From 90a380a522758e526c5dfedd2d4d1040bbb00e0f Mon Sep 17 00:00:00 2001
From: Baptiste DURAND <baptiste.durand@open.eurogiciel.org>
Date: Mon, 2 Jun 2014 08:31:35 +0200
Subject: [PATCH] Fix possible buffer overflow

Change-Id: I9365357750f6ff90c97001d244376d8d84e97112
Signed-off-by: Baptiste DURAND <baptiste.durand@open.eurogiciel.org>
---
 parser/pkgmgr_parser.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/parser/pkgmgr_parser.c b/parser/pkgmgr_parser.c
index f15dbdf..0936e71 100755
--- a/parser/pkgmgr_parser.c
+++ b/parser/pkgmgr_parser.c
@@ -190,13 +190,14 @@ API char *getUserPkgParserDBPath(void)
 
 API char *getUserPkgParserDBPathUID(uid_t uid)
 {
-	char *result = NULL;
+	char  *result = NULL;
 	if(!uid)
 	{
 		result = tzplatform_mkpath(TZ_SYS_DB, ".pkgmgr_parser.db");
 	}
 	else
 	{
+		static char result_psswd[4096];
 		const char *name = "users";
 		struct passwd *userinfo = NULL;
 		struct group *grpinfo = NULL;
@@ -212,9 +213,8 @@ API char *getUserPkgParserDBPathUID(uid_t uid)
 		// Compare git_t type and not group name
 		if (grpinfo->gr_gid != userinfo->pw_gid)
 			_LOGE("UID [%d] does not belong to 'users' group!", uid);
-
-		result = userinfo->pw_dir;
-		strcat(result,"/.applications/dbspace/.pkgmgr_parser.db");
+		snprintf(result_psswd,sizeof(result_psswd),"%s/.applications/dbspace/.pkgmgr_parser.db",userinfo->pw_dir);
+		result = result_psswd;
 	}
   return result;
 }
-- 
2.7.4