From bcb6f54ed604941d4e084711b050a10a95070bc3 Mon Sep 17 00:00:00 2001 From: dyamy-lee Date: Wed, 7 Feb 2024 13:56:22 +0900 Subject: [PATCH] used snprintf instead of strncat Actually, getcwd() returns value when it doesn't have error case like sizeof() <= strlen(). However, using snprintf() looks more safe. So, it was changed. Change-Id: Id091e366801cc98d80ce3c2281a40d0f954e234f --- common/vc_info_parser.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/vc_info_parser.c b/common/vc_info_parser.c index 3e7ee27..3ff0b6f 100644 --- a/common/vc_info_parser.c +++ b/common/vc_info_parser.c @@ -375,10 +375,10 @@ static int __is_symbolic_link(const char* path, bool* is_symbolic) SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] %s is real file, not symbolic link", path); *is_symbolic = false; } else { + char current_working_directory[PATH_MAX]; char temp_path[PATH_MAX]; - if (getcwd(temp_path, PATH_MAX)) { - strncat(temp_path, "/", sizeof(temp_path) - strlen(temp_path) - 1); - strncat(temp_path, path, sizeof(temp_path) - strlen(temp_path) - 1); + if (getcwd(current_working_directory, PATH_MAX)) { + snprintf(temp_path, PATH_MAX, "%s/%s", current_working_directory, path); if (strncmp(temp_path, real_path, strlen(temp_path) + 1) == 0) { SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] %s is real file, not symbolic link", path); *is_symbolic = false; -- 2.34.1