aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJose Bollo <jose.bollo@iot.bzh>2019-01-04 14:30:04 +0100
committerJose Bollo <jose.bollo@iot.bzh>2019-01-04 14:30:04 +0100
commit1bce83316a1896cf5522d06b1fd6960d74511446 (patch)
tree5e5288f7b93c9e5bf1e6d8ed285d45361fe044bb
parent3bb9874df7e9e8e325ec4bcb5e03616d98c5d504 (diff)
afb-api-v3: Fix potential buffer overflow
Change-Id: I170e127ebf96d2accfdd6d6a4ec322afeaa2782f Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
-rw-r--r--src/afb-api-v3.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/afb-api-v3.c b/src/afb-api-v3.c
index 660fac11..1fc6ebe4 100644
--- a/src/afb-api-v3.c
+++ b/src/afb-api-v3.c
@@ -158,21 +158,22 @@ struct json_object *afb_api_v3_make_description_openAPIv3(struct afb_api_v3 *api
json_object_object_add(i, "version", json_object_new_string("0.0.0"));
json_object_object_add(i, "description", json_object_new_string(api->info));
+ buffer[0] = '/';
+ buffer[sizeof buffer - 1] = 0;
+
p = json_object_new_object();
json_object_object_add(r, "paths", p);
iter = api->verbs;
end = iter + api->count;
while (iter != end) {
verb = *iter++;
- buffer[0] = '/';
- strncpy(buffer + 1, verb->verb, sizeof buffer - 1);
+ strncpy(buffer + 1, verb->verb, sizeof buffer - 2);
json_object_object_add(p, buffer, describe_verb_v3(verb));
}
verb = api->verbsv3;
if (verb)
while(verb->verb) {
- buffer[0] = '/';
- strncpy(buffer + 1, verb->verb, sizeof buffer - 1);
+ strncpy(buffer + 1, verb->verb, sizeof buffer - 2);
json_object_object_add(p, buffer, describe_verb_v3(verb));
verb++;
}