On Wed, Sep 21, 2016 at 1:32 AM, ChunEon Park <her...@hermet.pe.kr> wrote: > hermet pushed a commit to branch master. > > http://git.enlightenment.org/core/efl.git/commit/?id=ab1a72f5e7df6fe0adef54bdcddd9867a2ebe3a6 > > commit ab1a72f5e7df6fe0adef54bdcddd9867a2ebe3a6 > Author: Hermet Park <her...@hermet.pe.kr> > Date: Wed Sep 21 13:30:44 2016 +0900 > > edje/edje_cc: use strncpy() instead of strcpy(). > > strncpy() is better for security. > Also, this change avoids annoying coverity detection. > --- > src/bin/edje/edje_cc_parse.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/bin/edje/edje_cc_parse.c b/src/bin/edje/edje_cc_parse.c > index 525c71d..efabe22 100644 > --- a/src/bin/edje/edje_cc_parse.c > +++ b/src/bin/edje/edje_cc_parse.c > @@ -391,7 +391,7 @@ next_token(char *p, char *end, char **new_p, int *delim) > l = sscanf(tmpstr, "%*s %i \"%[^\"]\"", &nm, fl); > if (l == 2) > { > - strcpy(file_buf, fl); > + strncpy(file_buf, fl, sizeof(file_buf)); > line = nm; > file_in = file_buf; > }
the proper function to call is eina_strlcpy(), it will use strlcpy() if available, otherwise will ensure the nul byte. -- Gustavo Sverzut Barbieri -------------------------------------- Mobile: +55 (16) 99354-9890 ------------------------------------------------------------------------------ _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
