summaryrefslogtreecommitdiffstats
path: root/ctl-lib/ctl-plugin.c
diff options
context:
space:
mode:
authorRomain Forlot <romain.forlot@iot.bzh>2018-05-17 00:26:01 +0200
committerRomain Forlot <romain.forlot@iot.bzh>2018-12-13 15:02:54 +0100
commitcf3c9191510735699da14bb5a680f6af9b8a8dcf (patch)
tree8b282b69404979c570b28d5afa164f6c99e5b44c /ctl-lib/ctl-plugin.c
parentde2f6f5dc95ab9254d9015c263590ec2d24cdef7 (diff)
Good usage of strncat and strncpy
This change ensure that there are no write over the destination buffer size Change-Id: Ic213e70fab83dfae39a8ff030c823a6ce68aab64 Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
Diffstat (limited to 'ctl-lib/ctl-plugin.c')
-rw-r--r--ctl-lib/ctl-plugin.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/ctl-lib/ctl-plugin.c b/ctl-lib/ctl-plugin.c
index 0029b68..d20950f 100644
--- a/ctl-lib/ctl-plugin.c
+++ b/ctl-lib/ctl-plugin.c
@@ -112,9 +112,12 @@ static int PluginLoadCOne(AFB_ApiT apiHandle, const char *pluginpath, json_objec
int Lua2cAddOne(luaL_Reg *l2cFunc, const char* l2cName, int index) {
if(ctlPlugin->ctlL2cFunc->l2cCount)
{index += ctlPlugin->ctlL2cFunc->l2cCount+1;}
- char funcName[CONTROL_MAXPATH_LEN];
- strncpy(funcName, "lua2c_", strlen ("lua2c_")+1);
- strncat(funcName, l2cName, strlen (l2cName));
+ char *funcName;
+ size_t p_length = 6 + strlen(l2cName);
+ funcName = malloc(p_length + 1);
+
+ strncpy(funcName, "lua2c_", p_length);
+ strncat(funcName, l2cName, p_length - strlen (funcName));
Lua2cFunctionT l2cFunction = (Lua2cFunctionT) dlsym(dlHandle, funcName);
if (!l2cFunction) {
@@ -194,6 +197,8 @@ static int LoadFoundPlugins(AFB_ApiT apiHandle, json_object *scanResult, json_ob
size_t len;
json_object *object = NULL;
+ pluginpath[CONTROL_MAXPATH_LEN - 1] = '\0';
+
if (!json_object_is_type(scanResult, json_type_array))
return -1;
@@ -210,13 +215,13 @@ static int LoadFoundPlugins(AFB_ApiT apiHandle, json_object *scanResult, json_ob
return -1;
}
- /* Make sure you don't load two found libraries */
ext = strrchr(filename, '.');
- strncpy(pluginpath, fullpath, strlen (fullpath)+1);
- strncat(pluginpath, "/", strlen ("/"));
- strncat(pluginpath, filename, strlen (filename));
+ strncpy(pluginpath, fullpath, CONTROL_MAXPATH_LEN - 1);
+ strncat(pluginpath, "/", CONTROL_MAXPATH_LEN - strlen(pluginpath) - 1);
+ strncat(pluginpath, filename, CONTROL_MAXPATH_LEN - strlen (pluginpath) - 1);
if(!strcasecmp(ext, CTL_PLUGIN_EXT)) {
+ /* Make sure you don't load two found libraries */
if(ext && !strcasecmp(ext, CTL_PLUGIN_EXT) && i > 0) {
AFB_ApiWarning(apiHandle, "Plugin multiple instances in searchpath will use %s/%s", fullpath, filename);
return 0;
@@ -259,7 +264,7 @@ static char *GetDefaultSearchPath(AFB_ApiT apiHandle)
strncat(searchPath, CONTROL_PLUGIN_PATH, CTL_PLGN_len);
}
- strncat(searchPath, ":", 1);
+ strncat(searchPath, ":", sizeof(searchPath) - 1);
strncat(searchPath, bindingPath, bindingPath_len);
return searchPath;