From ad07330e1a39bc4469aa9c085a34750f8c505266 Mon Sep 17 00:00:00 2001 From: Pablo Barciela Date: Sat, 23 Feb 2019 13:35:40 +0100 Subject: [Security] Use 'g_strlcpy' instead of 'strcpy' to avoid warnings with Clang Analyzer --- libcaja-private/caja-file-operations.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'libcaja-private/caja-file-operations.c') diff --git a/libcaja-private/caja-file-operations.c b/libcaja-private/caja-file-operations.c index 51481db0..a12d730c 100644 --- a/libcaja-private/caja-file-operations.c +++ b/libcaja-private/caja-file-operations.c @@ -6545,10 +6545,10 @@ mark_desktop_file_trusted (CommonJob *common, } if (!g_str_has_prefix (contents, "#!")) { - new_length = length + strlen (TRUSTED_SHEBANG); - new_contents = g_malloc (new_length); + new_length = length + strlen (TRUSTED_SHEBANG) + 1; + new_contents = g_malloc0 (new_length); - strcpy (new_contents, TRUSTED_SHEBANG); + g_strlcpy (new_contents, TRUSTED_SHEBANG, new_length); memcpy (new_contents + strlen (TRUSTED_SHEBANG), contents, length); -- cgit v1.2.1