OSDN Git Service
(root)
/
android-x86
/
hardware-intel-libsensors.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
0bec00e
)
sens: use strncat and strncpy when composing the command buffer
author
Octavian Purdila
<octavian.purdila@intel.com>
Thu, 20 Nov 2014 13:12:41 +0000
(15:12 +0200)
committer
Adriana Reus
<adriana.reus@intel.com>
Wed, 3 Dec 2014 13:56:05 +0000
(15:56 +0200)
Avoid buffer overflows when composing the command buffer by using
strncat and strncpy.
Change-Id: Ic0ad357168c230496e9358c877b7a01345cc53f3
Signed-off-by: Octavian Purdila <octavian.purdila@intel.com>
sens.c
patch
|
blob
|
history
diff --git
a/sens.c
b/sens.c
index
3438839
..
c47d21b
100644
(file)
--- a/
sens.c
+++ b/
sens.c
@@
-529,9
+529,13
@@
int main(int argc, char **argv)
return start_hal(argc, argv);
}
- strcpy(cmd, argv[1]); strcat(cmd, " ");
+ if (strlen(argv[1]) >= sizeof(cmd))
+ return usage();
+ strncpy(cmd, argv[1], sizeof(cmd) - 1);
+ strncat(cmd, " ", sizeof(cmd) - strlen(cmd) - 1);
for(i = 2; i < argc; i++) {
- strcat(cmd, argv[i]); strcat(cmd, " ");
+ strncat(cmd, argv[i], sizeof(cmd) - strlen(cmd) - 1);
+ strncat(cmd, " ", sizeof(cmd) - strlen(cmd) - 1);
}
sock = socket(AF_UNIX, SOCK_SEQPACKET, 0);
OSDN Git Service
