summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRomain Forlot <romain.forlot@iot.bzh>2018-05-17 02:28:48 +0200
committerRomain Forlot <romain.forlot@iot.bzh>2018-05-17 02:28:48 +0200
commitf5f1e251131b6dd54b8f7bb9a31a7ef6e231a947 (patch)
tree1f3b85660d219ee811b462a69815e560c0006da9
parentbb225251d33fff921cc74df049864c0e4df4a7b1 (diff)
More secure way to use strncat and strncpy
This ensure not data will be written out of bound of the destination variable buffer Change-Id: I4d736855f085fc5f728258c5928fed7191df46b4 Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
-rw-r--r--filescan-utils.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/filescan-utils.c b/filescan-utils.c
index 8a64e58..8a155cf 100644
--- a/filescan-utils.c
+++ b/filescan-utils.c
@@ -58,8 +58,8 @@ json_object* ScanForConfig (const char* searchPath, CtlScanDirModeT mode, const
if (dirEnt->d_name[0]=='.' || dirEnt->d_name[0]=='_') continue;
strncpy(newpath, searchPath, sizeof(newpath));
- strncat(newpath, "/", sizeof(newpath)-strlen(newpath)-1);
- strncat(newpath, dirEnt->d_name, sizeof(newpath)-strlen(newpath)-1);
+ strncat(newpath, "/", sizeof(newpath) - strlen(newpath) - 1);
+ strncat(newpath, dirEnt->d_name, sizeof(newpath) - strlen(newpath) - 1);
found += ScanDir(newpath);
continue;
}
@@ -153,7 +153,7 @@ char *GetBindingDirPath(struct afb_dynapi *dynapi)
if((len = readlink(fd_link, retdir, sizeof(retdir)-1)) == -1)
{
perror("lstat");
- strncpy(retdir, "/tmp", 4);
+ strncpy(retdir, "/tmp", CONTROL_MAXPATH_LEN - 1);
}
else
{