summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPablo Barciela <[email protected]>2019-03-03 03:13:55 +0100
committerZenWalker <[email protected]>2019-03-22 11:02:29 +0100
commita975dcc0734b2592810a44714e98f2e8c768a286 (patch)
tree35e027f84002fdfdad1f0957581f54a0126790eb
parent90c61c664b2c31f27eb04a076bc34e9998f44335 (diff)
downloadmate-panel-a975dcc0734b2592810a44714e98f2e8c768a286.tar.bz2
mate-panel-a975dcc0734b2592810a44714e98f2e8c768a286.tar.xz
[Security] panel-keyfile: Use 'g_strlcpy' instead of 'strcpy'
Fixes Clang static analyzer warning: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
Diffstat
-rw-r--r--mate-panel/libpanel-util/panel-keyfile.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/mate-panel/libpanel-util/panel-keyfile.c b/mate-panel/libpanel-util/panel-keyfile.c
index ebd32497..5cf4996e 100644
--- a/mate-panel/libpanel-util/panel-keyfile.c
+++ b/mate-panel/libpanel-util/panel-keyfile.c
@@ -126,11 +126,10 @@ panel_key_file_to_file (GKeyFile *keyfile,
gsize new_length;
new_length = length + strlen (KEYFILE_TRUSTED_SHEBANG);
- new_data = g_malloc (new_length);
+ new_data = g_malloc (new_length + 1);
- strcpy (new_data, KEYFILE_TRUSTED_SHEBANG);
- memcpy (new_data + strlen (KEYFILE_TRUSTED_SHEBANG),
- data, length);
+ g_strlcpy (new_data, KEYFILE_TRUSTED_SHEBANG, new_length + 1);
+ g_strlcat (new_data, data, new_length + 1);
g_free (data);
data = new_data;
generated by cgit v1.2.1 (git 2.18.0) at 2024-11-03 03:01:20 +0000