Fix a buffer overflow by using strncpy() instead of strcpy().

Also, use strdup() instead of malloc()/strcpy().

PR:		64164
This commit is contained in:
David Schultz 2004-09-19 20:34:30 +00:00
parent 3d634dba70
commit c4c326cf1d

View File

@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <err.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -171,10 +172,10 @@ void
set_profile(void)
{
FILE *f;
char fname[BUFSIZ];
char fname[PATH_MAX];
static char prof[] = ".indent.pro";
sprintf(fname, "%s/%s", getenv("HOME"), prof);
snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), prof);
if ((f = fopen(option_source = fname, "r")) != NULL) {
scan_profile(f);
(void) fclose(f);
@ -288,10 +289,9 @@ set_option(char *arg)
if (*param_start == 0)
goto need_param;
{
char *str = (char *) malloc(strlen(param_start) + 1);
char *str = strdup(param_start);
if (str == NULL)
err(1, NULL);
strcpy(str, param_start);
addkey(str, 4);
}
break;