Replace strcpy to strncpy due to security reason.

author Dongsun Lee <ds73.lee@samsung.com>

Tue, 26 Sep 2017 01:55:54 +0000 (10:55 +0900)

committer Dong Sun Lee <ds73.lee@samsung.com>

Tue, 26 Sep 2017 04:03:20 +0000 (04:03 +0000)
author Dongsun Lee <ds73.lee@samsung.com>
Tue, 26 Sep 2017 01:55:54 +0000 (10:55 +0900)
committer Dong Sun Lee <ds73.lee@samsung.com>
Tue, 26 Sep 2017 04:03:20 +0000 (04:03 +0000)
diff --git a/src/tef_libteec.c b/src/tef_libteec.c

index 5796d0d..a5f1914 100644 (file)
--- a/src/tef_libteec.c
+++ b/src/tef_libteec.c
@@ -287,11 +287,13 @@ static void configParam(const char *p)
         }
         if (strncmp(p, "lib=", 4) == 0) {
                 const char *libname = p + 4;
-               if (strlen(libname) > sizeof(config.libname) - 1) {
+               size_t libnamesize = strlen(libname);
+               if (libnamesize > sizeof(config.libname) - 1) {
                         fprintf(stderr, "tef-libteec: name to long '%s'\n", libname);
                         return;
                 }
-               strcpy(config.libname, libname);
+               strncpy(config.libname, libname, libnamesize);
+               config.libname[libnamesize] = '\0';
         }
  }
author	Dongsun Lee <ds73.lee@samsung.com>
	Tue, 26 Sep 2017 01:55:54 +0000 (10:55 +0900)
committer	Dong Sun Lee <ds73.lee@samsung.com>
	Tue, 26 Sep 2017 04:03:20 +0000 (04:03 +0000)