devilhorns pushed a commit to branch feature/security.
http://git.enlightenment.org/core/efl.git/commit/?id=67e203a125a6fec29053f21deca7a36df7b2777c
commit 67e203a125a6fec29053f21deca7a36df7b2777c
Author: Chris Michael <cp.mich...@samsung.com>
Date: Thu May 10 10:58:36 2018 -0400
edje: Remove use of insecure strcpy and sprintf functions
As per the sonar report, the usage of strcpy and sprintf are insecure.
This patch modifies the code slightly to use the more secure strncpy
and snprintf functions in order to avoid potential buffer overflow
vulnerability.
@fix
Differential Revision: https://phab.enlightenment.org/D6152
---
src/bin/edje/edje_cc_out.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/bin/edje/edje_cc_out.c b/src/bin/edje/edje_cc_out.c
index f315526e4f..37fde053b9 100644
--- a/src/bin/edje/edje_cc_out.c
+++ b/src/bin/edje/edje_cc_out.c
@@ -2541,8 +2541,8 @@ data_thread_license(void *data, Ecore_Thread *thread
EINA_UNUSED)
{
char *s = alloca(strlen(lw->file) + 1 + 13);
- strcpy(s, lw->file);
- sprintf(s, "edje/license/%s", basename(s));
+ strncpy(s, lw->file, strlen(lw->file) + 1 + 13);
+ snprintf(s, strlen(lw->file) + 1 + 13, "edje/license/%s", basename(s));
bytes = eet_write(ef, s, m, eina_file_size_get(f), compress_mode);
}
--
