From: Ondrej Holy <oholy@redhat.com>
Date: Fri, 17 Aug 2018 14:14:53 +0000 (+0200)
Subject: core/listener: Prevent buffer overflow found by covscan
X-Git-Tag: 2.0.0-rc4~110^2~20
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8f8d91e361cfb982b934b32f871cb1d43a14e530;p=platform%2Fupstream%2Ffreerdp.git

core/listener: Prevent buffer overflow found by covscan

buffer_size_warning: Calling strncpy with a maximum size argument of 108 bytes on destination array "addr.sun_path" of size 108 bytes might leave the destination string unterminated.
---

diff --git a/libfreerdp/core/listener.c b/libfreerdp/core/listener.c
index 6598d9e..e0ba239 100644
--- a/libfreerdp/core/listener.c
+++ b/libfreerdp/core/listener.c
@@ -160,7 +160,7 @@ static BOOL freerdp_listener_open_local(freerdp_listener* instance, const char*
 #ifndef _WIN32
 	int status;
 	int sockfd;
-	struct sockaddr_un addr;
+	struct sockaddr_un addr = { 0 };
 	rdpListener* listener = (rdpListener*) instance->listener;
 	HANDLE hevent;
 
@@ -180,7 +180,7 @@ static BOOL freerdp_listener_open_local(freerdp_listener* instance, const char*
 
 	fcntl(sockfd, F_SETFL, O_NONBLOCK);
 	addr.sun_family = AF_UNIX;
-	strncpy(addr.sun_path, path, sizeof(addr.sun_path));
+	strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
 	unlink(path);
 	status = _bind(sockfd, (struct sockaddr*) &addr, sizeof(addr));