loader, 127); + decoders[decoders_num][127] = 0; dotcat(&(decoders[decoders_num][0]), dot1); decoders_num++; } - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; } else if (dot1) @@ -174,12 +177,14 @@ _load(Eina_File *ef, const char *key, dotcat(&(decoders[decoders_num][0]), dot1); decoders_num++; } - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; } else { - strcpy(decoders[decoders_num], img_loader); + strncpy(decoders[decoders_num], img_loader, 127); + decoders[decoders_num][127] = 0; decoders_num++; } --
