[IOT-1319] Resolved potential buffer overflow case

Change-Id: Ic5779a529085514a9269321c60770cd13c8fcd25
Signed-off-by: Randeep Singh <randeep.s@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/12137
Reviewed-by: Greg Zaverucha <gregz@microsoft.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Ashwini  Kumar <k.ashwini@samsung.com>
(cherry picked from commit 1eaa05e4bb9c3b18087f908dfb88f37514091eac)
Reviewed-on: https://gerrit.iotivity.org/gerrit/12191

diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c
index 3dd424d..fd9f2ed 100644 (file)
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -300,12 +300,10 @@ static void CopyParamsToContext(PEContext_t     *context,
     memcpy(&context->subject, subjectId, sizeof(OicUuid_t));
 
     // Copy the resource string into context.
-    length = strlen(resource) + 1;
-    if (0 < length)
-    {
-        strncpy(context->resource, resource, length);
-        context->resource[length - 1] = '\0';
-    }
+    length = sizeof(context->resource) - 1;
+    strncpy(context->resource, resource, length);
+    context->resource[length] = '\0';
+
 
     // Assign the permission field.
     context->permission = requestedPermission;