cedric pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=49716a9cf02b51cc01aa3c3187fe9ff392c90464
commit 49716a9cf02b51cc01aa3c3187fe9ff392c90464 Author: Srivardhan Hebbar <sri.heb...@samsung.com> Date: Wed Sep 23 14:04:23 2015 -0700 ecore_con: replacing strncat with strncpy. Summary: strcat will look for the null-terminator, interpret that as the end of the string, and append the new text there, overwriting the null-terminator in the process, and writing a new null-terminator at the end of the concatenation. buf is uninitialized, so it might start with NULL, or it might not have NULL anywhere within it. So this might produce undefined behaviour. So replaced with strncpy. Signed-off-by: Srivardhan Hebbar <sri.heb...@samsung.com> Reviewers: cedric Subscribers: cedric Differential Revision: https://phab.enlightenment.org/D3094 Signed-off-by: Cedric BAIL <ced...@osg.samsung.com> --- src/lib/ecore_con/ecore_con_ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/ecore_con/ecore_con_ssl.c b/src/lib/ecore_con/ecore_con_ssl.c index 21f4440..03ce569 100644 --- a/src/lib/ecore_con/ecore_con_ssl.c +++ b/src/lib/ecore_con/ecore_con_ssl.c @@ -95,7 +95,7 @@ _gnutls_log_func(int level, const char *str) { char buf[128]; - strncat(buf, str, strlen(str) - 1); + strncpy(buf, str, strlen(str) - 1); DBG("|<%d>| %s", level, buf); } --