From e550b37453f6f948566e8f8ec7ce97bba70546d2 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Andre <jp.andre@samsung.com>
Date: Mon, 27 Oct 2014 22:07:36 +0900
Subject: [PATCH] Embryo: Use strncpy instead of strcpy in a few places

There are still lots of unsafe uses of strcpy, strcat, etc...
Dunno if they are relevant though. Also, assert() may be
compiled out at build time (release mode) so don't rely on it
for safety.

Fixes CID 1039593
---
 src/bin/embryo/embryo_cc_sc1.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/bin/embryo/embryo_cc_sc1.c b/src/bin/embryo/embryo_cc_sc1.c
index 0cf39e4..30a5329 100644
--- a/src/bin/embryo/embryo_cc_sc1.c
+++ b/src/bin/embryo/embryo_cc_sc1.c
@@ -1033,7 +1033,8 @@ declglb(char *firstname, int firsttag, int fpublic, int fstatic,
 	if (firstname)
 	  {
 	     assert(strlen(firstname) <= sNAMEMAX);
-	     strcpy(name, firstname);	/* save symbol name */
+	     strncpy(name, firstname, sNAMEMAX);	/* save symbol name */
+	     name[sNAMEMAX] = 0;
 	     tag = firsttag;
 	     firstname = NULL;
 	  }
@@ -1043,7 +1044,8 @@ declglb(char *firstname, int firsttag, int fpublic, int fstatic,
 	     if (lex(&val, &str) != tSYMBOL)	/* read in (new) token */
 		error(20, str);	/* invalid symbol name */
 	     assert(strlen(str) <= sNAMEMAX);
-	     strcpy(name, str);	/* save symbol name */
+	     strncpy(name, str, sNAMEMAX);	/* save symbol name */
+	     name[sNAMEMAX] = 0;
 	  }			/* if */
 	sym = findglb(name);
 	if (!sym)
@@ -1181,7 +1183,8 @@ declloc(int fstatic)
 	if (lex(&val, &str) != tSYMBOL)	/* read in (new) token */
 	   error(20, str);	/* invalid symbol name */
 	assert(strlen(str) <= sNAMEMAX);
-	strcpy(name, str);	/* save symbol name */
+	strncpy(name, str, sNAMEMAX);	/* save symbol name */
+	name[sNAMEMAX] = 0;
 	if (name[0] == PUBLIC_CHAR)
 	   error(56, name);	/* local variables cannot be public */
 	/* Note: block locals may be named identical to locals at higher
@@ -1657,7 +1660,8 @@ decl_enum(int vclass)
 	tok = lex(&lexval, &str);	/* read in (new) token */
 	if (tok != tSYMBOL && tok != tLABEL)
 	   error(20, str);	/* invalid symbol name */
-	strcpy(constname, str);	/* save symbol name */
+	strncpy(constname, str, sNAMEMAX); /* save symbol name */
+	constname[sNAMEMAX] = 0;
 	size = increment;	/* default increment of 'val' */
 	if (tok == tLABEL || matchtoken(':'))
 	   constexpr(&size, NULL);	/* get size */
-- 
2.7.4