[EGIT] [core/efl] feature/security 01/04: edje: Remove use of insecure strcat function

[Christopher Michael]

devilhorns pushed a commit to branch feature/security.

http://git.enlightenment.org/core/efl.git/commit/?id=936e4acd75d009a56446b46bd4328b6c92fe6ce5

commit 936e4acd75d009a56446b46bd4328b6c92fe6ce5
Author: Chris Michael <cp.mich...@samsung.com>
Date:   Thu May 10 10:47:37 2018 -0400

    edje: Remove use of insecure strcat function
    
    As per the sonar report, the usage of strcat is insecure. This patch
    modifies the code slightly to use the more secure strncat function in
    order to avoid potential buffer overflow vulnerability.
    
    @fix
    
    Differential Revision: https://phab.enlightenment.org/D6150
---
 src/bin/edje/edje_cc_handlers.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bin/edje/edje_cc_handlers.c b/src/bin/edje/edje_cc_handlers.c
index 6d987edb8f..4d0a319943 100644
--- a/src/bin/edje/edje_cc_handlers.c
+++ b/src/bin/edje/edje_cc_handlers.c
@@ -11341,7 +11341,7 @@ 
st_collections_group_parts_part_description_text_text(void)
         else
           {
              str = realloc(str, strlen(str) + strlen(s) + 1);
-             strcat(str, s);
+             strncat(str, s, strlen(str) + strlen(s) + 1);
              free(s);
           }
      }

--