cmd: usbdown: remove overflow possiblity on fill_entity_usbdown()

The file name parsed from dfu_alo_info can be longer than NAME_SIZE,
so strcpy function has possiblity of overflow.
Remove the possible overflow using strncpy with less length than
NAME_SIZE.

Change-Id: Ib70f539a810e553136421c7faa576144811c3112
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>

diff --git a/cmd/usbdown.c b/cmd/usbdown.c
index 27e6a6b9bc6226e14bf04234c900a606522a885b..840c6bb86c19d2fac60543e81a7abcd5296d4863 100644 (file)
--- a/cmd/usbdown.c
+++ b/cmd/usbdown.c
@@ -261,7 +261,7 @@ static void fill_entity_usbdown(char *interface, char *devstr)
                /* Parsing file name */
                s = strsep(&setting, ";");
                st = strsep(&s, " ");
-               strcpy(usbdown[i].name, st);
+               strncpy(usbdown[i].name, st, NAME_SIZE - 1);
 
                ret = usb_fill_entity(&usbdown[i], s, alt_num_count,
                                interface, devstr);