clients/simple-shm-shell: Don't use vulnerable functions

Change-Id: I800e57d29f660844fee806b7916ab6c4edffa74b

diff --git a/clients/simple-shm-shell.c b/clients/simple-shm-shell.c
index 52d9ed2..cbc92da 100644 (file)
--- a/clients/simple-shm-shell.c
+++ b/clients/simple-shm-shell.c
@@ -34,6 +34,7 @@ DEALINGS IN THE SOFTWARE.
 #include <unistd.h>
 #include <sys/mman.h>
 #include <stdlib.h>
+#include <linux/limits.h>
 
 #include <wayland-client.h>
 
@@ -89,7 +90,7 @@ _create_anonymous_file (off_t size)
        static const char template[] =
        "/shooter-XXXXXX";
        const char *path;
-       char *name = NULL;
+       char name[PATH_MAX] = "";
        int fd = -1;
        int ret = -1;
 
@@ -99,30 +100,20 @@ _create_anonymous_file (off_t size)
                return -1;
        }
 
-       name = malloc(strlen(path) + sizeof(template));
-       GOTO_IF_FAIL(name != NULL, fail);
-
-       strcpy(name, path);
-       strcat(name, template);
+       strncpy(name, path, PATH_MAX);
+       strncat(name, template, PATH_MAX);
 
        fd = mkstemp(name);
        if (fd >= 0)
                unlink(name);
 
        ret = ftruncate(fd, size);
-       GOTO_IF_FAIL(ret >= 0, fail);
-
-       free(name);
-
-       return fd;
-fail:
-       if (fd >= 0)
+       if (ret < 0) {
                close(fd);
+               return -1;
+       }
 
-       if (name)
-               free(name);
-
-       return -1;
+       return fd;
 }
 
 static void