From 71df9e17920283b8170bb65da98e279cb508e9b9 Mon Sep 17 00:00:00 2001
From: Romain Forlot <romain.forlot@iot.bzh>
Date: Thu, 17 May 2018 00:26:01 +0200
Subject: Good usage of strncat and strncpy

This change ensure that there are no write over the
destination buffer size

Change-Id: Ic213e70fab83dfae39a8ff030c823a6ce68aab64
Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
---
 ctl-lib/ctl-lua.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'ctl-lib/ctl-lua.c')

diff --git a/ctl-lib/ctl-lua.c b/ctl-lib/ctl-lua.c
index c2f2376..3abf330 100644
--- a/ctl-lib/ctl-lua.c
+++ b/ctl-lib/ctl-lua.c
@@ -745,6 +745,8 @@ static int LuaDoScript(json_object *queryJ, CtlSourceT *source) {
     json_object *argsJ = NULL;
     static json_object *luaScriptPathJ = NULL;
 
+    luaScriptPath[CONTROL_MAXPATH_LEN - 1] = '\0';
+
     if (!queryJ) {
         return -1;
     }
@@ -761,9 +763,9 @@ static int LuaDoScript(json_object *queryJ, CtlSourceT *source) {
 
     // search for filename=script in CONTROL_LUA_PATH
     if (!luaScriptPathJ) {
-        strncpy(luaScriptPath, CONTROL_DOSCRIPT_PRE, strlen(CONTROL_DOSCRIPT_PRE) + 1);
-        strncat(luaScriptPath, "-", strlen("-"));
-        strncat(luaScriptPath, uid, strlen(uid));
+        strncpy(luaScriptPath, CONTROL_DOSCRIPT_PRE, CONTROL_MAXPATH_LEN - 1);
+        strncat(luaScriptPath, "-", CONTROL_MAXPATH_LEN - strlen(luaScriptPath) - 1);
+        strncat(luaScriptPath, uid, CONTROL_MAXPATH_LEN - strlen(luaScriptPath) - 1);
         luaScriptPathJ = ScanForConfig(luaScriptPath, CTL_SCAN_RECURSIVE, luaScriptPath, ".lua");
     }
 
@@ -778,9 +780,9 @@ static int LuaDoScript(json_object *queryJ, CtlSourceT *source) {
 
         // Ignoring other found script. Only take the first one.
         if (!index) {
-            strncpy(luaScriptPath, fullpath, strlen(fullpath) + 1);
-            strncat(luaScriptPath, "/", strlen("/"));
-            strncat(luaScriptPath, filename, strlen(filename));
+            strncpy(luaScriptPath, fullpath, CONTROL_MAXPATH_LEN - 1);
+            strncat(luaScriptPath, "/", CONTROL_MAXPATH_LEN - strlen(luaScriptPath) - 1);
+            strncat(luaScriptPath, filename, CONTROL_MAXPATH_LEN - strlen(luaScriptPath) - 1);
         }
     }
 
@@ -792,8 +794,8 @@ static int LuaDoScript(json_object *queryJ, CtlSourceT *source) {
 
     // if no func name given try to deduct from filename
     if (!func && (func = (char*) GetMidleName(filename)) != NULL) {
-        strncpy(luaScriptPath, "_", strlen("_") + 1);
-        strncat(luaScriptPath, func, strlen(func));
+        strncpy(luaScriptPath, "_", CONTROL_MAXPATH_LEN - 1);
+        strncat(luaScriptPath, func, CONTROL_MAXPATH_LEN - strlen(luaScriptPath) - 1);
         func = luaScriptPath;
     }
     if (!func) {
-- 
cgit 1.2.3-korg