Fix unbounded source buffer

source could be larger than destination Problem reported by Coverity CID 1090342 (#1 of 1): Unbounded source buffer (STRING_SIZE) 10. string_size: Passing string "envvar" of unknown size to "strcpy(char * restrict, char const * restrict)", which expects a string of a particular size.
2013-09-19 23:48:44 +02:00 · 2013-09-19 23:48:44 +02:00 · 30fdf1d9c2
commit 30fdf1d9c2
parent 9240770ab1
1 changed files with 2 additions and 1 deletions
--- a/libnfc/nfc-internal.c
+++ b/libnfc/nfc-internal.c
@ -100,7 +100,8 @@ nfc_context_new(void)
  char *envvar = getenv("LIBNFC_DEFAULT_DEVICE");
  if (envvar) {
    strcpy(res->user_defined_devices[0].name, "user defined default device");
-    strcpy(res->user_defined_devices[0].connstring, envvar);
+    strncpy(res->user_defined_devices[0].connstring, envvar, NFC_BUFSIZE_CONNSTRING);
+    res->user_defined_devices[0].connstring[NFC_BUFSIZE_CONNSTRING - 1] = '\0';
    res->user_defined_device_count++;
  }