cedric pushed a commit to branch master.
http://git.enlightenment.org/core/efl.git/commit/?id=49716a9cf02b51cc01aa3c3187fe9ff392c90464
commit 49716a9cf02b51cc01aa3c3187fe9ff392c90464
Author: Srivardhan Hebbar <sri.heb...@samsung.com>
Date: Wed Sep 23 14:04:23 2015 -0700
ecore_con: replacing strncat with strncpy.
Summary:
strcat will look for the null-terminator, interpret that as the end of the
string, and append the new text there, overwriting the null-terminator in the
process, and writing a new null-terminator at the end of the concatenation. buf
is uninitialized, so it might start with NULL, or it might not have NULL
anywhere within it. So this might produce undefined behaviour. So replaced with
strncpy.
Signed-off-by: Srivardhan Hebbar <sri.heb...@samsung.com>
Reviewers: cedric
Subscribers: cedric
Differential Revision: https://phab.enlightenment.org/D3094
Signed-off-by: Cedric BAIL <ced...@osg.samsung.com>
---
src/lib/ecore_con/ecore_con_ssl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/ecore_con/ecore_con_ssl.c
b/src/lib/ecore_con/ecore_con_ssl.c
index 21f4440..03ce569 100644
--- a/src/lib/ecore_con/ecore_con_ssl.c
+++ b/src/lib/ecore_con/ecore_con_ssl.c
@@ -95,7 +95,7 @@ _gnutls_log_func(int level,
const char *str)
{
char buf[128];
- strncat(buf, str, strlen(str) - 1);
+ strncpy(buf, str, strlen(str) - 1);
DBG("|<%d>| %s", level, buf);
}
--
