lib: don't copy more than the buffer size

CID 1141012 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 2. fixed_size_dest: You might overrun the 108 byte fixed-size string "addr.sun_path" by copying "service_address" without checking the length. Signed-off-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

lib: don't copy more than the buffer size
CID 1141012 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 2. fixed_size_dest: You might overrun the 108 byte fixed-size string "addr.sun_path" by copying "service_address" without checking the length. Signed-off-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
ad0249f6 · Andrey Vagin · Pavel Emelyanov · d4df9002 · ad0249f6
Commit ad0249f6 authored Dec 23, 2013 by Andrey Vagin Committed by Pavel Emelyanov Dec 23, 2013
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

criu.c lib/criu.c +1 -1

No files found.
--- a/lib/criu.c
+++ b/lib/criu.c
@@ -161,7 +161,7 @@ static int criu_connect(void)
 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_LOCAL;

-	strcpy(addr.sun_path, service_address);
+	strncpy(addr.sun_path, service_address, sizeof(addr.sun_path));

 	addr_len = strlen(addr.sun_path) + sizeof(addr.sun_family);