This strcpy will never overflow because it's copying from
baked-in test data. But we would prefer to avoid strcpy
entirely, as it makes it harder to audit for real security
bugs.
Signed-off-by: Jeff King <peff@xxxxxxxx>
---
I admit that an audit could probably just avoid looking at test-* in the
first place, but not all do (coverity complained about this one, for
example).
This sort-of applies on top of js/dirname-basename, which is in next.
Textually, it's fine, but that topic is based on v2.6.5, and xsnprintf
was only added in the v2.7.0 cycle. The simplest thing is probably to
wait for it to graduate to master, and then apply there as a new topic
(if we do v2.6.6, it's OK for it not to have this patch).
I can hold and resend in a week or two if that's easier.
test-path-utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test-path-utils.c b/test-path-utils.c
index 4ab68ac..b9ece10 100644
--- a/test-path-utils.c
+++ b/test-path-utils.c
@@ -55,7 +55,7 @@ static int test_function(struct test_data *data, char *(*func)(char *input),
if (!data[i].from)
to = func(NULL);
else {
- strcpy(buffer, data[i].from);
+ xsnprintf(buffer, sizeof(buffer), "%s", data[i].from);
to = func(buffer);
}
if (strcmp(to, data[i].to)) {
--
2.7.0.244.g0701a9d
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html