Merge "afb-api-v3: Fix potential buffer overflow"

author: Stéphane Desneux <stephane.desneux@iot.bzh> 2019-01-05 22:38:33 +0000
committer: Gerrit Code Review <gerrit@automotivelinux.org> 2019-01-05 22:38:33 +0000
commit: a7859534c72b9e6a187672a9eedb6984c593cabf (patch)
tree: 5e5288f7b93c9e5bf1e6d8ed285d45361fe044bb
parent: 3bb9874df7e9e8e325ec4bcb5e03616d98c5d504 (diff)
parent: 1bce83316a1896cf5522d06b1fd6960d74511446 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/src/afb-api-v3.c b/src/afb-api-v3.c
index 660fac11..1fc6ebe4 100644
--- a/src/afb-api-v3.c
+++ b/src/afb-api-v3.c
@@ -158,21 +158,22 @@ struct json_object *afb_api_v3_make_description_openAPIv3(struct afb_api_v3 *api
 	json_object_object_add(i, "version", json_object_new_string("0.0.0"));
 	json_object_object_add(i, "description", json_object_new_string(api->info));
 
+	buffer[0] = '/';
+	buffer[sizeof buffer - 1] = 0;
+
 	p = json_object_new_object();
 	json_object_object_add(r, "paths", p);
 	iter = api->verbs;
 	end = iter + api->count;
 	while (iter != end) {
 		verb = *iter++;
-		buffer[0] = '/';
-		strncpy(buffer + 1, verb->verb, sizeof buffer - 1);
+		strncpy(buffer + 1, verb->verb, sizeof buffer - 2);
 		json_object_object_add(p, buffer, describe_verb_v3(verb));
 	}
 	verb = api->verbsv3;
 	if (verb)
 		while(verb->verb) {
-			buffer[0] = '/';
-			strncpy(buffer + 1, verb->verb, sizeof buffer - 1);
+			strncpy(buffer + 1, verb->verb, sizeof buffer - 2);
 			json_object_object_add(p, buffer, describe_verb_v3(verb));
 			verb++;
 		}
author	Stéphane Desneux <stephane.desneux@iot.bzh>	2019-01-05 22:38:33 +0000
committer	Gerrit Code Review <gerrit@automotivelinux.org>	2019-01-05 22:38:33 +0000
commit	a7859534c72b9e6a187672a9eedb6984c593cabf (patch)
tree	5e5288f7b93c9e5bf1e6d8ed285d45361fe044bb
parent	3bb9874df7e9e8e325ec4bcb5e03616d98c5d504 (diff)
parent	1bce83316a1896cf5522d06b1fd6960d74511446 (diff)