projects / platform / upstream / efl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8e4dafc)
Embryo: Use strncpy instead of strcpy in a few places
authorJean-Philippe Andre <jp.andre@samsung.com>
Mon, 27 Oct 2014 13:07:36 +0000 (22:07 +0900)
committerJean-Philippe Andre <jp.andre@samsung.com>
Tue, 28 Oct 2014 01:54:51 +0000 (10:54 +0900)
There are still lots of unsafe uses of strcpy, strcat, etc...
Dunno if they are relevant though. Also, assert() may be
compiled out at build time (release mode) so don't rely on it
for safety.

Fixes CID 1039593

src/bin/embryo/embryo_cc_sc1.c patch | blob | history

diff --git a/src/bin/embryo/embryo_cc_sc1.c b/src/bin/embryo/embryo_cc_sc1.c
index 0cf39e4..30a5329 100644 (file)
--- a/src/bin/embryo/embryo_cc_sc1.c
+++ b/src/bin/embryo/embryo_cc_sc1.c
@@ -1033,7 +1033,8 @@ declglb(char *firstname, int firsttag, int fpublic, int fstatic,
        if (firstname)
          {
             assert(strlen(firstname) <= sNAMEMAX);
-            strcpy(name, firstname);   /* save symbol name */
+            strncpy(name, firstname, sNAMEMAX);        /* save symbol name */
+            name[sNAMEMAX] = 0;
             tag = firsttag;
             firstname = NULL;
          }
@@ -1043,7 +1044,8 @@ declglb(char *firstname, int firsttag, int fpublic, int fstatic,
             if (lex(&val, &str) != tSYMBOL)    /* read in (new) token */
                error(20, str); /* invalid symbol name */
             assert(strlen(str) <= sNAMEMAX);
-            strcpy(name, str); /* save symbol name */
+            strncpy(name, str, sNAMEMAX);      /* save symbol name */
+            name[sNAMEMAX] = 0;
          }                     /* if */
        sym = findglb(name);
        if (!sym)
@@ -1181,7 +1183,8 @@ declloc(int fstatic)
        if (lex(&val, &str) != tSYMBOL) /* read in (new) token */
           error(20, str);      /* invalid symbol name */
        assert(strlen(str) <= sNAMEMAX);
-       strcpy(name, str);      /* save symbol name */
+       strncpy(name, str, sNAMEMAX);   /* save symbol name */
+       name[sNAMEMAX] = 0;
        if (name[0] == PUBLIC_CHAR)
           error(56, name);     /* local variables cannot be public */
        /* Note: block locals may be named identical to locals at higher
@@ -1657,7 +1660,8 @@ decl_enum(int vclass)
        tok = lex(&lexval, &str);       /* read in (new) token */
        if (tok != tSYMBOL && tok != tLABEL)
           error(20, str);      /* invalid symbol name */
-       strcpy(constname, str); /* save symbol name */
+       strncpy(constname, str, sNAMEMAX); /* save symbol name */
+       constname[sNAMEMAX] = 0;
        size = increment;       /* default increment of 'val' */
        if (tok == tLABEL || matchtoken(':'))
           constexpr(&size, NULL);      /* get size */
Domain: UI Framework / EFL;