04b67ce Using of strlcpy is unsafe here. — HardenedBSD-pkg

rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9

HardenedBSD Package Manager

Using of strlcpy is unsafe here.

Vsevolod Stakhov committed 12 years ago

commit 04b67ce8a3c543bbf509b583465f0547214b5abe
parent 616e1b2

1 file changed +4 -2

modified libpkg/pkg_repo.c

@@ -529,7 +529,7 @@ pkg_repo_parse_sigkeys(const char *in, int inlen, struct sig_cert **sc)

 	} state = fp_parse_type;
 	char type;
 	unsigned char *sig;
 	int len = 0;
 	int len = 0, tlen;
 	struct sig_cert *s;
 	bool new = false;

@@ -576,7 +576,9 @@ pkg_repo_parse_sigkeys(const char *in, int inlen, struct sig_cert **sc)

 					pkg_emit_errno("pkg_repo_parse_sigkeys", "calloc failed");
 					return (EPKG_FATAL);
 				}
 				strlcpy(s->name, p, MIN(len + 1, sizeof(s->name)));
 				tlen = MIN(len, sizeof(s->name) - 1);
 				memcpy(s->name, p, tlen);
 				s->name[tlen] = '\0';
 				new = true;
 			}
 			else {