[PATCH 3/3] main_edit.c: Use strncpy() to eliminate potential buffer overflow.

Joel Sherrill joel at rtems.org
Thu Mar 14 13:22:33 UTC 2019


---
 cpukit/libmisc/shell/main_edit.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cpukit/libmisc/shell/main_edit.c b/cpukit/libmisc/shell/main_edit.c
index 079e9ff..e43ff68 100644
--- a/cpukit/libmisc/shell/main_edit.c
+++ b/cpukit/libmisc/shell/main_edit.c
@@ -286,7 +286,7 @@ static struct editor *find_editor(struct env *env, char *filename) {
   struct editor *ed = env->current;
   struct editor *start = ed;
 
-  if (!realpath(filename, fn)) strcpy(fn, filename);
+  if (!realpath(filename, fn)) strncpy(fn, filename, FILENAME_MAX);
 
   do {
     if (strcmp(fn, ed->filename) == 0) return ed;
@@ -297,7 +297,7 @@ static struct editor *find_editor(struct env *env, char *filename) {
 
 static int new_file(struct editor *ed, char *filename) {
   if (*filename) {
-    strcpy(ed->filename, filename);
+    strncpy(ed->filename, filename, FILENAME_MAX);
   } else {
     sprintf(ed->filename, "Untitled-%d", ++ed->env->untitled);
     ed->newfile = 1;
@@ -1752,7 +1752,7 @@ static void read_from_stdin(struct editor *ed) {
     insert(ed, pos, (unsigned char*) buffer, n);
     pos += n;
   }
-  strcpy(ed->filename, "<stdin>");
+  strncpy(ed->filename, "<stdin>", FILENAME_MAX);
   ed->newfile = 1;
   ed->dirty = 0;
 }
@@ -1775,7 +1775,8 @@ static void save_editor(struct editor *ed) {
         return;
       }
     }
-    strcpy(ed->filename, (const char*) ed->env->linebuf);
+    strncpy(
+      ed->filename, (const char*) ed->env->linebuf, FILENAME_MAX);
     ed->newfile = 0;
   }
 
-- 
1.8.3.1




More information about the devel mailing list