We were copying a user defined string into a fixed size buffer
without doing any boundary checks. This commit fixes that.
Also cleaned up similar code that was using hardcoded numbers.
@fix.
Change-Id: If32cdf9fc383cc0d13043693af1179686dcb9f44
if (locale && *locale)
{
char *itr;
- strncpy(lang, locale, 5);
- lang[5] = '\0';
+ const size_t size = sizeof(lang);
+ strncpy(lang, locale, size - 1);
+ lang[size - 1] = '\0';
itr = lang;
while (*itr)
{
locale = setlocale(LC_MESSAGES, NULL);
if (locale && *locale)
{
+ const size_t size = sizeof(lang_full);
size_t i;
for (i = 0 ; locale[i] ; i++)
{
if ((c == '.') || (c == '@') || (c == ' ')) /* Looks like en_US.UTF8 or de_DE@euro or aa_ER UTF-8*/
break;
}
+
+ if (i >= size)
+ {
+ i = size - 1;
+ }
+
strncpy(lang_full, locale, i);
lang_full[i] = '\0';
return lang_full;