diff options
author | Ronan Le Martret <ronan.lemartret@iot.bzh> | 2017-08-29 16:09:07 +0200 |
---|---|---|
committer | Romain Forlot <romain.forlot@iot.bzh> | 2018-12-13 14:12:02 +0100 |
commit | e6fbb41fea0e7e4dcc58d7304fe68229d86b3cb7 (patch) | |
tree | 83fe166f7c87bdfa604f5370b2886008eb3d3d1a | |
parent | 06ab07ec5dcb64959c79787cd0f9d572f5fd333a (diff) |
fix strncat funct
I: Statement might be overflowing a buffer in strncat. Common mistake:
BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1)
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
-rw-r--r-- | filescan-utils.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/filescan-utils.c b/filescan-utils.c index e735682..f1de9d0 100644 --- a/filescan-utils.c +++ b/filescan-utils.c @@ -49,8 +49,8 @@ PUBLIC json_object* ScanForConfig (const char* searchPath, CtlScanDirModeT mode, if (dirEnt->d_name[0]=='.' || dirEnt->d_name[0]=='_') continue; strncpy(newpath, searchPath, sizeof(newpath)); - strncat(newpath, "/", sizeof(newpath)); - strncat(newpath, dirEnt->d_name, sizeof(newpath)); + strncat(newpath, "/", sizeof(newpath)-strlen(newpath)-1); + strncat(newpath, dirEnt->d_name, sizeof(newpath)-strlen(newpath)-1); ScanDir(newpath); continue; } |