gallium/hud: prevent buffer overflow

author Eric Engestrom <eric.engestrom@intel.com>

Tue, 19 Mar 2019 14:11:48 +0000 (14:11 +0000)

committer Eric Engestrom <eric@engestrom.ch>

Thu, 4 Apr 2019 13:59:24 +0000 (13:59 +0000)
author Eric Engestrom <eric.engestrom@intel.com>
Tue, 19 Mar 2019 14:11:48 +0000 (14:11 +0000)
committer Eric Engestrom <eric@engestrom.ch>
Thu, 4 Apr 2019 13:59:24 +0000 (13:59 +0000)
diff --git a/src/gallium/auxiliary/hud/hud_diskstat.c b/src/gallium/auxiliary/hud/hud_diskstat.c

index 6860567..23b98c1 100644 (file)
--- a/src/gallium/auxiliary/hud/hud_diskstat.c
+++ b/src/gallium/auxiliary/hud/hud_diskstat.c
@@ -213,7 +213,7 @@ add_object_part(const char *basename, const char *name, int objmode)
  {
     struct diskstat_info *dsi = CALLOC_STRUCT(diskstat_info);
  
-   strcpy(dsi->name, name);
+   snprintf(dsi->name, sizeof(dsi->name), "%s", name);
     snprintf(dsi->sysfs_filename, sizeof(dsi->sysfs_filename), "%s/%s/stat",
        basename, name);
     dsi->mode = objmode;
@@ -226,7 +226,7 @@ add_object(const char *basename, const char *name, int objmode)
  {
     struct diskstat_info *dsi = CALLOC_STRUCT(diskstat_info);
  
-   strcpy(dsi->name, name);
+   snprintf(dsi->name, sizeof(dsi->name), "%s", name);
     snprintf(dsi->sysfs_filename, sizeof(dsi->sysfs_filename), "%s/stat",
        basename);
     dsi->mode = objmode;
diff --git a/src/gallium/auxiliary/hud/hud_nic.c b/src/gallium/auxiliary/hud/hud_nic.c

index 5fab331..a294602 100644 (file)
--- a/src/gallium/auxiliary/hud/hud_nic.c
+++ b/src/gallium/auxiliary/hud/hud_nic.c
@@ -114,7 +114,7 @@ query_wifi_bitrate(const struct nic_info *nic, uint64_t *bitrate)
     memset(&stats, 0, sizeof(stats));
     memset(&req, 0, sizeof(req));
  
-   strcpy(req.ifr_name, nic->name);
+   snprintf(req.ifr_name, sizeof(req.ifr_name), "%s", nic->name);
     req.u.data.pointer = &stats;
     req.u.data.flags = 1;
     req.u.data.length = sizeof(struct iw_statistics);
@@ -145,7 +145,7 @@ query_nic_rssi(const struct nic_info *nic, uint64_t *leveldBm)
     memset(&stats, 0, sizeof(stats));
     memset(&req, 0, sizeof(req));
  
-   strcpy(req.ifr_name, nic->name);
+   snprintf(req.ifr_name, sizeof(req.ifr_name), "%s", nic->name);
     req.u.data.pointer = &stats;
     req.u.data.flags = 1;
     req.u.data.length = sizeof(struct iw_statistics);
diff --git a/src/gallium/auxiliary/hud/hud_sensors_temp.c b/src/gallium/auxiliary/hud/hud_sensors_temp.c

index c226e89..fe80cab 100644 (file)
--- a/src/gallium/auxiliary/hud/hud_sensors_temp.c
+++ b/src/gallium/auxiliary/hud/hud_sensors_temp.c
@@ -259,8 +259,8 @@ create_object(const char *chipname, const char *featurename,
     sti->mode = mode;
     sti->chip = (sensors_chip_name *) chip;
     sti->feature = feature;
-   strcpy(sti->chipname, chipname);
-   strcpy(sti->featurename, featurename);
+   snprintf(sti->chipname, sizeof(sti->chipname), "%s", chipname);
+   snprintf(sti->featurename, sizeof(sti->featurename), "%s", featurename);
     snprintf(sti->name, sizeof(sti->name), "%s.%s", sti->chipname,
        sti->featurename);
author	Eric Engestrom <eric.engestrom@intel.com>
	Tue, 19 Mar 2019 14:11:48 +0000 (14:11 +0000)
committer	Eric Engestrom <eric@engestrom.ch>
	Thu, 4 Apr 2019 13:59:24 +0000 (13:59 +0000)
src/gallium/auxiliary/hud/hud_diskstat.c		patch \| blob \| history
src/gallium/auxiliary/hud/hud_nic.c		patch \| blob \| history
src/gallium/auxiliary/hud/hud_sensors_temp.c		patch \| blob \| history